A Model for Quan.fying Informa.on Leakage. Steven Whang, Hector Garcia Molina Stanford University
|
|
- Cornelia Fox
- 5 years ago
- Views:
Transcription
1 A Model for Quan.fying Informa.on Leakage Steven Whang, Hector Garcia Molina Stanford University
2 Mo.va.on Insurers Test Data Profiles to Iden7fy Risky Clients Steven E. Whang 2
3 Mo.va.on How Apple and Amazon Security Flaws Led to My Epic Hacking Steven E. Whang 3
4 Mo.va.on URL Gmail Addr Gmail Name.Me Addr TwiBer Homepage Amazon CC Last 4 Digits Apple icloud Whois Billing Addr Steven E. Whang 4
5 Outline Informa.on Leakage Model Applica.ons Comparison with Exis.ng Privacy Models Steven E. Whang 5
6 Outline Informa.on Leakage Model Applica.ons Comparison with Exis.ng Privacy Models Steven E. Whang 6
7 Informa.on Leakage Mat s Home Page Steven E. Whang 7
8 Informa.on Leakage Mat s Home Page Steven E. Whang 8
9 Model p D N C C P A n 1 c 1 c 2 p 1 a 1 N C s t u n 1 c 2 n 1 c 1 p 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y N C A n 1 c 1 a 1 Steven E. Whang 9
10 Record Leakage p N C C P A n 1 c 1 c 2 p 1 a 1 r n 1 c 1 x 1 Steven E. Whang 10
11 Record Leakage p r N C C P A n 1 c 1 c 2 p 1 a 1 n 1 c 1 x 1 Pr(p, r) = p r / r = 2/3 Re(p, r) = p r / p = 2/5 L r (p, r) = F 1 (p, r) = 2 Pr Re / Pr+Re = 1/2 Steven E. Whang 11
12 Database Leakage p N C C P A n 1 c 1 c 2 p 1 a 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y D N C n 1 c 2 s t u n 1 c 1 p 1 N C A n 1 c 1 a 1 Steven E. Whang 12
13 Database Leakage p N C C P A n 1 c 1 c 2 p 1 a 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y D N C n 1 c 2 s t u n 1 c 1 p 1 N C A n 1 c 1 a 1 μ(t,u) A n 1 c 1 p 1 a 1 Steven E. Whang 13
14 Database Leakage p N C C P A n 1 c 1 c 2 p 1 a 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y D N C n 1 c 2 s t u n 1 c 1 p 1 N C A n 1 c 1 a 1 L q (p, D) = max{l r (p,s), L r (p,μ(t,u))} = max{0.57, 0.89} = 0.89 μ(t,u) A n 1 c 1 p 1 a 1 Steven E. Whang 14
15 Key Features Privacy: NOT all or nothing No privacy Perfect privacy Incorporates Adversary Opera.on e.g., En.ty Resolu.on ABribute Weights Confidence Values Steven E. Whang 15
16 Outline Informa.on Leakage Model Applica.ons Comparison with Exis.ng Privacy Models Steven E. Whang 16
17 Releasing Cri.cal Informa.on p N C C P P A n 1 c 1 c 2 p 1 p 2 a 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y D s n 1 c 2 p 2 t n 1 c 1 p 1 u v n 1 c 1 p 1 n 1 c 2 p 1 Steven E. Whang 17
18 Releasing Cri.cal Informa.on p N C C P P A n 1 c 1 c 2 p 1 p 2 a 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y D s n 1 c 2 p 2 t n 1 c 1 p 1 u n 1 c 1 p 1 μ(t,u) n 1 c 1 p 1 Steven E. Whang 18
19 Releasing Cri.cal Informa.on p N C C P P A n 1 c 1 c 2 p 1 p 2 a 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y D s n 1 c 2 p 2 t n 1 c 1 p 1 u n 1 c 1 p 1 μ(t,u) n 1 c 1 p 1 L d (p, DU{u}) = max{l r (p,s), L r (p, μ(t,u)} = 0.67 Steven E. Whang 19
20 Releasing Cri.cal Informa.on p N C C P P A n 1 c 1 c 2 p 1 p 2 a 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y D s n 1 c 2 p 2 t n 1 c 1 p 1 v n 1 c 2 p 1 L d (p, DU{u}) = max{l r (p,s), L r (p, μ(t,u)} = 0.67 Steven E. Whang 20
21 Releasing Cri.cal Informa.on p N C C P P A n 1 c 1 c 2 p 1 p 2 a 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y D s n 1 c 2 p 2 t n 1 c 1 p 1 v n 1 c 2 p 1 μ(s,t,v) N C C P P n 1 c 1 c 2 p 1 p 2 L d (p, DU{u}) = max{l r (p,s), L r (p, μ(t,u)} = 0.67 Steven E. Whang 21
22 Releasing Cri.cal Informa.on p N C C P P A n 1 c 1 c 2 p 1 p 2 a 1 M(x,y) = true if same N,C or N,P μ(x,y) = x U y D s n 1 c 2 p 2 t n 1 c 1 p 1 v n 1 c 2 p 1 μ(s,t,v) N C C P P n 1 c 1 c 2 p 1 p 2 L d (p, DU{u}) = max{l r (p,s), L r (p, μ(t,u)} = 0.67 L d (p, DU{v}) = max{l r (p,μ(s,t,v)} = 0.91 Steven E. Whang 22
23 Releasing Disinforma.on Mat s Home Page Steven E. Whang 23
24 Releasing Disinforma.on Mat s Home Page Steven E. Whang 24
25 Releasing Disinforma.on Mat s Home Page XXX Steven E. Whang 25
26 Releasing Disinforma.on Mat s Home Page XXX YYY Steven E. Whang 26
27 Releasing Disinforma.on Minimize L d (p, DUS) s.t. Cost(r) B r S Steven E. Whang 27
28 Outline Informa.on Leakage Model Applica.ons Comparison with Exis.ng Privacy Models Steven E. Whang 28
29 k anonymity Guarantees that any record is indis.nguishable from k 1 others In comparison, informa.on leakage is user specific (i.e., fine grained) can incorporate background knowledge Steven E. Whang 29
