anonymous statistical survey of attributes toru nakanishi and yuji sugiyama okayama univ., japan
Post on 19-Jan-2016
225 Views
Preview:
TRANSCRIPT
Anonymous Statistical Surveyof Attributes
Toru Nakanishi and Yuji Sugiyama
Okayama Univ., Japan
Background
Distributor(Seller)User(Customer)
Man or Woman ?Man or Woman ?Man or Woman ?Man or Woman ?
Young or Old?Young or Old?. . .. . .
AnonymouslyAnonymously
MarketingMarketing
Background(Cont’d)
Woman, 30, engineer
Maybe useful for identifying the user.Maybe useful for identifying the user.
Man, 15, Student
Man, 48, Dealer
Offering many attributes…
Some distributors want attributes for each user.
Background(Cont’d)
Female90% 10%Male
Statistical results
Some distributors want only statistical results of attributes for all users.
Survey system to generate only the statistical results is in demand.
Requirements in the survey system
Anonymity of users– No extra information beyond statistical results
Correctness of results
Anonymous statistical survey system of attributes
Related Work
Sako proposed a protocol to generate statistical results of attributes
TTP in charge of gender
EncryptMale
Female
90% 10%
Male
No extrainformation No cheating
Trusted not to leak
CorrectnessCorrectness
But, … Is single TTP really
trusted ?
Sako’s protocol may be simply applied to anonymous statistical survey.
Problem in simple application
Female90% 10%Male
Are users honest ?
Users cannot cheat.
Each TTP doesn’t have extra information.
Our anonymous statistical survey system of attributes
Assurance
Female
Trustees
Female90% 10%Male
trusted
Quorum is trusted
No extra information
Attribute Authority
Group
Tool 1: Camenisch-Stadler’s group signature
What’s a group signature ?
signature
Traceable by only TTP
Made by a group memberBut, who ?
Registration
Signing
Tool 1: Camenisch-Stadler’s group signature (Cont’d)
z, ID
Cert.
z
z Proof( )Cert.
z
Membership Authority
Tool 2: Threshold Cryptosystem
Only quorum of a group can decrypt a ciphertext.
Trustees
???
Not quorum Quorum
No cheating
Link is unknown unless quorum is corrupted
Tool 3: Shuffle
Trustees
Randomized and randomly permuted
Model
Registration
Offering Generating
User TrusteesDistributor
Attribute Authority
1. Registration in group signature is executed.1. Registration in group signature is executed.
2. z’s are published in lists of respective attributes.
Our survey system - Registration
z’s of malesz , z , ….1 4 z , z , ….
z’s of females
32
z, ID
Cert.
z
Female
UserAttribute Authority
1. The group signature is offered.
Our survey system - Offering
z
Proof( )Cert.
z
Anonymousz linked to correct attribute
is committed
No users’ cheating
Male
Female
Male
AfterwardLinked
1. Sent ciphertexts are shuffled.
Our survey system - Generating
Trustees
Link between ciphertext (offering) and attribute is unknown for even each trustee.
2. For each shuffled ciphertext, it’s linked to attribute, with no extra information of z.
a. Public z’s are shuffled by the same random r,
Our survey system – Generating (Cont’d)
( )r
Malesz , z , ….? ?
r r
Femalesz , z , ….? ?
r r
Malesz , z , ….1 4
Femalesz , z , ….2 3
Randomly permuted in each list
while the ciphertext is randomized by r.
3. Count revealed attributes, and calculate
statistic.
Our survey system – Generating (Cont’d)
b. Decrypt the ciphertext,
( )r
Malesz , z , ….? ?
r rFemalesz , z , ….? ?
r r
=
rz
rz
Search
FemaleNo extra information
of z’s for even each trustee
and search in lists of z’s.
Correctness
Security
AnonymityAnonymity in offering:
Anonymity of group signature
No extra information in generating:Shuffles, threshold cryptosystem
Correctness of offering:Proving certificate
Correctness of generating:No cheating in shuffles and decryption
Conclusion
An anonymous statistical survey system of attributes is proposed. No extra information for each trustee No cheating
top related