decentralizing privacy using blockchain to protect
play

Decentralizing Privacy: Using Blockchain to Protect Personal Data - PowerPoint PPT Presentation

Jul 24, 2023 •433 likes •738 views

Decentralizing Privacy: Using Blockchain to Protect Personal Data Guy Zyskind , Oz Nathan, Alex Sandy Pentland Guy Zyskind Decentralizing Privacy: 2 Using Blockchain to Protect Personal Data The problem of

  1. Decentralizing Privacy: Using Blockchain to Protect Personal Data � � Guy Zyskind , Oz Nathan, Alex ‘Sandy’ Pentland � Guy Zyskind � Decentralizing Privacy: 2 � Using Blockchain to Protect Personal Data � �

  2. The problem of protecting personal data � Data are stored centrally (Trusted Third Party model): � User perspective: � • Security breaches : a single point of failure � • Users don’t own their data (lack of ownership ) � • Users can’t audit (lack of transparency ) � � Guy Zyskind � Decentralizing Privacy: 3 � Using Blockchain to Protect Personal Data � �

  3. The problem of protecting personal data � Data are stored centrally (Trusted Third Party model): � User perspective: � Service perspective: � • Security breaches : a single point of • Cost (compliancy, security audits, failure � Hiring CS PhDs…) � • Users don’t own their data (lack of • Brand reputation � ownership ) � • Simplicity � • Users can’t audit (lack of transparency ) � � � � Guy Zyskind � Decentralizing Privacy: 4 � Using Blockchain to Protect Personal Data � �

  4. General idea – A (verifiable) privacy-preserving decentralized cloud � Service � Service � blockchain Registry � Server � DHT DHT Guy Zyskind � Decentralizing Privacy: 5 � Using Blockchain to Protect Personal Data � �

  5. General idea – Simulate TTPs with a P2P network + blockchain � Eliminates trust. Decentralized: � • Access-control (Blockchain) � • Storage (DHT) � • Privacy-preserving Computations Service � (MPC) � Service � blockchain Registry � Server � DHT DHT Guy Zyskind � Decentralizing Privacy: 6 � Using Blockchain to Protect Personal Data � �

  6. A brief introduction to Bitcoin � • Proposed in 2008 in a paper by Satoshi Nakamoto (pseudonym). � • Enables parties to directly transfer a digital currency (Bitcoins) without a TTP (i.e., banks). � • Instead, a network of untrusted peers ensures the validity of all transactions. � • All correct transactions are publicly verifiable through a public ledger (the blockchain ). � Guy Zyskind � Decentralizing Privacy: 7 � Using Blockchain to Protect Personal Data � �

  7. How does Bitcoin work? In a nutshell .. � Goal: Construct a public time-stamped log of all valid transactions without using TTPs. � Guy Zyskind � Decentralizing Privacy: 8 � Using Blockchain to Protect Personal Data � �

  8. How does Bitcoin work? In a nutshell .. � Goal: Construct a public time-stamped log of all valid transactions without using TTPs. � How? Every ~10 minutes (expected time), reach a distributed consensus ensuring valid mempool (floating) transactions are grouped into a block. Then, append the block to the end of the chain. The blockchain is the desired public log. � Guy Zyskind � Decentralizing Privacy: 9 � Using Blockchain to Protect Personal Data � �

  9. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � Guy Zyskind � Decentralizing Privacy: 10 � Using Blockchain to Protect Personal Data � �

  10. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � • Collect mempool transactions (tx’s) and validate them. Construct block b m,t � Guy Zyskind � Decentralizing Privacy: 11 � Using Blockchain to Protect Personal Data � �

  11. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � • Collect mempool transactions (tx’s) and validate them. Construct block b m,t � • Attempt to solve a hard computational puzzle [ SHA-256(SHA-256(b m,t )) < target ]. � Guy Zyskind � Decentralizing Privacy: 12 � Using Blockchain to Protect Personal Data � �

  12. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � • Collect mempool transactions (tx’s) and validate them. Construct block b m,t � • Attempt to solve a hard computational puzzle [ SHA-256(SHA-256(b m,t )) < target ]. � • First miner to solve broadcasts the solution. All other miners independently validate the solution (work + all included transactions). If correct, they append it to their local copy of the blockchain. � Guy Zyskind � Decentralizing Privacy: 13 � Using Blockchain to Protect Personal Data � �

  13. Distributed consensus mechanism � Nakamoto consensus (AKA – Proof of Work): � For every round t and every miner m : � • Collect mempool transactions (tx’s) and validate them. Construct block b m,t � • Attempt to solve a hard computational puzzle [ SHA-256(SHA-256(b m,t )) < target ]. � • First miner to solve broadcasts the solution. All other miners independently validate the solution (work + all included transactions). If correct, they append it to their local copy of the blockchain. � • Solver receives newly minted coins and tx fees. � Guy Zyskind � Decentralizing Privacy: 14 � Using Blockchain to Protect Personal Data � �

