Abstract: One embodiment of the present invention provides a system that performs inference detection based on Internet advertisements. In doing so, this system first receives a set of topic words, performs a search query on each topic word using a search engine, and gathers a set of Uniform Resource Locators (URLs) associated with sponsored advertisement from the search results corresponding to each search query. Then, the system determines a correlation between two topic words based on their corresponding URLs associated with sponsored advertisement, and produces a result which indicates groups of correlated topic words.

Abstract: A computer-implemented system and method for providing private stable matchings through a re-encryption mix network is presented. Preferences are encrypted. Bids are created. An initial mixing is performed. A set of unmatched bids and a set of matched bids are externally mixed independently. A union of the set of unmatched bids and the set of matched bids are internally mixed. For the number of participants in a set of active participants, a stable match for one of passive participants is determined, while the set of unmatched bids remains non-empty. The set of matched bids for the last stable match is externally mixed. The preferences in the set of matched bids are decrypted to identify the passive participants stably matched to the active participants.

Abstract: A system and method for providing private stable matchings is presented. At least one set of matcher preferences for an active participant and at least one set of matchee preferences for a passive participant are accumulated. Private stable matched bids from the at least one matcher preferences set and the at least one matchee preferences set are privately generated. At least one of the private matched bids is decrypted as a stable matching, which is presented to one of the passive participant and the active participant identified in the decrypted stable matching.

Abstract: A computer-implemented system and method for providing private stable matchings through a re-encryption mix network is presented. Preferences are encrypted. Bids are created. An initial mixing is performed. A set of unmatched bids and a set of matched bids are externally mixed independently. A union of the set of unmatched bids and the set of matched bids are internally mixed. For the number of participants in a set of active participants, a stable match for one of passive participants is determined, while the set of unmatched bids remains non-empty. The set of matched bids for the last stable match is externally mixed. The preferences in the set of matched bids are decrypted to identify the passive participants stably matched to the active participants.

Abstract: One embodiment of the present invention provides a system which allows a document owner to redact content from a document and allows a recipient of the redacted document to challenge the appropriateness of the redaction. During operation, the system allows the document owner to redact a string Mi from location i in the document. In doing so, the system produces a commitment Ci=C(Mi, Ri) based on string Mi and a string Ri used as randomness and communicates Ci to the recipient. When the recipient challenges the redaction, the system receives a topic string T from the recipient, and produces a string RT. The system then communicates RT to the recipient, thereby allowing the recipient to produce a commitment CT=C(T, RT) based on strings T and RT, and compare CT with Ci. Comparing commitment CT with Ci allows the recipient to test redactions for string equality.

Abstract: A selectively encrypted data unit is generated from an unencrypted data unit. This is accomplished by accessing a list of attributes related to the unencrypted data unit that identify classifications of sensitive information within the unencrypted data unit. In addition, a protection key that is responsive to a random number is selected and auxiliary values computed from the attributes of the sensitive information and the random number are produced. The sensitive information is encrypted with the protection key to create an encrypted version of the sensitive information. The encrypted version is associated with the auxiliary values and linked to an attribute vector that classifies the sensitive information in the encrypted version. Data from the unencrypted data unit and the encrypted version of the sensitive information is stored as the selectively encrypted data unit.

Abstract: A capability key is generated that provides access to sensitive information within a selectively encrypted data unit created from an unencrypted data unit. A user specifies access rights as a monotone boolean relationship between a selection of a list of attributes related to the unencrypted data unit. This relationship is used to compute a key descriptor. Next one or more shares of a master secret is generated responsive to the monotone boolean relationship and a random number. Next a unique capability key is computed from one or more cryptosystem parameters, the one or more shares and the random number. The unique capability key and the key descriptor together enable decryption of sensitive information within a selectively encrypted data unit created from an unencrypted data unit. Finally, the unique capability key and the key descriptor are provided to allow decryption of sensitive information within the selectively encrypted data unit.