30 Example D N Z A S Alice Heart Bob Cancer Carol Flu Dave Flu Steven E. Whang 30
31 Example D N Z A S Alice Heart Bob Cancer Carol Flu Dave Flu D (k=2) Z A S 1** 3* Heart 1** 3* Cancer Steven E. Whang 31
32 Individual Informa.on Leakage D (k=2) N Z A S r 1 r 2 r 3 r 4 Z A S 1** 3* Heart 1** 3* Cancer p 1 Alice Heart Steven E. Whang 32
33 Individual Informa.on Leakage r 1 r 2 r 3 r 4 D (k=2) Z A S 1** 3* Heart 1** 3* Cancer p 1 N Z A S Alice Heart L d (p 1, D) = L r (p 1, r 1 Ur 2 ) 0.75 Steven E. Whang 33
34 Individual Informa.on Leakage r 1 r 2 r 3 r 4 D (k=2) Z A S 1** 3* Heart 1** 3* Cancer p 1 L d (p 1, D) = L r (p 1, r 1 Ur 2 ) 0.75 p 2 N Z A S Alice Heart N Z A S Carol Flu Steven E. Whang 34
35 Individual Informa.on Leakage r 1 r 2 r 3 r 4 D (k=2) Z A S 1** 3* Heart 1** 3* Cancer p 1 L d (p 1, D) = L r (p 1, r 1 Ur 2 ) 0.75 p 2 N Z A S Alice Heart N Z A S Carol Flu L d (p 2, D) = L r (p 2, r 3 Ur 4 ) 0.86 Steven E. Whang 35
36 Background Knowledge D (k=2) Z A S r 1 r 2 r 3 r 4 1** 3* Heart 1** 3* Cancer s 1 D N Z A Alice Steven E. Whang 36
37 Background Knowledge r 1 r 2 r 3 r 4 D (k=2) Z A S 1** 3* Heart 1** 3* Cancer N Z A S p 1 Alice Heart L d (p 1, D) = L r (p 1, r 1 Ur 2 ) 0.75 s 1 D N Z A Alice Steven E. Whang 37
38 Background Knowledge r 1 r 2 r 3 r 4 D (k=2) Z A S 1** 3* Heart 1** 3* Cancer N Z A S p 1 Alice Heart L d (p 1, D) = L r (p 1, r 1 Ur 2 ) 0.75 s 1 L d (p 1, D U D ) D N Z A Alice Steven E. Whang 38
39 Background Knowledge r 1 r 2 r 3 r 4 D (k=2) Z A S 1** 3* Heart 1** 3* Cancer p 1 s 1 N Z A S Alice Heart L d (p 1, D) = L r (p 1, r 1 Ur 2 ) 0.75 D N Z A Alice L d (p 1, D U D ) = L r (p 1, r 1 Ur 2 Us 1 ) 0.86 Steven E. Whang 39
40 l diversity Other Comparison Seman.c Similarity Steven E. Whang 40
41 Conclusion We formalized informa.on leakage Privacy: NOT all or nothing We listed several applica.ons for quan.fying informa.on leakage We compared informa.on leakage with exis.ng privacy models In paper, we propose efficient algorithms for compu.ng leakage Steven E. Whang 41
42 Thanks! Steven E. Whang 42
43 l diversity D N Z A S Alice Heart Bob Cancer Carol Flu Dave Flu D (k=2) Z A S 1** 3* Heart 1** 3* Cancer Steven E. Whang 43
44 l diversity D N Z A S Alice Heart Bob Cancer Carol Flu Dave Influenza D (l=2) Z A S 1** 3* Heart 1** 3* Cancer 2** 50 Influenza Steven E. Whang 44
45 Seman.c Similarity D (l=2) N Z A S r 1 r 2 r 3 r 4 Z A S 1** 3* Heart 1** 3* Cancer 2** 50 Influenza p Carol Flu Steven E. Whang 45
46 Seman.c Similarity r 1 r 2 r 3 r 4 D (l=2) Z A S 1** 3* Heart 1** 3* Cancer 2** 50 Influenza p N Z A S Carol Flu L d (p, D) = L r (p, r 3 Ur 4 ) 0.75 Steven E. Whang 46
47 Seman.c Similarity r 1 r 2 r 3 r 4 D (l=2) Z A S 1** 3* Heart 1** 3* Cancer 2** 50 Influenza p N Z A S Carol Flu L d (p, D) = L r (p, r 3 Ur 4 ) 0.75 If merge func.on μ replaces Influenza with Flu, Steven E. Whang 47
48 Seman.c Similarity r 1 r 2 r 3 r 4 D (l=2) Z A S 1** 3* Heart 1** 3* Cancer 2** 50 Influenza p N Z A S Carol Flu L d (p, D) = L r (p, r 3 Ur 4 ) 0.75 If merge func.on μ replaces Influenza with Flu, L d (p, D) = L r (p, r 3 Ur 4 {<S, Influenza>}) 0.86 Steven E. Whang 48
49 Seman.c Similarity r 1 r 2 r 3 r 4 D (l=2) Z A S 1** 3* Heart 1** 3* Cancer 2** 50 Influenza p N Z A S Carol Flu L d (p, D) = L r (p, r 3 Ur 4 ) 0.75 If merge func.on μ replaces Influenza with Flu, L d (p, D) = L r (p, r 3 Ur 4 {<S, Influenza>}) 0.86 Steven E. Whang 49
DYNAMIC DIFFERENTIAL LOCATION PRIVACY WITH PERSONALIZED ERROR BOUNDS
DYNAMIC DIFFERENTIAL LOCATION PRIVACY WITH PERSONALIZED ERROR BOUNDS LEI YU, LING LIU AND CALTON PU COLLEGE OF COMPUTING GEORGIA INSTITUTE OF TECHNOLOGY Loca%on based services and Privacy issues Marke%ng
More informationt-closeness: Privacy beyond k-anonymity and l-diversity
t-closeness: Privacy beyond k-anonymity and l-diversity paper by Ninghui Li, Tiancheng Li, and Suresh Venkatasubramanian presentation by Caitlin Lustig for CS 295D Definitions Attributes: explicit identifiers,
More informationEntity Resolution. Generic Entity Resolution: Identifying Real-World Entities in Large Data Sets. Outline. Applications. Challenges (1) Challenges (2)
Generic Entity Resolution: Identifying Real-World Entities in Large Data Sets Entity Resolution e1 e2 Steven Whang Stanford University Work with: Hector Garcia-Molina, David Menestrina, Omar Benjelloun,
More informationA Framework for Protec/ng Worker Loca/on Privacy in Spa/al Crowdsourcing