  14. How are transactions deemed valid? Scripts! � • Every transaction is associated with a script (actually, every tx output is associated with a script called scriptPubKey). � • Nodes validate transactions by executing the script with the arguments given in the tx by the sender (most importantly – her sig). � • Can run arbitrary verifications – not just financial ( smart contracts ). � Guy Zyskind � Decentralizing Privacy: 15 � Using Blockchain to Protect Personal Data � �

  15. Our framework (Overview) � Goal: when a user installs a mobile app, she can control and audit what data are stored and how they are used. Access should be revokable. � � Guy Zyskind � Decentralizing Privacy: 16 � Using Blockchain to Protect Personal Data � �

  16. Our framework (Overview) � Goal: when a user installs a mobile app, she can control and audit what data are stored and how they are used. Access should be revokable. � Solution: Store access-policies to personal data on the blockchain. Then, let the blockchain nodes moderate access to a DHT. � approved? � read � read � service data � data � Guy Zyskind � Decentralizing Privacy: 17 � Using Blockchain to Protect Personal Data � �

  17. Sign up ( or user downloads the app) � (pk s,u , sk s,u ) � (pk u,s , sk u,s ) � • User u and service s each generate a signing key pair. � (enc) sk u,s � service • A symmetric encryption key is generated and shared over a secure channel. � • The user approves the list of permissions POLICY u,s � Blockchain • u sends T access (pk u,s, pk s,u, POLICY u,s ) to the blockchain. � • Also used for uninstall/modify. � Guy Zyskind � Decentralizing Privacy: 18 � Using Blockchain to Protect Personal Data � �

  18. Storing & loading data � Storing data: � • Send T data (E v ,’w’) . Nodes verify sig against policy. � write tx + enc. data � Blockchain • Set k=SHA-256(E u,s (v)) � key reference to the data � � � � (key stored on blockchain , � data stored on DHT ). � Guy Zyskind � Decentralizing Privacy: 19 � Using Blockchain to Protect Personal Data � �

  19. Storing & loading data � Storing data: � • Send T data (E v ,’w’) . Nodes verify sig against policy. � read tx + key � Blockchain service • Set k=SHA-256(E u,s (v)) � enc. data � Reading data: � � � • Send T data (k,’r’). Nodes verify sig � against policy. � iff approved � • Return v ß DHT[k] � Guy Zyskind � Decentralizing Privacy: 20 � Using Blockchain to Protect Personal Data � �

  20. Security and privacy analysis � • An adversary controlling any number of DHT nodes For ¡every ¡real ¡ ¡ cannot compromise privacy (because of encryption). � adversary ¡ A ¡ Guy Zyskind � Decentralizing Privacy: 21 � Using Blockchain to Protect Personal Data � �

  21. Security and privacy analysis � • An adversary controlling any number of DHT nodes For ¡every ¡real ¡ ¡ cannot compromise privacy (because of encryption). � adversary ¡ A ¡ • An adversary controlling less than 50% of the computational power of miners cannot compromise privacy or resiliency (Nakamoto consensus & forging digital signatures) � Guy Zyskind � Decentralizing Privacy: 22 � Using Blockchain to Protect Personal Data � �

  22. Security and privacy analysis � • An adversary controlling any number of DHT nodes For ¡every ¡real ¡ ¡ cannot compromise privacy (because of encryption). � adversary ¡ A ¡ • An adversary controlling less than 50% of the computational power of miners cannot compromise privacy or resiliency (Nakamoto consensus & forging digital signatures) � • An adversary controlling the service can learn as much as permissions allows, but traceable. An improved model follows. � Guy Zyskind � Decentralizing Privacy: 23 � Using Blockchain to Protect Personal Data � �

Recommend

Blockchain and GDPR Blockstack Decentralizing the World Tour, December 18, 2018, Prague Jrn

Blockchain and GDPR Blockstack Decentralizing the World Tour, December 18, 2018, Prague Jrn

Blockchain and GDPR Blockstack Decentralizing the World Tour, December 18, 2018, Prague Jrn Erbguth, Dipl.-Inf., Dipl.-Jur. Consultant Legal Tech, Blockchain, Smart Contracts and Data Protection joern@erbguth.ch +41 787256027 GDPR vs.

