Trusted third party

About: Trusted third party is a research topic. Over the lifetime, 2919 publications have been published within this topic receiving 60935 citations.

Utility-Optimized Local Differential Privacy Mechanisms for Distribution Estimation

Abstract: LDP (Local Differential Privacy) has been widely studied to estimate statistics of personal data (e.g., distribution underlying the data) while protecting users' privacy. Although LDP does not require a trusted third party, it regards all personal data equally sensitive, which causes excessive obfuscation hence the loss of utility. In this paper, we introduce the notion of ULDP (Utility-optimized LDP), which provides a privacy guarantee equivalent to LDP only for sensitive data. We first consider the setting where all users use the same obfuscation mechanism, and propose two mechanisms providing ULDP: utility-optimized randomized response and utility-optimized RAPPOR. We then consider the setting where the distinction between sensitive and non-sensitive data can be different from user to user. For this setting, we propose a personalized ULDP mechanism with semantic tags to estimate the distribution of personal data with high utility while keeping secret what is sensitive for each user. We show theoretically and experimentally that our mechanisms provide much higher utility than the existing LDP mechanisms when there are a lot of non-sensitive data. We also show that when most of the data are non-sensitive, our mechanisms even provide almost the same utility as non-private mechanisms in the low privacy regime.

Watermarking schemes provably secure against copy and ambiguity attacks

Abstract: Protocol attacks against watermarking schemes pose a threat to modern digital rights management systems; for example, a successful attack may allow to copy a watermark between two digital objects or to forge a valid watermark. Such attacks enable a traitor to hinder a dispute resolving process or accuse an innocent party of a copyright infringement. Secure DRM systems based on watermarks must therefore prevent such protocol attacks. In this paper we introduce a formal framework that enables us to assert rigorously the security of watermarks against protocol attacks. Furthermore, we show how watermarking schemes can be secured against some protocol attacks by using a cryptographic signature of a trusted third party.

A Comprehensive Survey on Smart Contract Construction and Execution: Paradigms, Tools and Systems

Abstract: Smart contracts are regarded as one of the most promising and appealing notions in blockchain technology. Their self-enforcing and event-driven features make some online activities possible without a trusted third party. Nevertheless, problems such as miscellaneous attacks, privacy leakage, and low processing rates pre-vent them from being widely applied. Various schemes and tools have been proposed to facilitate the construction and execution of secure smart contracts. However, a comprehensive survey for these proposals is absent, hindering new researchers and developers from a quick start. This paper surveys the literature and online resources on smart contract construction and execution over the period 2008-2020. We divide the studies into three categories: (1) design paradigms that give examples and patterns on contract construction, (2) design tools that facilitate the development of secure smart contracts, and (3) extensions and alternatives that improve the privacy or efficiency of the system. We start by grouping the relevant construction schemes into the first two categories. We then review the execution mechanisms in the last category and further divide the state-of-the-art solutions into three classes: private contracts with extra tools, off-chain channels, and extensions on core functionalities. Finally, we summarize several challenges and identify future research directions toward developing secure, privacy-preserving, and efficient smart contracts.

Disseminating targeted location-based content to mobile device users

Abstract: A trusted third party information arbiter for facilitating third party information sources, such as advertisers or data processing services, to accurately target communications to mobile device users. Illustratively, the mobile device users can control target communications through the utilization of discretion requests/permissions processed by the third party information arbiter. Furthermore, the mobile device users may further interact with the trusted third party information arbiter to provide/release additional personal information. For example, a mobile device user may be provided an increasingly rich rewards or payments that may be provisioned by discount, coupons or offers associated with existing or new product advertisements or promotional information messages.

Security-typed languages for implementation of cryptographic protocols: a case study

Abstract: Security protocols are critical for protecting modern communication infrastructures and are therefore subject to thorough analysis. However practical implementations of these protocols lack the same level of attention and thus may be more exposed to attacks. This paper discusses security assurance provided by security-typed languages when implementing cryptographic protocols. Our results are based on a case study using Jif, a Java-based security-typed language, for implementing a non-trivial cryptographic protocol that allows playing online poker without a trusted third party. The case study deploys the largest program written in a security-typed language to date and identifies insights ranging from security guarantees to useful patterns of secure programming.