1. bookVolume 2022 (2022): Issue 2 (April 2022)
Journal Details
License
Format
Journal
eISSN
2299-0984
First Published
16 Apr 2015
Publication timeframe
4 times per year
Languages
English
access type Open Access

PUBA: Privacy-Preserving User-Data Bookkeeping and Analytics

Published Online: 03 Mar 2022
Volume & Issue: Volume 2022 (2022) - Issue 2 (April 2022)
Page range: 447 - 516
Received: 31 Aug 2021
Accepted: 16 Dec 2021
Journal Details
License
Format
Journal
eISSN
2299-0984
First Published
16 Apr 2015
Publication timeframe
4 times per year
Languages
English
Abstract

In this paper we propose Privacy-preserving User-data Bookkeeping & Analytics (PUBA), a building block destined to enable the implementation of business models (e.g., targeted advertising) and regulations (e.g., fraud detection) requiring user-data analysis in a privacy-preserving way. In PUBA, users keep an unlinkable but authenticated cryptographic logbook containing their historic data on their device. This logbook can only be updated by the operator while its content is not revealed. Users can take part in a privacy-preserving analytics computation, where it is ensured that their logbook is up-to-date and authentic while the potentially secret analytics function is verified to be privacy-friendly. Taking constrained devices into account, users may also outsource analytic computations (to a potentially malicious proxy not colluding with the operator).We model our novel building block in the Universal Composability framework and provide a practical protocol instantiation. To demonstrate the flexibility of PUBA, we sketch instantiations of privacy-preserving fraud detection and targeted advertising, although it could be used in many more scenarios, e.g. data analytics for multi-modal transportation systems. We implemented our bookkeeping protocols and an exemplary outsourced analytics computation based on logistic regression using the MP-SPDZ MPC framework. Performance evaluations using a smartphone as user device and more powerful hardware for operator and proxy suggest that PUBA for smaller logbooks can indeed be practical.

Keywords

[1] M. Abe, J. Groth, K. Haralambiev, and M. Ohkubo. Optimal structure-preserving signatures in asymmetric bilinear groups. In P. Rogaway, editor, CRYPTO 2011, volume 6841 of LNCS, pages 649–666. Springer, Heidelberg, Aug. 2011. 10.1007/978-3-642-22792-9_37.10.1007/978-3-642-22792-9_37 Search in Google Scholar

[2] M. Abe, M. Kohlweiss, M. Ohkubo, and M. Tibouchi. Fully structure-preserving signatures and shrinking commitments. In E. Oswald and M. Fischlin, editors, EUROCRYPT 2015, Part II, volume 9057 of LNCS, pages 35–65. Springer, Heidelberg, Apr. 2015. 10.1007/978-3-662-46803-6_2.10.1007/978-3-662-46803-6_2 Search in Google Scholar

[3] Aimia Coalition Loyalty UK Ltd. The Nectar loyalty program. Online Resource, 2020. https://www.nectar.com/. Search in Google Scholar

[4] E. Androulaki and S. M. Bellovin. An anonymous credit card system. In S. Fischer-Hübner, C. Lambrinoudakis, and G. Pernul, editors, TrustBus 2009, volume 5695 of LNCS, pages 42–51. Springer, Heidelberg, Sept. 2009.10.1007/978-3-642-03748-1_5 Search in Google Scholar

[5] D. F. Aranha and C. P. L. Gouvêa. RELIC is an Efficient LIbrary for Cryptography. https://github.com/relic-toolkit/relic, 2020. Search in Google Scholar

[6] D. F. Aranha, K. Karabina, P. Longa, C. H. Gebotys, and J. C. López-Hernández. Faster explicit formulas for computing pairings over ordinary curves. In K. G. Paterson, editor, EUROCRYPT 2011, volume 6632 of LNCS, pages 48–68. Springer, Heidelberg, May 2011. 10.1007/978-3-642-20465-4_5.10.1007/978-3-642-20465-4_5 Search in Google Scholar

[7] G. Asharov, S. Halevi, Y. Lindell, and T. Rabin. Privacy-preserving search of similar patients in genomic data. Cryptology ePrint Archive, Report 2017/144, 2017. https://eprint.iacr.org/2017/144. Search in Google Scholar

[8] M. Backes, A. Kate, M. Maffei, and K. Pecina. ObliviAd: Provably secure and practical online behavioral advertising. In 2012 IEEE Symposium on Security and Privacy, pages 257–271. IEEE Computer Society Press, May 2012. 10.1109/SP.2012.25.10.1109/SP.2012.25 Search in Google Scholar

[9] P. S. L. M. Barreto and M. Naehrig. Pairing-friendly elliptic curves of prime order. In B. Preneel and S. Tavares, editors, SAC 2005, volume 3897 of LNCS, pages 319–331. Springer, Heidelberg, Aug. 2006. 10.1007/11693383_22.10.1007/11693383_22 Search in Google Scholar

