Privacy-Enhancing Technologies & Applications to ehealth. Dr. Anja Lehmann IBM Research Zurich
|
|
- Mervyn Sanders
- 6 years ago
- Views:
Transcription
1 Privacy-Enhancing Technologies & Applications to ehealth Dr. Anja Lehmann IBM Research Zurich
2 IBM Research Zurich IBM Research founded in 1945 employees: 3, research labs on six continents IBM Research Zurich founded in 1956 more than 45 nationalities Nobel Laureates: in Physics by Heinrich Rohrer & Gerd Binnig 1987 in Physics by Alex Müller & Georg Bednorz research areas: Science & Technology Industry and Cloud Solutions Cloud & Computing Infrastructure Cognitive Computing & Computational Sciences Anja Lehmann IBM Research Zurich
3 IBM Research Zurich Cognitive Computing & Computational Sciences next generation cognitive systems and technologies big data, HPC, secure information management computational sciences Security & Privacy group 13 people: researchers, PostDocs, PhD students, software engineers focus: privacy-enhancing technologies, provable security This talk: why does privacy matter? what are the risks/limitations of current technologies? what measures exist to enhance privacy & security? Anja Lehmann IBM Research Zurich
4 Why does privacy matter? storage is becoming increasingly cheaper store by default e.g., intelligence agencies, Google Street View with wireless traffic, Apple location history once data is released, it can no longer be controlled can be copied & distributed different pieces can be linked and profiles be made data mining more efficient not just trend detection, even prediction, e.g., flu pandemics correlation with illegal criteria, e.g., race, religion networks and systems badly protected feature creep, security comes last, if at all security breaches happen almost every day 4 Anja Lehmann IBM Research Zurich
5 Why does privacy matter? it is far too easy to collect & to loose data! what are the risks if personal data is lost? embarrassment, blackmailing, identity theft, discrimination security risk: data must be protected accordingly basic protection techniques: reveal only data that is minimally necessary avoid globally unique personal identifiers strongly protect aquired (personal) data 5 Anja Lehmann IBM Research Zurich
6 avoid globally unique (personal) identifiers & linkability 6 Anja Lehmann IBM Research Zurich
7 Data Exchange how to keep & exchange related data maintained by different entities? Doctor A Health Insurance Doctor B Hospital Pharma Company Welfare Center 7 Anja Lehmann IBM Research Zurich
8 Data Exchange Global Identifier user data is associated with globally unique identifier e.g., insurance ID, social security number Doctor A ID Alice.1210 Bob.0411 Carol.2503 Data Hospital ID Bob.0411 Carol.2503 Dave.1906 Data 8 Anja Lehmann IBM Research Zurich
9 Data Exchange Global Identifier user data is associated with globally unique identifier e.g., insurance ID, social security number different entities can easily share & link related data records Doctor A ID Data Alice.1210 Bob.0411 Record of Bob.0411? Carol.2503 Hospital ID Data Bob.0411 Carol.2503 Dave Anja Lehmann IBM Research Zurich
10 Data Exchange Global Identifier user data is associated with globally unique identifier e.g., insurance ID, social security number different entities can easily share & link related data records Doctor A ID Data Alice.1210 Bob.0411 Record of Bob.0411? Carol simple data exchange no control about data exchange if records are lost, pieces can be linked together data has high-value requires strong protection 10 Anja Lehmann IBM Research Zurich Hospital ID Bob.0411 Carol.2503 Dave.1906 Data
11 Data Exchange Global Identifier user data is associated with globally unique identifier e.g., insurance ID, social security number different entities can easily share & link related data records Doctor A ID Data # # Record of #247495? # random yet global identifiers not much better linkability allows re-identification similar problem: anonymization of data sets e.g., Netflix challenge, credit card transactions + simple data exchange no control about data exchange if records are lost, pieces can be linked together data has high-value requires strong protection 11 Anja Lehmann IBM Research Zurich Hospital ID # # # Data
12 Data Exchange Pseudonyms & Trusted Central Authority central authority derives independent entity-local identifiers from unique identifer user data is associated with (unlinkable) entity-local identifiers aka pseudonyms Doctor A ID Data Central Authority ID ID-A ID-H Hba02 P89dy 912uj Alice.1210 Hba02 7twnG Bob.0411 P89dy ML3m5 Carol uj sd7ab Dave G3wx y2b4m Hospital ID ML3m5 Data sd7ab y2b4m 12 Anja Lehmann IBM Research Zurich
13 Data Exchange Pseudonyms & Trusted Central Authority central authority derives independent entity-local identifiers from unique identifer user data is associated with (unlinkable) entity-local identifiers aka pseudonyms only CA can link & convert pseudonyms central hub for data exchange ID ID-A ID-H Alice.1210 Hba02 7twnG Bob.0411 P89dy ML3m5 Carol uj sd7ab Dave G3wx y2b4m Central Authority Record of P89dy? Record of ML3m5? Doctor A Hospital ID Hba02 P89dy 912uj ID ML3m5 Data Data sd7ab y2b4m 13 Anja Lehmann IBM Research Zurich
