decentralizing privacy using blockchain to protect
play

Decentralizing Privacy: Using Blockchain to Protect Personal Data - PowerPoint PPT Presentation

Jul 24, 2023 •433 likes •738 views

Decentralizing Privacy: Using Blockchain to Protect Personal Data Guy Zyskind , Oz Nathan, Alex Sandy Pentland Guy Zyskind Decentralizing Privacy: 2 Using Blockchain to Protect Personal Data The problem of

  1. Decentralizing Privacy: Using Blockchain to Protect Personal Data � � Guy Zyskind , Oz Nathan, Alex ‘Sandy’ Pentland � Guy Zyskind � Decentralizing Privacy: 2 � Using Blockchain to Protect Personal Data � �

  2. The problem of protecting personal data � Data are stored centrally (Trusted Third Party model): � User perspective: � • Security breaches : a single point of failure � • Users don’t own their data (lack of ownership ) � • Users can’t audit (lack of transparency ) � � Guy Zyskind � Decentralizing Privacy: 3 � Using Blockchain to Protect Personal Data � �

  3. The problem of protecting personal data � Data are stored centrally (Trusted Third Party model): � User perspective: � Service perspective: � • Security breaches : a single point of • Cost (compliancy, security audits, failure � Hiring CS PhDs…) � • Users don’t own their data (lack of • Brand reputation � ownership ) � • Simplicity � • Users can’t audit (lack of transparency ) � � � � Guy Zyskind � Decentralizing Privacy: 4 � Using Blockchain to Protect Personal Data � �

  4. General idea – A (verifiable) privacy-preserving decentralized cloud � Service � Service � blockchain Registry � Server � DHT DHT Guy Zyskind � Decentralizing Privacy: 5 � Using Blockchain to Protect Personal Data � �

  5. General idea – Simulate TTPs with a P2P network + blockchain � Eliminates trust. Decentralized: � • Access-control (Blockchain) � • Storage (DHT) � • Privacy-preserving Computations Service � (MPC) � Service � blockchain Registry � Server � DHT DHT Guy Zyskind � Decentralizing Privacy: 6 � Using Blockchain to Protect Personal Data � �

  6. A brief introduction to Bitcoin � • Proposed in 2008 in a paper by Satoshi Nakamoto (pseudonym). � • Enables parties to directly transfer a digital currency (Bitcoins) without a TTP (i.e., banks). � • Instead, a network of untrusted peers ensures the validity of all transactions. � • All correct transactions are publicly verifiable through a public ledger (the blockchain ). � Guy Zyskind � Decentralizing Privacy: 7 � Using Blockchain to Protect Personal Data � �

  7. How does Bitcoin work? In a nutshell .. � Goal: Construct a public time-stamped log of all valid transactions without using TTPs. � Guy Zyskind � Decentralizing Privacy: 8 � Using Blockchain to Protect Personal Data � �

  8. How does Bitcoin work? In a nutshell .. � Goal: Construct a public time-stamped log of all valid transactions without using TTPs. � How? Every ~10 minutes (expected time), reach a distributed consensus ensuring valid mempool (floating) transactions are grouped into a block. Then, append the block to the end of the chain. The blockchain is the desired public log. � Guy Zyskind � Decentralizing Privacy: 9 � Using Blockchain to Protect Personal Data � �

  9. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � Guy Zyskind � Decentralizing Privacy: 10 � Using Blockchain to Protect Personal Data � �

  10. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � • Collect mempool transactions (tx’s) and validate them. Construct block b m,t � Guy Zyskind � Decentralizing Privacy: 11 � Using Blockchain to Protect Personal Data � �

  11. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � • Collect mempool transactions (tx’s) and validate them. Construct block b m,t � • Attempt to solve a hard computational puzzle [ SHA-256(SHA-256(b m,t )) < target ]. � Guy Zyskind � Decentralizing Privacy: 12 � Using Blockchain to Protect Personal Data � �

  12. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � • Collect mempool transactions (tx’s) and validate them. Construct block b m,t � • Attempt to solve a hard computational puzzle [ SHA-256(SHA-256(b m,t )) < target ]. � • First miner to solve broadcasts the solution. All other miners independently validate the solution (work + all included transactions). If correct, they append it to their local copy of the blockchain. � Guy Zyskind � Decentralizing Privacy: 13 � Using Blockchain to Protect Personal Data � �

  13. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � • Collect mempool transactions (tx’s) and validate them. Construct block b m,t � • Attempt to solve a hard computational puzzle [ SHA-256(SHA-256(b m,t )) < target ]. � • First miner to solve broadcasts the solution. All other miners independently validate the solution (work + all included transactions). If correct, they append it to their local copy of the blockchain. � • Solver receives newly minted coins and tx fees. � Guy Zyskind � Decentralizing Privacy: 14 � Using Blockchain to Protect Personal Data � �

