DOCSLIB.ORG

Identifying Harmful Media in End-To-End Encrypted Communication: Efficient Private Membership Computation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Identifying Harmful Media in End-to-End Encrypted Communication: Efficient Private Membership Computation Anunay Kulshrestha Jonathan Mayer Princeton University Princeton University Abstract compression [11–19]. When a user shares media, a PHM system computes the perceptual hash and compares the value End-to-end encryption (E2EE) poses a challenge forautomated to a set of known hashes for harmful content. If the computed detection of harmful media, such as child sexual abuse material value is close to a hash in the set, the platform flags the user’s and extremist content. The predominant approach at present, media for a content moderation response. perceptual hash matching, is not viable because in E2EE a communications service cannot access user content. In the United States, the National Center for Missing and In this work, we explore the technical feasibility of privacy- Exploited Children (NCMEC) coordinates several datasets preserving perceptual hash matching for E2EE services. We of known CSAM perceptual hashes, totaling millions of im- begin by formalizing the problem space and identifying fun- ages [20, 21]. Similar CSAM hash clearinghouses exist in damental limitations for protocols. Next, we evaluate the other countries, including the U.K. [22] and Canada [23]. predictive performance of common perceptual hash functions The Global Internet Forum to Counter Terrorism (GIFCT), to understand privacy risks to E2EE users and contextualize a coalition of technology firms, facilitates sharing tens of errors associated with the protocols we design. thousands of perceptual hashes for extremist material [24]. Our primary contribution is a set of constructions for Because E2EE services by design do not have access to privacy-preserving perceptual hash matching. We design and communications content, they cannot compute and compare evaluate client-side constructions for scenarios where disclos- perceptual hashes of user media. Law enforcement and civil ing the set of harmful hashes is acceptable. We then design and society stakeholders worldwide have responded by pressing for evaluate interactive protocols that optionally protect the hash a moratorium on E2EE adoption and “lawful access” schemes set and do not disclose matches to users. The constructions that for encrypted communications [25–27]. we propose are practical for deployment on mobile devices In this work, we explore the technical feasibility of a middle and introduce a limited additional risk of false negatives. ground: can an E2EE service take content moderation action against media that matches a perceptual hash set, without learn- 1 Introduction ing about non-harmful content, optionally without learning The trend toward end-to-end encryption (E2EE) in pop- about harmful content, and optionally without disclosing the ular messaging services [1], such as Apple iMessage [2], hash set? Our contributions to the literature, and the structure WhatsApp [3], Facebook Messenger [4], and Signal [5], has of the paper, are as follows: immense benefits. E2EE limits access to communications • We formalize the problem of detecting perceptual hash content to just the parties, providing a valuable defense against matches in E2EE communications: private exact mem- security threats, privacy risks, and—in some jurisdictions— bership computation (PEMC) and private approximate illegitimate surveillance and other human rights abuses. membership computation (PAMC). We also describe Adoption of E2EE does, however, come at a significant limitations in the problem formulation, including both societal cost. A small proportion of users share harmful me- technical constraints and serious policy concerns that dia, such as child sexual abuse material (CSAM), terrorist cannot be resolved through technical means (Section2). recruiting imagery, and most recently dangerous disinforma- • We evaluate commonly used PHFs for predictive perfor- tion about causes of and cures for COVID-19 [6–9]. Present mance, so that we can both characterize the added privacy E2EE deployments do not support the predominant methods risk to E2EE communications from PHM false positives for automatically identifying this content. and contextualize the additional false negatives associ- For over a decade, popular platforms have relied on percep- ated with certain of our protocol designs (Section4). tual hash matching (PHM) to efficiently respond to harmful • We evaluate client-side PEMC and PAMC designs, which media [10]. PHM systems use perceptual hash functions are straightforward and practical for deployments where (PHFs) to deterministically map media—most commonly the set of perceptual hashes is not sensitive (Section5). images—to a space where proximity reflects perceptual simi- • We design and evaluate novel