pixek
play

Pixek Seny Kamara,Tarik Moataz, Martin Zhu 1 2 9,198,580,293* 4% - PowerPoint PPT Presentation

Feb 24, 2024 •246 likes •681 views

Pixek Seny Kamara,Tarik Moataz, Martin Zhu 1 2 9,198,580,293* 4% * since 2013 3 Why so Few? Incompetence? Lazyness? Cost? because it would have hurt Yahoos ability to index and search message data J. Bonforte in NY

  1. Pixek Seny Kamara,Tarik Moataz, Martin Zhu 1

  2. 2

  3. 9,198,580,293* 4% * since 2013 3

  4. Why so Few? Incompetence? Lazyness? Cost? “…because it would have hurt Yahoo’s ability to index and search message data…” — J. Bonforte in NY Times 4

  5. Q : can we search on encrypted data? 5

  6. Encrypted Search (Building Blocks) Property-Preserving Functional Structured Encryption (PPE) Encryption Encryption (STE) Oblivious RAM Fully-Homomorphic (ORAM) Encryption (FHE) 6

  7. Efficiency Functionality Leakage 7

  8. Evolution from 2001-2018 Structured Encryption Oblivious RAM Property- (STE) (ORAM) Preserving Encryption (PPE) ‘01 SSE ‘96 ORAM ‘06 Efficient SSE ‘06 DET ‘10 STE ‘12 Tree-based ‘09 OPE ORAM ’12 IKK attacks ‘11 OPE proofs ‘13 Path ORAM; 
 CS2 ’12 ObliviStore ‘12 CryptDB Boolean SSE ’13 ‘16 Obliv P2P; TaoStore ‘15 MS Always Enc ’14 OSPIR; BlindSeer ‘16 KKNO ‘15 NKW attacks ’16 Clusion; OpenSSE attacks ‘16 ’17 SQL Snapshot PPE 8

  9. Structured Encryption tk utk 9

  10. Would Encryption Even Prevent Breaches? 10

  11. Q : can encrypted search be deployed? 11

  12. Why Isn’t Encrypted Search Deployed? 12

  13. Tarik Martin 13

  14. End-to-End Encryption messaging video 14

  15. Digital Photos - 1.2 Trillion (2017) 85% 10.3% 4.7% 15

  16. Photo Collections Sentimental Large Private value Cloud Encryption 16

  17. Celebgate (2014) • Edward Majerczyk • hacked 30 Gmail & iCloud accounts • 500 private photos leaked including of many celebrities 17

  18. 18

  19. 19

  20. 20

  21. 21

  22. Pixek End-to-end encrypted camera app

  23. 23

  24. Building Blocks Clusion 
 open source (GPLv3) encrypted search library from Brown ESL 
 pibase, pidyn, 2Lev, ZMF, IEX-2Lev, IEX-ZMF 
 coming: DLS, SPX, REX, PBS TensorFlow Mobile 
 open source machine learning from Google 
 pre-trained model Geomobile 
 open source geolocation 24

  25. Lamp/Bear 23’x21’x24’ 25

  26. Pixek Client EC2+S3 downsampling bear lamp Providence, RI Brown U. TensorFlow bear lamp Providence, RI Brown U. utk utk utk utk 26

  27. EC2+S3 Pixek Client Bear tk 27

  28. What I Didn’t Cover • Caching • Crash recovery • Password recovery • Multi-device • Local mode 28

  29. Pixek v0.1.0 (Current) • Tags & photos are streamed • Encrypted structure needs forward-privacy • Published state-of-the-art • Sophos [Bost16] • Diana [Bost-Minaud-Ohrimenko17] • New scheme • pidyn [Cash-Jaeger-Jarecki-Jutla-Krawczyk-Rosu-Steiner14] • no public-key operations • no constrained PRFs 29

  30. 
 Background: Data Structures • DXs map labels to values 
 • MMs map labels to tuples 
 Multi-map MM Dictionary DX id 1 w 1 id 1 id 3 id 4 w 1 id 3 w 2 id 3 w 2 id 2 w 3 id 2 id 4 w 3 • Get: MM[w 3 ] returns (id 2 , id 4 ) • Get: DX[w 3 ] returns id 2 30

  31. Setup π dyn [CJJJKRS’14] EMM EMM.Setup 1 k , , EMM MM 31

  32. Setup π dyn [CJJJKRS’14] En crypted MM F Kw1 (1) id 1 F Kw1 (2) id 3 Multi-map MM F Kw1 (3) id 4 EMM.Setup 1 k , , w 1 id 1 id 3 id 4 F Kw2 (1) id 3 w 2 l 2 id 3 w 3 id 2 id 4 F Kw3 (1) id 2 F Kw3 (2) id 4 * PRF and Enc keys are different but derived from w i 32