A Framework for Protec/ng Worker Loca/on Privacy in Spa/al Crowdsourcing Nov 12 2014 Hien To, Gabriel Ghinita, Cyrus Shahabi VLDB 2014 1 Mo/va/on Ubiquity of mobile users 6.5 billion mobile subscrip/ons,
More informationQuantitative Information Flow. Lecture 7
Quantitative Information Flow Lecture 7 1 The basic model: Systems = Information-Theoretic channels Secret Information Observables s1 o1... System... sm on Input Output 2 Probabilistic systems are noisy
More informationk-nearest Neighbor Classification over Semantically Secure Encry
k-nearest Neighbor Classification over Semantically Secure Encrypted Relational Data Reporter:Ximeng Liu Supervisor: Rongxing Lu School of EEE, NTU May 9, 2014 1 2 3 4 5 Outline 1. Samanthula B K, Elmehdwi
More informationInforma(on Retrieval
Introduc*on to Informa(on Retrieval Lecture 6-2: The Vector Space Model Outline The vector space model 2 Binary incidence matrix Anthony and Cleopatra Julius Caesar The Tempest Hamlet Othello Macbeth...
More informationPrivacy-MaxEnt: Integrating Background Knowledge in Privacy Quantification
Privacy-MaxEnt: Integrating Background Knowledge in Privacy Quantification Wenliang Du, Zhouxuan Teng, and Zutao Zhu Department of Electrical Engineering and Computer Science Syracuse University, Syracuse,
More informationDatabase Privacy: k-anonymity and de-anonymization attacks
18734: Foundations of Privacy Database Privacy: k-anonymity and de-anonymization attacks Piotr Mardziel or Anupam Datta CMU Fall 2018 Publicly Released Large Datasets } Useful for improving recommendation
More informationIntroduction to Cryptography Lecture 13
Introduction to Cryptography Lecture 13 Benny Pinkas June 5, 2011 Introduction to Cryptography, Benny Pinkas page 1 Electronic cash June 5, 2011 Introduction to Cryptography, Benny Pinkas page 2 Simple
More informationProbabilistically Checkable Arguments
Probabilistically Checkable Arguments Yael Tauman Kalai Microsoft Research yael@microsoft.com Ran Raz Weizmann Institute of Science ran.raz@weizmann.ac.il Abstract We give a general reduction that converts
More informationSPDZ 2 k: Efficient MPC mod 2 k for Dishonest Majority a
SPDZ 2 k: Efficient MPC mod 2 k for Dishonest Majority a Ronald Cramer 1 Ivan Damgård 2 Daniel Escudero 2 Peter Scholl 2 Chaoping Xing 3 August 21, 2018 1 CWI, Amsterdam 2 Aarhus University, Denmark 3
More informationPerfectly-Secret Encryption
Perfectly-Secret Encryption CSE 5351: Introduction to Cryptography Reading assignment: Read Chapter 2 You may sip proofs, but are encouraged to read some of them. 1 Outline Definition of encryption schemes
More informationl-diversity: Privacy Beyond k-anonymity
l-diversity: Privacy Beyond k-anonymity Ashwin Machanavajjhala Johannes Gehrke Daniel Kifer Muthuramakrishnan Venkitasubramaniam Department of Computer Science, Cornell University {mvnak, johannes, dkifer,
More informationParallel Repetition of entangled games on the uniform distribution
Parallel Repetition of entangled games on the uniform distribution André Chailloux, Scarpa Giannicola To cite this version: André Chailloux, Scarpa Giannicola. Parallel Repetition of entangled games on
More informationIntegra(ng and Ranking Uncertain Scien(fic Data
Jan 19, 2010 1 Biomedical and Health Informatics 2 Computer Science and Engineering University of Washington Integra(ng and Ranking Uncertain Scien(fic Data Wolfgang Ga*erbauer 2 Based on joint work with:
More informationBounded Privacy: Formalising the Trade-Off Between Privacy and Quality of Service
H. Langweg, H. Langweg, M. Meier, M. Meier, B.C. B.C. Witt, Witt, D. Reinhardt D. Reinhardt et al. (Hrsg.): Sicherheit 2018, Lecture Notes in ininformatics (LNI), Gesellschaft für fürinformatik, Bonn 2018
More informationPolynomials and Gröbner Bases
Alice Feldmann 16th December 2014 ETH Zürich Student Seminar in Combinatorics: Mathema:cal So
More informationOutline. Logic. Knowledge bases. Wumpus world characteriza/on. Wumpus World PEAS descrip/on. A simple knowledge- based agent
Outline Logic Dr. Melanie Mar/n CS 4480 October 8, 2012 Based on slides from hap://aima.eecs.berkeley.edu/2nd- ed/slides- ppt/ Knowledge- based agents Wumpus world Logic in general - models and entailment
More informationNotes on Property-Preserving Encryption
Notes on Property-Preserving Encryption The first type of specialized encryption scheme that can be used in secure outsourced storage we will look at is property-preserving encryption. This is encryption
