Abstract
The Web presents a rich and powerful tool for aggregation of consumer information. A flurry of recent articles in the popular press has documented aggressive manipulation of such information by some companies for the purposes of targeted advertising. While advertisers tout the economic and social benefits of such advertising, consumer privacy groups have expressed grave concerns about its potential abuses, and called for legislative policies to protect sensitive consumer data. In this paper, we explore the notion that targeted advertising and privacy protection need not necessarily be conflicting goals. We describe some conceptually simple technical schemes that facilitate targeted advertising, but also offer protection for sensitive consumer data. Some simple proposals do not even require the use of cryptography. (As an example, we mention an existing scheme in commercial deployment.) We also consider some more sophisticated protocols offering greater assurance of privacy. These involve cryptographic constructions that may be thought of as partial, practical PIR (private information retrieval) schemes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Crowds homepage. AT&T Labs. http://www.research.att.com/projects/crowds.
Encirq, Inc. http://www.encirq.com.
Microsoft ActiveX resource page. Microsoft Corporation. http://www.microsoft.com/com/tech/ActiveX.asp.
Platform for privacy preferences (P3P) project. World Wide Web Consortium (W3C). http://www.w3.org/p3p.
Zero-Knowledge Systems, Inc. http://www.zeroknowledge.com.
M. Abe. Universally verifiable mix-net with verification work independent of the number of mix-servers. In EUROCRYPT’ 98, pages 437–447, 1998.
M. Abe. A mix-network on permutation networks. In ASIACRYPT’ 99, pages 258–273, 1999.
Reuters News Agency. DoubleClick awaits FTC OK: CEO says Web adfirm will wait for privacy policy before it uses ad tracking. 2 March 2000.
R.M. Arlien, B. Jai, M. Jakobsson, F. Monrose, and M. K. Reiter. Privacy-preserving global customization. In ACM E-Commerce’ 00, 2000. To appear.
C. Cachin, S. Micali, and M. Stadler. Computationally private information retrieval with polylogarithmic communication. In EUROCRYPT’ 99, pages 402–414, 1999.
J. Camenisch and M. Michels. Proving that a number is the product of two safe primes. In EUROCRYPT’ 99, pages 107–122, 1999.
D. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84–88, 1981.
B. Chor, E. Kushilevitz, O. Goldreich, and M. Sudan. Private information retrieval. JACM, 45(6):965–981, 1998.
Y. Desmedt and K. Kurosawa. How to break a practical mix and design a new one. In EUROCRYPT’ 00, pages 557–572, 2000.
W. Diffie and M.E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, (22):644–654, 1976.
A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In EUROCRYPT’ 86, pages 186–194, 1986.
T. El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31:469–472, 1985.
R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Secure distributed key generation for d-log based cryptosystems. In EUROCRYPT’ 99, pages 295–310, 1999.
Y. Gertner, S. Goldwasser, and T. Malkin. A random server model for PIR. In RANDOM’ 98, pages 200–217, 1998.
Y. Gertner, Y. Ishai, E. Kushilevitz, and T. Malkin. Protecting data privacy in private information retrieval schemes. In STOC’ 98, pages 151–160, 1998.
J. Goldman, Z. Hudson, and R.M. Smith. Report on the privacy policies and practices of health Web sites, 2000.
O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game. In STOC’ 87, pages 218–229, 1987.
M. Jakobsson. A practical mix. In EUROCRYPT’ 98, pages 448–461, 1998.
M. Jakobsson. Flash mixing. In PODC’ 99, pages 83–89, 1999.
M. Jakobsson. On quorum controlled asymmetric proxy re-encryption. In PKC’ 99, pages 112–121, 1999.
M. Jakobsson and A. Juels. Millimix: Mixing in small batches, 1999. DIMACS Technical Report 99-33.
M. Jakobsson and A. Juels. Mix and match: Secure function evaluation via cipher-texts. In ASIACRYPT’ 00, 2000. To appear.
E. Kushilevitz and R. Ostrovsky. Replication is not needed: Single database, computationally-private information retrieval. In FOCS’ 97, pages 364–373, 1997.
N. Lynch. Distributed Algorithms. Morgan Kaufmann, 1995.
M. Mitomo and K. Kurosawa. Attack for flash mix. In ASIACRYPT’ 00, 2000. To appear.
W. Ogata, K. Kurosawa, K. Sako, and K. Takatani. Fault tolerant anonymous channel. In ICICS’ 97, pages 440–444, 1997.
M. Ohkubo and M. Abe. A length-invariant hybrid mix. In ASIACRYPT’ 00, 2000. To appear.
R. Ostrovsky and V. Shoup. Private information storage. In STOC’ 97, pages 294–303, 1997.
T. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In CRYPTO’ 91, pages 129–140, 1991.
T. Pedersen. A threshold cryptosystem without a trusted third party. In EU-ROCRYPT’ 91, pages 522–526, 1991.
A. Pfitzmann and B. Pfitzmann. How to break the direct RSA-implementation of MIXes. In EUROCRYPT’ 89, pages 373–381, 1989.
M. K. Reiter and A. D. Rubin. Crowds: Anonymity for Web transactions. ACM Transactions on Information and System Security, 1(1):66–92, 1998.
M. K. Reiter and A. D. Rubin. Anonymous Web transactions with Crowds. Communications of the ACM, 42(2):32–38, 1999.
C.P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4:161–174, 1991.
B. Tedeschi. E-commerce report; Critics press legal assault on tracking of Web users. New York Times. 7 February 2000.
Y. Tsiounis and M. Yung. On the security of ElGamal-based encryption. In PKC’ 98, pages 117–134, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Juels, A. (2001). Targeted Advertising ... and Privacy Too. In: Naccache, D. (eds) Topics in Cryptology — CT-RSA 2001. CT-RSA 2001. Lecture Notes in Computer Science, vol 2020. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45353-9_30
Download citation
DOI: https://doi.org/10.1007/3-540-45353-9_30
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41898-6
Online ISBN: 978-3-540-45353-6
eBook Packages: Springer Book Archive