Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via
To receive your credentials via mail again, please click here.
You can also access the full news archive.
Online social networks have revolutionized the way people communicate, meet, share information, and socialize both in their private and professional lives. Although these developments have brought unquestionable benefits to society, users are increasingly worried about the lack of control over their private information. The ease with which information is propagated over the Internet has led to a new reality where the acquisition of personal data is easier than never before. Solutions that provide users with the ability to benefit from social networking technologies while offering well-understood privacy properties have not yet been developed.\r\n\r\n
\r\nTo better understand privacy risks in social networks I will develop methodologies to systematically analyze these risks by capturing information leakages in the various components of the system, including content as well as traffic data. This will involve defining models for user behavior, adversarial knowledge and capabilities, as well as metrics to quantify the degree to which privacy requirements are satisfied. Based on the understanding of how privacy breaches are enabled by information flows in social networ[...]
One part of this dissertation describes a new two-party communication primitive we call an Intrusion-Resilient Secure Channel (IRC) that offers improved confidentiality over traditional secure channels against passive but mobile, highly adaptive adversaries. IRCs limit the loss of confidentiality resulting from the exposure of parties’ secret keys by utilizing key-evolution and proactive security techniques similar to those employed in intrusion-resilient signature schemes. We show how to construct an IRC using existing chosen-ciphertext-secure public-key cryptosystems in a black-box manner. We also discuss how to use IRCs to improve two-party protocol security; as a concrete example, we prove an IRC-augmented version of the Itkis-Reyzin intrusion-resilient signature scheme secure against highly adaptive adversaries capable of exposing even expired secrets.\r\n\r\n
The second part describes an interactive binary search protocol with user and server privacy provided that improves upon an existing user-private only protocol. We utilize our search protocol to construct user- and server-private protocols for predecessor, successor, and simple range queries on one-dimensional dat[...]