Abstract: The current invention provides a system and method for Data Owners to share with Data Seekers extracted insights from the Big Data, instead of raw data or anonymized raw data, thus reducing or eliminating privacy concerns on the data owned by the Data Owners. An Oblivious Pseudo Random Function (OPRF) is used, with operations using OPRFs occur over encrypted data, thus Data Owners learn only the primary object from Data Seeker and nothing else about the remainder of Data Owners' data. Similarly, Data Seeker learns a list of associated secondary objects and nothing else about Data Owners' data. The extent of sharing can be limited using a predefined threshold depending how much private information Data Owner is willing to share or Data Seeker is willing to pay.

Abstract: A method is provided for generating an encrypted database. The method includes: receiving a plaintext database having plaintext data entries therein; and generating an encrypted database using the plaintext database, the encrypted database including encrypted data entries therein. The encrypted database is configured to support at least one form of conditional query such that the at least one form of conditional query returns a correct encrypted result when the query is computed on the encrypted data entries without the decryption thereof.

Abstract: A method is provided for generating an encrypted database. The method includes: receiving a plaintext database having plaintext data entries in one or more columns; augmenting the received plaintext database to generate an augmented plaintext database, the augmenting including the addition of one or more columns to the received plaintext database, each added column corresponding to an attribute which is to be made available for conditional queries; and encrypting the augmented plaintext database to generate the encrypted database including encrypted data entries. The encrypted database supports at least one form of conditional query for those attributes corresponding to the added columns, the at least one form of conditional query being computed on the encrypted data entries without the decryption thereof to produce an encrypted result.

Abstract: A computer-implemented system and method for analyzing data quality is provided. Attributes each associated with one or more elements are maintained. A request from a user is received for determining data quality of at least one attribute based on an interest vector having a listing of the elements of that attribute and a selection of elements of interest. Each element is encrypted. A condensed vector having the same listing of elements as the interest vector is populated with occurrence frequencies for each of the listed elements. The elements of the condensed vector are encrypted by computing an encrypted product of each element in the condensed vector and the corresponding element of the interest vector. An aggregate is determined based on the encrypted products of each element of the interest vector and the corresponding element of the condensed vector. The aggregate is provided as results of the data quality.

Abstract: One embodiment provides a system that facilitates privacy-preserving order statistics. The system receives, by a first device from a second device, a second value associated with the second device perturbed by a random value. The system determines a first difference between a first value associated with the first device, and the second value. The system encrypts a second difference between the first difference and the random value. Subsequent to transmitting the encrypted second difference, the system receives a sign of a first integer and a ciphertext. The system decrypts the ciphertext to obtain a third value which indicates the first difference scaled based on the first integer, wherein the scaled first difference is perturbed by a second integer. The system determines, based on the sign of the first integer and a sign of the third value, whether the first value is greater than or less than the second value.

Abstract: A computer-implemented method for protecting sensitive data via data re-encryption is provided. Encrypted data is maintained. A data query is received from a user associated with a public key and a secret key. Results of the query are computed by identifying at least a portion of the encrypted data and by adding plaintext for the identified portion of the encrypted data as the results. A re-encryption key is generated for the results using the public key of the user and the results are re-encrypted using the re-encryption key. The re-encrypted results are then transmitted to the user.

Abstract: One embodiment provides a system for noise addition to enforce data privacy protection in a star network. In operation, participants may add a noise component to a dataset. An aggregator may receive the noise components from the plurality of participants, compute an overall noise term based on the received noise components, and aggregate values using the noise components and overall noise term.

Abstract: A method is provided for generating an encrypted database. The method includes: receiving a plaintext database having plaintext data entries therein; and generating an encrypted database using the plaintext database, the encrypted database including encrypted data entries therein. The encrypted database is configured to support at least one form of conditional query such that the at least one form of conditional query returns a correct encrypted result when the query is computed on the encrypted data entries without the decryption thereof.

Abstract: A method is provided for generating an encrypted database. The method includes: receiving a plaintext database having plaintext data entries in one or more columns; augmenting the received plaintext database to generate an augmented plaintext database, the augmenting including the addition of one or more columns to the received plaintext database, each added column corresponding to an attribute which is to be made available for conditional queries; and encrypting the augmented plaintext database to generate the encrypted database including encrypted data entries. The encrypted database supports at least one form of conditional query for those attributes corresponding to the added columns, the at least one form of conditional query being computed on the encrypted data entries without the decryption thereof to produce an encrypted result.

Abstract: One embodiment provides a system that facilitates secure communication between computing entities. During operation, the system generates, by a content-consuming device, a first key based on a first consumer-share key and a previously received producer-share key. The system constructs a first interest packet that includes the first consumer-share key and a nonce token which is used as a pre-image of a previously generated first nonce, wherein the first interest has a name that includes a first prefix, and wherein the first nonce is used to establish a session between the content-consuming device and a content-producing device. In response to the nonce token being verified by the content-producing device, the system receives a first content-object packet with a payload that includes a first resumption indicator encrypted based on a second key. The system generates the second key based on a second consumer-share key and the first content-object packet.