interactive protocols for larity. PHFs are designed to be robust against common trans- PEMC and PAMC (Section6). Our protocols consist of formations, including geometric transformations, noise, and four steps: bucketizing PHF values for efficient lookup Locality-Sensitive Hash Private Information Private Threshold Private Equality Test (§9) Bucketization (§7) Retrieval (§8) Comparison (§ 10) Reduces the hash space for Compares hash values, Compares the computed practical PIR. Introduces Retrieves an LSH bucket from selectively revealing the result. Hamming distance to a a false negative risk in the Server, without disclosing Computes Hamming distance similarity threshold, without the approximate setting. the bucket choice to the Server. in the approximate setting. revealing the Hamming distance. Private Exact Computationally Private Exact Membership Bit Sampling (§ 7.1) Private Information Equality Test with N/A Computation (§ 11.1) Retrieval (§ 8.1) ElGamal PHE (§ 9.1) Privacy-Preserving Private Approximate Miniature Computationally Private Approximate Comparison with Membership Perceptual Private Information Equality Test with Commutative Computation (§ 11.2) Hashes (§ 7.2) Retrieval (§ 8.1) BFV FHE (§ 9.2) Encryption (§ 10.1) Figure 1: An overview of our protocols for privacy-preserving perceptual hash matching in E2EE communications. (Section7), private information retrieval for PHF buck- selects a fixed similarity threshold δH < k for identifying ets (Section8), private equality testing (Section9), and nearly identical media. finally (for PAMC only) private threshold comparison Informally, a perceptual hash is a special type of locality- (Section 10). Figure1 depicts our overall protocol design. sensitive hash (LSH) [28, 29] that preserves similarity not After presenting each step, we complete our protocols only within hash buckets, but also across hash buckets.3 If the for PEMC and PAMC (Section 11), then describe our im- Client’s media is perceptually nearly identical to media with plementation and provide benchmarks (Section 12). The hash value y, with high probability dH ¹x;yº ≤ δH . Otherwise, protocols that we propose are practical for deployment with high probability dH ¹x;yº > δH . on mobile devices and, in PAMC, introduce limited false After computing the perceptual hash x, the Server compares negatives beyond those inherent in PHFs. x to a set of k-bit perceptual hashes for media known to be B ⊆ f gk 4 The paper concludes with a discussion of related work (Sec- harmful, 0;1 . Some PHM deployments require an tion 13) and directions for future study. exact hash match: the Server identifies media as harmful if x 2 B.5 In other deployments, the Server uses approximate hash matching: the Server identifies media as harmful if 2 Problem Formulation 6 9y 2 B such that dH ¹x;yº ≤ δH . We begin by explaining current PHM systems, using an If there is a perceptual hash match, the Server takes a content abstraction (Section 2.1). Next, we formalize a set of prop- moderation action in response. The action could range from erties for privacy-preserving PHM in E2EE communication displaying a warning, to terminating the Client’s account, to (Section 2.2). Finally, we describe limitations of the problem sharing the Client’s identity with law enforcement [30]. formulation and our protocol designs (Section 2.3). Privacy Properties. Current PHM implementations de- 2.1 Perceptual Hash Matching pend on Server access to the Client’s media, so that the Server B 1 can both compute x and compare x to hashes in . We refer to Current PHM systems function, abstractly, as follows. A confidentiality for the Client’s media and x as client privacy. user (generically the Client) possesses media that they wish to We consider these values as equivalent in privacy sensitivity share via a communications service (generically the Server). because x may have a known preimage (e.g., an image that The Client transmits the media to the Server with transport has been publicly shared) and because PHF constructions encryption, and the Server receives the media in plaintext. typically leak information about media content [31]. The Server then applies a k-bit perceptual hash func- 3We do not offer a more formal definition of PHFs as a subset of LSHs, tion PHFk ¹·º to the media, generating the perceptual hash k 2 because LSHs usually incorporate a quantitative measure for similarity across x = PHFk ¹mediaº 2 f0;1g . The PHF preserves perceptual inputs and are accompanied by a proof of matching probabilities. similarity between images as locality in the hash space, with 4We assume in this abstracted system that B exclusively contains harm- robustness against common media transformations [11–19]. ful media. As we discuss in Section 2.3, communications services and
Recommended publications
  • AAS Worldwide Telescope: Seamless, Cross-Platform Data Visualization Engine for Astronomy Research, Education, and Democratizing Data

