Table of contentsJointly Restraining Big Brother: Using cryptography to reconcile privacy with data aggregation
Privacy-sensitive interactions
A general approach for solution:
The “trusted service” solution
Example: Elections
Example: Medical records
Challenges (I):
Challenges (II):
Stand-Alone Security
Example: Concurrent Zero-Knowledge [F90,DNS98]
Example: Malleability of commitments [DDN91]
Slide 12
Slide 13
How to guarantee security in complex protocol environments?
Universally Composable Security [C01]
The composition operation (Originates with [MR91])
The composition operation (single call to F)
Slide 18
The composition operation (multiple calls to F)
Slide 20
Implications of the UC theorem
Slide 22
Questions:
Existence results: Honest majority
What if there is no honest majority? (e.g., two-party protocols)
The [GMW87] paradigm:
Slide 27
[GMW87] Protocol Compilation
Constructing a UC “[GMW87] compiler”
Slide 30
The “Commit-and-Prove” primitive
To sum up:
Application to privacy
|