Privacy-Preserving Publish/Subscribe: Efficient Protocols in a Distributed Model

We consider the problem of modeling and designing efficient and privacy-preserving publish/subscribe protocols in a distributed model where parties can act as publishers or subscribers or both, and there are no brokers or other types of parties. The problem is particularly challenging as privacy demands on such protocols come with efficiency limitations; most notably, the publisher must send messages as long as the publications to all parties, and the cryptographic techniques to perform the publish/subscribe match need to be based on asymmetric cryptographic operation which are known to be less efficient than their symmetric counterpart. Our main result is a distributed publish/subscribe protocol which addresses and essentially nullifies the impact of both efficiency limitations, without sacrificing the required privacy properties. Our construction is based on very efficient design of a novel cryptographic tool, of independent interest, called 'hybrid conditional oblivious transfer protocol', as it resembles hybrid encryption, where asymmetric encryption is only used to transfer a short key, which enables (much more efficient) symmetric encryption of a long message.

[1]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[2]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[3]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[4]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[5]  Donald Beaver,et al.  Precomputing Oblivious Transfer , 1995, CRYPTO.

[6]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[7]  Russell Impagliazzo,et al.  Limits on the provable consequences of one-way permutations , 1988, STOC '89.

[8]  Refik Molva,et al.  Privacy-Preserving Content-Based Publish/Subscribe Networks , 2009, SEC.

[9]  Helger Lipmaa,et al.  Verifiable Homomorphic Oblivious Transfer and Private Equality Test , 2003, ASIACRYPT.

[10]  Giovanni Di Crescenzo,et al.  Efficient and Private Three-Party Publish/Subscribe , 2013, NSS.

[11]  Giovanni Di Crescenzo Private Selective Payment Protocols , 2000, Financial Cryptography.

[12]  Kurt Rothermel,et al.  Providing basic security mechanisms in broker-less publish/subscribe systems , 2010, DEBS '10.

[13]  Anne-Marie Kermarrec,et al.  The many faces of publish/subscribe , 2003, CSUR.

[14]  David S. Rosenblum,et al.  Enabling Confidentiality in Content-Based Publish/Subscribe Infrastructures , 2006, 2006 Securecomm and Workshops.

[15]  Bruno Crispo,et al.  Supporting Publication and Subscription Confidentiality in Pub/Sub Networks , 2010, SecureComm.

[16]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[17]  Marianne Winslett,et al.  Secure aggregation in a publish-subscribe system , 2008, WPES '08.

[18]  Rafail Ostrovsky,et al.  Conditional Oblivious Transfer and Timed-Release Encryption , 1999, EUROCRYPT.

[19]  Elisa Bertino,et al.  A Privacy-Enhancing Content-Based Publish/Subscribe System Using Scalar Product Preserving Transformations , 2010, DEXA.

[20]  Giovanni Di Crescenzo,et al.  Privacy for the Stock Market , 2002, Financial Cryptography.

[21]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[22]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.