    AAS Worldwide Telescope: Seamless, Cross-Platform Data Visualization Engine for Astronomy Research, Education, and Democratizing Data

    AAS WorldWide Telescope: Seamless, Cross-Platform Data Visualization Engine for Astronomy Research, Education, and Democratizing Data The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters Citation Rosenfield, Philip, Jonathan Fay, Ronald K Gilchrist, Chenzhou Cui, A. David Weigel, Thomas Robitaille, Oderah Justin Otor, and Alyssa Goodman. 2018. AAS WorldWide Telescope: Seamless, Cross-Platform Data Visualization Engine for Astronomy Research, Education, and Democratizing Data. The Astrophysical Journal: Supplement Series 236, no. 1. Published Version https://iopscience-iop-org.ezp-prod1.hul.harvard.edu/ article/10.3847/1538-4365/aab776 Citable link http://nrs.harvard.edu/urn-3:HUL.InstRepos:41504669 Terms of Use This article was downloaded from Harvard University’s DASH repository, and is made available under the terms and conditions applicable to Open Access Policy Articles, as set forth at http:// nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of- use#OAP Draft version January 30, 2018 Typeset using LATEX twocolumn style in AASTeX62 AAS WorldWide Telescope: Seamless, Cross-Platform Data Visualization Engine for Astronomy Research, Education, and Democratizing Data Philip Rosenfield,1 Jonathan Fay,1 Ronald K Gilchrist,1 Chenzhou Cui,2 A. David Weigel,3 Thomas Robitaille,4 Oderah Justin Otor,1 and Alyssa Goodman5 1American Astronomical Society 1667 K St NW Suite 800 Washington, DC 20006, USA 2National Astronomical Observatories, Chinese Academy of Sciences 20A Datun Road, Chaoyang District Beijing, 100012, China 3Christenberry Planetarium, Samford University 800 Lakeshore Drive Birmingham, AL 35229, USA 4Aperio Software Ltd. Headingley Enterprise and Arts Centre, Bennett Road Leeds, LS6 3HN, United Kingdom 5Harvard Smithsonian Center for Astrophysics 60 Garden St.
  • XAMARIN.FORMS for BEGINNERS ABOUT ME Tom Soderling Sr

    XAMARIN.FORMS for BEGINNERS ABOUT ME Tom Soderling Sr

    XAMARIN.FORMS FOR BEGINNERS ABOUT ME Tom Soderling Sr. Mobile Apps Developer @ Polaris Industries; Ride Command Xamarin.Forms enthusiast DevOps hobbyist & machine learning beginner 4 year XCMD Blog: https://tomsoderling.github.io GitHub: https://github.com/TomSoderling Twitter: @tomsoderling How Deep Pickster Spaniel Is It? THE PLAN • Introduction: Why, What, and When • Overview of Xamarin.Forms Building Blocks • Building a Xamarin.Forms UI in XAML • Data Binding • View Customization • Next Steps & Resources • Please ask any questions that come up! THE PLAN • Introduction: Why, What, and When • Overview of Xamarin.Forms Building Blocks • Building a Xamarin.Forms UI in XAML • Data Binding • View Customization • Next Steps & Resources INTRODUCTION : WHY • WET: the soggy state of mobile app development • Write Everything Twice INTRODUCTION : WHY • WET: the soggy state of mobile app development • Write Everything Twice INTRODUCTION : WHAT • What is Xamarin.Forms? • Cross-platform UI framework • Platforms: • Mobile: iOS 8 and up, Android 4.0.3 (API 15) • Desktop: Windows 10 UWP, MacOS, WFP • Samsung Smart Devices: Tizen INTRODUCTION : WHAT • Brief History: • May 2011, Xamarin founded • MonoTouch and Mono for Android using MonoDevelop IDE • February 2013, release of Xamarin 2.0 • Xamarin Studio IDE & integration with Visual Studio • Renamed to Xamarin.Android and Xamarin.iOS • May 2014, Xamarin.Forms released as part of Xamarin 3 • February 24 2016, Xamarin acquired by Microsoft • Owned, actively developed on, and supported by Microsoft • Free
  • Licensing Information User Manual Release 9.1 F13415-01

