privacy management for j. alex halderman brent waters edward w. felten princeton university...
TRANSCRIPT
Privacy Management for
J. Alex Halderman Brent WatersEdward W. Felten
Princeton UniversityDepartment of Computer Science
Portable Recording Devices
J. A. Halderman 1 of 10
Camera Phones
170 million in 2004
= +× 170 million
=New
PrivacyThreats
Ubiquitous
Recording
J. A. Halderman 1 of 10
Augment them, don’t replace them
Previous Approaches
Law/Policy
Usage RestrictionsLocal Bans
TechnologySignal from beacon disables recording
features
J. A. Halderman 3 of 10
Based on location, not full context Decide before recording, not
playback
Coarse-Grained Restrictions
Our Approach
J. A. Halderman 4 of 10
Recording subjects control useNegotiate using their
devices (assume discovery method)
Defers privacy decision to last possible moment
Our Approach
J. A. Halderman 4 of 10
Encrypt recording before storing
Key share retained by privacy stakeholders
Must ask permission to decrypt
Our Privacy Requirements
J. A. Halderman 5 of 10
1. Unanimous Consent2. Confidentiality of Vetoes
Colluder
Our Applications
J. A. Halderman 6 of 10
Laptops/WiFiAOL Instant Messenger
• Protects audio recordings
• Manual discovery
• Protects chat logs • Discovery handled by
AIM
Alice and Bob tell Carol kAlice kBob without revealing other
informationabout kAlice or kBob to anyone
Variation on Chaum’s “Dining Cryptographers”
Secure XOR
J. A. Halderman 7 of 10
BobAlicekBob SecretSecret kAlice
Carol
A & B choose and exchange random blinding factorsA & B each XOR both blinding factors with their secret input
and send the result to CarolCarol XORs these messages to learn kAlice kBob
BobAlicekBob SecretSecret kAlice
Secure XOR
J. A. Halderman 7 of 10
BBob Blinding factorBlinding factor BAliceBBob BAlice
kAlice BBob BAlice BBob BAlice kBob
CarolkAlice BBob BAlice BBob BAlice kBob
= kAlice kBob
Carol does not learn kAlice or kBob
Private Storage Protocol
8 of 10
“Create” Operation
J. A. Halderman
Identify stakeholders
Need a trusted recording device for
now
Private Storage Protocol
8 of 10
“Create” Operation
J. A. Halderman
Choose random keyshares
k1=0110100k2=1011101
Securely tell recorder k1 k2
Secure XOR
k1 k2=1101001
Encrypt using k1 k2 as key
key=1101001
Recorder discards plaintext, keyStakeholders hold on to shares
id=2100624 owners=Alice,BobkAlice=0110100
Secure XOR
Private Storage Protocol
8 of 10
“Decrypt” Operation
J. A. Halderman
id=2100624 owners=Bob,AlicekBob=1011101
id=2100624owners=Alice,Bob
Requestor sends request
May we decrypt <2100624>?
Cryptography provides strong protection
Stakeholders apply policies
Secure XOR
To grant, input keyshare into XOR
key=1101001 ?
To deny, give random input to XOR
1110001key=1000101 ?
Vetoes remain confidential
Private Storage Protocol
J. A. Halderman 8 of 10
“Create”
Location Service
Storage
Recorder BRecorder A
Data In Data In
PersistentAgent A
PersistentAgent B
Player
Agent A Agent B
Keyshare Keyshare
En
cryp
ted
Reco
rdin
g
“Decrypt”
Policy Policy
Data Out
Privacy in Practice
J. A. Halderman 9 of 10
A Problem of Compliance
Community of like-minded people:Social pressures, local policies, etc.
Privacy law can provide further incentives
Convince manufacturers to build it in:Regulatory pressure, customer demand
Conclusions
J. A. Halderman 10 of 10
Ubiquitous recording
brings privacy threats
Technology can give control
back to recording subjects
Widespread compliance among like-minded groups