More informationFunc8onal Dependencies
ICS 321 Data Storage & Retrieval Func8onal Dependencies Prof. Lipyeow Lim Informa8on & Computer Science Department University of Hawaii at Manoa Lipyeow Lim - - University of Hawaii at Manoa 1 Example:
More informationPredic've Analy'cs for Energy Systems State Es'ma'on
1 Predic've Analy'cs for Energy Systems State Es'ma'on Presenter: Team: Yingchen (YC) Zhang Na/onal Renewable Energy Laboratory (NREL) Andrey Bernstein, Rui Yang, Yu Xie, Anthony Florita, Changfu Li, ScoD
More informationImproving S2S Forecasting: The Science Perspective
Duane Waliser Improving S2S Forecasting: The Science Perspective CAN WE REALLY PREDICT THE WEATHER? THE LATEST IN FORECASTING Sacramento Convention Center, Sacramento, CA November 9, 2017 Acknowledgements:
More informationProvable Security for Program Obfuscation
for Program Obfuscation Black-box Mathematics & Mechanics Faculty Saint Petersburg State University Spring 2005 SETLab Outline 1 Black-box Outline 1 2 Black-box Outline Black-box 1 2 3 Black-box Perfect
More informationarxiv: v1 [cs.ds] 9 Jan 2013
On the Complexity of t-closeness Anonymization and Related Problems Hongyu Liang Hao Yuan arxiv:1301.1751v1 [cs.ds] 9 Jan 2013 Abstract An important issue in releasing individual data is to protect the
More informationSecret Sharing CPT, Version 3
Secret Sharing CPT, 2006 Version 3 1 Introduction In all secure systems that use cryptography in practice, keys have to be protected by encryption under other keys when they are stored in a physically
More informationNotes for Lecture 17
U.C. Berkeley CS276: Cryptography Handout N17 Luca Trevisan March 17, 2009 Notes for Lecture 17 Scribed by Matt Finifter, posted April 8, 2009 Summary Today we begin to talk about public-key cryptography,
More informationConstructing Provably-Secure Identity-Based Signature Schemes
Constructing Provably-Secure Identity-Based Signature Schemes Chethan Kamath Indian Institute of Science, Bangalore November 23, 2013 Overview Table of contents Background Formal Definitions Schnorr Signature
More informationProving Security Protocols Correct. Lawrence C. Paulson Computer Laboratory
Proving Security Protocols Correct Lawrence C. Paulson Computer Laboratory How Detailed Should a Model Be? too detailed too simple concrete abstract not usable not credible ``proves'' everything ``attacks''
More informationAn Introduction. Dr Nick Papanikolaou. Seminar on The Future of Cryptography The British Computer Society 17 September 2009
An Dr Nick Papanikolaou Research Fellow, e-security Group International Digital Laboratory University of Warwick http://go.warwick.ac.uk/nikos Seminar on The Future of Cryptography The British Computer
More informationMaryam Shoaran Alex Thomo Jens Weber. University of Victoria, Canada
Maryam Shoaran Alex Thomo Jens Weber University of Victoria, Canada Introduction Challenge: Evidence of Participation Sample Aggregates Zero-Knowledge Privacy Analysis of Utility of ZKP Conclusions 12/17/2015
More informationQuan&fying Uncertainty. Sai Ravela Massachuse7s Ins&tute of Technology
Quan&fying Uncertainty Sai Ravela Massachuse7s Ins&tute of Technology 1 the many sources of uncertainty! 2 Two days ago 3 Quan&fying Indefinite Delay 4 Finally 5 Quan&fying Indefinite Delay P(X=delay M=
More informationECS 189A Final Cryptography Spring 2011
ECS 127: Cryptography Handout F UC Davis Phillip Rogaway June 9, 2011 ECS 189A Final Cryptography Spring 2011 Hints for success: Good luck on the exam. I don t think it s all that hard (I do believe I
More informationRevisiting Cryptographic Accumulators, Additional Properties and Relations to other Primitives
S C I E N C E P A S S I O N T E C H N O L O G Y Revisiting Cryptographic Accumulators, Additional Properties and Relations to other Primitives David Derler, Christian Hanser, and Daniel Slamanig, IAIK,
More informationA New Approach to Practical Active-Secure Two-Party Computation
A New Approach to Practical Active-Secure Two-Party Computation Jesper Buus Nielsen 1, Peter Sebastian Nordholt 1, Claudio Orlandi 1, Sai Sheshank Burra 2 1 Aarhus University, Denmark 2 Indian Institute
More informationCryptographic Solutions for Data Integrity in the Cloud
Cryptographic Solutions for Stanford University, USA Stanford Computer Forum 2 April 2012 Homomorphic Encryption Homomorphic encryption allows users to delegate computation while ensuring secrecy. Homomorphic