14 Data Exchange Pseudonyms & Trusted Central Authority central authority derives independent entity-local identifiers from unique identifer user data is associated with (unlinkable) entity-local identifiers aka pseudonyms only CA can link & convert pseudonyms central hub for data exchange ID ID-A ID-H Alice.1210 Hba02 7twnG Bob.0411 P89dy ML3m5 Carol uj sd7ab Dave G3wx y2b4m Central Authority + control about data exchange Record of P89dy? Record of ML3m5? + if records are lost, pieces cannot be linked together + user can monitor (& control) data flow central authority learns all request & knows all correlations 14 Anja Lehmann IBM Research Zurich Doctor A Hospital ID Hba02 P89dy 912uj ID ML3m5 sd7ab y2b4m Data Data
15 ideally: no party should know the correlation of all pseudonym 15 Anja Lehmann IBM Research Zurich
16 Data Exchange Pseudonyms & Central Authority central authority & entities jointly derive pseudonyms from unique identifers entities do not learn unique identifiers, CA does not learn the pseudonyms user data is associated with pseudonyms Doctor A ID Data Hba02 ID Central Authority P89dy 912uj Alice.1210 Bob.0411 Carol.2503 Dave.1906 Hospital ID Data ML3m5 sd7ab y2b4m 16 Anja Lehmann IBM Research Zurich
17 Data Exchange Pseudonyms & Central Authority central authority & entities jointly derive pseudonyms from unique identifers entities do not learn unique identifiers, CA does not learn the pseudonyms user data is associated with pseudonyms only CA can link & convert identifiers but does so in a blind way ID Alice.1210 Bob.0411 Central Authority Record of P89dy? Record of P89dy? blind conversion Record of P89dy? Record of P89dy? Doctor A Record of P89dy? blind conversion request unblinding conversion response Record of ML3m5? ID Hba02 P89dy 912uj Data Carol.2503 Dave.1906 Hospital ID Data ML3m5 sd7ab y2b4m 17 Anja Lehmann IBM Research Zurich
18 Data Exchange Pseudonyms & Central Authority central authority & entities jointly derive pseudonyms from unique identifers entities do not learn unique identifiers, CA does not learn the pseudonyms user data is associated with pseudonyms only CA can link & convert identifiers but does so in a blind way ID Alice.1210 Bob.0411 Carol.2503 Dave.1906 Central Authority Record of P89dy? Record of P89dy? blind conversion + control about data exchange Record of P89dy? Record of P89dy? + if records are lost, pieces cannot be linked together + central authority does not learn request (can not even tell if requests are for the same user) + central authority can not link data itself 18 Anja Lehmann IBM Research Zurich Doctor A Record of P89dy? blind conversion request unblinding conversion response Record of ML3m5? Hospital ID Hba02 P89dy 912uj ID ML3m5 sd7ab y2b4m Data Data
19 Summary if data contains personal identifying information high value for data thieves privacy risk for users security risk for data holder: data requires strong protection standard pseudonymization doesn't help re-identification via linkability basic protection techniques: reveal only data that is minimally necessary avoid globally unique personal identifiers strongly protect aquired (personal) data 19 Anja Lehmann IBM Research Zurich
20 Summary if data contains personal identifying information high value for data thieves privacy risk for users security risk for data holder: data requires strong protection standard pseudonymization doesn't help re-identification via linkability basic protection techniques: reveal only data that is minimally necessary privacy-enhancing yet strong authentication anonymous/pseudonymous consultations, e.g., online chat with a psychologist online consultation with IBM Watson pilot at swedish school for anonymous consultation avoid globally unique personal identifiers strongly protect aquired (personal) data 20 Anja Lehmann IBM Research Zurich
21 Summary if data contains personal identifying information high value for data thieves privacy risk for users security risk for data holder: data requires strong protection standard pseudonymization doesn't help re-identification via linkability basic protection techniques: reveal only data that is minimally necessary avoid globally unique personal identifiers strongly protect aquired (personal) data privacy-enhancing yet strong authentication anonymous/pseudonymous consultations, e.g., online chat with a psychologist online consultation with IBM Watson pilot at swedish school for anonymous consultation virtual trusted hardware how to secure confidential data on mobile devices challenge: security vs. convenience protection with user password (usually very insecure) & key server(s) jointly derive strong key split-key approach: loosing device loosing data 21 Anja Lehmann IBM Research Zurich
22 privacy-enhancing yet strong authentication or how to reveal only the data that is minimally necessary 22 Anja Lehmann IBM Research Zurich
23 Strong Authentication Motivation I'd like to get some health consultation! Sure, if you have valid insurance. Online Health Service 23 Anja Lehmann IBM Research Zurich
24 Strong Authentication Motivation Name Alice Doe Date of Birth Dec 12, 1998 Address 7 Waterdrive City 8003 Zurich Insurance SWICA Main ID # Expiry Date Jan 4, 2016 digital certificate / credential Alice Online Health Service 24 Anja Lehmann IBM Research Zurich
