Privacy Preserving Data Mining within Anonymous Credential Systems

Regular (non-private) data mining can be applied to manage and utilize accumulated transaction data. For example, the accumulated relative service time per user per month can be calculated given individual transaction data from which the user compliance with a service agreement can be determined and possibly billing can be processed. Nevertheless, due to user privacy concerns, cryptographic research developed transactions based on unlinkable anonymous credentials. Given the nature of anonymous credentials the ease of managing accumulated data (e.g., per user) is lost. To restore the possibility of management and accumulation of data it seems that a suitable form of privacy preserving data mining is needed. Indeed, privacy preserving data mining methods have been suggested for various protocols and interactions where individual data can be contributed in an encrypted form, but not within the context of anonymous credentials. Given our motivation we suggest a new notion of performing "privacy preserving data mining within the context of anonymous cryptographic credential systems," so as to protect both the privacy of individually contributed data and the identity of their sources while revealing only what is needed. To instantiate our approach we focus on a primitive we call "data mining group signatures" (DMGS), where it is possible for a set of authorities to employ distributed quorum control for conducting privacy preserving data mining operations on a batch of transactions while preserving maximum possible anonymity. We define and model the new primitive and its security goals, we then present a construction and finally show its privacy and security properties. Along the way we build a methodology that safely combines multi-server protocols as sub-procedures in a more general setting.

[1]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[2]  David Chaum,et al.  Showing Credentials Without Identification: SIgnatures Transferred Between Unconditionally Unlinkable Pseudonyms , 1985, EUROCRYPT.

[3]  Shafi Goldwasser,et al.  Advances in Cryptology — CRYPTO’ 88: Proceedings , 1990, Lecture Notes in Computer Science.

[4]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[5]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[6]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[7]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[8]  Franz Pichler,et al.  Advances in Cryptology — EUROCRYPT’ 85 , 2000, Lecture Notes in Computer Science.

[9]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[10]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[11]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[12]  Sherman S. M. Chow Real Traceable Signatures , 2009, Selected Areas in Cryptography.

[13]  Jan Camenisch,et al.  Advances in cryptology - EUROCRYPT 2004 : International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004 : proceedings , 2004 .

[14]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[15]  Aggelos Kiayias,et al.  Advances in Cryptology - EUROCRYPT 2004 , 2004 .

[16]  Jean-Jacques Quisquater,et al.  Advances in Cryptology — EUROCRYPT ’95 , 2001, Lecture Notes in Computer Science.

[17]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[18]  Sheng Zhong,et al.  Privacy-Preserving Classification of Customer Data without Loss of Accuracy , 2005, SDM.

[19]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[20]  Kazue Sako,et al.  An Efficient Scheme for Proving a Shuffle , 2001, CRYPTO.

[21]  Jan Camenisch,et al.  Fair Blind Signatures , 1995, EUROCRYPT.

[22]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[23]  Benny Pinkas,et al.  Secure Computation of the k th-Ranked Element , 2004, EUROCRYPT.

[24]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[25]  Andrew Odlyzko,et al.  Advances in Cryptology — CRYPTO’ 86 , 2000, Lecture Notes in Computer Science.

[26]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[27]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[28]  Rakesh Agrawal,et al.  Privacy-preserving data mining , 2000, SIGMOD 2000.

[29]  Xiaowei Yang,et al.  A DoS-limiting network architecture , 2005, SIGCOMM '05.

[30]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[31]  Jan Camenisch,et al.  How to win the clonewars: efficient periodic n-times anonymous authentication , 2006, CCS '06.

[32]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, Journal of Cryptology.

[33]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2000, Journal of Cryptology.

[34]  Rebecca N. Wright,et al.  Privacy-preserving distributed k-means clustering over arbitrarily partitioned data , 2005, KDD '05.

[35]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[36]  Rosario Gennaro,et al.  Securing Threshold Cryptosystems against Chosen Ciphertext Attack , 1998, EUROCRYPT.

[37]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[38]  C. Andrew Neff,et al.  A verifiable secret shuffle and its application to e-voting , 2001, CCS '01.

[39]  Sheng Zhong,et al.  Privacy-enhancing k-anonymization of customer data , 2005, PODS.

[40]  Eli Biham,et al.  Advances in Cryptology — EUROCRYPT 2003 , 2003, Lecture Notes in Computer Science.

[41]  Xin Liu,et al.  Efficient and Secure Source Authentication with Packet Passports , 2006, SRUTI.

[42]  Ivan Damgård,et al.  Unclonable Group Identification , 2006, IACR Cryptol. ePrint Arch..

[43]  David Chaum,et al.  Showing Credentials without Identification Transfeering Signatures between Unconditionally Unlinkable Pseudonyms , 1990, AUSCRYPT.

[44]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[45]  Jens Groth,et al.  A Verifiable Secret Shuffle of Homomorphic Encryptions , 2003, Journal of Cryptology.

[46]  Jan Camenisch,et al.  Compact E-Cash , 2005, EUROCRYPT.

[47]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[48]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[49]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[50]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.