Abstract: A selectively encrypted data unit includes an encrypted version of sensitive information (capable of being decrypted to reveal the sensitive information), a plurality of auxiliary values, and an attribute vector associated with the encrypted version of the sensitive information. The selectively encrypted data unit and a unique capability key are accessed. The unique capability key is associated with a key descriptor and is responsive to one or more cryptosystem parameters, one or more random numbers and one or more shares of a master secret. Next the technology determines whether the attribute vector is filtered or enabled by the key descriptor. If so, a protection key is acquired that is responsive to the one or more cryptosystem parameters, the plurality of auxiliary values, the key descriptor and the unique capability key. Once acquired, the protection key is used to decrypt the encrypted version to generate the sensitive information which is presented.

Abstract: A system and method for exchanging a transformed message with enhanced privacy is presented. A set of input messages is defined. A set of output messages is defined. A message is selected from the input messages set. One or more words in the selected message are efficiently transformed directly into a transformed message different from the selected message, wherein the transformed message belongs to the set of output messages, at least one component of the selected message is recoverable from the transformed message, and the cost of determining whether the transformed message belongs to the input messages set or the output messages set exceeds a defined threshold.

Abstract: One embodiment of the present invention provides a system that performs inference detection based on Internet advertisements. In doing so, this system first receives a set of topic words, performs a search query on each topic word using a search engine, and gathers a set of Uniform Resource Locators (URLs) associated with sponsored advertisement from the search results corresponding to each search query. Then, the system determines a correlation between two topic words based on their corresponding URLs associated with sponsored advertisement, and produces a result which indicates groups of correlated topic words.

Abstract: One embodiment of the present invention provides a system which allows a document owner to redact content from a document and allows a recipient of the redacted document to challenge the appropriateness of the redaction. During operation, the system allows the document owner to redact a string Mi from location i in the document. In doing so, the system produces a commitment Ci=C(Mi, Ri) based on string Mi and a string Ri used as randomness and communicates Ci to the recipient. When the recipient challenges the redaction, the system receives a topic string T from the recipient, and produces a string RT. The system then communicates RT to the recipient, thereby allowing the recipient to produce a commitment CT=C(T, RT) based on strings T and RT, and compare CT with Ci. Comparing commitment CT with Ci allows the recipient to test redactions for string equality.

Abstract: A selectively encrypted data unit is generated from an unencrypted data unit. This is accomplished by accessing a list of attributes related to the unencrypted data unit that identify classifications of sensitive information within the unencrypted data unit. In addition, a protection key that is responsive to a random number is selected and auxiliary values computed from the attributes of the sensitive information and the random number are produced. The sensitive information is encrypted with the protection key to create an encrypted version of the sensitive information. The encrypted version is associated with the auxiliary values and linked to an attribute vector that classifies the sensitive information in the encrypted version. Data from the unencrypted data unit and the encrypted version of the sensitive information is stored as the selectively encrypted data unit.

Abstract: A selectively encrypted data unit includes an encrypted version of sensitive information (capable of being decrypted to reveal the sensitive information), a plurality of auxiliary values, and an attribute vector associated with the encrypted version of the sensitive information. The selectively encrypted data unit and a unique capability key are accessed. The unique capability key is associated with a key descriptor and is responsive to one or more cryptosystem parameters, one or more random numbers and one or more shares of a master secret. Next the technology determines whether the attribute vector is filtered or enabled by the key descriptor. If so, a protection key is acquired that is responsive to the one or more cryptosystem parameters, the plurality of auxiliary values, the key descriptor and the unique capability key. Once acquired, the protection key is used to decrypt the encrypted version to generate the sensitive information which is presented.

Abstract: A capability key is generated that provides access to sensitive information within a selectively encrypted data unit created from an unencrypted data unit. A user specifies access rights as a monotone boolean relationship between a selection of a list of attributes related to the unencrypted data unit. This relationship is used to compute a key descriptor. Next one or more shares of a master secret is generated responsive to the monotone boolean relationship and a random number. Next a unique capability key is computed from one or more cryptosystem parameters, the one or more shares and the random number. The unique capability key and the key descriptor together enable decryption of sensitive information within a selectively encrypted data unit created from an unencrypted data unit. Finally, the unique capability key and the key descriptor are provided to allow decryption of sensitive information within the selectively encrypted data unit.