25 Strong Authentication Motivation Alice Online Health Service digital certificates for strong authentication 25 Anja Lehmann IBM Research Zurich
26 Strong Authentication Motivation This is a privacy and security problem! identity theft profiling discrimination Aha, you are Alice Doe born on Dec 12, Waterdrive CH 8003 Zurich SWICA insured ID # Expires Jan 4, 2016 Alice Online Health Service digital certificates for strong authentication 26 Anja Lehmann IBM Research Zurich
27 Privacy-Enhancing Credentials solve this. When Alice authenticates to the Online Health Service, all the service learns is that Alice and no more. has a valid insurance Sure, if you have valid insurance. Online Health Service 27 Anja Lehmann IBM Research Zurich
28 Privacy-Enhancing Credentials Name Alice Doe Date of Birth Dec 12, 1998 Address 7 Waterdrive City 8003 Zurich Insurance SWICA Main ID # Expiry Date Jan 4, 2016 Alice Online Health Service privacy-enhancing credential for strong yet privacy-enhancing authentication 28 Anja Lehmann IBM Research Zurich
29 Privacy-Enhancing Credentials privacy-enhancing credentials allow derivation of authentication tokens pseudonymous/anonymous authentication selective attribute disclosure Name Alice Doe Date of Birth Dec 12, 1998 Address 7 Waterdrive City 8003 Zurich Insurance SWICA Main ID # Expiry Date > today Alice valid subscription Online Health Service 29 Anja Lehmann IBM Research Zurich
30 Privacy-Enhancing Credentials privacy-enhancing credentials allow derivation of authentication tokens pseudonymous/anonymous authentication selective attribute disclosure Thanks, you have valid insurance. Alice Online Health Service 30 Anja Lehmann IBM Research Zurich
31 Privacy-Enhancing Credentials privacy-enhancing credentials allow derivation of authentication tokens pseudonymous/anonymous authentication selective attribute disclosure Name Alice Doe Date of Birth Dec 12, 1998 Address 7 Waterdrive City 8003 Zurich Insurance SWICA Main ID # Expiry Date > today =? Alice valid subscription Online Health Service user can derive unlinkable token with different pseudonyms if unlinkability is desired or re-authenticate under already established pseudonym 31 Anja Lehmann IBM Research Zurich
32 Privacy-Enhancing Credentials Use Cases anonymous/pseudonymous consultations with specialists, e.g., online chat with a psychologist online consultation with IBM Watson not just theory: pilot at swedish school for anonymous consultation anonymous access to high-value data bases, e.g., DNA databases who accesses which data at which time can reveal sensitive information about the users (their research strategy, habits, etc.) 32 Anja Lehmann IBM Research Zurich
33 Privacy-Enhancing Credentials & Oblivious Transfer anonymous/pseudonymous consultations with specialists, e.g., online chat with a psychologist online consultation with IBM Watson not just theory: pilot at swedish school for anonymous consultation anonymous access to high-value data bases, e.g., DNA databases who accesses which data at which time can reveal sensitive information about the users (their research strategy, habits, etc.) oblivious data transfer / private information retrieval: user can access data base gets only data he has authorization for data base does not learn who the user is (but is ensured he has acess rights) & what data the user is fetching 33 Anja Lehmann IBM Research Zurich
34 How to protect confidential data? 34 Anja Lehmann IBM Research Zurich
35 Motivation How to store confidential data without assuming trusted user storage? challenge: mobile devices can get lost/stolen 35 Anja Lehmann IBM Research Zurich
36 How to protect sensitive data on a mobile device? user password pwd pwd psswrd123 sensitive data plaintext ciphertext solution? device encrypts data under password-derived key 36 Anja Lehmann IBM Research Zurich
37 How to protect sensitive data on a mobile device? user password pwd pwd psswrd123 sensitive data plaintext ciphertext solution? device encrypts data under password-derived key 37 Anja Lehmann IBM Research Zurich
38 How to protect sensitive data on a mobile device? user password pwd pwd psswrd123 sensitive data plaintext ciphertext solution? device encrypts data under password-derived key 38 Anja Lehmann IBM Research Zurich
39 How to protect sensitive data on a mobile device? solution? device encrypts data under password-derived key device only stores encrypted data, but not the encryption key 39 Anja Lehmann IBM Research Zurich
40 How to protect sensitive data on a mobile device? user password pwd' pwd' psswrd123 ciphertext plaintext solution? device encrypts data under password-derived key device only stores encrypted data, but not the encryption key to decrypt data, reconstruct key from password 40 Anja Lehmann IBM Research Zurich
41 How to protect sensitive data on a mobile device? what happens if device gets lost/stolen? adversary only learns the encrypted data 41 Anja Lehmann IBM Research Zurich
42 How to protect sensitive data on a mobile device? password password123 psswrd123 password password123 psswrd123 what happens if device gets lost/stolen? ciphertext plaintext adversary only learns the encrypted data but he can try to reconstruct key by guessing the password problem: offline attacks (dictionary attack, brute-force) 16-char passwords ~ 1 billion possibilities vs. GPUs test billions/second to get reasonable security, passwords must be long, random values inconvenient to use & hard to memorize 42 Anja Lehmann IBM Research Zurich