    Licensing Information User Manual Release 9.1 F13415-01

    Oracle® Hospitality Cruise Fleet Management Licensing Information User Manual Release 9.1 F13415-01 August 2019 LICENSING INFORMATION USER MANUAL Oracle® Hospitality Fleet Management Licensing Information User Manual Version 9.1 Copyright © 2004, 2019, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error- free. If you find any errors, please report them to us in writing. If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs.
  • Seeing the Sky Visualization & Astronomers

    Seeing the Sky Visualization & Astronomers

    Seeing the Sky Visualization & Astronomers Alyssa A. Goodman Harvard Smithsonian Center for Astrophysics & Radcliffe Institute for Advanced Study @aagie WorldWide Telescope Gm1m2 F= gluemultidimensional data exploration R2 Cognition “Paper of the Future” Language* Data Pictures Communication *“Language” includes words & math Why Galileo is my Hero Explore-Explain-Explore Notes for & re-productions of Siderius Nuncius 1610 WorldWide Telescope Galileo’s New Order, A WorldWide Telescope Tour by Goodman, Wong & Udomprasert 2010 WWT Software Wong (inventor, MS Research), Fay (architect, MS Reseearch), et al., now open source, hosted by AAS, Phil Rosenfield, Director see wwtambassadors.org for more on WWT Outreach WorldWide Telescope Galileo’s New Order, A WorldWide Telescope Tour by Goodman, Wong & Udomprasert 2010 WWT Software Wong (inventor, MS Research), Fay (architect, MS Reseearch), et al., now open source, hosted by AAS, Phil Rosenfield, Director see wwtambassadors.org for more on WWT Outreach Cognition “Paper of the Future” Language* Data Pictures Communication *“Language” includes words & math enabled by d3.js (javascript) outputs d3po Cognition Communication [demo] [video] Many thanks to Alberto Pepe, Josh Peek, Chris Beaumont, Tom Robitaille, Adrian Price-Whelan, Elizabeth Newton, Michelle Borkin & Matteo Cantiello for making this posible. 1610 4 Centuries from Galileo to Galileo 1665 1895 2009 2015 WorldWide Telescope Gm1m2 F= gluemultidimensional data exploration R2 WorldWide Telescope gluemultidimensional data exploration WorldWide Telescope gluemultidimensional data exploration Data, Dimensions, Display 1D: Columns = “Spectra”, “SEDs” or “Time Series” 2D: Faces or Slices = “Images” 3D: Volumes = “3D Renderings”, “2D Movies” 4D:4D Time Series of Volumes = “3D Movies” Data, Dimensions, Display Spectral Line Observations Loss of 1 dimension Mountain Range No loss of information Data, Dimensions, Display mm peak (Enoch et al.
  • Software License Agreement (EULA)

    Software License Agreement (EULA)