[10] J. Blömer, J. Bobolz, D. Diemert, and F. Eidens. Updatable anonymous credentials and applications to incentive systems. In L. Cavallaro, J. Kinder, X. Wang, and J. Katz, editors, ACM CCS 2019, pages 1671–1685. ACM Press, Nov. 2019. 10.1145/3319535.3354223.10.1145/3319535.3354223 Search in Google Scholar

[11] M. Blum. Coin flipping by telephone. In A. Gersho, editor, CRYPTO’81, volume ECE Report 82-04, pages 11–15. U.C. Santa Barbara, Dept. of Elec. and Computer Eng., 1981. Search in Google Scholar

[12] D. Boneh, B. Lynn, and H. Shacham. Short signatures from the Weil pairing. Journal of Cryptology, 17(4):297–319, Sept. 2004. 10.1007/s00145-004-0314-9.10.1007/s00145-004-0314-9 Search in Google Scholar

[13] B. Bünz, J. Bootle, D. Boneh, A. Poelstra, P. Wuille, and G. Maxwell. Bulletproofs: Short proofs for confidential transactions and more. In 2018 IEEE Symposium on Security and Privacy, pages 315–334. IEEE Computer Society Press, May 2018. 10.1109/SP.2018.00020.10.1109/SP.2018.00020 Search in Google Scholar

[14] J. Camenisch and M. Stadler. Efficient group signature schemes for large groups (extended abstract). In B. S. Kaliski Jr., editor, CRYPTO’97, volume 1294 of LNCS, pages 410–424. Springer, Heidelberg, Aug. 1997. 10.1007/BFb0052252.10.1007/BFb0052252 Search in Google Scholar

[15] K. Campus. Credit card fraud detection using machine learning models and collating machine learning models. International Journal of Pure and Applied Mathematics, 118 (20):825–838, 2018. Search in Google Scholar

[16] R. Canetti. Universally composable security: A new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000/067, 2000. https://eprint.iacr.org/2000/067. Search in Google Scholar

[17] R. Canetti. Universally composable security: A new paradigm for cryptographic protocols. In 42nd FOCS, pages 136–145. IEEE Computer Society Press, Oct. 2001. 10.1109/SFCS.2001.959888.10.1109/SFCS.2001.959888 Search in Google Scholar

[18] R. Canetti and M. Fischlin. Universally composable commitments. In J. Kilian, editor, CRYPTO 2001, volume 2139 of LNCS, pages 19–40. Springer, Heidelberg, Aug. 2001. 10.1007/3-540-44647-8_2.10.1007/3-540-44647-8_2 Search in Google Scholar

[19] R. Canillas, R. Talbi, S. Bouchenak, O. Hasan, L. Brunie, and L. Sarrat. Exploratory study of privacy preserving fraud detection. In 19th International Middleware Conference 2018, pages 25–31. ACM, 2018. 10.1145/3284028.3284032. URL https://doi.org/10.1145/3284028.3284032.10.1145/3284028.3284032 Search in Google Scholar

[20] G. S. Cetin, H. Chen, K. Laine, K. Lauter, P. Rindal, and Y. Xia. Private queries on encrypted genomic data. Cryptology ePrint Archive, Report 2017/207, 2017. https://eprint.iacr.org/2017/207.10.1186/s12920-017-0276-z554749528786359 Search in Google Scholar

[21] X. Chen, C. Liu, B. Li, K. Lu, and D. Song. Targeted backdoor attacks on deep learning systems using data poisoning, 2017. Search in Google Scholar

[22] J. Daemen and V. Rijmen. AES and the wide trail design strategy (invited talk). In L. R. Knudsen, editor, EUROCRYPT 2002, volume 2332 of LNCS, pages 108–109. Springer, Heidelberg, Apr. / May 2002. 10.1007/3-540-46035-7_7.10.1007/3-540-46035-7_7 Search in Google Scholar

[23] I. Damgård, V. Pastro, N. P. Smart, and S. Zakarias. Multiparty computation from somewhat homomorphic encryption. In R. Safavi-Naini and R. Canetti, editors, CRYPTO 2012, volume 7417 of LNCS, pages 643–662. Springer, Heidelberg, Aug. 2012. 10.1007/978-3-642-32009-5_38.10.1007/978-3-642-32009-5_38 Search in Google Scholar

[24] T. M. Dugan and X. Zou. A survey of secure multiparty computation protocols for privacy preserving genetic tests. In Proceedings of the First IEEE International Conference on Connected Health: Applications, Systems and Engineering Technologies, CHASE 2016, Washington, DC, USA, June 27-29, 2016, pages 173–182. IEEE Computer Society, 2016. 10.1109/CHASE.2016.71. URL https://doi.org/10.1109/CHASE.2016.71.10.1109/CHASE.2016.71 Search in Google Scholar

