Reconciling Information Exchange and Confidentiality Technological Approaches

1
ReconcilingInformation Exchangeand
ConfidentialityTechnological Approaches

• Wouter Teepe

2
Outline
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Background
• Examples
• Comparing secrets
• How to do it
• Conclusion

3
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality
Background
4
Who is this guy?
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Educated in Artificial Intelligence (AI) in
  Groningen, NL
• Currently postdoc at the Digital Security Group,
  Radboud University Nijmegen, NL
• Designer of Privacy Enhancing Technologies (PET)
• Involved in (dismantling) smart card
  security(NXP Mifare Classic, OV-chipkaart)
• Occasional role in media about privacy

5
Real life experience
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Geertje and Wouter are friends and colleagues
• Geertje told Wouter secretly she is expecting a
  baby
• Some days later, Wouter and Nancy meet at the
  coffee table. Nancy looks expectantly to Wouter.
  Would she like to gossip with Wouter?
• Wouter would like to gossip, but promised Geertje
  to keep her pregnancy secret. If he can make sure
  Nancy already knows of Geertjes pregnancy, he
  can start gossiping
• Wouter cannot bluntly ask did you know that
  Geertje is pregnant? as this will disclose the
  secret

6
The privacy debate
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• General idea
• For catching thieves and terrorists, we need
  information(the more the better)
• For protecting peoples privacy, information
  should be as scarce as possible (the less
  information available, the better)
• Therefore
• You give information, or you dont(one cannot
  half give ones age)
• Reconciling these aims is a matter of finding a
  balance, setting priorities and political
  tradeoffs

BULL
7
Settling the debate, a recipe
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Get precise description of what information is
  required for a particular task, e.g.
• are you on the no-fly list?
• do you have a drivers license?
• are you allowed to buy alcohol?
• Make a (political) decision whether it is okay to
  give exactly that information
• consider proportionality, effectiveness, etc.
• Find a tool that facilitates the particular
  transaction precisely
• this may be a cryptographic protocol /
  zero-knowledge proof

Not trivial, but doable
Doable (easier)
Who said it was gonna be easy?
8
Modus operandi
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Do not assume the answer will be negative
• i.e. that there is no tool for the particular job
• Invading privacy may be the obvious solution,
  but that does not mean that other solutions
  cannot exist
• Solutions which satisfy the wishes both sides of
  the debate may prove fruitful
• more access to relevant data
• more protection of irrelevant data
• or is it the other way round?

9
Modus operandi
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality
10
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality
Examples
11
Real life experience (2)
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Barteld and Wouter are friends and collegues
• Barteld told Wouter secretly his wife is
  expecting a baby
• Some days later, Wouter and Rineke meet at lunch.
  Rineke looks expectantly to Wouter. Would she
  like to gossip with Wouter?
• Wouter would like to gossip, but promised Barteld
  to keep his due fatherhood secret. If he can make
  sure Rineke already knows of Bartelds secret, he
  can start gossiping
• Wouter cannot bluntly ask did you know that
  Barteld will soon become a father? as this will
  disclose the secret

12
The Secret Service experience
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Victor is a secret agent, and has to operate as
  secretly as possible. His mission is to protect
  Peggy
• Victor sees a message (Peggy is kindly invited
  by Mallory) and knows that Mallory is an evil
  person who will kill Peggy on the occasion.
  Victor does not know whether Peggy received the
  invitation
• Peggy does not wat to tell whether she has the
  invitation, nor does Victor in case Peggy does
  not have the invitation.
• Only if Peggy convinces Victor that she has the
  invitation, Victor will disclose his warning to
  Peggy
• Peggy does not want to disclose any secret to
  Victor (which Victor does not already know)

13
DHS example
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• The Dept. of Homeland Security has a list of
  suspects which it does not want to disclose
• KLM (or any other carrier) has a list of
  passengers, which it does not want to disclose
• The DHS and KLM want to determine the
  intersection of these lists, which may be made
  commonly known
• The names of not-flying suspects, and of
  non-suspect flyers should be kept secret

14
Police example
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Wouter is a suspect of bank robbery in Heerlen
• Wouter is a victim of an assault in Maastricht
• In case the police teams from H. and M. do not
  cooperate, they may hinder one another
• Investigation data of the police should
  ultimately be as secret as possible
• Some police officers are corrupt

15
DNA example
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Police team in country A finds a DNA sample
• Police team in country B has the same DNA
  sample
• Do countries A and B pool their data?
• A Austria, B Belgiumissues addressed in
  other talks today and tomorrow
• A Austria, B Belarus? Bolivia?unthinkable (?)

