(Page 2 of 2)
Lindell says that his protocol can be mathematically proven to work efficiently and securely, but he admits that there is one weak spot. "I'm introducing another avenue of attack," he says, referring to the smart card. Bob could try to pull the secret key from the smart card in order to decrypt Alice's database and read its contents. However, Lindell notes that high-end smart cards have strong protections and can be designed to self-destruct if the chip is compromised. "Smart cards are not perfect," Lindell acknowledges, but he says that competing schemes have their own weaknesses.
By introducing a smart card, Lindell's system requires far less computing resources to protect people's private information, says Benny Pinkas, a professor of computer science at the University of Haifa, in Israel, who has also worked on the problem. "In my view, the trade-off is reasonable for all but the very most sensitive applications," he adds.
Ari Juels, chief scientist at RSA Laboratories, agrees that some sort of hardware is needed for this kind of information-sharing scheme. However, he is "somewhat skeptical" about the smart-card approach. For one thing, he says, the card essentially serves as a trusted third party, so it could be difficult to find a manufacturer that both organizations trust completely. Even then, "assuming that a smart card is secure against an individual or modestly funded organization may be reasonable," Juels says, "but not that it's secure against a highly resourced one, like a national-intelligence agency."
Michael Zimmer, an assistant professor at the University of Wisconsin-Milwaukee who studies privacy and surveillance, says that Lindell is working on an important problem: "There can be some great benefits to data mining and the comparison of databases, and if we can arrive at methods to do this in privacy-protecting ways, that's a good thing." But he believes that developing secure ways of sharing information might encourage organizations to share even more data, raising new privacy concerns.
Currently, Lindell's protocol can only be used to make certain types of comparisons, but he argues that it could still prove useful. "Let's give [organizations] only what they need, and, when we do have solutions already, let's at least start somewhere and limit what they could be learning," he says.
Are U.S. passport cards and new state driver's licenses with RFID truly secure?
It seems to me that this problem can be solved pretty easily with any commutative encryption system.
Lets say there are a pair of databases 1 and 2. Just to be on the safe side each person shuffles their database so it's not alphabetical or whatever. Both parties follow the set of steps below in exact mirror fashion.
I select a secret key A. You select a key B.
I encrypt database 1 with key A, getting 1A. You encrypt 2 with B, getting 2B.
We swap encrypted databases. I get 2B, you get 1A. We can't read them.
I encrypt 2B with A, getting 2BA. You encrypt 1A with B, getting 1AB.
We now both reveal 2BA and 1AB.
If we use a commutative type of encryption, AB has the same effect as BA.
If an entry in 1 matches an entry in 2, that entry in 2BA will match an entry in 1AB.
At this point we still can't read the matching name.
I decrypt the matching item using my key and show you the result. You can then decrypt it with your key to read the name.
You also decrypt the matching item with your key and show me the result, then I can use my key to read and independently verify that name.
The big problem I see is, as someone else noted, it won't catch slightly mismatched named like "John Smith" or "John Q. Smith" or "Johnny Smith". It's hard to fully solve that sort of fuzzy-matching problem without human intelligence looking over the plain-text entries. You might be able to avoid that if you can use some sort of truly unique identifier like some government ID number like driver's license numbers or (in the US) Social Security numbers instead of names.
Manufacturing in the United States is in trouble. That's bad news not just for the country's economy but for the future of innovation.
Our list of the 50 most innovative companies, including the following:
On Twitter
Become a Fan on Facebook
Subscribe to the Feed
Netizen
131 Comments
achilles heel
Let's recap. I'm in a hurry to pound this out as it's late, so please forgive any errors.
Each organization encrypts its information to keep its proprietary information secret from the other organization, whose database it is comparing its own database.
Example: Political Party ABC compares registered voter list database to Political Party XYZ's, and visa versa. On those lists, Robert Henry Smith, Jr. at 123 River Rock Drive is registered as Robert H. Smith at 123 River Drive, and Henry Smith, Jr. at 123 River Rock Street. Each is "close enough" for a driver's license identity check on election day.
Political Party ABC database:
Name: ROBERT H SMITH
Street: 123 RIVER DR
Encrypted data: 495@*&)34hgZDF@7.z4u67
Political Party XYZ database:
Name: HENRY SMITH JR
Street: 123 RIVER ROCK ST
Encrypted data: 245@*#)34gtOIC.3.p2942
Compare encrypted data:
ABC: 495@*&)34hgZDF@7.z4u67
XYZ: 245@*#)34gtOIC.3.p2942
No match.
Next comparison:
Political Party ABC database:
Name: LINDA SMITH
Street: 9687 BANYON CT
Encrypted data: 873$)#^56jkYUR,7@k4754
Political Party XYZ database:
Name: LINDA SMITH
Street: 9687 BANYON CT
Encrypted data: 873$)#^56jkYUR,7@k4754
ABC: 873$)#^56jkYUR,7@k4754
XYZ: 873$)#^56jkYUR,7@k4754
Records match.
Notice that Linda Smith was found to be a registered voter with both parties, without either party knowing the names of other registered non-matching party voters. An auditor can investigate further to determine if Linda Smith voted twice or simply was registered with both parties without voting twice.
On the other hand, this double-blind method will not reveal that Robert Henry Smith, Jr. was registered with both parties. If he voted twice, this method will never tattle.
Those intending to fraudulently register to vote twice, simply have to register under variants of their name on their driver's license, and variants of their address they know the local post office will correct when routing mail to its final destination (their mailbox).
Unless member list databases are collated to postal databases to exact registered mailing addresses, and names are collated with DMV records, this encryption double-blind system will not give added vision to organizations attempting to flag records common to their databases through this method of smartkey comparison.
Reply