Privacy Management for

J. Alex Halderman Brent WatersEdward W. Felten

Princeton UniversityDepartment of Computer Science

Portable Recording Devices

J. A. Halderman 1 of 10

Camera Phones

170 million in 2004

= +× 170 million =

NewPrivacyThreats

Ubiquitous

Recording

J. A. Halderman 1 of 10

New Privacy Threats

J. A. Halderman 2 of 10

A Breakdown of Social Norms

Augment them, don’t replace them

Previous Approaches

Law/Policy

Usage RestrictionsLocal Bans

TechnologySignal from beacon disables recording

features

J. A. Halderman 3 of 10

Based on location, not full context Decide before recording, not playback

Coarse-Grained Restrictions

Our Approach

J. A. Halderman 4 of 10

Privacy protection built intotrusted recording devices

Our Approach

J. A. Halderman 4 of 10

Recording subjects control useNegotiate using their

devices (assume discovery method)

Defers privacy decision to last possible moment

Our Approach

J. A. Halderman 4 of 10

Encrypt recording before storingKey share retained by

privacy stakeholders

Must ask permission to decrypt

Our Privacy Requirements

J. A. Halderman 5 of 10

1. Unanimous Consent2. Confidentiality of Vetoes

Colluder

Our Applications

J. A. Halderman 6 of 10

Laptops/WiFi AOL Instant Messenger

• Protects audio recordings

• Manual discovery

• Protects chat logs • Discovery handled by

AIM

Alice and Bob tell Carol kAlice kBob without revealing other

informationabout kAlice or kBob to anyone

Variation on Chaum’s “Dining Cryptographers”

Secure XOR

J. A. Halderman 7 of 10

BobAlicekBob SecretSecret kAlice

Carol

A & B choose and exchange random blinding factorsA & B each XOR both blinding factors with their secret input and send the result to CarolCarol XORs these messages to learn kAlice kBob

BobAlicekBob SecretSecret kAlice

Secure XOR

J. A. Halderman 7 of 10

BBob Blinding factorBlinding factor BAliceBBob BAlice

kAlice BBob BAlice BBob BAlice kBob

CarolkAlice BBob BAlice BBob BAlice kBob

= kAlice kBob

Carol does not learn kAlice or kBob

Private Storage Protocol

8 of 10

“Create” Operation

J. A. HaldermanIdentify stakeholders

Need a trusted recording device for

now

Private Storage Protocol

8 of 10

“Create” Operation

J. A. Halderman

Choose random keyshares

k1=0110100k2=1011101

Securely tell recorder k1 k2

Secure XOR

k1 k2=1101001

Encrypt using k1 k2 as key

key=1101001

Recorder discards plaintext, keyStakeholders hold on to shares

id=2100624 owners=Alice,BobkAlice=0110100

Secure XOR

Private Storage Protocol

8 of 10

“Decrypt” Operation

J. A. Halderman

id=2100624 owners=Bob,AlicekBob=1011101

id=2100624owners=Alice,Bob

Requestor sends request

May we decrypt <2100624>?

Cryptography provides strong protection

Stakeholders apply policies

Secure XOR

To grant, input keyshare into XOR

key=1101001 ?

To deny, give random input to XOR

1110001key=1000101 ?

Vetoes remain confidential

Private Storage Protocol

J. A. Halderman 8 of 10

“Create”

Location Service

Storage

Recorder BRecorder A

Data In Data In

PersistentAgent A

PersistentAgent B

Player

Agent A Agent B

Keyshare Keyshare

Encr

ypte

d Re

cord

ing

“Decrypt”

Policy Policy

Data Out

Privacy in Practice

J. A. Halderman 9 of 10

A Problem of ComplianceCommunity of like-minded people:Social pressures, local policies, etc.

Privacy law can provide further incentives

Convince manufacturers to build it in:Regulatory pressure, customer demand

Conclusions

J. A. Halderman 10 of 10

Ubiquitous recording

brings privacy threats

Technology can give control

back to recording subjects

Widespread compliance among like-minded groups

Privacy Management for

J. Alex Halderman Brent WatersEdward W. Felten

Princeton UniversityDepartment of Computer Science

Portable Recording Devices