43 How to protect sensitive data on a mobile device? challenge: how can we get a strong cryptographic key from a weak password? without having offline attacks if device is lost solution: involve a key server & two-factor authentication towards server 43 Anja Lehmann IBM Research Zurich
44 How to protect sensitive data on a mobile device? user password pwd device secret S server 44 Anja Lehmann IBM Research Zurich
45 How to protect sensitive data on a mobile device? user password pwd pwd device secret S h = Hash(S,pwd) h server solution: two-factor authentication based on user password and device secret pwd 1 pwd 2 45 Anja Lehmann IBM Research Zurich
46 How to protect sensitive data on a mobile device? user password pwd pwd device secret S h = Hash(S,pwd) h, server solution: two-factor authentication based on user password and device secret server chooses & stores random encryption key (i.e., independent of pwd or h!) 46 Anja Lehmann IBM Research Zurich
47 How to protect sensitive data on a mobile device? user password pwd device secret S h, device does not store encryption key or any password-derived data server solution: two-factor authentication based on user password and device secret server chooses & stores random encryption key (i.e., independent of pwd or h!) 47 Anja Lehmann IBM Research Zurich
48 How to protect sensitive data on a mobile device? user password pwd' pwd' device secret S h' = Hash(S,pwd') h' = h? h, server solution: two-factor authentication based on user password and device secret server chooses & stores random encryption key (i.e., independent of pwd or h!) online password verification to retrieve encryption key 48 Anja Lehmann IBM Research Zurich
49 How to protect sensitive data on a mobile device? user password pwd' pwd' device secret S h' = Hash(S,pwd') h' = h? h, server solution: two-factor authentication based on user password and device secret server chooses & stores random encryption key (i.e., independent of pwd or h!) online password verification to retrieve encryption key 49 Anja Lehmann IBM Research Zurich
50 How to protect sensitive data on a mobile device? password password123 psswrd123 device secret S h* = Hash(S,pwd*) h* = h? wrong password h, blocks verification after too many failed attempts server what happens if device gets lost/stolen? adversary must retrieve decryption key from server server will recognize suspicious behaviour and block account offline attacks don't work anymore 50 Anja Lehmann IBM Research Zurich
Privacy-Enhancing Technologies: Anonymous Credentials and Pseudonym Systems. Anja Lehmann IBM Research Zurich
Privacy-Enhancing Technologies: Anonymous Credentials and Pseudonym Systems Anja Lehmann IBM Research Zurich ROADMAP Anonymous Credentials privacy-preserving (user) authentication Pseudonym Systems privacy-preserving
More informationCryptography 4 People
ZISC Lunch Seminar, ETH Zurich, March 15, 2017 Cryptography 4 People bases Jan Camenisch Principle RSM; Member, IBM Academy of Technology IBM Research Zurich @JanCamenisch ibm.biz/jancamenisch Facts We
More informationPrivacy-Preserving & User-Auditable Pseudonym Systems. Jan Camenisch, Anja Lehmann IBM Research Zurich
Privacy-Preserving & User-Auditable Pseudonym Systems Jan Camenisch, Anja Lehmann IBM Research Zurich Motivation: How to maintain related yet distributed data? examples: social security system, ehealth
More informationDirections in Security Research
Directions in Security Research Jan Camenisch IBM Research Zurich jca@zurich.ibm.com @JanCamenisch ibm.biz/jancamenisch Facts 33% of cyber crimes, including identity theft, take less time than to make
More informationCryptography 4 People
International Workshop on Inference & Privacy in a Hyperconnected World 2016 Cryptography 4 People Jan Camenisch Principle RSM; Member, IBM Academy of Technology IBM Research Zurich @JanCamenisch ibm.biz/jancamenisch
More informationIBM Identity Mixer. Introduction Deployment Use Cases Blockchain More Features
Introduction Deployment Use Cases Blockchain More Features IBM Identity Mixer Privacy-preserving identity management and authentication for Blockchain and beyond Dr. Maria Dubovitskaya IBM Research Zurich
More informationCryptographic dimensions of Privacy
PRIVACY SUMMIT 2016 The Alain Turing Institute Cryptographic dimensions of Privacy Dr. Jan Camenisch Principle RSM; Member, IBM Academy of Technology IBM Research Zurich @JanCamenisch ibm.biz/jancamenisch
More informationIBM Identity Mixer. Authentication without identification. Introduction Demo Use Cases Features Overview Deployment
Introduction Demo Use Cases Features Overview Deployment IBM Identity Mixer Authentication without identification Jan Camenisch, Maria Dubovitskaya, Peter Kalambet, Anja Lehmann, Gregory Neven, Franz-Stefan
More informationCryptography 4 Privacy
SuRI School of Computer and Communication Sciences EPFL Cryptography 4 Privacy Jan Camenisch Principle RSM; Member, IBM Academy of Technology IBM Research Zurich @JanCamenisch ibm.biz/jancamenisch Facts
More informationPrivacy in an Electronic World A Lost Cause?
