Results 1  10
of
601
Privacy Preserving Data Mining
 JOURNAL OF CRYPTOLOGY
, 2000
"... In this paper we address the issue of privacy preserving data mining. Specifically, we consider a scenario in which two parties owning confidential databases wish to run a data mining algorithm on the union of their databases, without revealing any unnecessary information. Our work is motivated b ..."
Abstract

Cited by 487 (8 self)
 Add to MetaCart
(Show Context)
In this paper we address the issue of privacy preserving data mining. Specifically, we consider a scenario in which two parties owning confidential databases wish to run a data mining algorithm on the union of their databases, without revealing any unnecessary information. Our work is motivated by the need to both protect privileged information and enable its use for research or other purposes. The
Privacy Preserving Association Rule Mining in Vertically Partitioned Data
 In The Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining
, 2002
"... Privacy considerations often constrain data mining projects. This paper addresses the problem of association rule mining where transactions are distributed across sources. Each site holds some attributes of each transaction, and the sites wish to collaborate to identify globally valid association ru ..."
Abstract

Cited by 268 (21 self)
 Add to MetaCart
Privacy considerations often constrain data mining projects. This paper addresses the problem of association rule mining where transactions are distributed across sources. Each site holds some attributes of each transaction, and the sites wish to collaborate to identify globally valid association rules. However, the sites must not reveal individual transaction data. We present a twoparty algorithm for efficiently discovering frequent itemsets with minimum support levels, without either site revealing individual transaction values.
Revealing information while preserving privacy
 In PODS
, 2003
"... We examine the tradeoff between privacy and usability of statistical databases. We model a statistical database by an nbit string d1,.., dn, with a query being a subset q ⊆ [n] to be answered by � i∈q di. Our main result is a polynomial reconstruction algorithm of data from noisy (perturbed) subset ..."
Abstract

Cited by 249 (9 self)
 Add to MetaCart
(Show Context)
We examine the tradeoff between privacy and usability of statistical databases. We model a statistical database by an nbit string d1,.., dn, with a query being a subset q ⊆ [n] to be answered by � i∈q di. Our main result is a polynomial reconstruction algorithm of data from noisy (perturbed) subset sums. Applying this reconstruction algorithm to statistical databases we show that in order to achieve privacy one has to add perturbation of magnitude Ω ( √ n). That is, smaller perturbation always results in a strong violation of privacy. We show that this result is tight by exemplifying access algorithms for statistical databases that preserve privacy while adding perturbation of magnitude Õ(√n). For timeT bounded adversaries we demonstrate a privacypreserving access algorithm whose perturbation magnitude is ≈ √ T. 1
A modular approach to the design and analysis of authentication and key exchange protocols
, 1998
"... We present a general framework for constructing and analyzing authentication protocols in realistic models of communication networks. This framework provides a sound formalization for the authentication problem and suggests simple and attractive design principles for general authentication and key e ..."
Abstract

Cited by 248 (19 self)
 Add to MetaCart
We present a general framework for constructing and analyzing authentication protocols in realistic models of communication networks. This framework provides a sound formalization for the authentication problem and suggests simple and attractive design principles for general authentication and key exchange protocols. The key element in our approach is a modular treatment of the authentication problem in cryptographic protocols; this applies to the definition of security, to the design of the protocols, and to their analysis. In particular, following this modular approach, we show how to systematically transform solutions that work in a model of idealized authenticated communications into solutions that are secure in the realistic setting of communication channels controlled by an active adversary. Using these principles we construct and prove the security of simple and practical authentication and keyexchange protocols. In particular, we provide a security analysis of some wellknown key exchange protocols (e.g. authenticated DiffieHellman key exchange), and of some of the techniques underlying the design of several authentication protocols that are currently being
Noninteractive ZeroKnowledge
 SIAM J. COMPUTING
, 1991
"... This paper investigates the possibility of disposing of interaction between prover and verifier in a zeroknowledge proof if they share beforehand a short random string. Without any assumption, it is proven that noninteractive zeroknowledge proofs exist for some numbertheoretic languages for which ..."
Abstract

