Decentralized Application Security
Licentiatavhandling, 2016

On the internet today, everything is centralized. For most people, a single commercial entity owns the power to disclose all their personal emails. Most commonly your emails are only disclosed to you and your correspondent, but the power to choose who sees these emails is in fact not yours. Almost nothing that the internet is used for gives the originator the power to retract it, or to enforce intact delivery. When you use a social media platform, you are given the intuition that you choose which friends who can see any posts and photos that you publish. In reality the provider of the social media platform may share this data to anyone they like. It may choose to remove this data, to remove treasured family photos, or to not deliver a personal message to your friends. Of course, this would for most businesses not be a profitable mode of operation, no entrepreneur or business developer strive for this. However, governing authorities can exert force over the company to do this without economical motives, during political instabilities for instance. This thesis is about giving end-users control over their own personal data, while maintaining all the rich internet services that users normally enjoy on a day-to-day basis. Using traditional cryptographic techniques information can be made unreadable for everyone except the intended parties. Another type of cryptographic techniques, called homomorphic encryption, can make information usable while still being unreadable, enabling constructions that serve the same purpose but which does not suffer from potential intrusion on personal data. In this thesis, we will explore how to use both traditional and homomorphic encryption techniques for privacy of location-data and to efficiently a protect web session.

Decentralization

Homomorphic Encryption

Location-Based Services

Privacy

EA
Opponent: Dr. Manolis Terrovitis, Institute for the Management of Information Systems (IMIS) of the Research and Innovation Centre in Information, Communication and Knowledge Technologies "Athena", Greece

Författare

Per Hallgren

Chalmers, Data- och informationsteknik, Programvaruteknik

BetterTimes: Privacy-assured Outsourced Multiplications for Additively Homomorphic Encryption on Finite Fields

Lecture Notes in Computer Science,; Vol. 9451(2015)p. 291-309

Paper i proceeding

GlassTube

PLAS '13 (ACM SIGPLAN workshop on Programming languages and analysis for security). Seattle , WA, USA. June 16-19, 2013,; Vol. 8(2013)p. 71-82

Paper i proceeding

InnerCircle: A Parallelizable Decentralized Privacy-Preserving Location Proximity Protocol

Proceedings of the International Conference on Privacy, Security and Trust (PST),; (2015)p. 1-6

Paper i proceeding

Styrkeområden

Informations- och kommunikationsteknik

Ämneskategorier

Systemvetenskap

Technical report L - Department of Computer Science and Engineering, Chalmers University of Technology and Göteborg University: 150

EA

Opponent: Dr. Manolis Terrovitis, Institute for the Management of Information Systems (IMIS) of the Research and Innovation Centre in Information, Communication and Knowledge Technologies "Athena", Greece

Mer information

Skapat

2017-10-08