Dartmouth College Computer Science
Technical Report series
|By author:||A B C D E F G H I J K L M N O P Q R S T U V W X Y Z|
|By number:||2020, 2019, 2018, 2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009, 2008, 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000, 1999, 1998, 1997, 1996, 1995, 1994, 1993, 1992, 1991, 1990, 1989, 1988, 1987, 1986|
The use of credential directories in PKI and authorization systems such as
Shibboleth introduces a new privacy risk: an insider at the directory can learn
much about otherwise protected interactions by observing who makes queries, and
what they ask for. Recent advances in Practical Private Information Retrieval
provide promising countermeasures. In this paper, we extend this technology to
solve this new privacy problem, and present a design and preliminary prototype
for a LDAP-based credential service that can prevent even an insider from
learning anything more than the fact a query was made. Our preliminary
performance analysis suggests that the complete prototype may be sufficiently
robust for academic enterprise settings.
Submitted to the 2nd Annual PKI Research Workshop.
Bibliographic citation for this report: [plain text] [BIB] [BibTeX] [Refer]
Or copy and paste:
Alex Iliev and Sean Smith, "Privacy-enhanced credential services." Dartmouth Computer Science Technical Report TR2003-442, February 2003.
Notify me about new tech reports.
Search the technical reports.
To receive paper copy of a report, by mail, send your address and the TR number to reports AT cs.dartmouth.edu
Copyright notice: The documents contained in this server are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
Technical reports collection maintained by David Kotz.