Abstract: One embodiment of the present invention provides a system for retrieving a content collection over a network. During operation, the system determines additional information associated with the piece of content that is needed for consumption of the content collection; generates a plurality of Interests, which includes at least one Interest for a catalog of the content collection and at least one Interest for the additional information; and forwards, concurrently, the plurality of Interests, thereby facilitating parallel retrieval of the content collection and the additional information.

Abstract: One embodiment provides a system that facilitates privacy-preserving order statistics. The system receives, by a first device from a second device, a second value associated with the second device perturbed by a random value. The system determines a first difference between a first value associated with the first device, and the second value. The system encrypts a second difference between the first difference and the random value. Subsequent to transmitting the encrypted second difference, the system receives a sign of a first integer and a ciphertext. The system decrypts the ciphertext to obtain a third value which indicates the first difference scaled based on the first integer, wherein the scaled first difference is perturbed by a second integer. The system determines, based on the sign of the first integer and a sign of the third value, whether the first value is greater than or less than the second value.

Abstract: One embodiment provides a system that facilitates encrypted-domain aggregation of data in a star network. During operation, the system receives a set of ciphertexts, representing respective encrypted polynomial shares, of an input value from each participant in a plurality of participants. Each ciphertext in the set of ciphertexts is associated with a specific participant in the plurality of participants. The system computes an encrypted partial value for each participant by aggregating in the encrypted-domain a respective ciphertext associated with that participant received from the plurality of participants and sends a message comprising the encrypted partial value to that participant. This encrypted partial value is encrypted based on a public key of a corresponding participant. The system receives a decrypted partial value from each participant and computes a target value based on a set of decrypted partial values received from a set of participants in the plurality of participants.

Abstract: One embodiment provides a system that facilitates processing of error-condition information associated with a content-centric network (CCN) message transmitted over a network. During operation, the system receives, by a first node, a packet that corresponds to a CCN message, where a name for the CCN message is a hierarchically structured variable length identifier (HSVLI) which comprises contiguous name components ordered from a most general level to a most specific level. Responsive to determining that the CCN message triggers an error condition, the system generates an interest return message by pre-pending a data structure to the CCN message, where the data structure indicates the error condition. The system transmits the interest return message to a second node.

Abstract: A computer system can send a secure request over a named-data network to a remote device by generating an Interest with encrypted name components. During operation, the computer system can receive or obtain a request for data, such as from a local user or from a local application. If the system cannot satisfy the request locally, the system can determine at least a routable prefix and a name suffix associated with the request. The system can generate the secure Interest for the request by determining an encryption key that corresponds to a session with the remote computer system, and encrypts the name suffix using the session encryption key. The system then generates an Interest whose name includes the routable prefix and the encrypted name suffix, and disseminates the Interest over a named-data network to send the request to the remote computer system.

Abstract: A method and system for verifying Internet connectivity at an access point in a fast, secure, and privacy-friendly manner. During operation, the system may perform passive network discovery, challenge response discovery, and/or active discovery to verify Internet connectivity for a mobile device. Passive network discovery involves the mobile device using a public key of a server to decrypt a time value to verify Internet connectivity. The mobile device receives the encrypted time value as part of the server's signed timing information in an overloaded WiFi beacon frame. Challenge response discovery involves the mobile device sending an encrypted challenge to servers, and a server returns a correct response to the challenge to confirm Internet connectivity. Active discovery involves a mobile device sending HTTP GET requests to a randomly selected set of servers without including a user agent, and a server may send an HTTP REPLY to confirm Internet connectivity.

Abstract: One embodiment provides a system for noise addition to enforce data privacy protection in a star network. In operation, participants may add a noise component to a dataset. An aggregator may receive the noise components from the plurality of participants, compute an overall noise term based on the received noise components, and aggregate values using the noise components and overall noise term.

Abstract: One embodiment of the present invention provides a system for enhancing security in a secure communication channel. During operation, the system collects contextual information associated with a mobile device or a user of the mobile device and determines whether a trigger condition is met based on the collected contextual information. In response to determining that the trigger condition is met, the system performs a first type of key-ratcheting operation on a current cryptographic key to update the cryptographic key. In response to determining that the trigger condition is not met, the system performs a second type of key-ratcheting operation on the current cryptographic key to update the cryptographic key. The system then encrypts a to-be-sent message using an encryption key associated with the updated cryptographic key.

Abstract: A computer-implemented system and method for automatically identifying attributes for anonymization is provided. A dataset of attributes is accessed. Each attribute in the dataset is associated with a plurality of values. The values of the dataset are encrypted and the attributes are processed by assigning a sensitivity level to each of the attributes. One or more of the attributes are selected from the dataset for anonymization based on the assigned sensitivity levels.

Abstract: One embodiment provides a system that facilitates secure communication between computing entities. During operation, the system generates, by a content-consuming device, a first key based on a first consumer-share key and a previously received producer-share key. The system constructs a first interest packet that includes the first consumer-share key and a nonce token which is used as a pre-image of a previously generated first nonce, wherein the first interest has a name that includes a first prefix, and wherein the first nonce is used to establish a session between the content-consuming device and a content-producing device. In response to the nonce token being verified by the content-producing device, the system receives a first content-object packet with a payload that includes a first resumption indicator encrypted based on a second key. The system generates the second key based on a second consumer-share key and the first content-object packet.