Recommended
More Related Content
Similar to HotPets2022_PrivacyPreserving.pptx
Similar to HotPets2022_PrivacyPreserving.pptx (20)
Recently uploaded
Recently uploaded (20)
HotPets2022_PrivacyPreserving.pptx
- 1. Privacy Preserving Telemetry in Reality, an illusion bound to silicon? A.Nappa - F. Olteanu - M. Dhiman 1
- 2. A Long Story Can a human controlled computer make itself-himself distinguishable from an automated program?
- 3. The Multiple Facets of Trust 3
- 4. TRUST zkCrypto Performance Scalability Resiliency Software Side Channels - Architectures - Physics Human Computer Interaction Differential Privacy Crowd-Blending Privacy Human Attestation Privacy Trusted Hardware Quantum VPN0 AD-Injection
- 5. 5 TRUST zkCrypto Performance Scalability Resiliency Software Side Channels - Architectures - Physics HCI Differential Privacy Crowd-Blending Privacy Human Attestation Privacy Trusted Hardware Quantum VPN0
- 6. Scope of this talk:
- 7. Motivation 7
- 8. Popular Option: Google reCAPTCHA ● Bad user experience ● With ML, bots may do better than humans ● Privacy concerns ● Repeatedly Broken 8
- 10. Maintaining the privacy of the user 1 0
- 11. What are the issues 1 1 SHM CPU SENSOR
- 12. Recipe 12 ● GPS data ● Geohash ● BTS data ● SafetyNet (Android) ● DeviceCheck (Apple) ● ZoKrates
- 13. Geohash: 13 A: gcpvn5bpncpy B: gcpvjfz795xc0 A gcpvn5bpncpy B gcpvjfz795xc0
- 16. 16 GPS Coordinates Time Stamp Hashed Values Hashed Values PoK pre-image ZKP pre-image validates certain constraints “I prove that I have been in two different points (signed by a trusted entity) separated by a distance greater than a threshold and in a given range of time” Proving in Zero-Knowledge
- 18. Robustness Assumption 1 (ideal world) ● The BST sends signed data that can be verified and triangulated with GPS to protect GPS spoofing [Oligieri et al. ACM WiSec19] 18 Assumption 2 (Our world) ● Interleave Safetynet/Devicecheck attestations with GPS and BST data, triangulate, attest again
- 19. Attacks 19
- 22. Now we have hi-fi data from sensors 2 2
- 23. Evaluation Number of gates for path range: 444K Prover time (1 distances): ~16s Total proof (linking two generated proofs): 20s (on PC) Proof size: ~5MB 23
- 24. Choose your battle: ● Tradeoff #users #transactions vs. performance ● How often we proof? ● Which sensors are most fiable? ● Which are the weakest? ● Combining them how much battery drains? Plus the proof? How many times a day? ● CAN PROOF BE FORGED?
- 25. Conclusion ● Our battle is to provide trusted data from sensors (i.e. blockchain oracles) ● Many users will be involved ● We will need an efficient solution, probably using textbook RSA signatures
- 26. The Attack of the Clones: A Study of the Impact of Shared Code on Vulnerability Patching
- 27. We need to be in the machine WINE-BR ► 8 Million Windows Hosts Internet Users Symantec Users WINE Opted-in WINE Users 10 Apps
- 28. One raɣ to rule them all: Inducing soft-errors by gamma-ray emissions at ground level 28
- 29. Motivation 29
- 31. Ground Level: Belgian Election Vs. Apple Vs. FBI 31 x …. 0 0 0 0 0 1 1 1 1 0 0 1 0 1 = 6080 = 1984
- 32. Can we reach an exploit from a neutron? 32 A system on Earth, at sea level, with 4GB of RAM has a 96% percent chance of having a bit error in three days without ECC RAM.