Angeliki Aktypi (University of Oxford), Kasper Rasmussen (University of Oxford)

In structured peer-to-peer networks, like Chord, users find data by
asking a number of intermediate nodes in the network. Each node
provides the identity of the closet known node to the address of the
data, until eventually the node responsible for the data is reached.
This structure means that the intermediate nodes learn the address of
the sought after data. Revealing this information to other nodes makes
Chord unsuitable for applications that require query privacy so in
this paper we present a scheme Iris to provide query privacy while
maintaining compatibility with the existing Chord protocol. This means
that anyone using it will be able to execute a privacy preserving
query but it does not require other nodes in the network to use it (or
even know about it).

In order to better capture the privacy achieved by the iterative
nature of the search we propose a new privacy notion, inspired by
$k$-anonymity. This new notion called $(alpha,delta)$-privacy, allows us to formulate
privacy guarantees against adversaries that collude and take advantage
of the total amount of information leaked in all iterations of the
search.

We present a security analysis of the proposed algorithm based on the
privacy notion we introduce. We also develop a prototype of the
algorithm in Matlab and evaluate its performance. Our analysis proves
Iris to be $(alpha,delta)$-private while introducing a modest performance
overhead. Importantly the overhead is tunable and proportional to the
required level of privacy, so no privacy means no overhead.

View More Papers

Cascading Spy Sheets: Exploiting the Complexity of Modern CSS...

Leon Trampert (CISPA Helmholtz Center for Information Security), Daniel Weber (CISPA Helmholtz Center for Information Security), Lukas Gerlach (CISPA Helmholtz Center for Information Security), Christian Rossow (CISPA Helmholtz Center for Information Security), Michael Schwarz (CISPA Helmholtz Center for Information Security)

Read More

An Empirical Study on Fingerprint API Misuse with Lifecycle...

Xin Zhang (Fudan University), Xiaohan Zhang (Fudan University), Zhichen Liu (Fudan University), Bo Zhao (Fudan University), Zhemin Yang (Fudan University), Min Yang (Fudan University)

Read More

The Power of Words: A Comprehensive Analysis of Rationales...

Yusra Elbitar (CISPA Helmholtz Center for Information Security), Alexander Hart (CISPA Helmholtz Center for Information Security), Sven Bugiel (CISPA Helmholtz Center for Information Security)

Read More

Towards Understanding Unsafe Video Generation

Yan Pang (University of Virginia), Aiping Xiong (Penn State University), Yang Zhang (CISPA Helmholtz Center for Information Security), Tianhao Wang (University of Virginia)

Read More