InfoSec 2015 Summer School on Information Security Bilbao Privacy in an Electronic World A Lost Cause? Dr. Jan Camenisch Cryptography & Privacy Principal Research Staff Member Member, IBM Academy of Technology
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationIdentity Mixer: From papers to pilots and beyond. Gregory Neven, IBM Research Zurich IBM Corporation
Identity Mixer: From papers to pilots and beyond Gregory Neven, IBM Research Zurich Motivation Online security & trust today: SSL/TLS for encryption and server authentication Username/password for client
More informationCan eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010
Can eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010 Content eid Primary Functions eid Privacy Features and Security
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
More informationCHAPTER 1 INTRODUCTION TO CRYPTOGRAPHY. Badran Awad Computer Department Palestine Technical college
CHAPTER 1 INTRODUCTION TO CRYPTOGRAPHY Badran Awad Computer Department Palestine Technical college CHAPTER 1 Introduction Historical ciphers Information theoretic security Computational security Cryptanalysis
More informationForschungsrichtungen in der IT-Sicherheit
Forschungsrichtungen in der IT-Sicherheit Dr. Jan Camenisch Principle Researcher; Member, IBM Academy of Technology IBM Research Zurich jca@zurich.ibm.com @JanCamenisch ibm.biz/jancamenisch Facts 33% of
More informationOverview of Authentication Systems
Overview of Authentication Systems Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-07/
More informationDelegated Access for Hadoop Clusters in the Cloud
Delegated Access for Hadoop Clusters in the Cloud David Nuñez, Isaac Agudo, and Javier Lopez Network, Information and Computer Security Laboratory (NICS Lab) Universidad de Málaga, Spain Email: dnunez@lcc.uma.es
More informationAuthentication. Overview of Authentication systems. IT352 Network Security Najwa AlGhamdi
Authentication Overview of Authentication systems 1 Approaches for Message Authentication Authentication is process of reliably verifying the identity of someone. Authentication Schemes 1. Password-based
More informationUser Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More informationAnonymity. Assumption: If we know IP address, we know identity
03--4 Anonymity Some degree of anonymity from using pseudonyms However, anonymity is always limited by address TCP will reveal your address address together with ISP cooperation Anonymity is broken We
More information1 Identification protocols
ISA 562: Information Security, Theory and Practice Lecture 4 1 Identification protocols Now that we know how to authenticate messages using MACs, a natural question is, how can we use MACs to prove that
More informationCryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More informationAuthentication. Chapter 2
Authentication Chapter 2 Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand how CHAP works Understand what mutual authentication
More informationUser Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More informationProf. Christos Xenakis
From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control Device-Centric Authentication for Future Internet Prof. Christos Xenakis H2020 Clustering
More informationProf. Christos Xenakis
From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control Device-Centric Authentication for Future Internet Prof. Christos Xenakis SAINT Workshop
More informationCERN Certification Authority
CERN Certification Authority Emmanuel Ormancey (IT/IS) What are Certificates? What are Certificates? Digital certificates are electronic credentials that are used to certify the identities of individuals,
More informationCryptography for People
CySeP2015 Winter School on Cyber Security & Privacy KTH Stockholm Cryptography for People Dr. Jan Camenisch Cryptography & Privacy Principal Research Staff Member Member, IBM Academy of Technology jca@zurich.ibm.com
More informationEncryption and Forensics/Data Hiding
Encryption and Forensics/Data Hiding 1 Cryptography Background See: http://www.cacr.math.uwaterloo.ca/hac/ For more information 2 Security Objectives Confidentiality (Secrecy): Prevent/Detect/Deter improper
More informationSecure Multiparty Computation
Secure Multiparty Computation Li Xiong CS573 Data Privacy and Security Outline Secure multiparty computation Problem and security definitions Basic cryptographic tools and general constructions Yao s Millionnare
More informationDefining Encryption. Lecture 2. Simulation & Indistinguishability
Defining Encryption Lecture 2 Simulation & Indistinguishability Roadmap First, Symmetric Key Encryption Defining the problem We ll do it elaborately, so that it will be easy to see different levels of
More informationWorksheet - Reading Guide for Keys and Passwords
Unit 2 Lesson 15 Name(s) Period Date Worksheet - Reading Guide for Keys and Passwords Background Algorithms vs. Keys. An algorithm is how to execute the encryption and decryption and key is the secret
More informationPYTHIA SERVICE BY VIRGIL SECURITY WHITE PAPER
PYTHIA SERVICE WHITEPAPER BY VIRGIL SECURITY WHITE PAPER May 21, 2018 CONTENTS Introduction 2 How does Pythia solve these problems? 3 Are there any other solutions? 4 What is Pythia? 4 How does it work?