    Third-party Computer Software AutoVu™ ALPR cameras • angular-animate (https://docs.angularjs.org/api/ngAnimate) licensed under the terms of the MIT License (https://github.com/angular/angular.js/blob/master/LICENSE). © 2010-2016 Google, Inc. http://angularjs.org • angular-base64 (https://github.com/ninjatronic/angular-base64) licensed under the terms of the MIT License (https://github.com/ninjatronic/angular-base64/blob/master/LICENSE). © 2010 Nick Galbreath © 2013 Pete Martin • angular-translate (https://github.com/angular-translate/angular-translate) licensed under the terms of the MIT License (https://github.com/angular-translate/angular-translate/blob/master/LICENSE). © 2014 [email protected] • angular-translate-handler-log (https://github.com/angular-translate/bower-angular-translate-handler-log) licensed under the terms of the MIT License (https://github.com/angular-translate/angular-translate/blob/master/LICENSE). © 2014 [email protected] • angular-translate-loader-static-files (https://github.com/angular-translate/bower-angular-translate-loader-static-files) licensed under the terms of the MIT License (https://github.com/angular-translate/angular-translate/blob/master/LICENSE). © 2014 [email protected] • Angular Google Maps (http://angular-ui.github.io/angular-google-maps/#!/) licensed under the terms of the MIT License (https://opensource.org/licenses/MIT). © 2013-2016 angular-google-maps • AngularJS (http://angularjs.org/) licensed under the terms of the MIT License (https://github.com/angular/angular.js/blob/master/LICENSE). © 2010-2016 Google, Inc. http://angularjs.org • AngularUI Bootstrap (http://angular-ui.github.io/bootstrap/) licensed under the terms of the MIT License (https://github.com/angular- ui/bootstrap/blob/master/LICENSE).
  • IB Case Study Vocabulary a Local Economy Driven by Blockchain (2020) Websites

    IB Case Study Vocabulary a Local Economy Driven by Blockchain (2020) Websites

    IB Case Study Vocabulary A local economy driven by blockchain (2020) Websites Merkle Tree: https://blockonomi.com/merkle-tree/ Blockchain: https://unwttng.com/what-is-a-blockchain Mining: https://www.buybitcoinworldwide.com/mining/ Attacks on Cryptocurrencies: https://blockgeeks.com/guides/hypothetical-attacks-on-cryptocurrencies/ Bitcoin Transaction Life Cycle: https://ducmanhphan.github.io/2018-12-18-Transaction-pool-in- blockchain/#transaction-pool 51 % attack - a potential attack on a blockchain network, where a single entity or organization can control the majority of the hash rate, potentially causing a network disruption. In such a scenario, the attacker would have enough mining power to intentionally exclude or modify the ordering of transactions. Block - records, which together form a blockchain. ... Blocks hold all the records of valid cryptocurrency transactions. They are hashed and encoded into a hash tree or Merkle tree. In the world of cryptocurrencies, blocks are like ledger pages while the whole record-keeping book is the blockchain. A block is a file that stores unalterable data related to the network. Blockchain - a data structure that holds transactional records and while ensuring security, transparency, and decentralization. You can also think of it as a chain or records stored in the forms of blocks which are controlled by no single authority. Block header – main way of identifying a block in a blockchain is via its block header hash. The block hash is responsible for block identification within a blockchain. In short, each block on the blockchain is identified by its block header hash. Each block is uniquely identified by a hash number that is obtained by double hashing the block header with the SHA256 algorithm.
  • Microsoft 2012 Citizenship Report

    Microsoft 2012 Citizenship Report

    Citizenship at Microsoft Our Company Serving Communities Working Responsibly About this Report Microsoft 2012 Citizenship Report Microsoft 2012 Citizenship Report 01 Contents Citizenship at Microsoft Serving Communities Working Responsibly About this Report 3 Serving communities 14 Creating opportunities for youth 46 Our people 85 Reporting year 4 Working responsibly 15 Empowering youth through 47 Compensation and benefits 85 Scope 4 Citizenship governance education and technology 48 Diversity and inclusion 85 Additional reporting 5 Setting priorities and 16 Inspiring young imaginations 50 Training and development 85 Feedback stakeholder engagement 18 Realizing potential with new skills 51 Health and safety 86 United Nations Global Compact 5 External frameworks 20 Supporting youth-focused 53 Environment 6 FY12 highlights and achievements nonprofits 54 Impact of our operations 23 Empowering nonprofits 58 Technology for the environment 24 Donating software to nonprofits Our Company worldwide 61 Human rights 26 Providing hardware to more people 62 Affirming our commitment 28 Sharing knowledge to build capacity 64 Privacy and data security 8 Our business 28 Solutions in action 65 Online safety 8 Where we are 67 Freedom of expression 8 Engaging our customers 31 Employee giving and partners 32 Helping employees make 69 Responsible sourcing 10 Our products a difference 71 Hardware production 11 Investing in innovation 73 Conflict minerals 36 Humanitarian response 74 Expanding our efforts 37 Providing assistance in times of need 76 Governance 40 Accessibility 77 Corporate governance 41 Empowering people with disabilities 79 Maintaining strong practices and performance 42 Engaging students with special needs 80 Public policy engagement 44 Improving seniors’ well-being 83 Compliance Cover: Participants at the 2012 Imagine Cup, Sydney, Australia.
  • FY15 Safer Cities Whitepaper