964 views • 42 slides
Welcome to the Blockchain! Jeffrey D. Neuburger Wai Choy June 20, 2017 1 The Underlying

Welcome to the Blockchain! Jeffrey D. Neuburger Wai Choy June 20, 2017 1 The Underlying

Welcome to the Blockchain! Jeffrey D. Neuburger Wai Choy June 20, 2017 1 The Underlying Technology: Blockchain. Bitcoin and Blockchain have diverged over the past two years. To help protect your privacy, PowerPoint has blocked automatic

1.16k views • 66 slides
Anonymity &amp; Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity &amp; Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity &amp; Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy. College Bescherming Persoonsgegevens (CBP) What is privacy? Users must be able to determine for themselves when, how, to what extent and

798 views • 45 slides
Blockchain, GDPR &amp; cryptography zkSNARKs for scaling and privacy. Alexandre Poltorak

Blockchain, GDPR &amp; cryptography zkSNARKs for scaling and privacy. Alexandre Poltorak

Blockchain, GDPR &amp; cryptography zkSNARKs for scaling and privacy. Alexandre Poltorak Blockchain, Sustainable Development and Privacy 26-27 November 2019 Berlin, Germany The problem with GDPR and blockchains : Bitcoin &amp; Privacy

395 views • 7 slides
S &amp; P SECURITY &amp; PRIVACY GROUP Security and Privacy for Payment Channel Networks

S &amp; P SECURITY &amp; PRIVACY GROUP Security and Privacy for Payment Channel Networks

FAKULTT FR !NFORMATIK Faculty of Informatics S &amp; P SECURITY &amp; PRIVACY GROUP Security and Privacy for Payment Channel Networks Pedro Moreno-Sanchez Blockchain Summer School BDLT19 Vienna, Sep 2nd 2019 Blockchain Research

1.41k views • 73 slides
Blockchain Privacy Preserving Techniques XU Cheng &lt; chengxu@comp.hkbu.edu.hk &gt; October 12,

Blockchain Privacy Preserving Techniques XU Cheng &lt; chengxu@comp.hkbu.edu.hk &gt; October 12,

Blockchain Privacy Preserving Techniques XU Cheng &lt; chengxu@comp.hkbu.edu.hk &gt; October 12, 2019 @ NDBC 2019 Department of Computer Science, Hong Kong Baptist University Blockchain Technology Blockchain: Append-only data structure

1.15k views • 52 slides
Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts Yashar Dehkan

Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts Yashar Dehkan

Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts Yashar Dehkan Asl Chapter I Introduction Decentralized Cryptocurrencies: Such as Bitcoin and altcoins are getting more popular Blockchain Technology: These

734 views • 26 slides
Privacy Policy This privacy policy sets out how the Talking Slides Ltd websites use and protect

Privacy Policy This privacy policy sets out how the Talking Slides Ltd websites use and protect

Privacy Policy This privacy policy sets out how the Talking Slides Ltd websites use and protect any information that you provide when you use this website. Talking Slides Ltd is committed to ensuring that your privacy is protected. Should we ask

164 views • 4 slides
Security and Privacy of Blockchain Protocols and Applications Sergei Tikhomirov

Security and Privacy of Blockchain Protocols and Applications Sergei Tikhomirov

Security and Privacy of Blockchain Protocols and Applications Sergei Tikhomirov Esch-sur-Alzette, Luxembourg, 17 September 2020 Part 1 Introduction Problems with government-controlled money Unpredictable issuance Censorship and

763 views • 51 slides
The Usability, Security, and Privacy Limits of Blockchain J I B E . C O M P A N Y Codiax 2019

The Usability, Security, and Privacy Limits of Blockchain J I B E . C O M P A N Y Codiax 2019

The Usability, Security, and Privacy Limits of Blockchain J I B E . C O M P A N Y Codiax 2019 Hello! Im Joris van Rooij Software Architect at Jibe.Company From Eindhoven, the Netherlands J I B E . C O M P A N Y I like...

1.72k views • 144 slides
Cryptographic Tools for Privacy, Compliance &amp; Efficiency in Blockchain Applications Fernando

Cryptographic Tools for Privacy, Compliance &amp; Efficiency in Blockchain Applications Fernando

Cryptographic Tools for Privacy, Compliance &amp; Efficiency in Blockchain Applications Fernando Krell, PhD Columbia U. Lead Cryptography Engineer, Findora Public-Ledgers/Blockchains R 1:... R 2:... R 3:... R 4:... ... Append only Database

359 views • 34 slides
Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from powerful threats 2 3 Powerful Threats to User Privacy Organized Crime Nation-State Actors 4 Powerful Threats to User Privacy Gather

1.56k views • 104 slides
Introduction to Blockchain Technologies Sarah Azouvi (University College London) Privacy

Introduction to Blockchain Technologies Sarah Azouvi (University College London) Privacy

Introduction to Blockchain Technologies Sarah Azouvi (University College London) Privacy International Forum - 19/10/2017 1 Outline Outline How it works Outline How it works Privacy? Outline How it works Privacy? New applications