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 11: Public Key Infrastructure Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Public key infrastructure Certificates Trust
More informationMTAT Applied Cryptography
MTAT.07.017 Applied Cryptography Rakenduslik krüptograafia Прикладная криптография Juri Hudolejev University of Tartu Spring 2011 { Practical course theory is clear already Using existing tools, libraries
More informationHY-457 Information Systems Security
HY-457 Information Systems Security Recitation 1 Panagiotis Papadopoulos(panpap@csd.uoc.gr) Kostas Solomos (solomos@csd.uoc.gr) 1 Question 1 List and briefly define categories of passive and active network
More informationLecture 15 PKI & Authenticated Key Exchange. COSC-260 Codes and Ciphers Adam O Neill Adapted from
Lecture 15 PKI & Authenticated Key Exchange COSC-260 Codes and Ciphers Adam O Neill Adapted from http://cseweb.ucsd.edu/~mihir/cse107/ Today We will see how signatures are used to create public-key infrastructures
More informationOutline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
More informationCS 161 Computer Security
Popa & Wagner Spring 2016 CS 161 Computer Security Midterm 2 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that academic misconduct will be
More informationQuantum cryptography for data heliocentric world
Quantum cryptography for data heliocentric world he heliocentrism of digital world is data and everything whirls around data. Data-driven strategy is taking center stage and has transformed the traditional
More informationUNIT - IV Cryptographic Hash Function 31.1
UNIT - IV Cryptographic Hash Function 31.1 31-11 SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service
More informationCNT4406/5412 Network Security
CNT4406/5412 Network Security Authentication Zhi Wang Florida State University Fall 2014 Zhi Wang (FSU) CNT4406/5412 Network Security Fall 2014 1 / 43 Introduction Introduction Authentication is the process
More informationSECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA
SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA CTO Office www.digi.me another Engineering Briefing digi.me keeping your data secure at all times ALL YOUR DATA IN ONE PLACE TO SHARE WITH PEOPLE WHO
More informationA PROPOSED AUTHENTICATION SCHEME USING THE CONCEPT OF MINDMETRICS
A PROPOSED AUTHENTICATION SCHEME USING THE CONCEPT OF MINDMETRICS Nitin Shinde 1, Lalit Shejwal 2, Uditkumar Gupta 3, Priyanka Pawar 4 1, 2, 3, 4 Department of Computer Engineering, Sinhgad Institute of
More informationLecture 3 - Passwords and Authentication
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Lecture 3 - Passwords and Authentication CSE497b - Spring 2007 Introduction Computer and Network Security Professor
More informationDirect Anonymous Attestation
Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with Ernie Brickell, Liqun Chen, Manu Drivers, Anja Lehmann. jca@zurich.ibm.com, @JanCamenisch, ibm.biz/jancamenisch
More informationKey Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature
Key Management Digital signatures: classical and public key Classic and Public Key exchange 1 Handwritten Signature Used everyday in a letter, on a check, sign a contract A signature on a signed paper
More informationIRMA: I Reveal My Attributes
IRMA: I Reveal My Attributes Roland van Rijswijk - Deij roland.vanrijswijk@surfnet.nl rijswijk@cs.ru.nl Project partners 2 What is an attribute? An attribute is a property of a person: Full name Date of
More informationIn this unit we are continuing our discussion of IT security measures.
