Validation of 1-N OT algorithms in privacy-preserving investigations.
Kwecka, Zbigniew; Buchanan, William J; Saliou, Lionel
Prof Bill Buchanan B.Buchanan@napier.ac.uk
Most organisations relay on digital information systems (ISs) in day-to-day operations, and often sensitive data about employees and customers are stored in such systems. This, effectively, makes ISs enhanced surveillance measures, which can reach further than CCTV monitoring and provide valuable resources for internal and external investigations. For privacy reasons, if a digital forensic investigation is to take place, only the investigators should know the identities of the suspects. Ideally, the investigators should not have to disclose these identities to the data holders, while the data holders, i.e. organisations whose data subjects are being investigated, should not have to disclose their full databases to investigators. The only data that should be disclosed should relate to that involving the subject – thus the need for a privacy-preserving investigation system. Several privacy preserving algorithms have been proposed, but most of them are only of theoretical interest since empirical evaluations have rarely been undertaken. The main novelty in this paper is that it applies a 1-out-n Oblivious Transfer (1-n OT) algorithm to a new area of privacy-preserving investigations. Hence, an implementation of a straightforward privacy-preserving investigation system that can be used in real-life applications is outlined. The system uses tried and tested encryption algorithms: RSA for hiding the identity of the suspect; AES to conceal from investigators records not relating to the suspect; and commutative RSA to allow discovery of index where a suspect’s data is stored in the third party records. This paper outlines an initial evaluation of the system proving that it may be successfully used in digital forensic investigations, conducted by public authorities and private organisations alike. The empirical evaluation also shows that the time required by this system to run grows in line with increasing number of records and increasing size of records, which is desirable compared to exponential growth observed in many systems that employ 1-n OT protocols.
Kwecka, Z., Buchanan, W. J., & Saliou, L. (2008). Validation of 1-N OT algorithms in privacy-preserving investigations.
|Conference Name||7th European Conference on Information Warfare and Security|
|Start Date||Jun 30, 2008|
|End Date||Jul 1, 2008|
|Deposit Date||Dec 23, 2010|
|Publicly Available Date||Dec 23, 2010|
|Peer Reviewed||Peer Reviewed|
|Keywords||privacy preservation; data mining; digital forensics; digital suspect watchlist; oblivious transfer;|
Publisher Licence URL
You might also like
Application and analysis of private matching schemes based on commutative cryptosystems.
Privacy-preserving data acquisition protocol.
Minimising collateral damage: privacy-preserving Investigative data acquisition platform.
A novel privacy preserving method for the location tracking of mobile devices