Wednesday, October 14, 2015

GHC15: Authorized But Anonymous: Taking Charge of Your Personal Data


Anna Lysyanskaya, Brown University got her PhD under Ron Rivest at MIT, and has received many awards.  She allows people to prove themselves without exposing themselves.

Online, not much thinking required :-)

I log in – therefore I am… provided nobody else has your credentials. How does she log in? Let her ount the ways… :-)

Basic: user name and password:

  •  Pros: intuitive, human-memorizable (up to a point) 
  •  Cons: not privacy preserving, insecure in so many ways
Many people reuse passwords, as there are too many to remember.  But, if one site is compromised… others can be, too.

With public key certificates

  • Cons: not intuitive, not human memorizable, not privacy  preserving
  • Pros: secure – your device would need to be hacked or stolen before your identity could be stolen...
What are digital signature schemes? You need two keys:
  • Secret signing key SK(alice) allows Alice to sign and prove she is Alice    
  • Public verification key PK(alice) allows anyone to verify.
To sign a message m, Alie uses SK(alice) to comput a signature O

When anyone wants to verify Alice’s signature on m, use her public key PK(alice).

Now you know what this is – but how does it work if I don’t have your public key?  What if someone sends you a fake public key?  You must rely on information you can trust. That’s why we allow others  to sign public keys. Like Anna’s key is signed with Brown university – make sure it’s not BOWRN university…

A certificate is when someone whose public key is well-known (e.g. Brown University) certificates that a public key belongs to a particular site/web server/person.

Your public certificate may contain additional information, like date of birth, gender, which buildings you're allowed to access....

So, they are not privacy preserving.

Even if you think, I don't have anything to hide!  Just because you think this, doesn't mean your not leaving a trace of information that you consider private (health care, past abortion, etc) that someone else may want to attack even if you're not a public figure.

For example, let's say you use a persistent ID to log into a newspaper, even if it's "secret" and not associated with your name, you are still identifiable. If you put in your zip code to look up weather? They know where you live. Look  up your horoscope, learns your date of birth. Based on the articles you read, they can accurately infer your gender.  Those three pieces of information - someone could find your real name.

We'd like to use anonymous credentials - where you can prove you're authorized, but cannot be tracked bake to you.
  • Cons: not super intuitive, not human-doable (need a device to remember the credentials)
  • Pros: secure - your device would need to hacked before your identity can be stolen - privacy-reserving
Okay, how do these work?  Underlying building block: zero-knowledge proofs. She gave us a neat graphic explanation with a 3 colored graph.

Anything that is provable at all can be provable in zero-knowledge proofs.

Now that we've been doing this for awhile, efficiency is approaching certificate based non-anonymous authentication.

The old New Yorker joke was: "Nobody knows on the Internet that you're a dog." - now, that's not true! Google knows everything about you. Facebook knows everything about you and your friends.

But what happens if something goes wrong?

Trust her, we can solve this with cool crypto :-)

Right now, you can't do this - as there's no provider that allows for things like anonymously watching a movie (and actually pay for it).

Why aren't software companies doing this?  They may not think users care about this. It's also a fast developing industry, so they may not have caught up, yet.

Things may change due to last week's European Court of Justice ruling may have some impact.

Come learn more at Brown! :-)

They have a CyberSecurity master's program - neat!

Post by Valerie Fenwick, syndicated from Security, Beer, Theater and Biking!