This Article 
 Bibliographic References 
 Add to: 
Some Like It Private: Sharing Confidential Information Based on Oblivious Authorization
July/August 2010 (vol. 8 no. 4)
pp. 18-24
Emiliano De Cristofaro, University of California, Irvine, Irvine
Jihye Kim, Seoul National University,,
The use of sensitive electronic information has skyrocketed in recent years, especially, in critical settings, such as law enforcement and national intelligence. To reconcile legitimate needs for sensitive information and related privacy concerns, appropriate privacy-preserving mechanisms need to be carefully designed and enforced. In this article, we explore the concept of Privacy preserving Policy-based Information Transfer (PPIT) to allow entities who lack mutual trust to share sensitive information. We describe two efficient PPIT constructs, discuss their security and present some experimental results. Finally, we propose an innovative construct that allows entities to efficiently verify the equality of their information.

1. W. Diffie and M. Hellman, "New Directions in Cryptography," IEEE Trans. Information Theory, vol. 22, no. 6, 1976, pp. 644–654.
2. R. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Comm. ACM, vol. 21, no. 2, 1978, pp. 120–126.
3. D. Boneh and M.K. Franklin, "Identity-Based Encryption from the Weil Pairing," SIAM J. Computing, vol. 32, no. 3, 2003, pp. 213–229.
4. E. De Cristofaro et al., "Privacy-Preserving Policy-Based Information Transfer," Proc. Privacy Enhancing Technology Conf. (PETS 09), LNCS, Springer, 2009, pp. 164–184.
5. N. Li, W. Du, and D. Boneh, "Oblivious Signature-Based Envelope," Distributed Computing, vol. 17, no. 4, 2005, pp. 293–302.
6. D. Boneh et al., "Public-Key Encryption with Keyword Search, Proc. Int'l Conf. Theory and Applications of Cryptographic Techniques (Eurocrypt 04), LNCS 3027, Springer, 2004, pp. 506–522.
7. J. Camenisch et al., "Blind and Anonymous Identity-Based Encryption and Authorized Private Searches on Public Key Encrypted Data," Proc. Int'l Conf. Practice and Theory in Public Key Cryptography (PKC 09), LNCS 5443, Springer, 2009, pp. 196–214.
8. E. De Cristofaro and G. Tsudik, "Practical Private Set Intersection Protocols with Linear Complexity," to appear in Proc. Int'l Conf. Financial Cryptography and Data Security, 2010.
9. C. Gentry and Z. Ramzan, "Single-Database Private Information Retrieval with Constant Communication Rate," Proc. Int'l Colloquium Automata, Languages, and Programming (ICALP 05), LNCS 3580, Springer, 2005, pp. 803–815.
10. R. Sion and B. Carbunar, "On the Computational Practicality of Private Information Retrieval," Proc. International Colloquium on Automata, Languages, and Programming (NDSS 07), Internet Soc., 2007.

Index Terms:
Privacy, Secure Systems,
Emiliano De Cristofaro, Jihye Kim, "Some Like It Private: Sharing Confidential Information Based on Oblivious Authorization," IEEE Security & Privacy, vol. 8, no. 4, pp. 18-24, July-Aug. 2010, doi:10.1109/MSP.2010.91
Usage of this product signifies your acceptance of the Terms of Use.