Title: Privacy Protection of Outsourced Data

Date: WED January 26, 2022

Time: 9:00 AM-10:30 AM (EST)

Location: https://bluejeans.com/134968817/4914

Committee:

Dr. Alexandra Boldyreva (Advisor) - School of Computer Science, Georgia Institute of Technology, USA

Dr. Joseph Jaeger - School of Cybersecurity and Privacy, Georgia Institute of Technology, USA

Dr. Vladimir Kolesnikov - School of Computer Science, Georgia Institute of Technology, USA

Dr. Wenke Lee - School of Computer Science, Georgia Institute of Technology, USA

Dr. Bogdan Warinschi - School of Computer Science, University of Bristol, UK

Tianxin Tang

PhD candidate in Computer Science

School of Computer Science

Georgia Institute of Technology

Abstract:

Over time, the data we access on the cloud every day through services such as

Google Drive and Apple iCloud outlines our habits and interests, leaving traces

of our digital selves. Naturally, storing such data without protection exposes

us to intrusive third-party marketing and, in some cases, targeted

scams. Significant security risks and increased public awareness demand

practical solutions that enable clients to access the data privately.

This thesis targets the privacy aspect of public and private outsourced data.

We consider the keyless setting for public data, where multiple clients

outsource their data to the cloud, which facilitates the client's access while

providing some privacy protection. In particular, we investigate how to add

privacy to public fuzzy-searchable databases by restricting access to people who

own data close to parts of the database, thereby preventing massive harvesting.

We then turn to private outsourced data, which we also refer to as the

"classical outsourced setting" --- the client encrypts their data using their

secret key and uploads it to the cloud, where it is later made available for

private access. Due to recent leakage-abusive attacks that successfully

recovered queries or reconstructed the database by exploiting the leakage that

seemed innocuous previously, we focus on minimizing that leakage while

supporting versatile functionality. Specifically, we show how to perform

privacy-preserving approximate k-NN search on high-dimensional data with strong

security. We also provide an efficiency evaluation of our implementations

on multiple datasets. Finally, we show how to build a secure multi-map

that yields a searchable encryption scheme supporting keyword search with

minimal leakage. Our construction outperforms the only existing theoretical

construction with comparable security in concrete complexity, while achieving

reasonable performance on real-world email databases.