More informationA Posteriori Openable Public Key Encryption *
A Posteriori Openable Public Key Encryption * Xavier Bultel 1, Pascal Lafourcade 1, CNRS, UMR 6158, LIMOS, F-63173 Aubière, France Université Clermont Auvergne, LIMOS, BP 10448, 63000 Clermont-Ferrand,
More informationNetworks. Can (John) Bruce Keck Founda7on Biotechnology Lab Bioinforma7cs Resource
Networks Can (John) Bruce Keck Founda7on Biotechnology Lab Bioinforma7cs Resource Networks in biology Protein-Protein Interaction Network of Yeast Transcriptional regulatory network of E.coli Experimental
More informationElliptic Curves and an Application in Cryptography
Parabola Volume 54, Issue 1 (2018) Elliptic Curves and an Application in Cryptography Jeremy Muskat 1 Abstract Communication is no longer private, but rather a publicly broadcast signal for the entire
More information[Title removed for anonymity]
[Title removed for anonymity] Graham Cormode graham@research.att.com Magda Procopiuc(AT&T) Divesh Srivastava(AT&T) Thanh Tran (UMass Amherst) 1 Introduction Privacy is a common theme in public discourse
More informationStatistical Privacy For Privacy Preserving Information Sharing
Statistical Privacy For Privacy Preserving Information Sharing Johannes Gehrke Cornell University http://www.cs.cornell.edu/johannes Joint work with: Alexandre Evfimievski, Ramakrishnan Srikant, Rakesh
More informationChapter 2. A Look Back. 2.1 Substitution ciphers
Chapter 2 A Look Back In this chapter we take a quick look at some classical encryption techniques, illustrating their weakness and using these examples to initiate questions about how to define privacy.
More informationCSE 21 Math for Algorithms and Systems Analysis. Lecture 6 S<rling Numbers of the Second Kind + Introduc<on to Func<ons
CSE 21 Math for Algorithms and Systems Analysis Lecture 6 S
More informationA Comparative Study of Current Clinical NLP Systems on Handling Abbreviations
A Comparative Study of Current Clinical NLP Systems on Handling Abbreviations Yonghui Wu 1 PhD, Joshua C. Denny 2 MD MS, S. Trent Rosenbloom 2 MD MPH, Randolph A. Miller 2 MD, Dario A. Giuse 2 Dr.Ing,
More informationTainted Flow Analysis on e-ssaform
Tainted Flow Analysis on e-ssaform Programs Andrei Rimsa, Marcelo d Amorim and Fernando M. Q. Pereira The Objective of this work is to detect security vulnerabilities in programs via static analysis Vulnerabilities
More informationOnline Cryptography Course. Message integrity. Message Auth. Codes. Dan Boneh
Online Cryptography Course Message integrity Message Auth. Codes Message Integrity Goal: integrity, no confiden>ality. Examples: Protec>ng public binaries on disk. Protec>ng banner ads on web pages. Message
More informationDART Ini)al Condi)ons for a Refined Grid CAM- SE Forecast of Hurricane Katrina. Kevin Raeder (IMAGe) Colin Zarzycki (ASP)
DART Ini)al Condi)ons for a Refined Grid CAM- SE Forecast of Hurricane Katrina Kevin Raeder (IMAGe) Colin Zarzycki (ASP) 1 Mo)va)on Thousands of processors on current supercomputers. - > new CAM dynamical
More informationd A L. T O S O U LOWELL, MICHIGAN. THURSDAY, DECEMBER 5, 1929 Cadillac, Nov. 20. Indignation
) - 5 929 XXX - $ 83 25 5 25 $ ( 2 2 z 52 $9285)9 7 - - 2 72 - - 2 3 zz - 9 86 - - - - 88 - q 2 882 q 88 - - - - - - ( 89 < - Q - 857-888 - - - & - - q - { q 7 - - - - q - - - - - - q - - - - 929 93 q
More informationDifferen'al Privacy with Bounded Priors: Reconciling U+lity and Privacy in Genome- Wide Associa+on Studies
Differen'al Privacy with Bounded Priors: Reconciling U+lity and Privacy in Genome- Wide Associa+on Studies Florian Tramèr, Zhicong Huang, Erman Ayday, Jean- Pierre Hubaux ACM CCS 205 Denver, Colorado,
More informationFormal Verification of Side-Channel Countermeasures
Formal Verification of Side-Channel Countermeasures Sonia Belaïd June 5th 2018 1 / 35 1 Side-Channel Attacks 2 Masking 3 Formal Tools Verification of Masked Implementations at Fixed Order Verification
More informationPractical quantum-key. key- distribution post-processing
Practical quantum-key key- distribution post-processing processing Xiongfeng Ma 马雄峰 IQC, University of Waterloo Chi-Hang Fred Fung, Jean-Christian Boileau, Hoi Fung Chau arxiv:0904.1994 Hoi-Kwong Lo, Norbert
More informationSample complexity bounds for differentially private learning
