Privacy-Friendly Checking of Remote Token Blacklists
Consulting a remote blacklist as part of verifying a token should not come at the cost of privacy. In particular, the blacklist provider should be unable to identify which tokens are being verified. The contents of the blacklist should also be protected; that is, it should not be possible to learn the contents of the blacklist, for example by querying the blacklist provider a large number of times. This paper defines a range of desirable properties for privacy preserving blacklist checking protocols, and surveys existing technical solutions to this problem. We propose adaptations where appropriate, and provide concrete performance estimates for the use case of checking whether or not a passport has been reported lost or stolen.
- 1.Yearly Report on Algorithms and Keysizes (2011), D.SPA.17 Rev. 1.0. Technical report, ICT-2007-216676 ECRYPT II (June 2011)Google Scholar
- 2.Chor, B., Gilboa, N., Naor, M.: Private information retrieval by keywords. Cryptology ePrint Archive, Report 1998/003 (1998), http://eprint.iacr.org/
- 6.De Cristofaro, E., Tsudik, G.: On the performance of certain private set intersection protocols. Cryptology ePrint Report 2012/054 (2012), http://eprint.iacr.org/
- 10.Huang, Y., Evans, D., Katz, J.: Private set intersection: Are garbled circuits better than custom protocols? In: Proceedings of the NDSS 2012. IEEE (2012)Google Scholar
- 11.International Civil Aviation Organization. Document 9303, vol. 2, pt. 1 (2006)Google Scholar
- 12.Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Motiwalla, J., Tsudik, G. (eds.) CCS 1999, Proceedings of the 6th ACM Conference on Computer and Communications Security, Singapore, November 1-4, pp. 28–36 (1999)Google Scholar