1 / 12

Privacy and the digital citizen

Privacy and the digital citizen. Gene Tsudik ICS Dept, UC Irvine www.ics.uci.edu/~gts. Who? Why? What?. Background Research: applied crypto and network/computer security Anonymity and privacy in e-commerce Anonymous communication (e.g., email, mobile)

wylie-evans
Download Presentation

Privacy and the digital citizen

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Privacy and the digital citizen Gene Tsudik ICS Dept, UC Irvine www.ics.uci.edu/~gts NSF DG Workshop 2001, Privacy Panel

  2. Who? Why? What? • Background • Research: applied crypto and network/computer security • Anonymity and privacy in e-commerce • Anonymous communication (e.g., email, mobile) • Group signatures (can be used for group membership, petitions, voting, etc.) • Revocation of credentials and tight control over security privileges NSF DG Workshop 2001, Privacy Panel

  3. NSF DG Workshop 2001, Privacy Panel

  4. My current pet topics • Secure e-Voting • Timestamping • Anonymous authentication • Hosting and manipulating encrypted content NSF DG Workshop 2001, Privacy Panel

  5. Terminology:Privacy, Anonymity, etc. • Not that closely related • Privacy (passive) – I do nothing but want you to stay away from me and mine. • Anonymity (active) – I do something (e.g., buy) and wish to keep my identity secret. • Unlinkability (active) – I do something a number of times (anonymously) but don’t want you to “track” me. NSF DG Workshop 2001, Privacy Panel

  6. Example • Voting: not private but anonymous and unlinkable • Must prove group membership • Must make choices (submit vote) only once • Vote must have integrity • No one but I should know my vote or link my votes • Must be able to verify that my vote counted  • Should not be able to demonstrate my vote to others (else I might sell it) NSF DG Workshop 2001, Privacy Panel

  7. One possible foundation for secure voting:Group Signatures • Chaum and Van Heijst (1991) • Like a normal PK digital signature (more structure) • Members and group manager (maybe distributed) • Anonymous, unlinkable signatures • Open possible but hard • Impersonation impossible • Phantom membership possible but avoidable • Revocation… a headache • Can be extended to support voting • MORE RESEARCH NEEDED!!! NSF DG Workshop 2001, Privacy Panel

  8. Secure and Reliable Time-stamping • Need to prove possession of something (e.g., idea, manuscript, will) at a certain point in time • Sequencing (causality) • Must be • Public • Anonymous • Unlinkable • Oblivious to content (no censorship) • Requires digital signatures and other tools • Currently (can be poorly) done via USPS and/or notary public • MORE RESEARCH NEEDED! NSF DG Workshop 2001, Privacy Panel

  9. Authentication/Identification Government bestows upon a citizen: • SSN • DL • Passport NSF DG Workshop 2001, Privacy Panel

  10. Why Anonymous Authentication • Driver’s license is overloaded, overused, insecure • SSN is overloaded, insecure • Usage of SSN’s for identification and “authentication” is a national disgrace • Credit card numbers are trivial to fabricate, steal, etc. • Bottomline: we trail as a country… NSF DG Workshop 2001, Privacy Panel

  11. What is AA? Example: • Unique permanent ID embedded in a secure device • One-time ephemeral ID displayed/produced upon each use • PIN/PW- or possession-based authentication • E.g., Social Security or Credit Card • One-time CC# isn’t worth stealing NSF DG Workshop 2001, Privacy Panel

  12. In conclusion:What (I think) we need: • Stop relying on SSNs and DLs for extraneous purposes • Devise a national ID scheme (lunatic fringe notwithstanding) • Promote one-time-id AA devices for credit/debit cards and other (perhaps only non-visual) forms of id • For E-commerce, privacy QoS with consent: give up info  get a $$ discount! NSF DG Workshop 2001, Privacy Panel

More Related