Abstract
A profiling adversary is an adversary which aims to classify messages into pre-defined profiles and thus gain useful information regarding the sender or receiver of such messages. User profiling has gained lot of importance today, this activity supports the big business of online advertising at the cost of user privacy. Usual chosen-plaintext secure encryption schemes are capable of securing information from profilers, but these schemes provide more security than required for this purpose. In this paper we study the requirements for an encryption algorithm to be secure only against profilers and finally give a precise notion of security for such schemes. We also present a full protocol for secure (against profiling adversaries) communication, which neither requires a key exchange nor a public key infrastructure. Our protocol guarantees security against non-human profilers and is constructed using CAPTCHAs and secret sharing schemes. The security notions developed in this paper are also further used to analyze an existing scheme meant for providing security against profilers.
Sandra Díaz-Santiago is on academic leave from Escuela Superior de Cómputo (ESCOM-IPN), Av. Juan de Dios Bátiz, Col. Lindavista, México D.F. 07738, México.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abdalla, M., Bellare, M., Rogaway, P.: The oracle Diffie-Hellman assumptions and an analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, p. 143. Springer, Heidelberg (2001)
Canetti, R., Halevi, S., Steiner, M.: Hardness amplification of weakly verifiable puzzles. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 17–33. Springer, Heidelberg (2005)
Dürmuth, M.: Useful password hashing: how to waste computing cycles with style. In: Zurco, M.E., Beznosov, K., Whalen, T., Longstaff, T. (eds.) NSPW, pp. 31–40. ACM (2013)
Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)
Dziembowski, S.: How to pair with a human. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 200–218. Springer, Heidelberg (2010)
Golle, P., Farahat, A.: Defending email communication against profiling attacks. In: Atluri, V., Syverson, P.F., di Vimercati, S.D.C. (eds.) WPES, pp. 39–40. ACM (2004)
Impagliazzo, R., Jaiswal, R., Kabanets, V.: Chernoff-type direct product theorems. J. Cryptol. 22(1), 75–92 (2009)
Impagliazzo, R., Zuckerman, D.: How to recycle random bits. In: FOCS, pp. 248–253. IEEE (1989)
Jutla, C.S.: Almost optimal bounds for direct product threshold theorem. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 37–51. Springer, Heidelberg (2010)
Katz, J., Lindell, Y.: Introduction to Modern Cryptography. Chapman & Hall/CRC, Boca Raton (2008)
Naor, M.: Verification of a human in the loop or identification via the Turing test (1997). http://www.wisdom.weizmann.ac.il/~naor/PAPERS/human.pdf
NYT. Congress begins deep packet inspection of internet providers (2009). http://bits.blogs.nytimes.com/2009/04/24/congress-begins-deep-packet-inspection-of-internet-providers/
Percival, C.: Stronger key derivation via sequential memory-hard functions. In: BSDCan’09 (2009)
Pinkas, B., Sander, T.: Securing passwords against dictionary attacks. In: Atluri, V. (ed.) ACM Conference on Computer and Communications Security, pp. 161–170. ACM (2002)
Provos, N., Mazieres, D.: A future-adaptable password scheme. In: Proceedings of 1999 USENIX Annual Technical Conference, pp. 81–92 (1999)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Toubiana, V., Narayanan, A., Boneh, D., Nissenbaum, H., Barocas, S.: Privacy preserving targeted advertising. In: Proceedings of Annual Network and Distributed Systems Security Symposium (2010). http://www.isoc.org/isoc/conferences/ndss/10/pdf/05.pdf
von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: using hard AI problems for security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)
Acknowledgements
The authors thank Francisco Rodríguez Henríquez for his comments on an early draft of this paper. Debrup Chakraborty acknowledge the support from CONACYT project 166763.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Díaz-Santiago, S., Chakraborty, D. (2014). Encryption Schemes Secure Against Profiling Adversaries. In: Obaidat, M., Filipe, J. (eds) E-Business and Telecommunications. ICETE 2012. Communications in Computer and Information Science, vol 455. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44791-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-662-44791-8_11
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44790-1
Online ISBN: 978-3-662-44791-8
eBook Packages: Computer ScienceComputer Science (R0)