  33. Get π dyn [CJJJKRS’14] w i = K w1 , EMM K w1 EMM.Get id 1 id 3 id 4 , DX 1. DX.Get F Kw1 (1) id 1 , DX 2. DX.Get F Kw1 (2) id 3 , DX 3. DX.Get F Kw1 (3) id 4 , DX 4. DX.Get ⊥ F Kw1 (4) 33

  34. Get π dyn [CJJJKRS’14] , DX Dictionary DX F Kw1 (1) 1. DX.Get id 1 F Kw1 (1) id 1 , F Kw1 (2) id 3 DX F Kw1 (2) 2. DX.Get id 3 = F Kw1 (3) id 4 , K w1 EMM.Get , DX F Kw2 (1) id 3 F Kw1 (3) 3. DX.Get id 4 F Kw3 (1) id 2 , F Kw3 (2) id 4 DX ⊥ F Kw1 ( 4 ) 4. DX.Get 34

  35. Edit + π dyn [CJJJKRS’14] , F Kw1 (4) id 9 EMM EMM EMM.Edit + , DX DX 1. DX.Put 35

  36. Edit + π dyn [CJJJKRS’14] Dictionary DX Dictionary DX F Kw1 (1) id 1 F Kw1 (1) id 1 F Kw1 (2) id 3 F Kw1 (2) id 3 F Kw1 (3) id 4 F Kw1 (3) id 4 , EMM.Edit + F Kw1 (4) id 9 F Kw1 (4) id 9 F Kw2 (1) id 3 F Kw2 (1) id 3 F Kw3 (1) id 2 F Kw3 (1) id 2 F Kw3 (2) id 4 id 4 F Kw3 (2) 36

  37. Forward-Private π dyn • Why is not forward-private? π dyn • new pairs encrypted under same key used for search, • K wi := F K (w i ||1) • so previously searched w’s can be linked to new pairs • Making forward-private π dyn • use keys with version number that rotates at each update • K wi := F K (w i ||version||1) • To search send keys for all versions • F K (w i ||version1||1), …, F K (w i ||version8||1) 37

  38. Forward-Private π dyn • Search complexity • optimal O(#MM[w]) • Token size • non-optimal O(#MM[w]) • new technique makes it O(1) (not implemented yet) 38

  39. Leakage • Search pattern • we see if a query is repeated • ex: if you search for “bear” 3x, we see you searched for ? 3x • Access pattern • we see which encrypted photo matched your query • ex: if you search for “bear”, we see which encrypted photos match query • What are the consequences of this leakage? • To see your photos we have to break AES • To learn about your queries we have to know/guess > 90% of your tags 
 & know the occurrence of each tag 39

  40. 40

  41. Testers & Feedback • Only available on Android • Let us know @pixekapp if you want access 41

  42. pixek.io @pixekapp

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

2 Unit Bridging Course Day 10 Circular Functions III The cosine function, identities and

2 Unit Bridging Course Day 10 Circular Functions III The cosine function, identities and

2 Unit Bridging Course Day 10 Circular Functions III The cosine function, identities and derivatives Clinton Boys 1 / 31 The cosine function The cosine function, abbreviated to cos, is very similar to the sine function. In fact, the

347 views • 31 slides
Neural Networks and Backpropagation Neural Net Readings: Matt Gormley Murphy

Neural Networks and Backpropagation Neural Net Readings: Matt Gormley Murphy

10-601 Introduction to Machine Learning Machine Learning Department School of Computer Science Carnegie Mellon University Neural Networks and Backpropagation Neural Net Readings: Matt Gormley Murphy

1.2k views • 77 slides
Preparation toward perverse sheaves Alright. Now let us assume that D X has all the properties

Preparation toward perverse sheaves Alright. Now let us assume that D X has all the properties

Biduality Let X be a complex variety. Recall that D ( X ) is the full subcategory of D b (Sh Q ( X )) of constructible sheaves. We claim that D X D X = id D ( X ) on X and Cheng-Chiang tried to give a proof and failed miserably. Let me

273 views • 5 slides
Chapter 2, Part 1 FIRST ORDER EQUATIONS F ( x, y, y ) = 0 The equation Basic assumption: y

Chapter 2, Part 1 FIRST ORDER EQUATIONS F ( x, y, y ) = 0 The equation Basic assumption: y

Chapter 2, Part 1 FIRST ORDER EQUATIONS F ( x, y, y ) = 0 The equation Basic assumption: y ; can be solved for that is, the equation can be written in the form y = f ( x, y ) (1) 1 Assumed Background Material: Techniques of

