Security and Privacy in Big Data,
Blessing or Curse?
2
ndNational Cryptography Days
9-11 April 2015
Dr. Zeki Erkin
Cyber Security Section
Department of Intelligent Systems Delft University of Technology
About me…
BSc and MSc @ITU, Istanbul, 2002, 2005 PhD @TU Delft, 2010
PostDoc @ TU Delft, 2010-2014
Assist. Prof. @ TU Delft, Cyber Security Group FET Signal Processing in the Encrypted Domain STW Kindred Spirits
Dutch/COMMIT Trusted Healthcare and Extreme Wireless Sensor Networks 3TU Big Software on the Run
Secure Signal Processing, Privacy Enhancing Technologies MPC, Homomorphic Encryption
Outline
•
Security and Privacy in Big data
•
Motivation
•
Secure Signal Processing
•
Face Recognition
•
Recommender Systems
Privacy concerns…
Problem statement
•
Sensitive Data
•
Commercially valuable algorithm
1.
Service provider trustworthy
•
Bankruptcy, lost-theft of data, insiders
2.
Service provider untrustworthy
•
Malicious acts, selling-transfer of data to the 3
rdparties
•
Cloud computing: outsourcing computation and storage
•
Where, when, by whom? Laws? Privacy? Espionage?
Can we protect privacy while processing data without
hampering services?
Players
•
Government
•
Regulation, legalization, protecting privacy, providing security
and safety (critical infrastructures), creating new business fields
•
Citizens
•
Demanding security and privacy. Economical benefits, job
opportunities
•
Business
•
Increasing profit, reducing costs, reaching out to more
customers, new business ideas
•
Academia
Secure Data Processing
computational privacy
•
Privacy Enhancing Technologies
•
Privacy by Design
•
Applied cryptography
•
Homomorphic encryption
•
Garbled circuits
•
Secret sharing
•
MPC techniques
Face Recognition
Database
Alice
Bob
Is he a criminal?
Yes, ID/No
Processing
with Privacy
Database
Alice
Bob
Is he a criminal?
[Yes], [ID]/[No]
Processing
• Z. Erkin, M. Franz, J. Guajardo, S. Katzenbeisser, R. L. Lagendijk and T. Toft, Privacy- Preserving Face Recognition, 9th International Symposium on Privacy Enhancing Technologies, LNCS 5672, pp. 235-253, August 2009.
Homomorphic Encryption
•
A number of schemes preserve structure after encryption.
Projection in the encrypted
domain
Input imageAlice
(sk)Bob
(pk) Feature vectors in a database Encrypted pixel valuesApply projection and obtain the feature vector of the
Euclidean Distance
Secure Multiplication Protocol!
Homomorphism
Alice
(sk)Bob
(pk)Secure Multiplication Protocol
Alice
Bob
Finding the minimum
Alice
(sk)Bob
(pk)[D
2(F
x, F
y)], [D
2(F
x, F
w)], . . . , [D
2(F
x, F
z)]
Find the minimum squared distance!
But…
[D
2(F
x, F
y)] = g
D2(Fx,Fy)r
n1
mod n
2Interactive Game
Comparison
[e
i
] = [1]
· [c
i
]
· [r
i
]
1
·
` 1
Y
j=i+1
Performance
•
Implemented in 2009
•
Integer arithmetic
•
400 images (112x92)
•
18 seconds
•
Implementation in 2009 (hybrid approach)
•
Garbled circuits
•
1000 images
•
13 seconds
Recommender Systems
•
Problem: Privacy
•
likes/dislikes: identification and tracking
Dynamic Execution Problem
• Kononchuk, D., Z. Erkin, J. C. A. van der Lubbe, and R. L. Lagendijk, "Privacy-Preserving User Data Oriented Services For Groups With Dynamic Participation", ESORICS, Egham, UK, 09/2013.
Case Study: Ahold
320M visitors in NL per year
This is BIG
DATA
E(ID)||DataProfiles
Curse or Blessing
•
Curse
•
Awareness - society
•
Legalization - governments
•
Limitations - industry
•
Blessing
•
Research questions!
•
Privacy by design wins!
Research Challenges
• Efficiency
• Run-time, bandwidth, storage • Security model
• Semi-honest, covert, malicious • Cryptographic tools
• FHE, SHE, HE, GC, SS (additive, strong ramp) • MPC techniques
• Application setting
• 2-party, 3-party, N-party • Static and Dynamic
• Application domain
• Cloud computing
• Confidentiality(privacy), integrity (computation and storage) • Smart grids