Sample complexity bounds for differentially private learning Kamalika Chaudhuri University of California, San Diego Daniel Hsu Microsoft Research Outline 1. Learning and privacy model 2. Our results: sample
More informationTHE POWER OF CERTAINTY
A DIRICHLET-MULTINOMIAL APPROACH TO BELIEF PROPAGATION Dhivya Eswaran* CMU deswaran@cs.cmu.edu Stephan Guennemann TUM guennemann@in.tum.de Christos Faloutsos CMU christos@cs.cmu.edu PROBLEM MOTIVATION
More informationAnalyzing the IETF ACE-OAuth Protocol
Analyzing the IETF ACE-OAuth Protocol Hannes Tschofenig Arm Limited, Email: hannes.tschofenig@arm.com I. ABSTRACT The OAuth Security Workshop series was started after a group of researchers from Trier/Germany
More informationCut-and-Choose Yao-Based Secure Computation in the Online/Offline and Batch Settings
Cut-and-Choose Yao-Based Secure Computation in the Online/Offline and Batch Settings Yehuda Lindell Bar-Ilan University, Israel Technion Cryptoday 2014 Yehuda Lindell Online/Offline and Batch Yao 30/12/2014
More informationt-closeness: Privacy Beyond k-anonymity and l-diversity
t-closeness: Privacy Beyond k-anonymity and l-diversity Ninghui Li Tiancheng Li Department of Computer Science, Purdue University {ninghui, li83}@cs.purdue.edu Suresh Venkatasubramanian AT&T Labs Research
More informationUntrusted quantum devices. Yaoyun Shi University of Michigan updated Feb. 1, 2014
Untrusted quantum devices Yaoyun Shi University of Michigan updated Feb. 1, 2014 Quantum power is incredible! Quantum power is incredible! Quantum power is incredible! Spooky action at a distance Quantum
More informationCollaborative Planning with Privacy
Collaborative Planning with Privacy Protocol exchange May 7, 2007 Max Kanovich 1, Paul Rowe 2, Andre Scedrov 2 1 Quenn Mary, University of London 2 University of Pennsylvania Context Many examples of collaboration
More informationNon- browser TLS Woes
Non- browser TLS Woes Dan Boneh Joint work with M. Georgiev, S. Iyengar, S. Jana, R. Anubhai, and V. Shma?kov Proc. ACM CCS 2012 30 second summary Lots of non- browser systems using TLS: Payment gateway
More informationLecture 24: Randomized Complexity, Course Summary
6.045 Lecture 24: Randomized Complexity, Course Summary 1 1/4 1/16 1/4 1/4 1/32 1/16 1/32 Probabilistic TMs 1/16 A probabilistic TM M is a nondeterministic TM where: Each nondeterministic step is called
More information5th March Unconditional Security of Quantum Key Distribution With Practical Devices. Hermen Jan Hupkes
5th March 2004 Unconditional Security of Quantum Key Distribution With Practical Devices Hermen Jan Hupkes The setting Alice wants to send a message to Bob. Channel is dangerous and vulnerable to attack.
More informationduring signature generation the secret key is never reconstructed at a single location. To provide fault tolerance, one slightly modies the above tech
Generating a Product of Three Primes with an Unknown Factorization Dan Boneh and Jeremy Horwitz Computer Science Department, Stanford University, Stanford, CA 94305-9045 fdabo,horwitzg@cs.stanford.edu
More informationCyber Security in the Quantum Era
T Computer Security Guest Lecture University of Edinburgh 27th November 2017 E H U N I V E R S I T Y O H F R G E D I N B U Outline Quantum Computers: Is it a threat to Cyber Security? Why should we act
More informationPrivacy of Numeric Queries Via Simple Value Perturbation. The Laplace Mechanism
Privacy of Numeric Queries Via Simple Value Perturbation The Laplace Mechanism Differential Privacy A Basic Model Let X represent an abstract data universe and D be a multi-set of elements from X. i.e.
More informationApplica'ons of Geosta'onary Aerosol Retrievals on PM2.5 Forecas'ng: Increased Poten'al from GOES-15
Applica'ons of Geosta'onary Aerosol Retrievals on PM2.5 Forecas'ng: Increased Poten'al from GOES-15 Yonghua Wu, Sam Lightstone, Fred Moshary, Barry Gross Op;cal Remote Sensing Lab City College of New York
More informationSecurity of Quantum Key Distribution with Imperfect Devices
Security of Quantum Key Distribution with Imperfect Devices Hoi-Kwong Lo Dept. of Electrical & Comp. Engineering (ECE); & Dept. of Physics University of Toronto Email:hklo@comm.utoronto.ca URL: http://www.comm.utoronto.ca/~hklo
More informationCS6750: Cryptography and Communica7on Security
CS6750: Cryptography and Communica7on Security Class 6: Simple Number Theory Dr. Erik- Oliver Blass Plan 1. Role of number theory in cryptography 2. Classical problems in computa7onal number theory 3.