575 views • 45 slides
Lecture 3.2: Computing Fourier series and exploiting symmetry Matthew Macauley Department of

Lecture 3.2: Computing Fourier series and exploiting symmetry Matthew Macauley Department of

Lecture 3.2: Computing Fourier series and exploiting symmetry Matthew Macauley Department of Mathematical Sciences Clemson University http://www.math.clemson.edu/~macaule/ Math 4340, Advanced Engineering Mathematics M. Macauley (Clemson)

204 views • 8 slides
Lecture 17 : Double Integrals 0/ 15 Some of you have not learned how to do double integrals. In

Lecture 17 : Double Integrals 0/ 15 Some of you have not learned how to do double integrals. In

Lecture 17 : Double Integrals 0/ 15 Some of you have not learned how to do double integrals. In this course you will need to do double integrals over rectangles and I will now explain how to do such calculations. Partial (Indefinite)

389 views • 16 slides
The Nearest Neighbor Information Estimator is Adaptively Near Minimax Rate-Optimal Jiantao Jiao

The Nearest Neighbor Information Estimator is Adaptively Near Minimax Rate-Optimal Jiantao Jiao

The Nearest Neighbor Information Estimator is Adaptively Near Minimax Rate-Optimal Jiantao Jiao Berkeley EECS Weihao Gao UIUC ECE Yanjun Han Stanford EE NIPS 2018, Montr eal, Canada The Nearest Neighbor Information Estimator is

395 views • 23 slides
Weaving Generic Programming and Traversal Performance Bryan Chadwick and Karl Lieberherr AOSD

Weaving Generic Programming and Traversal Performance Bryan Chadwick and Karl Lieberherr AOSD

Weaving Generic Programming and Traversal Performance Bryan Chadwick and Karl Lieberherr AOSD 10 March 17 th 2010 1 The Problem We write programs with... Rich, mutually recursive datatypes Possibly shifting/changing structures What

613 views • 47 slides
Antiderivatives Definition 1 (Antiderivative) . If F ( x ) = f ( x ) we call F an antideriv-

Antiderivatives Definition 1 (Antiderivative) . If F ( x ) = f ( x ) we call F an antideriv-

Antiderivatives Definition 1 (Antiderivative) . If F ( x ) = f ( x ) we call F an antideriv- ative of f . Definition 2 (Indefinite Integral) . If F is an antiderivative of f , then f ( x ) dx = F ( x ) + c is called the (general) Indefinite

257 views • 4 slides
Numerical Integration Numerical Integration 1 / 11 Objective b Approximate f ( x ) dx a

Numerical Integration Numerical Integration 1 / 11 Objective b Approximate f ( x ) dx a

Numerical Integration Numerical Integration 1 / 11 Objective b Approximate f ( x ) dx a Numerical Integration 2 / 11 Objective b Approximate f ( x ) dx a A jog down Calc I/II lane The integral is the area under the curve, i.e

702 views • 26 slides
Periods Numerical computation and applications Pierre Lairez Inria Saclay Sminaire de

Periods Numerical computation and applications Pierre Lairez Inria Saclay Sminaire de

Periods Numerical computation and applications Pierre Lairez Inria Saclay Sminaire de lancement ANR De rerum natura 24 fvrier 2020, Palaiseau What is a period? A period is the integral on a closed path of a rational function in one

1.28k views • 83 slides
Limits involving ln( x ) We can use the rules of logarithms given above to derive the following

Limits involving ln( x ) We can use the rules of logarithms given above to derive the following

Limits involving ln( x ) We can use the rules of logarithms given above to derive the following information about limits. x ln x = , lim x 0 ln x = . lim We saw the last day that ln 2 > 1 / 2. Using the rules of

176 views • 6 slides
Blow-up by aggregation in chemotaxis Manuel del Pino University of Bath Singular problems

Blow-up by aggregation in chemotaxis Manuel del Pino University of Bath Singular problems

Blow-up by aggregation in chemotaxis Manuel del Pino University of Bath Singular problems associated to quasilinear equations, In honor of Marie Fran coise Bidaut-V eron and Laurent V eron June 2nd, 2020 The Keller-Segel system in R 2

638 views • 41 slides
Stationary particle Systems Kaspar Stucki (joint work with Ilya Molchanov) University of Bern

Stationary particle Systems Kaspar Stucki (joint work with Ilya Molchanov) University of Bern

Stationary particle Systems Kaspar Stucki (joint work with Ilya Molchanov) University of Bern 5.9 2011 Introduction Poisson process Definition Let be a Radon measure on R p . A Poisson process is a random point measure on R d satisfying

382 views • 20 slides
Continuous Random Variables Recall that when a random variable takes values in an entire interval,

Continuous Random Variables Recall that when a random variable takes values in an entire interval,

