The Crypto-Democracy and the Trustworthy (Position Paper)

In the current architecture of the Internet, there is a strong asymmetry in terms of power between the entities that gather and process personal data (e.g., major Internet companies, telecom operators, cloud providers, ...) and the individuals from which this personal data is issued. In particular, individuals have no choice but to blindly trust that these entities will respect their privacy and protect their personal data. In this position paper, we address this issue by proposing an utopian crypto-democracy model based on existing scientific achievements from the field of cryptography. More precisely, our main objective is to show that cryptographic primitives, including in particular secure multiparty computation, offer a practical solution to protect privacy while minimizing the trust assumptions. In the crypto-democracy envisioned, individuals do not have to trust a single physical entity with their personal data but rather their data is distributed among several institutions. Together these institutions form a virtual entity called the Trustworthy that is responsible for the storage of this data but which can also compute on it (provided first that all the institutions agree on this). Finally, we also propose a realistic proof-of-concept of the Trustworthy, in which the roles of institutions are played by universities. This proof-of-concept would have an important impact in demonstrating the possibilities offered by the crypto-democracy paradigm.

[1]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[2]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[3]  Rafail Ostrovsky,et al.  Near-Linear Unconditionally-Secure Multiparty Computation with a Dishonest Minority , 2012, CRYPTO.

[4]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[5]  Yehuda Lindell,et al.  The IPS Compiler: Optimizations, Variants and Concrete Efficiency , 2011, CRYPTO.

[6]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[7]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.

[8]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[9]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[10]  Marcel Keller,et al.  Practical Covertly Secure MPC for Dishonest Majority - Or: Breaking the SPDZ Limits , 2013, ESORICS.

[11]  Peter Bro Miltersen,et al.  Efficient Multiparty Protocols via Log-Depth Threshold Formulae , 2013, Electron. Colloquium Comput. Complex..

[12]  Marcel Keller,et al.  Efficient, Oblivious Data Structures for MPC , 2014, IACR Cryptol. ePrint Arch..

[13]  Martin Hirt,et al.  Perfectly-Secure MPC with Linear Communication Complexity , 2008, TCC.

[14]  Benny Pinkas,et al.  FairplayMP: a system for secure multi-party computation , 2008, CCS.

[15]  Jan Willemson,et al.  Secure floating point arithmetic and private satellite collision analysis , 2015, International Journal of Information Security.

[16]  Yuval Ishai,et al.  Perfectly Secure Multiparty Computation and the Computational Overhead of Cryptography , 2010, IACR Cryptol. ePrint Arch..

[17]  Jeroen van de Graaf,et al.  Committed Oblivious Transfer and Private Multi-Party Computation , 1995, CRYPTO.

[18]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[19]  Yaniv Erlich,et al.  Routes for breaching and protecting genetic privacy , 2013, Nature Reviews Genetics.

[20]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System (Awarded Best Student Paper!) , 2004 .

[21]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[22]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[23]  Michael A. Bishop,et al.  50 Years of Successful Predictive Modeling Should Be Enough: Lessons for Philosophy of Science , 2002, Philosophy of Science.

[24]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[25]  Yehuda Lindell,et al.  SCAPI: The Secure Computation Application Programming Interface , 2012, IACR Cryptol. ePrint Arch..

[26]  Claude Crépeau,et al.  Equivalence Between Two Flavours of Oblivious Transfers , 1987, CRYPTO.

[27]  Marcel Keller,et al.  An architecture for practical actively secure MPC with dishonest majority , 2013, IACR Cryptol. ePrint Arch..

[28]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[29]  Claudio Orlandi,et al.  A New Approach to Practical Active-Secure Two-Party Computation , 2012, IACR Cryptol. ePrint Arch..

[30]  Kartik Nayak,et al.  Oblivious Data Structures , 2014, IACR Cryptol. ePrint Arch..

[31]  Ashish Choudhury,et al.  Asynchronous Multiparty Computation with Linear Communication Complexity , 2013, DISC.

[32]  Ivan Damgård,et al.  Multiparty Computation from Somewhat Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[33]  Dan Bogdanov,et al.  A new way to protect privacy in large-scale genome-wide association studies , 2013, Bioinform..

[34]  Paul Ohm Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization , 2009 .

[35]  Yehuda Lindell,et al.  More Efficient Constant-Round Multi-Party Computation from BMR and SHE , 2016, IACR Cryptol. ePrint Arch..

[36]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[37]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[38]  Yaniv Erlich,et al.  Review Routes for breaching and protecting genetic privacy , 2013 .

[39]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[40]  Yuval Ishai,et al.  Scalable Multiparty Computation with Nearly Optimal Work and Resilience , 2008, CRYPTO.

[41]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[42]  Dan Bogdanov,et al.  Deploying Secure Multi-Party Computation for Financial Data Analysis - (Short Paper) , 2012, Financial Cryptography.

[43]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[44]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.