16
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality
Comparing secrets
17
While not Giving Them Away
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• What guarantees exist in case of a non-match?
• Compare-then-Identify (Prüm)
• See all DNA profiles, look for your sample (and
  more?)
• But only identify those for which you present the
  match
• You cannot prevent analysis of the
  non-identified samples
• Compare-is-Identify
• Only see DNA samples which match your profile
• The rest zero knowledge (with a strong
  mathematical proof)

18
Analysis of the Non-identified Samples?
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• One has
• A particular DNA database
• The inclusion criteria of this database
• A match!
• And thus
• Any non-identified sample says whoever belongs
  to this sample, matches the inclusion criteria
• One cannot reasonably expect from someone, that
  when he makes a decision, he will exclude
  relevant information known to him from his
  judgement Frank Ankersmit

19
Comparing secrets - reference - 1 to 1
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• A description is agreed upon, both players answer
  truthfully
• What is your favorite music band? (ABBA)
• Who did you vote for? (Pim Fortuyn)
• One secret against one secret
• Secret for for fundamental or practical reasons
• to prevent embarassment
• votes should be secret

20
Comparing secrets - no reference - 1 to n
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Player A publishes a description which allows
  player B to recognize the secret, but not to
  infer it
• The code to my Liechtenstein bank account
  (arkjjhhg bwr ufkng)
• One secret (A) against many secrets (B)
• Result, either
• Succes both players know the other player knows
  the secret
• Failure
• B did not know the secret
• B cannot identify the secret in the protocol
• B cannot infer any property of the secret

21
Comparing secrets - no reference - n to m
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• A, B have sets of secrets KBA, KBB
• Compute the intersection I KBA ? KBB
• This can be solved trivially if A, B trust a TTP
  to know?I?, ?KBA?, ?KBB?
• with a great communication overhead
• This was not yet solved without using a TTP
• and particularly not efficiently
• AKA list intersection problem
• Many applications!

22
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality
How to do it
23
How to do it
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Look for items occurring in both lists
• Handing over the list in clear violates the not
  giving away requirement!

24
How to do it
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• To check whether two items are equal, one does
  not have to interpret them!
• Encrypt the items in such a way that decryption
  is impossible (since we do not need decryption)

25
How to do it
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• If there are matching items
• both parties can find the corresponding name

26
How to do it
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Both parties choose a random challenge C and send
  it to the other party
• The other party computes the encryption of the
  item and the challenge

27
How to do it
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• This second message counts as a proof of
  knowledge
• The real protocol is more complicated, but this
  is the essential part

28
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality
Conclusion
29
When to use it
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• There is an authorisation question
• the credential being tested is the knowledge of a
  secreti.e. the posession of a particular DNA
  sample
• No TTP can be found
• i.e. cross-organisational authorisation of
  possibly hostile parties
• ordinary judicial and procedural complexity of
  creating a TTP between friendly parties
• Efficiency is required

30
What is the use?
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Optimal secrecy
• The non-matching DNA samples remain secret
• No TTP is required
• Optimal functionality
• Suspects are positively identified
• Privacy of ordinary citizens is not infringed
  upon
• Function creep prevented

31
On function creep and hidden agendas (I)
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• I want a car for my daily commute to Amsterdam
• How about a VW Golf?
• I prefer the Porsche 911 Carrera
• What for? Its no use in the daily traffic jam
• Well, I just happen to like that particular car
• If you wish, its your choice

Later, he was spotted on the Autobahn/péageDrivin
g at what speed?
32
On function creep and hidden agendas (II)
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• I want an infrastructure for comparing DNA
  samples
• How about this privacy-friendly fit-for purpose
  tool X?
• Cant you just throw all data into a data
  warehouse?
• I can, but you dont need that for your
  particular needs
• Well, I just happen to like data warehouses
• If you wish, its your choice

Later, he was spotted using the data
warehouseFor which purposes?
33
What is the relevance?
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• The privacy debate is not a zero-sum game
• Privacy protection and fighting terrorism can go
  hand in hand
• Be creative and
• find more applications of this tool
• find more tools for other applications

34
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality
Bonus tracks
35
How about Geertjes pregnancy?
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Use the Secret Prover a java application to
  prove knowledge of files without disclosing them
• More information is in my dissertationReconcilin
  g Information Exchange and Confidentiality
• both are to be found on http//www.teepe.com/phdth
  esis
• printed copies of the dissertation are available
• w.teepe_at_cs.ru.nl (31) 24 - 36 52077

36
Paraphrasing the protocol
Heerlen, June 5 2008, DNA data exchange in
Europe, Wouter Teepe
Reconciling Information Exchange and
Confidentiality

• Hey, you know what?
• Huh, what?
• Well, you know, dont you?
• I dont know what youre talking about
• Well, nevermind
• unsuccessful run, no match

• Hey, you know what?
• Huh, what?
• Well, you know, dont you?
• Ahh, yeah, of course
• Thank you, goodbye
• successful run, a match