Protecting data privacy through hard-to-reverse negative databases

A set DB of data elements can be represented in terms of its complement set, known as a negative database. That is, all of the elements not in DB are represented, and DB itself is not explicitly stored. This method of representing data has certain properties that are relevant for privacy enhancing applications. The paper reviews the negative database (NDB) representation scheme for storing a negative image compactly, and proposes using a collection of NDBs to represent a single DB, that is, one NDB is assigned for each record in DB. This method has the advantage of producing negative databases that are hard to reverse in practice, i.e., from which it is hard to obtain DB. This result is obtained by adapting a technique for generating hard-to-solve 3-SAT formulas. Finally we suggest potential avenues of application.

[1]  Dorothy E. Denning,et al.  Inference Controls for Statistical Databases , 1983, Computer.

[2]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[3]  Josh Benaloh,et al.  One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract) , 1994, EUROCRYPT.

[4]  Martin E. Hellman,et al.  Hiding information and signatures in trapdoor knapsacks , 1978, IEEE Trans. Inf. Theory.

[5]  Michael Molloy,et al.  A sharp threshold in proof complexity , 2001, STOC '01.

[6]  Moni Naor,et al.  Efficient cryptographic schemes provably as secure as subset sum , 1989, 30th Annual Symposium on Foundations of Computer Science.

[7]  T. Walsh,et al.  Arc Consistency and Quasigroup Completion , 2006 .

[8]  Paul Helman,et al.  On-line Negative Databases , 2005, Int. J. Unconv. Comput..

[9]  Bart Selman,et al.  Balance and Filtering in Structured Satisfiable Problems (Preliminary Report) , 2001, Electron. Notes Discret. Math..

[10]  Bart Selman,et al.  Local search strategies for satisfiability testing , 1993, Cliques, Coloring, and Satisfiability.

[11]  Toby Walsh,et al.  The SAT Phase Transition , 1994, ECAI.

[12]  Charu C. Aggarwal,et al.  On the design and quantification of privacy preserving data mining algorithms , 2001, PODS.

[13]  Manuel Blum,et al.  An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information , 1985, CRYPTO.

[14]  Andrew Odlyzko,et al.  The Rise and Fall of Knapsack Cryptosystems , 1998 .

[15]  Hector J. Levesque,et al.  Hard and Easy Distributions of SAT Problems , 1992, AAAI.

[16]  Richard J. Lipton,et al.  Secure databases: protection against user influence , 1979, TODS.

[17]  Paul Helman,et al.  Enhancing Privacy through Negative Representations of Data , 2004 .

[18]  Dorothy E. Denning,et al.  A fast procedure for finding a tracker in a statistical database , 1980, TODS.

[19]  Joan Feigenbaum,et al.  Cryptographic Protection of Databases and Software , 1989, Distributed Computing And Cryptography.

[20]  David G. Mitchell,et al.  Finding hard instances of the satisfiability problem: A survey , 1996, Satisfiability Problem: Theory and Applications.

[21]  Sharad Malik,et al.  Chaff: engineering an efficient SAT solver , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[22]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[23]  Norman S. Matloff,et al.  A modified random perturbation method for database security , 1994, TODS.

[24]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[25]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[26]  Alexandre V. Evfimievski,et al.  Information sharing across private databases , 2003, SIGMOD '03.

[27]  Francis Y. L. Chin,et al.  Security problems on inference control for SUM, MAX, and MIN queries , 1986, JACM.

[28]  Rafail Ostrovsky,et al.  Efficient Consistency Proofs for Generalized Queries on a Committed Database , 2004, ICALP.

[29]  Paul Helman,et al.  Negative representations of information , 2009, International Journal of Information Security.

[30]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[31]  Catherine A. Meadows,et al.  A Database Encryption Scheme Which Allows the Computation of Statistics Using Encrypted Data , 1985, 1985 IEEE Symposium on Security and Privacy.

[32]  Ramakrishnan Srikant,et al.  Privacy-preserving data mining , 2000, SIGMOD '00.

[33]  Norman S. Matloff,et al.  Inference Control Via Query Restriction Vs. Data Modification: A Perspective , 1988, DBSec.

[34]  Cristopher Moore,et al.  Generating Hard Satisfiable Formulas by Hiding Solutions Deceptively , 2005, AAAI.

[35]  Bart Selman,et al.  Balance and Filtering in Structured Satisfiable Problems , 2001, IJCAI.

[36]  Yacov Yacobi,et al.  Cryptocomplexity and NP-Completeness , 1980, ICALP.

[37]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[38]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[39]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[40]  Peter J. Denning,et al.  The tracker: a threat to statistical database security , 1979, TODS.

[41]  Dimitris Achlioptas,et al.  THE THRESHOLD FOR RANDOM k-SAT IS 2k log 2 O(k) , 2004, FOCS 2004.

[42]  Fabio Massacci,et al.  How to fake an RSA signature by encoding modular root finding as a SAT problem , 2003, Discret. Appl. Math..

[43]  R. Bellman,et al.  Proceedings of Symposia in Applied Mathematics. , 1961 .

[44]  Bart Selman,et al.  Generating Satisfiable Problem Instances , 2000, AAAI/IAAI.

[45]  Paul Helman,et al.  On-line Negative Databases , 2004, Int. J. Unconv. Comput..

[46]  Silvio Micali,et al.  Zero-knowledge sets , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..