  14. How are transactions deemed valid? Scripts! � • Every transaction is associated with a script (actually, every tx output is associated with a script called scriptPubKey). � • Nodes validate transactions by executing the script with the arguments given in the tx by the sender (most importantly – her sig). � • Can run arbitrary verifications – not just financial ( smart contracts ). � Guy Zyskind � Decentralizing Privacy: 15 � Using Blockchain to Protect Personal Data � �

  15. Our framework (Overview) � Goal: when a user installs a mobile app, she can control and audit what data are stored and how they are used. Access should be revokable. � � Guy Zyskind � Decentralizing Privacy: 16 � Using Blockchain to Protect Personal Data � �

  16. Our framework (Overview) � Goal: when a user installs a mobile app, she can control and audit what data are stored and how they are used. Access should be revokable. � Solution: Store access-policies to personal data on the blockchain. Then, let the blockchain nodes moderate access to a DHT. � approved? � read � read � service data � data � Guy Zyskind � Decentralizing Privacy: 17 � Using Blockchain to Protect Personal Data � �

  17. Sign up ( or user downloads the app) � (pk s,u , sk s,u ) � (pk u,s , sk u,s ) � • User u and service s each generate a signing key pair. � (enc) sk u,s � service • A symmetric encryption key is generated and shared over a secure channel. � • The user approves the list of permissions POLICY u,s � Blockchain • u sends T access (pk u,s, pk s,u, POLICY u,s ) to the blockchain. � • Also used for uninstall/modify. � Guy Zyskind � Decentralizing Privacy: 18 � Using Blockchain to Protect Personal Data � �

  18. Storing & loading data � Storing data: � • Send T data (E v ,’w’) . Nodes verify sig against policy. � write tx + enc. data � Blockchain • Set k=SHA-256(E u,s (v)) � key reference to the data � � � � (key stored on blockchain , � data stored on DHT ). � Guy Zyskind � Decentralizing Privacy: 19 � Using Blockchain to Protect Personal Data � �

  19. Storing & loading data � Storing data: � • Send T data (E v ,’w’) . Nodes verify sig against policy. � read tx + key � Blockchain service • Set k=SHA-256(E u,s (v)) � enc. data � Reading data: � � � • Send T data (k,’r’). Nodes verify sig � against policy. � iff approved � • Return v ß DHT[k] � Guy Zyskind � Decentralizing Privacy: 20 � Using Blockchain to Protect Personal Data � �

  20. Security and privacy analysis � • An adversary controlling any number of DHT nodes For ¡every ¡real ¡ ¡ cannot compromise privacy (because of encryption). � adversary ¡ A ¡ Guy Zyskind � Decentralizing Privacy: 21 � Using Blockchain to Protect Personal Data � �

  21. Security and privacy analysis � • An adversary controlling any number of DHT nodes For ¡every ¡real ¡ ¡ cannot compromise privacy (because of encryption). � adversary ¡ A ¡ • An adversary controlling less than 50% of the computational power of miners cannot compromise privacy or resiliency (Nakamoto consensus & forging digital signatures) � Guy Zyskind � Decentralizing Privacy: 22 � Using Blockchain to Protect Personal Data � �

  22. Security and privacy analysis � • An adversary controlling any number of DHT nodes For ¡every ¡real ¡ ¡ cannot compromise privacy (because of encryption). � adversary ¡ A ¡ • An adversary controlling less than 50% of the computational power of miners cannot compromise privacy or resiliency (Nakamoto consensus & forging digital signatures) � • An adversary controlling the service can learn as much as permissions allows, but traceable. An improved model follows. � Guy Zyskind � Decentralizing Privacy: 23 � Using Blockchain to Protect Personal Data � �

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Blockchain and GDPR Blockstack Decentralizing the World Tour, December 18, 2018, Prague Jrn

Blockchain and GDPR Blockstack Decentralizing the World Tour, December 18, 2018, Prague Jrn

Blockchain and GDPR Blockstack Decentralizing the World Tour, December 18, 2018, Prague Jrn Erbguth, Dipl.-Inf., Dipl.-Jur. Consultant Legal Tech, Blockchain, Smart Contracts and Data Protection joern@erbguth.ch +41 787256027 GDPR vs.