Cited by 212 (18 self)
 Add to MetaCart
(Show Context)
This paper investigates the possibility of disposing of interaction between prover and verifier in a zeroknowledge proof if they share beforehand a short random string. Without any assumption, it is proven that noninteractive zeroknowledge proofs exist for some numbertheoretic languages for which no efficient algorithm is known. If deciding quadratic residuosity (modulo composite integers whose factorization is not known) is computationally hard, it is shown that the NPcomplete language of satisfiability also possesses noninteractive zeroknowledge proofs.
Limits on the Provable Consequences of Oneway Permutations
, 1989
"... We present strong evidence that the implication, "if oneway permutations exist, then secure secret key agreement is possible" is not provable by standard techniques. Since both sides of this implication are widely believed true in real life, to show that the implication is false requir ..."
Abstract

Cited by 199 (0 self)
 Add to MetaCart
We present strong evidence that the implication, "if oneway permutations exist, then secure secret key agreement is possible" is not provable by standard techniques. Since both sides of this implication are widely believed true in real life, to show that the implication is false requires a new model. We consider a world where dl parties have access to a black box or a randomly selected permutation. Being totally random, this permutation will be strongly oneway in provable, informationthevretic way. We show that, if P = NP, no protocol for secret key agreement is secure in such setting. Thus, to prove that a secret key greement protocol which uses a oneway permutation as a black box is secure is as hrd as proving F NP. We also obtain, as corollary, that there is an oracle relative to which the implication is false, i.e., there is a oneway permutation, yet secretexchange is impossible. Thus, no technique which relativizes can prove that secret exchange can be based on any oneway permutation. Our results present a general framework for proving statements of the form, "Cryptographic application X is not likely possible based solely on complexity assumption Y." 1
Tools for Privacy Preserving Distributed Data Mining
 ACM SIGKDD Explorations
, 2003
"... Privacy preserving mining of distributed data has numerous applications. Each application poses di#erent constraints: What is meant by privacy, what are the desired results, how is the data distributed, what are the constraints on collaboration and cooperative computing, etc. We suggest that the sol ..."
Abstract

Cited by 170 (8 self)
 Add to MetaCart
Privacy preserving mining of distributed data has numerous applications. Each application poses di#erent constraints: What is meant by privacy, what are the desired results, how is the data distributed, what are the constraints on collaboration and cooperative computing, etc. We suggest that the solution to this is a toolkit of components that can be combined for specific privacypreserving data mining applications. This paper presents some components of such a toolkit, and shows how they can be used to solve several privacypreserving data mining problems.
Universally Composable TwoParty and MultiParty Secure Computation
, 2002
"... We show how to securely realize any twoparty and multiparty functionality in a universally composable way, regardless of the number of corrupted participants. That is, we consider an asynchronous multiparty network with open communication and an adversary that can adaptively corrupt as many pa ..."
Abstract

Cited by 156 (36 self)
 Add to MetaCart
(Show Context)
We show how to securely realize any twoparty and multiparty functionality in a universally composable way, regardless of the number of corrupted participants. That is, we consider an asynchronous multiparty network with open communication and an adversary that can adaptively corrupt as many parties as it wishes. In this setting, our protocols allow any subset of the parties (with pairs of parties being a special case) to securely realize any desired functionality of their local inputs, and be guaranteed that security is preserved regardless of the activity in the rest of the network. This implies that security is preserved under concurrent composition of an unbounded number of protocol executions, it implies nonmalleability with respect to arbitrary protocols, and more. Our constructions are in the common reference string model and rely on standard intractability assumptions.
PrivacyPreserving KMeans Clustering over Vertically Partitioned Data
 IN SIGKDD
, 2003
"... Privacy and security concerns can prevent sharing of data, derailing data mining projects. Distributed knowledge discovery, if done correctly, can alleviate this problem. The key is to obtain valid results, while providing guarantees on the (non)disclosure of data. We present a method for kmeans cl ..."
Abstract

Cited by 153 (9 self)
 Add to MetaCart
(Show Context)
Privacy and security concerns can prevent sharing of data, derailing data mining projects. Distributed knowledge discovery, if done correctly, can alleviate this problem. The key is to obtain valid results, while providing guarantees on the (non)disclosure of data. We present a method for kmeans clustering when different sites contain different attributes for a common set of entities. Each site learns the cluster of each entity, but learns nothing about the attributes at other sites.