[CSE Special Seminar] Scalable privacy: Protecting users in the age of mass-surveillance
호스트: 전병곤 교수
As the world becomes more connected, privacy is becoming harder to maintain. From social media services to Internet service providers to state-sponsored mass-surveillance programs, many outlets collect sensitive information about the users and the communication between them -- often without the users ever knowing about it. As a result, there have been many works on secure communication that use end-to-end encryption to protect the content of the communication, like Signal and Let's Encrypt. Unfortunately, these works do little to hide the metadata of the communication (such as when and with whom a user is communicating) and provides little privacy when one of the end points is compromised.
In this talk, I will focus on two questions related to these issues, and our efforts to answer them. First, can we protect users' identities and the communication metadata against strong adversaries? To this end, I will present Atom, a scalable anonymous communication network with strong anonymity properties. Atom allows its users to anonymously send messages, and protects the senders' identities against powerful adversaries even when they compromise the recipients of the messages. Unlike most existing systems with similar guarantees, Atom is able to scale easily to more users by simply adding more servers to the network. Second, can we establish reputations online while preserving users' privacy? Here, I will present our ongoing work on building a private reviewing system called Beaver. Traditional reviewing systems (e.g., E-commerce websites like eBay or Amazon, or reviewing services like Yelp) lack privacy for the reviewers, meaning that the reviews can be easily traced back to their reviewers. This often results in undesirable dynamics between the reviewer and the reviewee, where the reviewee is motivated to incentivize or coerce the reviewer to leave a good review instead of an honest one. In Beaver, we provide a mechanism to compute aggregate statistics (like the average and histogram) of all the reviews without ever revealing individual reviews. Finally, I will discuss Sybil attacks which are common to both secure reviewing systems and distributed ledgers (e.g., blockchains for cryptocurrencies), and how we can mitigate this attack using energy efficient proof-of-space.
Albert Kwon is a fifth year student at MIT working with Srini Devadas. He is broadly interested in applied cryptography, and he likes to design and implement systems that can enhance users' privacy. His primary focus has been anonymity and anonymous communication systems.