[25] A. Escala and J. Groth. Fine-tuning Groth-Sahai proofs. In H. Krawczyk, editor, PKC 2014, volume 8383 of LNCS, pages 630–649. Springer, Heidelberg, Mar. 2014. 10.1007/978-3-642-54631-0_36.10.1007/978-3-642-54631-0_36 Search in Google Scholar

[26] European Central Bank (ECB). Average number of cash and card transactions per person per day in the euro area in 2016, by country. Website, 11 2017. https://www.statista.com/statistics/893459/average-number-of-transactions-per-person-per-day-by-method/, last visited 2021-11-18. Search in Google Scholar

[27] European Central Bank (ECB). Fifth report on card fraud, september 2018. Website, 9 2018. https://www.ecb.europa.eu/pub/cardfraud/html/ecb.cardfraudreport201809.en.html, last visited 2020-04-27. Search in Google Scholar

[28] Y. Gao, B. G. Doan, Z. Zhang, S. Ma, J. Zhang, A. Fu, S. Nepal, and H. Kim. Backdoor attacks and countermeasures on deep learning: A comprehensive review, 2020. Search in Google Scholar

[29] O. Goldreich. The Foundations of Cryptography - Volume 1: Basic Techniques. Cambridge University Press, 2001. ISBN 0-521-79172-3. 10.1017/CBO9780511546891. URL http://www.wisdom.weizmann.ac.il/%7Eoded/foc-vol1.html. Search in Google Scholar

[30] O. Goldreich. The Foundations of Cryptography - Volume 2: Basic Applications. Cambridge University Press, 2004. ISBN 0-521-83084-2. 10.1017/CBO9780511721656. URL http://www.wisdom.weizmann.ac.il/%7Eoded/foc-vol2.html. Search in Google Scholar

[31] O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game or A completeness theorem for protocols with honest majority. In A. Aho, editor, 19th ACM STOC, pages 218–229. ACM Press, May 1987. 10.1145/28395.28420.10.1145/28395.28420 Search in Google Scholar

[32] S. Goldwasser and S. Micali. Probabilistic encryption and how to play mental poker keeping secret all partial information. In 14th ACM STOC, pages 365–377. ACM Press, May 1982. 10.1145/800070.802212.10.1145/800070.802212 Search in Google Scholar

[33] M. Green, W. Ladd, and I. Miers. A protocol for privately reporting ad impressions at scale. In E. R. Weippl, S. Katzenbeisser, C. Kruegel, A. C. Myers, and S. Halevi, editors, ACM CCS 2016, pages 1591–1601. ACM Press, Oct. 2016. 10.1145/2976749.2978407.10.1145/2976749.2978407 Search in Google Scholar

[34] J. Groth and A. Sahai. Efficient non-interactive proof systems for bilinear groups. In N. P. Smart, editor, EUROCRYPT 2008, volume 4965 of LNCS, pages 415–432. Springer, Heidelberg, Apr. 2008. 10.1007/978-3-540-78967-3_24.10.1007/978-3-540-78967-3_24 Search in Google Scholar

[35] S. Guha, B. Cheng, and P. Francis. Privad: Practical privacy in online advertising. In D. G. Andersen and S. Ratnasamy, editors, Proceedings of the 8th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2011, Boston, MA, USA, March 30 - April 1, 2011. USENIX Association, 2011. URL https://www.usenix.org/conference/nsdi11/privad-practical-privacy-online-advertising. Search in Google Scholar

[36] G. Hartung, M. Hoffmann, M. Nagel, and A. Rupp. BBA+: Improving the security and applicability of privacy-preserving point collection. In B. M. Thuraisingham, D. Evans, T. Malkin, and D. Xu, editors, ACM CCS 2017, pages 1925–1942. ACM Press, Oct. / Nov. 2017. 10.1145/3133956.3134071.10.1145/3133956.3134071 Search in Google Scholar

[37] F. Itoo, Meenakshi, and S. Singh. Comparison and analysis of logistic regression, naïve bayes and knn machine learning algorithms for credit card fraud detection. International Journal of Information Technology, pages 1–9, 2020. 10.1007/s41870-020-00430-yj. URL https://doi.org/10.1007/s41870-020-00430-y.10.1007/s41870-020-00430-y Search in Google Scholar

[38] T. Jager and A. Rupp. Black-box accumulation: Collecting incentives in a privacy-preserving way. PoPETs, 2016(3): 62–82, July 2016.10.1515/popets-2016-0016 Search in Google Scholar