More informationOverview of the Talk. Secret Sharing. Secret Sharing Made Short Hugo Krawczyk Perfect Secrecy
Overview of the Talk Secret Sharing CS395T Design and Implementation of Trusted Services Ankur Gupta Hugo Krawczyk. Secret Sharing Made Short, 1993. Josh Cohen Benaloh. Secret Sharing Homomorphisms: Keeping
More informationl-diversity: Privacy Beyond k-anonymity
l-diversity: Privacy Beyond k-anonymity ASHWIN MACHANAVAJJHALA, DANIEL KIFER, JOHANNES GEHRKE, and MUTHURAMAKRISHNAN VENKITASUBRAMANIAM Cornell University Publishing data about individuals without revealing
More informationMachine Learning & Data Mining CS/CNS/EE 155. Lecture 4: Recent Applica6ons of Lasso
Machine Learning Data Mining CS/CNS/EE 155 Lecture 4: Recent Applica6ons of Lasso 1 Today: Two Recent Applica6ons Cancer Detec0on Personaliza0on via twi9er music( Biden( soccer( Labour( Applica6ons of
More informationJun Zhang Department of Computer Science University of Kentucky
Application i of Wavelets in Privacy-preserving Data Mining Jun Zhang Department of Computer Science University of Kentucky Outline Privacy-preserving in Collaborative Data Analysis Advantages of Wavelets
More informationPilot Evaluation of a UAS Detect-and-Avoid System s Effectiveness in Remaining Well Clear!
National Aeronautics and Space Administration Pilot Evaluation of a UAS Detect-and-Avoid System s Effectiveness in Remaining Well Clear! Presenter: Confesor Santiago Co-author: Eric Mueller Affiliation:
More informationQuestion Selection for Crowd Entity Resolution
Question Selection for Crowd Entity Resolution 1 Steven Euijong Whang, Peter Lofgren, Hector Garcia-Molina Computer Science Department, Stanford University 353 Serra Mall, Stanford, CA 94305, USA {swhang,
More informationCryptography CS 555. Topic 25: Quantum Crpytography. CS555 Topic 25 1
Cryptography CS 555 Topic 25: Quantum Crpytography CS555 Topic 25 1 Outline and Readings Outline: What is Identity Based Encryption Quantum cryptography Readings: CS555 Topic 25 2 Identity Based Encryption
More informationApproximate and Probabilistic Differential Privacy Definitions
pproximate and Probabilistic Differential Privacy Definitions Sebastian Meiser University College London, United Kingdom, e-mail: s.meiser@ucl.ac.uk July 20, 208 bstract This technical report discusses
More informationAleksandar Jelenak affiliated with NOAA Satellite and Informa8on Service th Session of the GSICS Execu8ve Panel - Tokyo, Japan 1
Aleksandar Jelenak affiliated with NOAA Satellite and Informa8on Service 2013-07- 15 14th Session of the GSICS Execu8ve Panel - Tokyo, Japan 1 Outline Membership news Ac8on items review Official documents
More informationCS Communication Complexity: Applications and New Directions
CS 2429 - Communication Complexity: Applications and New Directions Lecturer: Toniann Pitassi 1 Introduction In this course we will define the basic two-party model of communication, as introduced in the
More informationAn Online Framework for Publishing Dynamic Privacy-Sensitive Location Traces
An Online Framework for Publishing Dynamic Privacy-Sensitive Location Traces University of Michigan Technical Report # CSE-TR-554-09 July 12, 2009 Wen Jin, Kristen LeFevre, Jignesh M Patel Electrical Engineering
More informationInterac(ve Data Analysis. University at Buffalo, SUNY Ying Yang
Interac(ve Data Analysis University at Buffalo, SUNY Ying Yang Outline Convergent Inference Algorithm: Enjoy the benefits of both exact and approximate inference algorithms Future Work 2 Outline Convergent
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2018
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2018 Secret Sharing Vault should only open if both Alice and Bob are present Vault should only open if Alice, Bob, and Charlie are
More informationOptical Quantum Communication with Quantitative Advantage. Quantum Communication
Optical Quantum Communication with Quantitative Advantage Juan Miguel Arrazola Benjamin Lovitz Ashutosh Marwah Dave Touchette Norbert Lütkenhaus Institute for Quantum Computing & Department of Physics
More informationFrequency-hiding Dependency-preserving Encryption for Outsourced Databases
Frequency-hiding Dependency-preserving Encryption for Outsourced Databases ICDE 17 Boxiang Dong 1 Wendy Wang 2 1 Montclair State University Montclair, NJ 2 Stevens Institute of Technology Hoboken, NJ April
More informationASYMMETRIC ENCRYPTION
ASYMMETRIC ENCRYPTION 1 / 1 Recommended Book Steven Levy. Crypto. Penguin books. 2001. A non-technical account of the history of public-key cryptography and the colorful characters involved. 2 / 1 Recall
More informationLecture 1. 1 Introduction. 2 Secret Sharing Schemes (SSS) G Exposure-Resilient Cryptography 17 January 2007