ST 370 Probability and Statistics for Engineers Continuous Random Variables Recall that when a random variable takes values in an entire interval, the variable is called continuous . Example: Flash unit recharge time The time that a flash unit

430 views • 19 slides
Physics 2D Lecture Slides Lecture 26: March 2nd 2005 Vivek Sharma UCSD Physics Measurement

Physics 2D Lecture Slides Lecture 26: March 2nd 2005 Vivek Sharma UCSD Physics Measurement

Physics 2D Lecture Slides Lecture 26: March 2nd 2005 Vivek Sharma UCSD Physics Measurement Expectation: Statistics Lesson Ensemble & probable outcome of a single measurement or the average outcome of a large # of measurements n

337 views • 10 slides
Chapter Theorem limit Central I : tasting characterizations of weak convergence of equivalent

Chapter Theorem limit Central I : tasting characterizations of weak convergence of equivalent

Chapter Theorem limit Central I : tasting characterizations of weak convergence of equivalent Proof of distribution distribution follows theme conveyance of Observation : weak expectation interact with limits : of how IE ( " 7 Xn

522 views • 16 slides
COVI D-19 Upda te E pi (tiny bit), c linic al manife statio ns, diagno stic s, tre atme nt,

COVI D-19 Upda te E pi (tiny bit), c linic al manife statio ns, diagno stic s, tre atme nt,

COVI D-19 Upda te E pi (tiny bit), c linic al manife statio ns, diagno stic s, tre atme nt, & pre ve ntio n Bria n Sc hwa rtz, MD Pro fe sso r o f Me dic ine UCSF , Divisio n o f I nfe c tio n Dise a se s Outline E pi upda te

378 views • 19 slides
Steins method for normal approximation of linear statistics of beta-ensembles Gaultier Lambert

Steins method for normal approximation of linear statistics of beta-ensembles Gaultier Lambert

Steins method for normal approximation of linear statistics of beta-ensembles Gaultier Lambert (joint work with Michel Ledoux and Christian Webb) UZH University of Z urich Stein Method 1 Normal approximation for Gibbs measures 2

1.11k views • 54 slides
Energy Graphs F ( x ) = dU ( x ) dx 1 Block-Spring System 2 Homework Set 13 - Due Mon.

Energy Graphs F ( x ) = dU ( x ) dx 1 Block-Spring System 2 Homework Set 13 - Due Mon.

Energy Graphs F ( x ) = dU ( x ) dx 1 Block-Spring System 2 Homework Set 13 - Due Mon. Oct. 11 Read Sections 7.3-7.4 & 7.7 Answer Questions 7.7 & 7.10 Do Problems 7.13, 7.16, 7.21 7.27 & 7.36 3

390 views • 3 slides
Conjugate Priors: Beta and Normal; Choosing Priors 18.05 Spring 2014 Jeremy Orloff and Jonathan

Conjugate Priors: Beta and Normal; Choosing Priors 18.05 Spring 2014 Jeremy Orloff and Jonathan

Conjugate Priors: Beta and Normal; Choosing Priors 18.05 Spring 2014 Jeremy Orloff and Jonathan Bloom Review: Continuous priors, discrete data Bent coin: unknown probability of heads. Prior f ( ) = 2 on [0,1]. Data: heads on one toss.

549 views • 26 slides
Gradient Descent: The Ultimate Optimizer Erik Meijer @headinthebox Copenhagen Denmark We all

Gradient Descent: The Ultimate Optimizer Erik Meijer @headinthebox Copenhagen Denmark We all

Gradient Descent: The Ultimate Optimizer Erik Meijer @headinthebox Copenhagen Denmark We all want to write cool apps like this ... Software 1.0 Augustin-Louis Cauchy 1789 -1857 What if we feed the examples/tests to a mathematician

1.12k views • 85 slides
Separable Differential Equations Bernd Schr oder logo1 Bernd Schr oder Louisiana Tech

Separable Differential Equations Bernd Schr oder logo1 Bernd Schr oder Louisiana Tech

Definition An Example Double Check Separable Differential Equations Bernd Schr oder logo1 Bernd Schr oder Louisiana Tech University, College of Engineering and Science Separable Differential Equations Definition An Example Double

708 views • 33 slides
12. The Gradient and directional derivatives We have d f dx dy dz dt = f x dt + f y dt + f z

12. The Gradient and directional derivatives We have d f dx dy dz dt = f x dt + f y dt + f z

12. The Gradient and directional derivatives We have d f dx dy dz dt = f x dt + f y dt + f z dt . We can rewrite this as f v ( t ) , where v = d r + f z + z ( t ) f = f x + f y k and dt =

314 views • 4 slides

More recommend