DocumentCode :
1923949
Title :
The Power of Refresh: A Novel Mechanism for Securing Low Entropy PII
Author :
Li, Yuqian ; Liu, Yang ; Liu, Zhifang ; Huang, Jiwei ; Chen, Zhen
Author_Institution :
Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing, China
fYear :
2011
fDate :
18-20 April 2011
Firstpage :
29
Lastpage :
36
Abstract :
Deterministic encryption for low entropy personally identifiable information(PII) is vulnerable to dictionary attack. It is particularly so because of an expedient method to enumerate possible PII\´splain text instead of all possible keys. Deterministic encryption, however, is indispensable in the generation of hash or index of PII. This paper presents a novel mechanism to frustrate dictionary attacks by refreshing the encryption in an external "blackbox". The "blackbox" has a private key inside and even the person who designed and manufactured it could not track or reveal its input and output without knowing the private key. The major part of this paper is about the analysis of this novel mechanism. The use of conditional entropy in this paper both measures the power to defend the attack and proves the value and feasibility of this novel mechanism. A lower bound for conditional entropy against a computationally-unbounded adversary is guaranteed. The essential meaning of the lower bound is also given based on min-entropy. By the proof, this mechanism can provide very reliable security for PII in online social networks (OSN) and keep efficiency and functionality at the same time.
Keywords :
entropy; private key cryptography; social networking (online); blackbox; conditional entropy; deterministic encryption; dictionary attacks; hash generation; index generation; low entropy personally identifiable information; min-entropy; online social networks; private key; Dictionaries; Encryption; Entropy; Hardware; Indexes; Servers; conditional entropy; deterministic encryption; online social network; personally identifiable information; security;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Communications and Mobile Computing (CMC), 2011 Third International Conference on
Conference_Location :
Qingdao
Print_ISBN :
978-1-61284-312-4
Type :
conf
DOI :
10.1109/CMC.2011.32
Filename :
5931136
Link To Document :
بازگشت