Abstract: An XOR (exclusive or) encoded document is disclosed for establishing a joint secret between two parties. Encoded on the document are one or more areas of XOR messages. Each area containing an XOR message hides from view on each side of the XOR encoded document a different message on either side of a transparent base layer. To uncover a message in an area containing an XOR message on one side of the transparent base layer, the message on the other side of the XOR encoded document is scratched off and rendered illegible.

Abstract: A system and method for providing a conjunctive keyword search over encrypted data is presented. A plurality of encrypted data is maintained. Each encrypted data includes a plurality of keyword fields that each contain a keyword. The keywords for the keyword fields are encrypted for each encrypted data. A capability is generated for two or more such encrypted keywords that includes a plurality of parameters defining a conjunctive keyword search. The capability is sent from a requestor to a server. The capability is applied to the encrypted keywords with the server to generate a result and the result is provided to the requestor.

Abstract: A physical token operates together with an online server to test whether a user operating a user computer to access a service available at the online server is human. The physical token has two states: inactive and active. When in the inactive state the physical token displays interaction instructions for performing a physical action on the token. When the interaction instructions are satisfied, the physical token transitions to the active state and displays a response that may be used for satisfying a challenge issued by the online server to the user seeking to access the service.

Abstract: One embodiment of the present invention provides a system that detects malicious data in an ad-hoc network. During operation, the system receives data at a node in the ad-hoc network, wherein the data was sensed and redundantly communicated to the node by other nodes in the ad-hoc network. Note that in this ad-hoc network, a given node senses data associated with itself and with proximate nodes in the ad-hoc network. In this way, proximate nodes in the ad-hoc network can redundantly sense data about each other. Next, the system determines at the node if the received data, along with data sensed locally by the node, is consistent. If not, the system uses a model which accounts for malicious nodes to determine an explanation for the inconsistency.

Abstract: An XOR (exclusive or) encoded document is disclosed for establishing a joint secret between two parties. Encoded on the document are one or more areas of XOR messages. Each area containing an XOR message hides from view on each side of the XOR encoded document a different message on either side of a transparent base layer. To uncover a message in an area containing an XOR message on one side of the transparent base layer, the message on the other side of the XOR encoded document is scratched off and rendered illegible.

Abstract: A physical token operates together with an online server to test whether a user operating a user computer to access a service available at the online server is human. The physical token has two states: inactive and active. When in the inactive state the physical token displays interaction instructions for performing a physical action on the token. When the interaction instructions are satisfied, the physical token transitions to the active state and displays a response that may be used for satisfying a challenge issued by the online server to the user seeking to access the service.

Abstract: A system and method for providing private stable matchings is presented. At least one set of matcher preferences for an active participant and at least one set of matchee preferences for a passive participant are accumulated. Private stable matched bids from the at least one matcher preferences set and the at least one matchee preferences set are privately generated. At least one of the private matched bids is decrypted as a stable matching, which is presented to one of the passive participant and the active participant identified in the decrypted stable matching.

Abstract: A system and method for exchanging a transformed message with enhanced privacy is presented. A set of input messages is defined. A set of output messages is defined. A message is selected from the input messages set. One or more words in the selected message are efficiently transformed directly into a transformed message different from the selected message, wherein the transformed message belongs to the set of output messages, at least one component of the selected message is recoverable from the transformed message, and the cost of determining whether the transformed message belongs to the input messages set or the output messages set exceeds a defined threshold.

Abstract: One embodiment of the present invention provides a system that detects malicious data in an ad-hoc network. During operation, the system receives data at a node in the ad-hoc network, wherein the data was sensed and redundantly communicated to the node by other nodes in the ad-hoc network. Note that in this ad-hoc network, a given node senses data associated with itself and with proximate nodes in the ad-hoc network. In this way, proximate nodes in the ad-hoc network can redundantly sense data about each other. Next, the system determines at the node if the received data, along with data sensed locally by the node, is consistent. If not, the system uses a model which accounts for malicious nodes to determine an explanation for the inconsistency.

Abstract: A system and method for providing a conjunctive keyword search over encrypted data is presented. A plurality of encrypted data is maintained. Each encrypted data includes a plurality of keyword fields that each contain a keyword. The keywords for the keyword fields are encrypted for each encrypted data. A capability is generated for two or more such encrypted keywords that includes a plurality of parameters defining a conjunctive keyword search. The capability is sent from a requestor to a server. The capability is applied to the encrypted keywords with the server to generate a result and the result is provided to the requestor.

Abstract: Techniques for protecting non-public information in a mobile environment are provided. A request for non-public information about users in a mobile environment is received. Privacy policies, non-public and optional public information about the users affected by the request are determined. An optional privacy impact indicator is determined based on how satisfying the request increases the current public information about the users. Crowds of users having similar attribute name/values are optionally determined. User and optional requestor privacy policies which associate threshold release criteria such minimum crowd size, minimum consideration with the non-public information are determined. A privacy agreement is reached for the disclosure of the requested non-public information based on the compatibility of the requester and user privacy policies. Privacy protecting transformations are optionally determined and applied to create crowds or groups associated with the requested attribute.

Abstract: Techniques for providing privacy protection are provided. A query is received. Privacy policy information, extracted knowledge and optional information about available public information are determined. Information about the knowledge extraction transformations applied to create the extracted knowledge and the source data is determined. Privacy protecting transformations are determined and applied to transform the extracted knowledge based on the selected privacy policy, optional information about available public information, the characteristics of the applied knowledge extractions transformations, the source data and optional previous user queries.