Privacy protocols

Security protocols enable secure communication over insecure channels. Privacy protocols enable private interactions over secure channels. Security protocols set up secure channels using cryptographic primitives. Privacy protocols set up private channels using secure channels. But just like some security protocols can be broken without breaking the underlying cryptography, some privacy protocols can be broken without breaking the underlying security. Such privacy attacks have been used to leverage e-commerce against targeted advertising from the outset; but their depth and scope became apparent only with the overwhelming advent of influence campaigns in politics. The blurred boundaries between privacy protocols and privacy attacks present a new challenge for protocol analysis. Covert channels turn out to be concealed not only below overt channels, but also above: subversions, and the level-below attacks are supplemented by sublimations and the level-above attacks.

[1]  M. Nielsen Characterizing mixing and measurement in quantum mechanics , 2000, quant-ph/0008073.

[2]  John Rushby,et al.  Noninterference, Transitivity, and Channel-Control Security Policies 1 , 2005 .

[3]  H. Arendt,et al.  The Human Condition , 1960 .

[4]  Dusko Pavlovic,et al.  Deriving, Attacking and Defending the GDOI Protocol , 2004, ESORICS.

[5]  J. Bailey From Public to Private: The Development of the Concept of the “Private” , 2015 .

[6]  T. Andô Majorization, doubly stochastic matrices, and comparison of eigenvalues , 1989 .

[7]  Vincent Conitzer,et al.  Handbook of Computational Social Choice , 2016 .

[8]  Louis D. Brandeis,et al.  The Right to Privacy , 1890 .

[9]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[10]  Daryl McCullough,et al.  Covert Channels and Degrees of Insecurity , 1988, CSFW.

[11]  Radha Poovendran,et al.  Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks , 2007, Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks.

[12]  L Sweeney,et al.  Weaving Technology and Policy Together to Maintain Confidentiality , 1997, Journal of Law, Medicine & Ethics.

[13]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[14]  K. Suzumura Rational choice, collective decisions, and social welfare: Notes , 1983 .

[15]  K. Popper,et al.  Conjectures and refutations;: The growth of scientific knowledge , 1972 .

[16]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[17]  Thomas A. Peters,et al.  Privacy on the line: The politics of wiretapping and encryption , 1998 .

[18]  Martín Hötzel Escardó,et al.  Calculus in coinductive form , 1998, Proceedings. Thirteenth Annual IEEE Symposium on Logic in Computer Science (Cat. No.98CB36226).

[19]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[20]  John C. Mitchell,et al.  A derivation system for security protocols and its logical formalization , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[21]  Dusko Pavlovic,et al.  An encapsulated authentication logic for reasoning about key distribution protocols , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[22]  A. Uhlmann,et al.  Stochasticity and Partial Order , 1982 .

[23]  Michael A. Menlowe,et al.  Philosophical Dimensions of Privacy: An Anthology , 2009 .

[24]  Dusko Pavlovic Deriving authentication for pervasive security , 2008 .

[25]  Amy J. C. Cuddy,et al.  On wealth and the diversity of friendships: High social class people around the world have fewer international friends , 2015 .

[26]  J. Habermas,et al.  The structural transformation of the public sphere : an inquiryinto a category of bourgeois society , 1991 .

[27]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[28]  Dusko Pavlovic,et al.  Secure Protocol Composition , 2003, MFPS.

[29]  Dusko Pavlovic,et al.  Network as a Computer: Ranking Paths to Find Flows , 2008, CSR.

[30]  Paul Walton,et al.  A Model for Information , 2014, Inf..

[31]  A. Acquisti,et al.  Digital privacy : theory, technologies, and practices , 2007 .

[32]  K. Ball,et al.  Routledge Handbook of Surveillance Studies , 2014 .

[33]  Phillip Rogaway,et al.  The Moral Character of Cryptographic Work , 2015, IACR Cryptol. ePrint Arch..

[34]  Yochai Benkler,et al.  The wealth of networks: how social production transforms markets and freedom , 2006 .

[35]  T. Graepel,et al.  Private traits and attributes are predictable from digital records of human behavior , 2013, Proceedings of the National Academy of Sciences.

[36]  John C. Mitchell,et al.  A derivation system and compositional logic for security protocols , 2005, J. Comput. Secur..

[37]  Bradley Malin,et al.  Re-identification of DNA through an automated linkage process , 2001, AMIA.

[38]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[39]  Rajeev Motwani,et al.  The PageRank Citation Ranking : Bringing Order to the Web , 1999, WWW 1999.

[40]  John C. Mitchell,et al.  A Compositional Logic for Proving Security Properties of Protocols , 2003, J. Comput. Secur..

[41]  Julia Angwin,et al.  Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance , 2014 .

[42]  Claudia Eckert On security models , 1996, SEC.

[43]  John McLean,et al.  Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[44]  D. Saari Basic Geometry of Voting , 1995 .

[45]  Jan A.G.M. van Dijk,et al.  The network society , 1997 .

[46]  Dusko Pavlovic,et al.  Deriving Ephemeral Authentication Using Channel Axioms , 2009, Security Protocols Workshop.

[47]  I. Olkin,et al.  Inequalities: Theory of Majorization and Its Applications , 1980 .

[48]  John C. Mitchell,et al.  Abstraction and refinement in protocol derivation , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[49]  L. C. Orlin Locating Privacy in Tudor London , 2007 .

[50]  Srini Ramaswamy,et al.  Actor-Network Procedures , 2012 .

[51]  K. Popper,et al.  Conjectures and refutations;: The growth of scientific knowledge , 1972 .