Privacy Preserving Record Matching Using Automated Semi-trusted Broker

  • Ibrahim Lazrig
  • Tarik Moataz
  • Indrajit Ray
  • Indrakshi Ray
  • Toan Ong
  • Michael Kahn
  • Frédéric Cuppens
  • Nora Cuppens
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9149)


In this paper, we present a novel scheme that allows multiple data publishers that continuously generate new data and periodically update existing data, to share sensitive individual records with multiple data subscribers while protecting the privacy of their clients. An example of such sharing is that of health care providers sharing patients’ records with clinical researchers. Traditionally, such sharing is performed by sanitizing personally identifying information from individual records. However, removing identifying information prevents any updates to the source information to be easily propagated to the sanitized records, or sanitized records belonging to the same client to be linked together. We solve this problem by utilizing the services of a third party, which is of very limited capabilities in terms of its abilities to keep a secret, secret, and by encrypting the identification part used to link individual records with different keys. The scheme is based on strong security primitives that do not require shared encryption keys.



This work was partially supported by the U.S. National Science Foundation under Grant No. 0905232, and by Colorado State University under an internal research grant.


  1. 1.
    Chase, M., Kamara, S.: Structured encryption and controlled disclosure. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 577–594. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  2. 2.
    Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, VA, USA. pp. 79–88 (2006)Google Scholar
  3. 3.
    Moataz, T., Shikfa, A.: Boolean symmetric searchable encryption. In: Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security, Hangzhou, China. pp. 265–276 (2013)Google Scholar
  4. 4.
    Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  5. 5.
    Stefanov, E., van Dijk, M., Shi, E., Fletcher, C.W., Ren, L., Yu, X., Devadas, S.: Path ORAM: an extremely simple oblivious RAM protocol. In: Proceedings of ACM Conference on Computer and Communications Security, Berlin, Germany. 299–310 (2013)Google Scholar
  6. 6.
    Strizhov, M., Ray, I.: Multi-keyword similarity search over encrypted cloud data. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IFIP AICT, vol. 428, pp. 52–65. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  7. 7.
    Dachman-Soled, D., Malkin, T., Raykova, M., Yung, M.: Efficient robust private set intersection. Int. J. Appl. Crypt. 2, 289–303 (2012)MATHMathSciNetCrossRefGoogle Scholar
  8. 8.
    Kamara, S., Mohassel, P., Raykova, M., Sadeghian, S.: Scaling private set intersection to billion-element sets. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 193–213. Springer, Heidelberg (2014) Google Scholar
  9. 9.
    Goldreich, O.: Secure multi-party computation. Manuscript. Preliminary version (1998). Accessed on 30 April 2015
  10. 10.
    Agrawal, R., Evfimievski, A., Srikant, R.: Information sharing across private databases. In: Proceedings of the 2003 ACM SIGMOD International Conference on Management of Data, San Diego, CA, USA. pp. 86–97 (2003)Google Scholar
  11. 11.
    De Cristofaro, E., Lu, Y., Tsudik, G.: Efficient techniques for privacy-preserving sharing of sensitive information. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 239–253. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  12. 12.
    Boyd, A.D., Saxman, P.R., Hunscher, D.A., Smith, K.A., Morris, T.D., Kaston, M., Bayoff, F., Rogers, B., Hayes, P., Rajeev, N., Kline-Rogers, E., Eagle, K., Clauw, D., Greden, J.F., Green, L.A., Athey, B.D.: The University of Michigan honest broker: a web-based service for clinical and translational research and practice. J. Am. Med. Inform. Assoc. : JAMIA 16, 784–791 (2009)CrossRefGoogle Scholar
  13. 13.
    Dhir, R., Patel, A.A., Winters, S., Bisceglia, M., Swanson, D., Aamodt, R., Becich, M.J.: A multidisciplinary approach to honest broker services for tissue banks and clinical data. Cancer 113, 1705–1715 (2008)CrossRefGoogle Scholar
  14. 14.
    Jefferies, N., Mitchell, C.J., Walker, M.: A proposed architecture for trusted third party services. In: Proceedings of the International Conference on Cryptography: Policy and Algorithms, Brisbane, Queensland, Australia. pp. 98–104 (1995)Google Scholar
  15. 15.
    Ajmani, S., Morris, R., Liskov, B.: A trusted third-party computation service (2001). Accessed on 30 April 2015
  16. 16.
    Yau, S., Yin, Y.: A privacy preserving repository for data integration across data sharing services. IEEE Trans. Serv. Comput. 1, 130–140 (2008)CrossRefGoogle Scholar
  17. 17.
    Carbunar, B., Sion, R.: Toward private joins on outsourced data. IEEE Trans. Knowl. Data Eng. 24, 1699–1710 (2012)CrossRefGoogle Scholar
  18. 18.
    Chow, S.S., Lee, J.H., Subramanian, L.: Two-party computation model for privacy-preserving queries over distributed databases. In: Proceedings of the 2009 Network and Distributed System Security Symposium, San Diego, CA, USA (2009)Google Scholar
  19. 19.
    Tassa, T., Gudes, E.: Secure distributed computation of anonymized views of shared databases. ACM Trans. Database Syst. (TODS) 37, 11 (2012)CrossRefGoogle Scholar
  20. 20.
    El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985) CrossRefGoogle Scholar
  21. 21.
    Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48, 203–209 (1987)MATHMathSciNetCrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2015

Authors and Affiliations

  • Ibrahim Lazrig
    • 1
  • Tarik Moataz
    • 1
    • 2
  • Indrajit Ray
    • 1
  • Indrakshi Ray
    • 1
  • Toan Ong
    • 3
  • Michael Kahn
    • 3
  • Frédéric Cuppens
    • 2
  • Nora Cuppens
    • 2
  1. 1.Department of Computer ScienceColorado State UniversityFord CollinsUSA
  2. 2.Institut Mines-TélécomTélécom BretagneCesson SévignéFrance
  3. 3.Anschutz Medical CampusUniversity of ColoradoDenverUSA

Personalised recommendations