Iraklis Leontiadis

Private and Dynamic Time-Series Data Aggregation with Trust Relaxation

With the advent of networking applications collecting user data on a massive scale, the privacy of individual users appears to be a major concern. The main challenge is the design of a solution that allows the data analyzer to compute global statistics over the set of individual inputs that are protected by some confidentiality mechanism. Joye et al. [7] recently suggested a solution that allows a centralized party to compute the sum of encrypted inputs collected through a smart metering network. The main shortcomings of this solution are its reliance on a trusted dealer for key distribution and the need for frequent key updates. In this paper we introduce a secure protocol for aggregation of time-series data that is based on the Joye et al. [7] scheme and in which the main shortcomings of the latter, namely, the requirement for key updates and for the trusted dealer are eliminated. Moreover our scheme supports a dynamic group management, whereby as opposed to Joye et al. [7] leave and join operations do not trigger a key update at the users.

PUDA – Privacy and Unforgeability for Data Aggregation

Existing work on secure data collection and secure aggregation is mainly focused on confidentiality issues. That is, ensuring that the untrusted Aggregator learns only the aggregation result without divulging individual data inputs. In this paper however we consider a malicious Aggregator which is not only interested in compromising users’ privacy but also is interested in providing bogus aggregate values. More concretely, we extend existing security models with the requirement of aggregate unforgeability. Moreover, we instantiate an efficient protocol for private and unforgeable data aggregation that allows the Aggregator to compute the sum of users’ inputs without learning individual values and constructs a proof of correct computation that can be verified by any third party. The proposed protocol is provably secure and its communication and computation overhead is minimal.

Privacy Preserving Similarity Detection for Data Analysis

Current applications tend to use personal sensitive information to achieve better quality with respect to their services. Since the third parties are not trusted the data must be protected such that individual data privacy is not compromised but at the same time operations on it would be compatible. A wide range of data analysis operations entails a similarity detection algorithm between user data. For instance clustering on big data groups together objects based on the heuristic that similar objects are likely to be put under the same cluster. Similarity decisions are important for numerous applications such as: online social networks, recommendations systems and behavioral advertisement. In this paper we propose a mechanism that protects user privacy and preserves data similarity results although encrypted. We analyze the security of the scheme and we further demonstrate its correctness and feasibility through a real life experiment where personality traits by users are collected for a 4square application.

Privacy Preserving Statistics in the Smart Grid

Smart meters are widely deployed to provide fine-grained information pertaining to tenant power consumption. These data are analyzed by suppliers for more accurate statistics, energy consumption predictions and personalized billing. Indirectly this aggregation of data can reveal personal information of tenants such as number of persons in a house, vacation periods and appliance preferences. To date, work in the area has focused mainly on privacy preserving aggregate statistical functions such as the computation of sum. In this paper we propose a novel solution for privacy preserving individual data collection per smart meter. We consider the operation of identifying the maximum consumption of a smart meter as an interesting property for energy suppliers, as it can be employed for energy forecasting to allocate electricity in advance. In our solution we employ an order preserving encryption scheme in which the order of numerical data is preserved in the cipher text space. We enhance the accuracy of maximum consumption by utilizing a delta encoding scheme.

ANOSIP: anonymizing the SIP protocol

Enhancing anonymity in the Session Initiation Protocol (SIP) is much more than sealing participants identities. It requires methods to unlink the communication parties and relax their proximity identification. These requirements should be fulfilled under several prerequisites, such as time limitation for session establishment, involvement of several functional entities for session management, inter-domain communications and support of streaming services when the session is established. In this paper we propose the usage of a privacy enhancement framework, called Mist, as a solution to the anonymity issue in SIP. For achieving anonymity, the original Mist architecture was modified to be adapted in the SIP framework. We evaluate the adapted Mist framework to SIP and measure how efficiently it supports anonymity features.

SecReach: Secure Reachability Computation on Encrypted Location Check-in Data

Reachability, which answers whether one person is reachable from another through a sequence of contacts within a period of time, is of great importance in many domains such as social behavior analysis. Recently, with the prevalence of various location-based services (LBSs), a great amount of spatiotemporal location check-in data is generated by individual GPS-equipped mobile devices and collected by LBS companies, which stimulates research on reachability queries in these location check-in datasets. Meanwhile, a growing trend is for LBS companies to use scalable and cost-effective clouds to collect, store, and analyze data, which makes it necessary to encrypt location check-in data before outsourcing due to privacy concerns. In this paper, for the first time, we propose a scheme, SecReach, to securely evaluate reachability queries on encrypted location check-in data by using somewhat homomorphic encryption (SWHE). We prove that our scheme is secure against a semi-honest cloud server. We also present a proof-of-concept implementation using the state-of-the-art SWHE library (i.e., HElib), which shows the efficiency and feasibility of our scheme.

A P2P based usage control enforcement scheme resilient to re-injection attacks

Existing privacy controls based on access control techniques do not prevent massive dissemination of private data by unauthorized users. We suggest a usage control enforcement scheme that allows users to gain control over their data during its entire lifetime. The scheme is based on a peer-to-peer architecture whereby a different set of peers is randomly selected for data assignment. Usage control is achieved based on the assumption that at least t out of any set of n peers will not behave maliciously. Such a system would still suffer from re-injection attacks whereby attackers can gain ownership of data and the usage policy thereof by simply re-storing data after slight modification of the content. In order to cope with re-injection attacks the scheme relies on a similarity detection mechanism. The robustness of the scheme has been evaluated in an experimental setting using a variety of re-injection attacks.