Related papers: Practical Privacy-Preserving Identity Verification using Third-Party Cloud Services and FHE (Role of Data Encoding in Circuit Depth Management)

Practical Privacy-Preserving Identity Verification using Third-Party Cloud Services and FHE (Role of Data Encoding in Circuit Depth Management)

URL: http://arxiv.org/abs/2408.08002v2
Date: Fri, 27 Sep 2024 23:38:42 GMT
Title: Practical Privacy-Preserving Identity Verification using Third-Party Cloud Services and FHE (Role of Data Encoding in Circuit Depth Management)
Authors: Deep Inder Mohan, Srinivas Vivek,
Abstract summary: Governments seek to outsource national digital identity verification systems to third-party cloud services. This leads to increased concerns regarding the privacy of users' personal data. We propose a privacy-preserving digital identity (ID) verification protocol where the third-party cloud services process the identity data encrypted.
Score: 0.0
License: http://creativecommons.org/licenses/by/4.0/
Abstract: National digital identity verification systems have played a critical role in the effective distribution of goods and services, particularly, in developing countries. Due to the cost involved in deploying and maintaining such systems, combined with a lack of in-house technical expertise, governments seek to outsource this service to third-party cloud service providers to the extent possible. This leads to increased concerns regarding the privacy of users' personal data. In this work, we propose a practical privacy-preserving digital identity (ID) verification protocol where the third-party cloud services process the identity data encrypted using a (single-key) Fully Homomorphic Encryption (FHE) scheme such as BFV. Though the role of a trusted entity such as government is not completely eliminated, our protocol does significantly reduces the computation load on such parties. A challenge in implementing a privacy-preserving ID verification protocol using FHE is to support various types of queries such as exact and/or fuzzy demographic and biometric matches including secure age comparisons. From a cryptographic engineering perspective, our main technical contribution is a user data encoding scheme that encodes demographic and biometric user data in only two BFV ciphertexts and yet facilitates us to outsource various types of ID verification queries to a third-party cloud. Our encoding scheme also ensures that the only computation done by the trusted entity is a query-agnostic "extended" decryption. This is in stark contrast with recent works that outsource all the non-arithmetic operations to a trusted server. We implement our protocol using the Microsoft SEAL FHE library and demonstrate its practicality.

Related papers

DataSeal: Ensuring the Verifiability of Private Computation on Encrypted Data [14.21750921409931]
We introduce DataSeal, which combines the low overhead of the algorithm-based fault tolerance (ABFT) technique with the confidentiality of Fully Homomorphic Encryption (FHE) DataSeal achieves much lower overheads for providing computation verifiability for FHE than other techniques that include MAC, ZKP, and TEE.
arXiv Detail & Related papers (2024-10-19T21:19:39Z)
Secure Outsourced Decryption for FHE-based Privacy-preserving Cloud Computing [3.125865379632205]
Homomorphic encryption (HE) is one solution for safeguarding data privacy, enabling encrypted data to be processed securely in the cloud. We propose an outsourced decryption protocol for the prevailing RLWE-based fully homomorphic encryption schemes. Our experiments demonstrate that the proposed protocol achieves up to a $67%$ acceleration in the client's local decryption, accompanied by a $50%$ reduction in space usage.
arXiv Detail & Related papers (2024-06-28T14:51:36Z)
Enc2DB: A Hybrid and Adaptive Encrypted Query Processing Framework [47.11111145443189]
We introduce Enc2DB, a novel secure database system following a hybrid strategy on and openGauss. We present a micro-benchmarking test and self-adaptive mode switch strategy that can choose the best execution path (cryptography or TEE) to answer a given query. We also design and implement a ciphertext index compatible with native cost model and querys to accelerate query processing.
arXiv Detail & Related papers (2024-04-10T08:11:12Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
Blockchain-enabled Data Governance for Privacy-Preserved Sharing of Confidential Data [1.6006586061577806]
We propose a blockchain-based data governance system that employs attribute-based encryption to prevent privacy leakage and credential misuse. First, our ABE encryption system can handle multi-authority use cases while protecting identity privacy and hiding access policy. Second, applying the Advanced Encryption Standard (AES) for data encryption makes the whole system efficient and responsive to real-world conditions.
arXiv Detail & Related papers (2023-09-08T05:01:59Z)
Verifiable Encodings for Secure Homomorphic Analytics [10.402772462535884]
Homomorphic encryption is a promising solution for protecting privacy of cloud-delegated computations on sensitive data. We propose two error detection encodings and build authenticators that enable practical client-verification of cloud-based homomorphic computations. We implement our solution in VERITAS, a ready-to-use system for verification of outsourced computations executed over encrypted data.
arXiv Detail & Related papers (2022-07-28T13:22:21Z)
Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond [57.10914865054868]
We consider vertical logistic regression (VLR) trained with mini-batch descent gradient. We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
arXiv Detail & Related papers (2022-07-19T05:47:30Z)
Reinforcement Learning on Encrypted Data [58.39270571778521]
We present a preliminary, experimental study of how a DQN agent trained on encrypted states performs in environments with discrete and continuous state spaces. Our results highlight that the agent is still capable of learning in small state spaces even in presence of non-deterministic encryption, but performance collapses in more complex environments.
arXiv Detail & Related papers (2021-09-16T21:59:37Z)
BeeTrace: A Unified Platform for Secure Contact Tracing that Breaks Data Silos [73.84437456144994]
Contact tracing is an important method to control the spread of an infectious disease such as COVID-19. Current solutions do not utilize the huge volume of data stored in business databases and individual digital devices. We propose BeeTrace, a unified platform that breaks data silos and deploys state-of-the-art cryptographic protocols to guarantee privacy goals.
arXiv Detail & Related papers (2020-07-05T10:33:45Z)
Towards Face Encryption by Generating Adversarial Identity Masks [53.82211571716117]
We propose a targeted identity-protection iterative method (TIP-IM) to generate adversarial identity masks. TIP-IM provides 95%+ protection success rate against various state-of-the-art face recognition models.
arXiv Detail & Related papers (2020-03-15T12:45:10Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.