641 views • 62 slides
bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2

bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2

MAKE BLOCKCHAIN WORK FOR YOU bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2 Consensus 1 Encryption P2P Networks Time Stamp Challenges addressed by blockchain Regulatory and compliance pressures

669 views • 14 slides
A Security &amp; Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member,

A Security &amp; Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member,

Blockchain for Enterprise: A Security &amp; Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems Introduced in 2008

707 views • 23 slides
Should I Protect You? Understanding Developers Behavior to Privacy-Preserving APIs Shubham

Should I Protect You? Understanding Developers Behavior to Privacy-Preserving APIs Shubham

Should I Protect You? Understanding Developers Behavior to Privacy-Preserving APIs Shubham Jain and Janne Lindqvist Department of Electrical and Computer Engineering Rutgers University Workshop on Usable Security (USEC14) February 23,

230 views • 21 slides
How ( not ) to protect genomic data privacy in a distributed network: using trail re - identi fi

How ( not ) to protect genomic data privacy in a distributed network: using trail re - identi fi

How ( not ) to protect genomic data privacy in a distributed network: using trail re - identi fi cation to evaluate and design anonymity protection systems Bradley Malin and Latanya Sweeney, Carnegie Mellon University Journal of Biomedical

381 views • 20 slides
Solidus Blockchain Ethan Cecchetti March 26, 2017 Blockchains Blockchain Blockchain

Solidus Blockchain Ethan Cecchetti March 26, 2017 Blockchains Blockchain Blockchain

Solidus Blockchain Ethan Cecchetti March 26, 2017 Blockchains Blockchain Blockchain blockchain blockchain blockchain Blockchain blockchain blockchain Blockchain Blockchain (blockchain) Blockchain blockchain, blockchain

470 views • 12 slides
Blockchain and Distributed Ledgers Blockchain allows mul/ple compe/ng par/es

Blockchain and Distributed Ledgers Blockchain allows mul/ple compe/ng par/es

State of Blockchain at LF Christopher Ferris, CTO Open Technology, IBM Blockchain and Distributed Ledgers Blockchain allows mul/ple compe/ng par/es to securely interact with the same universal

567 views • 31 slides
When Does Randomization Fail to Protect Privacy? Wenliang (Kevin) Du Department of EECS,

When Does Randomization Fail to Protect Privacy? Wenliang (Kevin) Du Department of EECS,

When Does Randomization Fail to Protect Privacy? Wenliang (Kevin) Du Department of EECS, Syracuse University 1 Random Perturbation Agrawal and Srikants SIGMOD paper. Y = X + R Original Data X Random Noise R Disguised Data Y + 2

500 views • 22 slides
Blockchain &amp; Banking Ahmed A. Mansour MBA, PMP, ITIL, TOGAF, FL23, Blockchain Expert Who

Blockchain &amp; Banking Ahmed A. Mansour MBA, PMP, ITIL, TOGAF, FL23, Blockchain Expert Who

Blockchain &amp; Banking Ahmed A. Mansour MBA, PMP, ITIL, TOGAF, FL23, Blockchain Expert Who thinks blockchain is the future of banking? Who can explain what blockchain is? Blockchain in Banking 2 Blockchain Key Elements Smart Ledger

517 views • 20 slides
Bitcoin, Blockchain and the Internet of Value Veronika Ktt Frankfurt School Blockchain Center

Bitcoin, Blockchain and the Internet of Value Veronika Ktt Frankfurt School Blockchain Center

Bitcoin, Blockchain and the Internet of Value Veronika Ktt Frankfurt School Blockchain Center E-Mail: veronika.kuett@fs-blockchain.de Internet: www.fs-blockchain.de About FSBC Our Portfolio Research 1 Foster understanding of blockchain

688 views • 24 slides
Welcome to the Government Blockchain Association (GBA) Meet Up May 15 th , 2017 Blockchain

Welcome to the Government Blockchain Association (GBA) Meet Up May 15 th , 2017 Blockchain

Welcome to the Government Blockchain Association (GBA) Meet Up May 15 th , 2017 Blockchain for Homeland Security, Defense and Law Enforcement Agenda Brief Review What is blockchain and why is it important? What are the defining

795 views • 31 slides
Lightning Introductions PRIVACY ENABLING DESIGN May 7-8, 2015 Brian Anderson / IBM Where does

Lightning Introductions PRIVACY ENABLING DESIGN May 7-8, 2015 Brian Anderson / IBM Where does

Lightning Introductions PRIVACY ENABLING DESIGN May 7-8, 2015 Brian Anderson / IBM Where does privacy end and security begin? What are the responsibilities of an organization to protect their assets while balancing the privacy of those who

980 views • 52 slides

More recommend