G22.3033-013 Exposure-Resilient Cryptography 17 January 2007 Lecturer: Yevgeniy Dodis Lecture 1 Scribe: Marisa Debowsky 1 Introduction The issue at hand in this course is key exposure: there s a secret
More informationNon-Interactive Zero-Knowledge Proofs of Non-Membership
Non-Interactive Zero-Knowledge Proofs of Non-Membership O. Blazy, C. Chevalier, D. Vergnaud XLim / Université Paris II / ENS O. Blazy (XLim) Negative-NIZK CT-RSA 2015 1 / 22 1 Brief Overview 2 Building
More informationAcknowledgements. Today s Lecture. Attacking k-anonymity. Ahem Homogeneity. Data Privacy in Biomedicine: Lecture 18
Acknowledgeents Data Privacy in Bioedicine Lecture 18: Fro Identifier to Attribute Disclosure and Beyond Bradley Malin, PhD (b.alin@vanderbilt.edu) Professor of Bioedical Inforatics, Biostatistics, and
More informationSimula'ons as a tool for higher mass resolu'on spectrometer: Lessons from exis,ng observa,ons
Simula'ons as a tool for higher mass resolu'on spectrometer: Lessons from exis,ng observa,ons 1 G. Nicolaou, 1 M. Yamauchi, 1,2 H. Nilsson, 1 M. Wieser, 3 A. Fedorov, 1 D. R. Cas'llo and 2 L. Berčič Mo'va'on
More informationDifferentially Private Smart Metering with Battery Recharging
Differentially Private Smart Metering with Battery Recharging Michael Backes 1,2 and Sebastian Meiser 2 1 MPI-SWS, 2 Saarland University Abstract. The energy industry has recently begun using smart meters
More informationSeman&cs with Dense Vectors. Dorota Glowacka
Semancs with Dense Vectors Dorota Glowacka dorota.glowacka@ed.ac.uk Previous lectures: - how to represent a word as a sparse vector with dimensions corresponding to the words in the vocabulary - the values
More informationBayesian Networks. Why Joint Distributions are Important. CompSci 570 Ron Parr Department of Computer Science Duke University
Bayesian Networks CompSci 570 Ron Parr Department of Computer Science Duke University Why Joint Distributions are Important Joint distribu6ons gives P(X 1 X n ) Classifica6on/Diagnosis Suppose X 1 =disease
More informationQuantum compu+ng with hypercubes of light. Pei Wang 2/21/2014
Quantum compu+ng with hypercubes of light Pei Wang 2/21/2014 Classical & Quantum Computers Register Processor input output Computer Type Register Processor Classical Computer bits Classical gates Quantum
More informationTransient Stability of Power Systems
Transient Stability of Power Systems A Unified Approach to Assessment and Control By Rishika Chavala IntroducAon What is transient stability? Numerical integra4on methods are used to assess it accurately
More informationCS 355: Topics in Cryptography Spring Problem Set 5.
CS 355: Topics in Cryptography Spring 2018 Problem Set 5 Due: June 8, 2018 at 5pm (submit via Gradescope) Instructions: You must typeset your solution in LaTeX using the provided template: https://crypto.stanford.edu/cs355/homework.tex
More informationSolution of Exercise Sheet 6
Foundations of Cybersecurity (Winter 16/17) Prof. Dr. Michael Backes CISPA / Saarland University saarland university computer science Solution of Exercise Sheet 6 1 Perfect Secrecy Answer the following
More informationPrivacy and Computer Science (ECI 2015) Day 4 - Zero Knowledge Proofs Mathematics
Privacy and Computer Science (ECI 2015) Day 4 - Zero Knowledge Proofs Mathematics F. Prost Frederic.Prost@ens-lyon.fr Ecole Normale Supérieure de Lyon July 2015 F. Prost Frederic.Prost@ens-lyon.fr (Ecole
More informationECash and Anonymous Credentials
ECash and Anonymous Credentials CS/ECE 598MAN: Applied Cryptography Nikita Borisov November 9, 2009 1 E-cash Chaum s E-cash Offline E-cash 2 Anonymous Credentials e-cash-based Credentials Brands Credentials
More informationFormal Verification of Masked Implementations
Formal Verification of Masked Implementations Sonia Belaïd Benjamin Grégoire CHES 2018 - Tutorial September 9th 2018 1 / 47 1 Side-Channel Attacks and Masking 2 Formal Tools for Verification at Fixed Order
More informationA Note on Negligible Functions
Appears in Journal of Cryptology Vol. 15, 2002, pp. 271 284. Earlier version was Technical Report CS97-529, Department of Computer Science and Engineering, University of California at San Diego, March
More informationHigh Fidelity to Low Weight. Daniel Gottesman Perimeter Institute
High Fidelity to Low Weight Daniel Gottesman Perimeter Institute A Word From Our Sponsor... Quant-ph/0212066, Security of quantum key distribution with imperfect devices, D.G., H.-K. Lo, N. Lutkenhaus,
More informationDan Boneh. Introduction. Course Overview
Online Cryptography Course Introduction Course Overview Welcome Course objectives: Learn how crypto primitives work Learn how to use them correctly and reason about security My recommendations: Take notes
More information