1 In this unit we are continuing our discussion of IT security measures. 2 One of the best security practices in Information Security is that users should have access only to the resources and systems
More informationTrusted Identities. Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN
Trusted Identities Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN WHAT YOU WILL LEARN TODAY Strong identity verification as a security measure and business enabler Authentication
More informationGeneral Data Protection Regulation Frequently Asked Questions (FAQ) General Questions
General Data Protection Regulation Frequently Asked Questions (FAQ) This document addresses some of the frequently asked questions regarding the General Data Protection Regulation (GDPR), which goes into
More informationData Modeling and Database Design
INF1343, Winter 2012 Data Modeling and Database Design Yuri Takhteyev Faculty of Information University of Toronto This presentation is licensed under Creative Commons Attribution License, v. 3.0. To view
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010
Network Security: Anonymity Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.1 Introduction to Cryptography CSC 474/574 By Dr. Peng Ning 1 Cryptography Cryptography Original meaning: The art of secret writing Becoming a science that
More informationECEN 5022 Cryptography
Introduction University of Colorado Spring 2008 Historically, cryptography is the science and study of secret writing (Greek: kryptos = hidden, graphein = to write). Modern cryptography also includes such
More informationAttribute-based Credentials on Smart Cards
Attribute-based Credentials on Smart Cards ir. Pim Vullers p.vullers@cs.ru.nl Privacy & Identity Lab Institute for Computing and Information Sciences Digital Security SaToSS Research Meeting 28th February
More informationOneID An architectural overview
OneID An architectural overview Jim Fenton November 1, 2012 Introduction OneID is an identity management technology that takes a fresh look at the way that users authenticate and manage their identities
More informationA Modified Approach for Kerberos Authentication Protocol with Secret Image by using Visual Cryptography
A Modified Approach for Kerberos Authentication Protocol with Secret Image by using Visual Cryptography Ashok Kumar J 1, and Gopinath Ganapathy 2 1,2 School of Computer Science, Engineering and Applications
More informationLecture 3 - Passwords and Authentication
Lecture 3 - Passwords and Authentication CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12 What is authentication? Reliably verifying
More informationDistributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018
Distributed Systems 25. Authentication Paul Krzyzanowski Rutgers University Fall 2018 2018 Paul Krzyzanowski 1 Authentication For a user (or process): Establish & verify identity Then decide whether to
More informationControlling Website Account Information. A recent survey done by Privacy Rights Clearinghouse shows that in the past five years
Colson 1 Alex Colson Dr. Lunsford Information Security Management 10 July 2007 Controlling Website Account Information A recent survey done by Privacy Rights Clearinghouse shows that in the past five years
More information5. Authentication Contents
Contents 1 / 47 Introduction Password-based Authentication Address-based Authentication Cryptographic Authentication Protocols Eavesdropping and Server Database Reading Trusted Intermediaries Session Key
More informationCopy-Resistant Credentials with Minimum Information Disclosure
Copy-Resistant Credentials with Minimum Information Disclosure David Bauer and Douglas Blough Georgia Institute of Technology Public-key based certificates provide a standard way to prove one's identity,
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationRemote E-Voting System
Remote E-Voting System Crypto2-Spring 2013 Benjamin Kaiser Jacob Shedd Jeremy White Phases Initialization Registration Voting Verifying Activities Trusted Authority (TA) distributes 4 keys to Registrar,
More informationSumy State University Department of Computer Science
Sumy State University Department of Computer Science Lecture 1 (part 2). Access control. What is access control? A cornerstone in the foundation of information security is controlling how resources are
More informationUsable Security Introduction to User Authentication and Human Interaction Proof Research
Usable Security Introduction to User Authentication and Human Interaction Proof Research Argyris C. Constantinides PhD Student Department of Computer Science University of Cyprus 1 Agenda Introduction
More informationPrivacy with attribute-based credentials ABC4Trust Project. Fatbardh Veseli
Privacy with attribute-based credentials ABC4Trust Project Fatbardh Veseli Deutsche Telekom Chair for Mobile Business and Multilateral Security Goethe University Frankfurt, Germany fatbardh.veseli@m-chair.de
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationPublic-Key Cryptography
Computer Security Spring 2008 Public-Key Cryptography Aggelos Kiayias University of Connecticut A paradox Classic cryptography (ciphers etc.) Alice and Bob share a short private key using a secure channel.
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationMASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth Low-Energy. Yan Michalevsky, Suman Nath, Jie Liu
MASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth Low-Energy Yan Michalevsky, Suman Nath, Jie Liu Motivation Private communication Anonymous messaging Secret communities Location-based
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2012
Network Security: Anonymity Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2012 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationECE 646 Lecture 3. Key management
ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution Using the same key for multiple
More informationPrivacy-Preserving Data Sharing and Matching
Privacy-Preserving Data Sharing and Matching Peter Christen School of Computer Science, ANU College of Engineering and Computer Science, The Australian National University, Canberra, Australia Contact:
