*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Privacy Protection of Outsourced Data
Date: WED January 26, 2022
Time: 9:00 AM-10:30 AM (EST)
Location: https://bluejeans.com/134968817/4914
Committee:
Dr. Alexandra Boldyreva (Advisor) - School of Computer Science, Georgia Institute of Technology, USA
Dr. Joseph Jaeger - School of Cybersecurity and Privacy, Georgia Institute of Technology, USA
Dr. Vladimir Kolesnikov - School of Computer Science, Georgia Institute of Technology, USA
Dr. Wenke Lee - School of Computer Science, Georgia Institute of Technology, USA
Dr. Bogdan Warinschi - School of Computer Science, University of Bristol, UK
Tianxin Tang
PhD candidate in Computer Science
School of Computer Science
Georgia Institute of Technology
Abstract:
Over time, the data we access on the cloud every day through services such as
Google Drive and Apple iCloud outlines our habits and interests, leaving traces
of our digital selves. Naturally, storing such data without protection exposes
us to intrusive third-party marketing and, in some cases, targeted
scams. Significant security risks and increased public awareness demand
practical solutions that enable clients to access the data privately.
This thesis targets the privacy aspect of public and private outsourced data.
We consider the keyless setting for public data, where multiple clients
outsource their data to the cloud, which facilitates the client's access while
providing some privacy protection. In particular, we investigate how to add
privacy to public fuzzy-searchable databases by restricting access to people who
own data close to parts of the database, thereby preventing massive harvesting.
We then turn to private outsourced data, which we also refer to as the
"classical outsourced setting" --- the client encrypts their data using their
secret key and uploads it to the cloud, where it is later made available for
private access. Due to recent leakage-abusive attacks that successfully
recovered queries or reconstructed the database by exploiting the leakage that
seemed innocuous previously, we focus on minimizing that leakage while
supporting versatile functionality. Specifically, we show how to perform
privacy-preserving approximate k-NN search on high-dimensional data with strong
security. We also provide an efficiency evaluation of our implementations
on multiple datasets. Finally, we show how to build a secure multi-map
that yields a searchable encryption scheme supporting keyword search with
minimal leakage. Our construction outperforms the only existing theoretical
construction with comparable security in concrete complexity, while achieving
reasonable performance on real-world email databases.
