250 likes | 423 Views
Buy me!. Targeted Advertising… and Privacy Too. Ari Juels RSA Laboratories. Buy me!. Anti- dandruff. Buy me too!. Anti-wrinkle Cream. Targeted advertising: One View. An example. Special Report: October 5th is America's most popular birthday. Hiking/sports book.
E N D
Buy me! Targeted Advertising… and Privacy Too Ari Juels RSA Laboratories
Buy me! Anti- dandruff Buy me too! Anti-wrinkle Cream Targeted advertising: One View
An example Special Report:October 5th is America's most popular birthday.
Hiking/sports book Anti-aging cream Anybirthday.com targeted gift recommendations
Advertiser Targeted advertising: The benign view What shall I read next? Here are some novels you might enjoy Anna Karenina Wild Things RedChamber Bleak House Consumer
The other view: Consumer privacy Browser cookies Consumer
Advertiser Privacy Efficiency Our Goal + Consumer
Physical characteristics: Age: 30 Weight: 120 Height: 5’ 4” …. Hobbies: Butterfly collecting Tai Chi Archery Favorite foods: Chocolate Sushi Broccoli Private Profile Alice Financial (from Quicken): $110,000 / year income House worth $300,000 $20,000 butterfly collection Web sites recently visited (from browser): aclu.org yahoo.com anybirthday.com
Alice Profile Ad request Advertiser Negotiant Negotiant
Alice Alice “spa ad” Advertiser Negotiant if annual income > $100,000 if likes funny clothes or CEO output “golf ad” else if female output “spa ad” else output “cigar ad” else output “Walmart ad”
Alice Advertiser’s server Negotiant Ads “spa ad” Spa ad Private Information Retrieval (PIR) Alice’s computer Problem: Expensive!
Ads Alice Advertiser’s server Negotiant Ads “spa ad” Spa ad Scheme 1: Naïve PIR Alice’s computer Problems: Inefficient; no idea what ads were distributed
Alice “spa ad” please Advertiser’s server Negotiant Ads “spa ad” Spa ad Spa ad Scheme 2: Direct request Alice’s computer
Basic tool: Mix network Mix network plaintext 1 plaintext 2 plaintext 3 plaintext 4 Randomly permutes and encrypts inputs
plaintext 1 plaintext 2 plaintext 3 plaintext 4 Opposite direction Mix network Randomly permutes and decrypts inputs
“spa ad” “Walmart ad” “golf ad” Advertiser’s server “Walmart ad” “Walmart ad” “golf ad” “spa ad” Ads Mix network “Walmart ad” Scheme 3: Semi-private PIR Alice’s computer Bob’s computer Carol’s computer Darius’s computer
spa ad Advertiser’s server Walmart ad golf ad Ads Walmart ad golf ad Walmart ad Walmart ad spa ad Spa ad Scheme 3: Semi-private PIR Alice’s computer Bob’s computer Mix network Carol’s computer Darius’s computer
Alice, ad request , “spa ad” name Scheme 3: A little more detail
Alice, , ad , “spa ad” name name Spa ad Scheme 3: A little more detail
Remarks • We assume advertiser may collude with some mix servers (if not, one-server mix will do) • Ads are long, so we need a hybrid mix network • New constructions: OA00,JJ01 • Other tools • Quorum controlled threshold proxy re-encryption • Aggregation and mixing can be offline
Alice Profile “ad $110,000” please Advertiser Malicious negotiant Negotiant ad number = annual income
Spotting Malicious Negotiants • Open source negotiants • “Sandbox” approach • Third-party validation
Scheme 4: Threshold PIR • Full set of ads mixed • Full privacy • Plaintext Equality Testing (PET) primitive needed • High cost (still better than PIR)
What are the (hoped for) benefits? • More consumer trust • Higher “opt in” rate • Truth in (requested) advertising • Complementary with P3P • Mobility possible through encrypted profile on server