    FY15 Safer Cities Whitepaper

    Employing Information Technology TO COMBAT HUMAN TRAF FICKING Arthur T. Ball Clyde W. Ford, CEO Managing Director, Asia Entegra Analytics Public Safety and National Security Microsoft Corporation Employing Information Technology to Combat Human Trafficking | 1 Anti-trafficking advocates, law enforcement agencies (LEAs), governments, nongovernmental organizations (NGOs), and intergovernmental organizations (IGOs) have worked for years to combat human trafficking, but their progress to date has been limited. The issues are especially complex, and the solutions are not simple. Although technology facilitates this sinister practice, technology can also help fight it. Advances in sociotechnical research, privacy, Microsoft and its partners are applying their interoperability, cloud and mobile technology, and industry experience to address technology- data sharing offer great potential to bring state- facilitated crime. They are investing in research, of-the-art technology to bear on human trafficking programs, and partnerships to support human across borders, between jurisdictions, and among rights and advance the fight against human the various agencies on the front lines of this trafficking. Progress is possible through increased effort. As Microsoft shows in fighting other forms public awareness, strong public-private of digital crime, it believes technology companies partnerships (PPPs), and cooperation with should play an important role in efforts to disrupt intervention efforts that increase the risk for human trafficking, by funding and facilitating the traffickers. All of these efforts must be based on a research that fosters innovation and harnesses nuanced understanding of the influence of advanced technology to more effectively disrupt innovative technology on the problem and on the this trade. implications and consequences of employing such technology by the community of interest (COI) in stopping human trafficking.
  • Summary Paper on Online Child Sexual Exploitation

    Summary Paper on Online Child Sexual Exploitation

    SUMMARY PAPER ON ONLINE CHILD SEXUAL EXPLOITATION ECPAT International is a global network of civil society The Internet is a part of children’s lives. Information organisations working together to end the sexual exploitation of and Communication Technologies (ICT) are now as children (SEC). ECPAT comprises member organisations in over important to the education and social development of 100 countries who generate knowledge, raise awareness, and children and young people as they are to the overall advocate to protect children from all forms of sexual exploitation. global economy. According to research, children and adolescents under 18 account for an estimated one in Key manifestations of sexual exploitation of children (SEC) three Internet users around the world1 and global data include the exploitation of children in prostitution, the sale and indicates that children’s usage is increasing – both in trafficking of children for sexual purposes, online child sexual terms of the number of children with access, and their exploitation (OCSE), the sexual exploitation of children in travel time spent online.2 While there is still disparity in access and tourism (SECTT) and some forms of child, early and forced to new technologies between and within countries in marriages (CEFM). None of these contexts or manifestations are the developed and developing world, technology now isolated, and any discussion of one must be a discussion of SEC mediates almost all human activities in some way. Our altogether. lives exist on a continuum that includes online and offline domains simultaneously. It can therefore be argued that Notably, these contexts and manifestations of SEC are becoming children are living in a digital world where on/offline increasingly complex and interlinked as a result of drivers like greater mobility of people, evolving digital technology and rapidly expanding access to communications.
  • Secure Multi Keyword Fuzzy with Semantic Expansion Based Search Over Encrypted Cloud Data

    Secure Multi Keyword Fuzzy with Semantic Expansion Based Search Over Encrypted Cloud Data

