SGX-based Users Matching with Privacy Protection

Proceedings of the Australasian Computer Science Week Multiconference Pub Date : 2020-02-04 DOI:10.1145/3373017.3373021

Junwei Luo, Xuechao Yang, X. Yi

{"title":"SGX-based Users Matching with Privacy Protection","authors":"Junwei Luo, Xuechao Yang, X. Yi","doi":"10.1145/3373017.3373021","DOIUrl":null,"url":null,"abstract":"For users who rely heavily on social networks for entertaining or making friends, sensitive information such as ages, incomes and addresses will be stored in a database without protection. While many companies try their best to protect user privacy, data breaches still happen, resulting in the loss of millions or billions of dollars and the faith of their customers. Therefore, we propose a solution that guarantees the confidentiality and integrity of information while preserving the ability to perform matching over encrypted values. Our solution is built on homomorphic encryption with secure hardware enclaves such as Intel SGX. Our solution resolves challenges such as performing user profile matching on encrypted values without revealing any information to anyone. With the help of multiple servers, user privacy can be protected as long as at least one server is honest and the guarantee of secure hardware makes the secret unlikely to be revealed. Furthermore, a prototype of our system is implemented to measure its performance. The performance analysis and security analysis show the feasibility of our proposed protocols.","PeriodicalId":297760,"journal":{"name":"Proceedings of the Australasian Computer Science Week Multiconference","volume":"309 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-02-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Australasian Computer Science Week Multiconference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3373017.3373021","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

For users who rely heavily on social networks for entertaining or making friends, sensitive information such as ages, incomes and addresses will be stored in a database without protection. While many companies try their best to protect user privacy, data breaches still happen, resulting in the loss of millions or billions of dollars and the faith of their customers. Therefore, we propose a solution that guarantees the confidentiality and integrity of information while preserving the ability to perform matching over encrypted values. Our solution is built on homomorphic encryption with secure hardware enclaves such as Intel SGX. Our solution resolves challenges such as performing user profile matching on encrypted values without revealing any information to anyone. With the help of multiple servers, user privacy can be protected as long as at least one server is honest and the guarantee of secure hardware makes the secret unlikely to be revealed. Furthermore, a prototype of our system is implemented to measure its performance. The performance analysis and security analysis show the feasibility of our proposed protocols.

查看原文本刊更多论文

sgx用户匹配与隐私保护

对于那些严重依赖社交网络娱乐或交友的用户来说，年龄、收入和地址等敏感信息将被存储在没有保护的数据库中。虽然许多公司尽最大努力保护用户隐私，但数据泄露仍然发生，导致数百万或数十亿美元的损失和客户的信任。因此，我们提出了一种解决方案，可以保证信息的机密性和完整性，同时保留对加密值执行匹配的能力。我们的解决方案建立在同态加密的基础上，使用安全的硬件包(如Intel SGX)。我们的解决方案解决了在不向任何人泄露任何信息的情况下对加密值执行用户配置文件匹配等挑战。在多个服务器的帮助下，只要至少有一个服务器是诚实的，用户隐私就可以得到保护，并且安全硬件的保证使秘密不太可能被泄露。在此基础上，实现了系统的原型，并对其性能进行了测试。性能分析和安全性分析表明了所提协议的可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the Australasian Computer Science Week Multiconference

自引率

0.00%

发文量