More informationPersonal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
More informationCS155b: E-Commerce. Lecture 6: Jan. 25, Security and Privacy, Continued
CS155b: E-Commerce Lecture 6: Jan. 25, 2001 Security and Privacy, Continued FIREWALL A barrier between an internal network & the Internet Protects the internal network from outside attacks Executes administrator-defined
More informationAnonymous Password-based Authenticated Key Exchange
Joint Research Workshop on Ubiquitous Network Security Anonymous Password-based Authenticated Key Exchange Akihiro Yamamura, Duong Quang Viet and Hidema Tanaka NICT Security Fundamentals Group 1 Motivation:
More informationHIPAA Federal Security Rule H I P A A
H I P A A HIPAA Federal Security Rule nsurance ortability ccountability ct of 1996 HIPAA Introduction - What is HIPAA? HIPAA = The Health Insurance Portability and Accountability Act A Federal Law Created
More informationIntroduction to Cryptography. Ramki Thurimella
Introduction to Cryptography Ramki Thurimella Encryption & Decryption 2 Generic Setting 3 Kerckhoff s Principle Security of the encryption scheme must depend only on The secret key NOT on the secrecy of
More informationISSN: (Online) Volume 3, Issue 5, May 2015 International Journal of Advance Research in Computer Science and Management Studies
ISSN: 2321-7782 (Online) Volume 3, Issue 5, May 2015 International Journal of Advance Research in Computer Science and Management Studies Research Article / Survey Paper / Case Study Available online at:
More informationWeb Security, Summer Term 2012
IIG University of Freiburg Web Security, Summer Term 2012 Brocken Authentication and Session Management Dr. E. Benoist Sommer Semester Web Security, Summer Term 2012 7 Broken Authentication and Session
More informationWeb Security, Summer Term 2012
Table of Contents IIG University of Freiburg Web Security, Summer Term 2012 Brocken Authentication and Session Management Dr. E. Benoist Sommer Semester Introduction Examples of Attacks Brute Force Session
More informationNetwork Security CHAPTER 31. Solutions to Review Questions and Exercises. Review Questions
CHAPTER 3 Network Security Solutions to Review Questions and Exercises Review Questions. A nonce is a large random number that is used only once to help distinguish a fresh authentication request from
More informationNumber Theory and RSA Public-Key Encryption
Number Theory and RSA Public-Key Encryption Dr. Natarajan Meghanathan Associate Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu CIA Triad: Three Fundamental
More informationTest 2 Review. 1. (10 points) Timestamps and nonces are both used in security protocols to prevent replay attacks.
Test 2 Review Name Student ID number Notation: {X} Bob Apply Bob s public key to X [Y ] Bob Apply Bob s private key to Y E(P, K) Encrypt P with symmetric key K D(C, K) Decrypt C with symmetric key K h(x)
More informationVMware, SQL Server and Encrypting Private Data Townsend Security
VMware, SQL Server and Encrypting Private Data Townsend Security 724 Columbia Street NW, Suite 400 Olympia, WA 98501 360.359.4400 Today s Agenda! What s new from Microsoft?! Compliance, standards, and
More informationCS Paul Krzyzanowski
Computer Security 17. Tor & Anonymous Connectivity Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2018 1 2 Anonymity on the Internet Often considered bad Only criminals need to hide
More informationProduct Brief. Circles of Trust.
Product Brief Circles of Trust www.cryptomill.com product overview Circles of Trust is an enterprise security software system that eliminates the risks associated with data breaches from a hacker attack
More informationRSA DISTRIBUTED CREDENTIAL PROTECTION
RSA DISTRIBUTED CREDENTIAL PROTECTION There is a security weakness lurking in many of today s best designed systems a primary point of compromise. Think about your own IT operations. Chances are that by
More informationOnline Threats. This include human using them!
Online Threats There are many dangers from using the web (and computer in general). One should watch out for malware, automated programs designed to cause harm to you, your data, and your system. You are
More informationChapter 4 Protection in General-Purpose Operating Systems
Chapter 4 Protection in General-Purpose Operating Systems Charles P. Pfleeger & Shari Lawrence Pfleeger, Security in Computing, 4 th Ed., Pearson Education, 2007 1 An operating system has two goals: controlling
More informationProtect Yourself Against VPN-Based Attacks: Five Do s and Don ts
White Paper Protect Yourself Against VPN-Based Attacks: Five Do s and Don ts Don t let stolen VPN credentials jeopardize your security March 2015 A TECHTARGET WHITE PAPER Most IT professionals take for
More informationIdentity Management Systems An Overview. IST Event 2004 /
IST Event 2004 / 15.11.2004 Marit Hansen / Henry Krasemann Unabhängiges Landeszentrum für Datenschutz // Independent Centre for Privacy Protection Schleswig-Holstein, Germany Overview Identity Management
More informationCIS 6930/4930 Computer and Network Security. Project requirements
CIS 6930/4930 Computer and Network Security Project requirements Project Requirement Form a team of 3 people to complete the course project. The project has 100pts + 20pts (extra credit) Report requirement:
More informationU-Prove Technology Overview
U-Prove Technology Overview November 2010 TOC Introduction Community Technology Preview Additional Capabilities RSA Demo Conclusion 2 Introduction History U-Prove well established in academia Patent portfolio
More informationMU2b Authentication, Authorization and Accounting Questions Set 2
MU2b Authentication, Authorization and Accounting Questions Set 2 1. You enable the audit of successful and failed policy changes. Where can you view entries related to policy change attempts? Lesson 2
More informationSymmetric Key Services Markup Language Use Cases
Symmetric Key Services Markup Language Use Cases Document Version 1.1 - February 28, 2007 The OASIS Symmetric Key Services Markup Language (SKSML) is the proposed language/protocol that defines how a client
More information1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
More information