964 views • 42 slides
Welcome to the Blockchain! Jeffrey D. Neuburger Wai Choy June 20, 2017 1 The Underlying

Welcome to the Blockchain! Jeffrey D. Neuburger Wai Choy June 20, 2017 1 The Underlying

Welcome to the Blockchain! Jeffrey D. Neuburger Wai Choy June 20, 2017 1 The Underlying Technology: Blockchain. Bitcoin and Blockchain have diverged over the past two years. To help protect your privacy, PowerPoint has blocked automatic

1.16k views • 66 slides
Anonymity &amp; Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity &amp; Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity &amp; Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy. College Bescherming Persoonsgegevens (CBP) What is privacy? Users must be able to determine for themselves when, how, to what extent and

798 views • 45 slides
Blockchain, GDPR &amp; cryptography zkSNARKs for scaling and privacy. Alexandre Poltorak

Blockchain, GDPR &amp; cryptography zkSNARKs for scaling and privacy. Alexandre Poltorak

Blockchain, GDPR &amp; cryptography zkSNARKs for scaling and privacy. Alexandre Poltorak Blockchain, Sustainable Development and Privacy 26-27 November 2019 Berlin, Germany The problem with GDPR and blockchains : Bitcoin &amp; Privacy

395 views • 7 slides
S &amp; P SECURITY &amp; PRIVACY GROUP Security and Privacy for Payment Channel Networks

S &amp; P SECURITY &amp; PRIVACY GROUP Security and Privacy for Payment Channel Networks

FAKULTT FR !NFORMATIK Faculty of Informatics S &amp; P SECURITY &amp; PRIVACY GROUP Security and Privacy for Payment Channel Networks Pedro Moreno-Sanchez Blockchain Summer School BDLT19 Vienna, Sep 2nd 2019 Blockchain Research

1.41k views • 73 slides
Blockchain Privacy Preserving Techniques XU Cheng &lt; chengxu@comp.hkbu.edu.hk &gt; October 12,

Blockchain Privacy Preserving Techniques XU Cheng &lt; chengxu@comp.hkbu.edu.hk &gt; October 12,

Blockchain Privacy Preserving Techniques XU Cheng &lt; chengxu@comp.hkbu.edu.hk &gt; October 12, 2019 @ NDBC 2019 Department of Computer Science, Hong Kong Baptist University Blockchain Technology Blockchain: Append-only data structure

1.15k views • 52 slides
Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts Yashar Dehkan

Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts Yashar Dehkan

Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts Yashar Dehkan Asl Chapter I Introduction Decentralized Cryptocurrencies: Such as Bitcoin and altcoins are getting more popular Blockchain Technology: These

734 views • 26 slides
Privacy Policy This privacy policy sets out how the Talking Slides Ltd websites use and protect

Privacy Policy This privacy policy sets out how the Talking Slides Ltd websites use and protect

Privacy Policy This privacy policy sets out how the Talking Slides Ltd websites use and protect any information that you provide when you use this website. Talking Slides Ltd is committed to ensuring that your privacy is protected. Should we ask

164 views • 4 slides
Security and Privacy of Blockchain Protocols and Applications Sergei Tikhomirov

Security and Privacy of Blockchain Protocols and Applications Sergei Tikhomirov

Security and Privacy of Blockchain Protocols and Applications Sergei Tikhomirov Esch-sur-Alzette, Luxembourg, 17 September 2020 Part 1 Introduction Problems with government-controlled money Unpredictable issuance Censorship and

763 views • 51 slides
The Usability, Security, and Privacy Limits of Blockchain J I B E . C O M P A N Y Codiax 2019

The Usability, Security, and Privacy Limits of Blockchain J I B E . C O M P A N Y Codiax 2019

The Usability, Security, and Privacy Limits of Blockchain J I B E . C O M P A N Y Codiax 2019 Hello! Im Joris van Rooij Software Architect at Jibe.Company From Eindhoven, the Netherlands J I B E . C O M P A N Y I like...

1.72k views • 144 slides
Cryptographic Tools for Privacy, Compliance &amp; Efficiency in Blockchain Applications Fernando

Cryptographic Tools for Privacy, Compliance &amp; Efficiency in Blockchain Applications Fernando

Cryptographic Tools for Privacy, Compliance &amp; Efficiency in Blockchain Applications Fernando Krell, PhD Columbia U. Lead Cryptography Engineer, Findora Public-Ledgers/Blockchains R 1:... R 2:... R 3:... R 4:... ... Append only Database

359 views • 34 slides
Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from powerful threats 2 3 Powerful Threats to User Privacy Organized Crime Nation-State Actors 4 Powerful Threats to User Privacy Gather

1.56k views • 104 slides
Introduction to Blockchain Technologies Sarah Azouvi (University College London) Privacy

Introduction to Blockchain Technologies Sarah Azouvi (University College London) Privacy

Introduction to Blockchain Technologies Sarah Azouvi (University College London) Privacy International Forum - 19/10/2017 1 Outline Outline How it works Outline How it works Privacy? Outline How it works Privacy? New applications

641 views • 62 slides
bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2

bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2

MAKE BLOCKCHAIN WORK FOR YOU bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2 Consensus 1 Encryption P2P Networks Time Stamp Challenges addressed by blockchain Regulatory and compliance pressures