[39] C. Juvekar, V. Vaikuntanathan, and A. Chandrakasan. GAZELLE: A low latency framework for secure neural network inference. In W. Enck and A. P. Felt, editors, USENIX Security 2018, pages 1651–1669. USENIX Association, Aug. 2018. Search in Google Scholar

[40] M. Keller. MP-SPDZ: A versatile framework for multi-party computation. In J. Ligatti, X. Ou, J. Katz, and G. Vigna, editors, ACM CCS 20, pages 1575–1590. ACM Press, Nov. 2020. 10.1145/3372297.3417872.10.1145/3372297.3417872 Search in Google Scholar

[41] M. Keller, E. Orsini, and P. Scholl. MASCOT: Faster malicious arithmetic secure computation with oblivious transfer. In E. R. Weippl, S. Katzenbeisser, C. Kruegel, A. C. Myers, and S. Halevi, editors, ACM CCS 2016, pages 830–842. ACM Press, Oct. 2016. 10.1145/2976749.2978357.10.1145/2976749.2978357 Search in Google Scholar

[42] V. Kolesnikov, R. Kumaresan, and A. Shikfa. Efficient verification of input consistency in server-assisted secure function evaluation. In J. Pieprzyk, A.-R. Sadeghi, and M. Manulis, editors, CANS 12, volume 7712 of LNCS, pages 201–217. Springer, Heidelberg, Dec. 2012. 10.1007/978-3-642-35404-5_16.10.1007/978-3-642-35404-5_16 Search in Google Scholar

[43] Loblaw Companies. PC Optimum loyalty program. Online Resource, 2020. https://www.pcoptimum.ca. Search in Google Scholar

[44] P. Mohassel and P. Rindal. ABY3: A mixed protocol framework for machine learning. In D. Lie, M. Mannan, M. Backes, and X. Wang, editors, ACM CCS 2018, pages 35–52. ACM Press, Oct. 2018. 10.1145/3243734.3243760. Search in Google Scholar

[45] E. Parliament and Council. PSD2: 2nd payment services directive (2015/2366), 2015. URL http://data.europa.eu/eli/dir/2015/2366/2015-12-23. https://eur-lex.europa.eu. Search in Google Scholar

[46] A. W. Senior, S. Pankanti, A. Hampapur, L. M. Brown, Y. Tian, A. Ekin, J. H. Connell, C. Shu, and M. Lu. Enabling video privacy through computer vision. IEEE Secur. Priv., 3(3):50–57, 2005. 10.1109/MSP.2005.65. URL https://doi.org/10.1109/MSP.2005.65.10.1109/MSP.2005.65 Search in Google Scholar

[47] V. Toubiana, A. Narayanan, D. Boneh, H. Nissenbaum, and S. Barocas. Adnostic: Privacy preserving targeted advertising. In NDSS 2010. The Internet Society, Feb. / Mar. 2010. Search in Google Scholar

[48] F. Tramèr, F. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart. Stealing machine learning models via prediction APIs. In T. Holz and S. Savage, editors, USENIX Security 2016, pages 601–618. USENIX Association, Aug. 2016. Search in Google Scholar

[49] L. G. Valiant. Universal circuits (preliminary report). In A. K. Chandra, D. Wotschke, E. P. Friedman, and M. A. Harrison, editors, Proceedings of the 8th Annual ACM Symposium on Theory of Computing, pages 196–203, Hershey, Pennsylvania, USA, May 1976. ACM. 10.1145/800113.803649.10.1145/800113.803649 Search in Google Scholar

[50] B. Wang, Y. Yao, S. Shan, H. Li, B. Viswanath, H. Zheng, and B. Y. Zhao. Neural cleanse: Identifying and mitigating backdoor attacks in neural networks. In 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19-23, 2019, pages 707–723. IEEE, 2019. 10.1109/SP.2019.00031. URL https://doi.org/10.1109/SP.2019.00031.10.1109/SP.2019.00031 Search in Google Scholar

[51] T. Winkler and B. Rinner. A systematic approach towards user-centric privacy and security for smart camera networks. In M. Wolf, G. L. Foresti, and H. Bischof, editors, 2010 Fourth ACM/IEEE International Conference on Distributed Smart Cameras, Atlanta, GA, USA - August 31 - September 4, 2010, pages 133–141. ACM, 2010. 10.1145/1865987.1866009. URL https://doi.org/10.1145/1865987.1866009.10.1145/1865987.1866009 Search in Google Scholar

[52] H. Yu, J. Lim, K. Kim, and S.-B. Lee. Pinto: Enabling video privacy for commodity IoT cameras. In D. Lie, M. Mannan, M. Backes, and X. Wang, editors, ACM CCS 2018, pages 1089–1101. ACM Press, Oct. 2018. 10.1145/3243734.3243830.10.1145/3243734.3243830 Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo