Abstract
This chapter begins the examination of techniques that are designed to limit disclosure (rather than exposure). In particular, it focuses on technologies that limit disclosure by hiding the identity of the user. The chapter describes the following example PETs in this category: k-anonymity and credential systems. The basic scheme, enhancements, strengths, and limitations are presented for each of these PETs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
C. Adams, Achieving non-transferability in credential systems using hidden biometrics. Secur. Commun. Netw. 4(2), 195–206 (2011, Feb)
C. Aggarwal, On k-anonymity and the curse of dimensionality, in Proceedings of the 31st Conference on Very Large Databases, (Trondheim, Norway, 2005, Aug), pp. 901–909
G. Aggarwal, T. Feder, K. Kenthapadi, R. Motwani, R. Panigrahy, D. Thomas, A. Zhu, Anonymizing tables, in Proceedings of the International Conference on Database Theory, (Springer LNCS 3363, 2005, Jan 5–7), pp. 246–258
J. Ali, Validating Leaked Passwords with k-Anonymity. Cloudfare blog (2018)
O. Angiuli, J. Waldo, Statistical tradeoffs between generalization and suppression in the de-identification of large-scale data sets, in IEEE 40th Annual Computer Software and Applications Conference, (2016), pp. 589–593
R.J. Bayardo, R. Agrawal, Data privacy through optimal k-anonymization, in Proceedings of the 21st International Conference on Data Engineering, (2005, Apr), pp. 217–228
D. Bissessar, C. Adams, D. Liu, Using biometric key commitments to prevent unauthorized lending of cryptographic credentials, in Proceedings of the 12th Annual Conference on Privacy, Security and Trust (PST 2014), (Toronto, Canada, 2014, July 23–24)
M. Blanton, Online subscriptions with anonymous access, in Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIA CCS), (Tokyo, Japan, 2008, Mar 18–20), pp. 217–227
P. Bonizzoni, G. Della Vidova, R. Dondi, The k-anonymity problem is hard, in International Symposium on Fundamentals of Computation Theory, (Springer LNCS 5699, 2009, Sep 2–4), pp. 26–37
S. Brands, Privacy-protected transfer of electronic information, U.S. Patent (filed August 1993), patent number 5,604,805, issued February 1997
S. Brands, Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy (The MIT Press, 2000)
S. Brands, A technical overview of digital credentials, Credentica paper, (2002, Feb 20)
M. Branscombe, PassProtect tells you if your password has been pwned, ZDNet, (2018, May 25)
J. Brodkin, Find out if your password has been pwned – Without sending it to a server, Ars Technica, (2018, Feb 23)
J. Camenisch, A. Lysyanskaya, An efficient system for non-transferable anonymous credentials with optional anonymity revocation, in Advances in Cryptology: Proceedings of Eurocrypt 2001, (Springer LNCS 2045, 2001), pp. 93–118
J. Camenisch, S. Hohenberger, M. Kohlweiss, A. Lysyanskaya, M. Meyerovich, How to win the clone wars: Efficient periodic n-times anonymous authentication, in Proceedings of the 13th ACM Conference on Computer and Communications Security, (Alexandria, Virginia, USA, 2006, Oct), pp. 201–210
J. Camenisch, M. Dubovitskaya, P. Kalambet, A. Lehmann, G. Neven, F.-S. Preiss, T. Usatiy, IBM identity mixer: Authentication without identification, Idemix Presentation, IBM Research – Zurich, (2015, Nov 12)
M. Chase, M. Kohlweiss, A. Lysyanskaya, S. Meiklejohn, Malleable signatures: New definitions and delegatable anonymous credentials, in IEEE 27th Computer Security Foundations Symposium, (Vienna, 2014), pp. 199–213
D. Chaum, Blind signatures for untraceable payments, in Advances in Cryptology: Proceedings of Crypto ‘82, (1983), pp. 199–203
D. Chaum, J.-H. Evertse, J. van de Graaf, An improved protocol for demonstrating possession of discrete logarithms and some generalizations, in Advances in Cryptology: Proceedings of Eurocrypt ‘87, (Springer LNCS 304, 1988), pp. 127–141
L. Chen, A.N. Escalante, B.H. Löhr, M. Manulis, A.-R. Sadeghi, A privacy-protecting multi-coupon scheme with stronger protection against splitting, in Proceedings of the 11th International Conference on Financial Cryptography and Data Security (FC 2007), (Springer LNCS 4886, 2008), pp. 29–44
C. Díaz, S. Seys, J. Claessens, B. Preneel, Towards measuring anonymity, in Proceedings of the Second International Workshop on Privacy Enhancing Technologies, (Springer, LNCS 2482, San Francisco, USA, 2002 Apr 14–15), pp. 54–68
K. El Emam, F. Kamal Dankar, Protecting privacy using k-anonymity. J. Am. Med. Inform. Assoc. 15(5), 627–637 (2008, Sep-Oct)
J. Fan, C. Adams, Using malleable signatures to allow multi-show capability in digital credentials. Int. J. Sensor Netw. Data Commun. 7(4), 6 (2018)
O. Goldreich, S. Micali, A. Wigderson, Proofs that yield nothing but their validity and a methodology of cryptographic protocol design, in Proceedings of the 27th Annual IEEE Symposium on Foundations of Computer Science, (1986, Oct 27–29), pp. 174–187
S. Goldwasser, M. Bellare, Lecture notes on cryptography, in Lecture Notes for a Week-Long Course on Cryptography Taught at MIT Over Ten Summers, (2008, July)
S. Goldwasser, S. Micali, C. Rackoff, The knowledge complexity of interactive proof systems. Soc. Indust. Appl. Math. (SIAM) J. Comput. 18(1), 186–208 (1989, Feb)
A. Hundepool, L. Willenborg, μ- and τ-Argus: Software for statistical disclosure control, in Third International Seminar on Statistical Confidentiality, (Bled, 1996)
R. Impagliazzo, S. Miner More, Anonymous credentials with biometrically-enforced non-transferability, in Proceedings of the Workshop on Privacy in the Electronic Society, (Washington, DC, USA, 2003, Oct 30), pp. 60–71
B. Kenig, T. Tassa, A practical approximation algorithm for optimal k-anonymity. Data Min. Knowl. Disc. 25, 134–168 (2012)
D.A. Knox, C. Adams, Digital credentials with privacy-preserving delegation. Secur. Commun. Netw. 4(8), 825–838 (2011, Aug)
N. Li, T. Li, S. Venkatasubramanian, t-Closeness: Privacy beyond k-anonymity and l-diversity, in Center for Education and Research Information Assurance and Security (CERIAS) Tech Report 2007–78, (Purdue University, 2007)
L. Li, B. Pal, J. Ali, N. Sullivan, R. Chatterjee, T. Ristenpart, Protocols for checking compromised credentials, arXiv.org, arXiv:1905.13737v3 (2019, Sep 4)
A. Machanavajjhala, D. Kifer, J. Gehrke, M. Venkitasubramaniam, l-diversity: privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data, 1(1), article 3, 52pp (2007, Mar)
A. Meyerson, R. Williams, On the complexity of optimal k-anonymity, in Symposium on Principles of Database Systems, (2004, June 14–16), pp. 223–228
Microsoft, U-Prove, in Research Project Description, (2012, Feb 25)
S. Kendall More, Secure group communication: Self-healing key distribution and nontransferable anonymous credentials, PhD thesis, University of California, San Diego, 2003
G. Neven, IBM identity mixer (idemix), in Presentation Given at NIST Meeting on Privacy Enhancing Technology, (Gaithersburg, MD, USA, 2011 Dec 8–9)
A. Øhrn, L. Ohno-Machado, Using boolean reasoning to anonymize databases. Artif. Intell. Med. 15(3), 235–254 (1999)
A. Pfitzmann, M. Hansen, A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management, in Anonymity Terminology Document, Version v0.34 (2010, Aug 10)
A. Piotrowska, J. Hayes, T. Elahi, S. Meiser, G. Danezis, The loopix anonymity system, in Proceedings of the 26th USENIX Security Symposium, (Vancouver, BC, Canada, 2017, Aug 16–18), pp. 1199–1216. (See also arXiv.com, 1703.00536, 16pp., 1 March 2017)
T. Pryds Pedersen, Non-interactive and information-theoretic secure verifiable secret sharing, in Advances in Cryptology: Proceedings of Crypto ‘91, (1992), pp. 129–140
Y. Rubner, C. Tomasi, L.J. Guibas, The earth mover’s distance as a metric for image retrieval. Int. J. Comput. Vis. 40(2), 99–121 (2000, Nov)
P. Samarati, Protecting respondents identities in microdata release. IEEE Trans. Knowl. Data Eng. 13(6), 1010–1027 (2001, Nov-Dec)
P. Samarati, L. Sweeney, Protecting privacy when disclosing information: k-anonymity and its enforcement through generalisation and suppression, in SRI International, (1998)
A. Serjantov, G. Danezis, Towards an information theoretic metric for anonymity, in Proceedings of the Second International Workshop on Privacy Enhancing Technologies, (Springer, LNCS 2482, San Francisco, USA, 2002, Apr 14–15), pp. 41–53
A. Sonnino, M. Al-Bassam, S. Bano, S. Meiklejohn, G. Danezis, Coconut: Threshold issuance selective disclosure credentials with applications to distributed ledgers, in Network and Distributed System Security (NDSS) Symposium, (San Diego, CA, USA, 2019, Feb 24–27), 15pp
L. Sweeney, Guaranteeing anonymity when sharing medical data, the Datafly system, in Proceedings of the Fall Symposium of the American Medical Informatics Association, (1997), pp. 51–55
L. Sweeney, Simple demographics often identify people uniquely, in Carnegie Mellon University, Data Privacy Working Paper 3, (Pittsburgh, 2000)
L. Sweeney, K-anonymity: A model for protecting privacy. Int. J. Uncertain. Fuzziness Knowlege-Based Syst. 10(5), 557–570 (2002a)
L. Sweeney, Achieving k-anonymity privacy protection using generalization and suppression. Int. J. Uncertain. Fuzziness Knowlege-Based Syst. 10(5), 571–588 (2002b)
P.F. Syverson, S.G. Stubblebine, Group principals and the formalization of anonymity, in Proceedings of the First World Congress on Formal Methods in the Development of Computing Systems (FM ‘99), Volume 1, (Springer, LNCS 1708, Toulouse, France, 1999, Sep 20–24), pp. 814–833
P.F. Syverson, S.G. Stubblebine, D M. Goldschlag, Unlinkable serial transactions, in Proceedings of the First International Conference on Financial Cryptography, (Springer, LNCS 1318, Anguilla, British West Indies, 1997, Feb 24–28), pp. 39–55
Watchtower, About Watchtower Privacy in 1Password. 1Password Support (2020, Oct 8)
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Adams, C. (2021). Limiting Disclosure by Hiding the Identity. In: Introduction to Privacy Enhancing Technologies. Springer, Cham. https://doi.org/10.1007/978-3-030-81043-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-81043-6_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-81042-9
Online ISBN: 978-3-030-81043-6
eBook Packages: Computer ScienceComputer Science (R0)