669 views • 14 slides
A Security &amp; Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member,

A Security &amp; Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member,

Blockchain for Enterprise: A Security &amp; Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems Introduced in 2008

707 views • 23 slides
Should I Protect You? Understanding Developers Behavior to Privacy-Preserving APIs Shubham

Should I Protect You? Understanding Developers Behavior to Privacy-Preserving APIs Shubham

Should I Protect You? Understanding Developers Behavior to Privacy-Preserving APIs Shubham Jain and Janne Lindqvist Department of Electrical and Computer Engineering Rutgers University Workshop on Usable Security (USEC14) February 23,

230 views • 21 slides
Free Flow of Non-Personal Data A proposal for a key Regulation to support the data econom y

Free Flow of Non-Personal Data A proposal for a key Regulation to support the data econom y

Free Flow of Non-Personal Data A proposal for a key Regulation to support the data econom y Pearse ODonohue Director Future Netw orks, DG CONNECT EP I MCO 2 3 January 2 0 1 8 CONTEXT Free m ovem ent of data is essential for the

504 views • 6 slides
Why Wait?!? Kevin Curry &amp; Clara Mae Barnhart Do Now! Think of a student in academic

Why Wait?!? Kevin Curry &amp; Clara Mae Barnhart Do Now! Think of a student in academic

Why Wait?!? Kevin Curry &amp; Clara Mae Barnhart Do Now! Think of a student in academic difficulty that you recently advised who could have possibly avoided their issues if they had come in to see you earlier. Share your example with the person

613 views • 26 slides
Immutability, or Putting the Dream Machine to Work The trie memory scheme is ine ffi cient for

Immutability, or Putting the Dream Machine to Work The trie memory scheme is ine ffi cient for

Immutability, or Putting the Dream Machine to Work The trie memory scheme is ine ffi cient for small memories, but it be- comes increasingly e ffi cient in using available storage space as memory size increases. The attractive features of the

940 views • 60 slides
Retention LaTisha Davis and John Nelson-Hronek Undergraduate Advising Center (UAC) 126 &amp; 132

Retention LaTisha Davis and John Nelson-Hronek Undergraduate Advising Center (UAC) 126 &amp; 132

Advising Strategies for Student Persistence and Retention LaTisha Davis and John Nelson-Hronek Undergraduate Advising Center (UAC) 126 &amp; 132 Strong Hall (785) 864-2834 www.advising.ku.edu The UAC empowers all students to take ownership

182 views • 15 slides
Privacy and your data Christopher Scholefield Commercial Partner Lara Zambon Legal

Privacy and your data Christopher Scholefield Commercial Partner Lara Zambon Legal

Privacy &amp; your data Privacy and your data Christopher Scholefield Commercial Partner Lara Zambon Legal Assistant Privacy &amp; your data Data protection What are we talking about? What is personal data? Rights of the data

486 views • 19 slides
ANAL YST &amp; INVESTOR BRIEFING NOVEMBER 13, 2018 | 2:00 -3:30 Introduction MARC CABI VP,

ANAL YST &amp; INVESTOR BRIEFING NOVEMBER 13, 2018 | 2:00 -3:30 Introduction MARC CABI VP,

ANAL YST &amp; INVESTOR BRIEFING NOVEMBER 13, 2018 | 2:00 -3:30 Introduction MARC CABI VP, Strategy &amp; Head of Investor Relations Safe Harbor This presentation includes forward-looking statements,

552 views • 40 slides
TECHNICAL DRAWING TECHNIQUES ~ SKETCHING Susie Boreham SUMMER FOUNDATION 2013 Yujin Sung

TECHNICAL DRAWING TECHNIQUES ~ SKETCHING Susie Boreham SUMMER FOUNDATION 2013 Yujin Sung

TECHNICAL DRAWING TECHNIQUES ~ SKETCHING Susie Boreham SUMMER FOUNDATION 2013 Yujin Sung ORTHOGRAPHIC PROJECTS - PLAN SECTION ELEVATION Francis DK Ching ORTHOGRAPHIC PROJECTS - PLAN SECTION ELEVATION Durand - precis ORTHOGRAPHIC PROJECTS -

703 views • 24 slides
Pottsgrove Pottsgrove School District School District Enrollment Projection Study Enrollment

Pottsgrove Pottsgrove School District School District Enrollment Projection Study Enrollment

POTTSGROVE SCHOOL DISTRICT Pottsgrove Pottsgrove School District School District Enrollment Projection Study Enrollment Projection Study February 28, 2017 February 28, 2017 POTTSGROVE SCHOOL DISTRICT Future Think in operation for over 10

446 views • 30 slides

More recommend