    SECURE MULTI KEYWORD FUZZY WITH SEMANTIC EXPANSION BASED SEARCH OVER ENCRYPTED CLOUD DATA ARFA BAIG Dept of Computer Science & Engineering B.N.M Institute of Technology, Bangalore, India E-mail: [email protected] Abstract— The initiation of cloud computing has led to ease of access in Internet-based computing and is commonly used for web servers or development systems where there are security and compliance requirements. Nevertheless, some of the confidential information has to be encrypted to avoid any intrusion. Henceforward as an attempt, a semantic expansion based multi- keyword fuzzy search provides solution over encrypted cloud data by using the locality-sensitive hashing technique. This solution returns not only the accurately matched files, but also the files including the terms semantically related to the query keyword. In the proposed scheme fuzzy matching is achieved through algorithmic design rather than expanding the index files. It also eradicates the need of a predefined dictionary and effectively supports multiple keyword fuzzy search without increasing the index or search complexity. The indexes are formed based on locality sensitive hashing (LSH), the result files are returned according to the total relevance score. Index Terms—Multi keyword fuzzy search, Locality Sensitive Hashing, Secure Semantic Expansion. support fuzzy search and also required the use of pre- I. INTRODUCTION defined dictionary which lacked scalability and Cloud computing is a form of computing that depends flexibility for modification and updation of the data. on sharing computing resources rather than having These drawbacks create the necessity of the new local servers or personal devices to handle technique of multi keyword fuzzy search.
  • Universal Leaky Random Oracle

    Universal Leaky Random Oracle

    Universal Leaky Random Oracle Guangjun Fan1, Yongbin Zhou2, Dengguo Feng1 1 Trusted Computing and Information Assurance Laboratory,Institute of Software,Chinese Academy of Sciences,Beijing,China [email protected] , [email protected] 2 State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing,China [email protected] Abstract. Yoneyama et al. introduces the Leaky Random Oracle Model at ProvSec2008 to capture the leakages from the hash list of a hash func- tion used by a cryptography construction due to various attacks caused by sloppy usages or implementations in the real world. However, an im- portant fact is that such attacks would leak not only the hash list, but also other secret states (e.g. the secret key) outside the hash list. There- fore, the Leaky Random Oracle Model is very limited in the sense that it considers the leakages from the hash list alone, instead of taking into con- sideration other possible leakages from secret states simultaneously. In this paper, we present an augmented model of the Leaky Random Oracle Model. In our new model, both the secret key and the hash list can be leaked. Furthermore, the secret key can be leaked continually during the whole lifecycle of the cryptography construction. Hence, our new model is more universal and stronger than the Leaky Random Oracle Model and some other leakage models (e.g. only computation leaks model and memory leakage model). As an application example, we also present a public key encryption scheme which is provably IND-CCA secure in our new model.
  • PGP Command Line User Guide

    PGP Command Line User Guide

    PGP Command Line User Guide Last updated: July 2020 Copyright statement Broadcom, the pulse logo, Connecting everything, and Symantec are among the trademarks of Broadcom. Copyright © 2020 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. For more information, please visit www.broadcom.com. Broadcom reserves the right to make changes without further notice to any products or data herein to improve reliability, function, or design. Information furnished by Broadcom is believed to be accurate and reliable. However, Broadcom does not assume any liability arising out of the application or use of this information, nor the application or use of any product or circuit described herein, neither does it convey any license under its patent rights nor the rights of others. Contents About PGP Command Line 1 Important Concepts 1 Technical Support 2 Installing 5 Install Location 5 Installing on AIX 6 Installing on AIX 6 Changing the Home Directory on AIX 7 Uninstalling on AIX 7 Installing on HP-UX 8 Installing on HP-UX 8 Changing the Home Directory on HP-UX 9 Installing to a Non-Default Directory on HP-UX 9 Uninstalling on HP-UX 9 Installing on macOS 10 Installing on macOS 10 Changing the Home Directory on macOS 10 Uninstalling on macOS 11 Installing on Red Hat Enterprise Linux, SLES, or Fedora Core 11 Installing on Red Hat Enterprise Linux or Fedora Core 11 Changing the Home Directory on Linux or Fedora Core 12 Uninstalling on Linux or Fedora Core 12 Installing on Oracle Solaris 13 Installing on Oracle