Angeliki Aktypi (University of Oxford), Kasper Rasmussen (University of Oxford)

In structured peer-to-peer networks, like Chord, users find data by
asking a number of intermediate nodes in the network. Each node
provides the identity of the closet known node to the address of the
data, until eventually the node responsible for the data is reached.
This structure means that the intermediate nodes learn the address of
the sought after data. Revealing this information to other nodes makes
Chord unsuitable for applications that require query privacy so in
this paper we present a scheme Iris to provide query privacy while
maintaining compatibility with the existing Chord protocol. This means
that anyone using it will be able to execute a privacy preserving
query but it does not require other nodes in the network to use it (or
even know about it).

In order to better capture the privacy achieved by the iterative
nature of the search we propose a new privacy notion, inspired by
$k$-anonymity. This new notion called $(alpha,delta)$-privacy, allows us to formulate
privacy guarantees against adversaries that collude and take advantage
of the total amount of information leaked in all iterations of the
search.

We present a security analysis of the proposed algorithm based on the
privacy notion we introduce. We also develop a prototype of the
algorithm in Matlab and evaluate its performance. Our analysis proves
Iris to be $(alpha,delta)$-private while introducing a modest performance
overhead. Importantly the overhead is tunable and proportional to the
required level of privacy, so no privacy means no overhead.

View More Papers

YuraScanner: Leveraging LLMs for Task-driven Web App Scanning

Aleksei Stafeev (CISPA Helmholtz Center for Information Security), Tim Recktenwald (CISPA Helmholtz Center for Information Security), Gianluca De Stefano (CISPA Helmholtz Center for Information Security), Soheil Khodayari (CISPA Helmholtz Center for Information Security), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security)

Read More

IoT Software Updates: User Perspectives in the Context of...

S. P. Veed, S. M. Daftary, B. Singh, M. Rudra, S. Berhe (University of the Pacific), M. Maynard (Data Independence LLC) F. Khomh (Polytechnique Montreal)

Read More

PropertyGPT: LLM-driven Formal Verification of Smart Contracts through Retrieval-Augmented...

Ye Liu (Singapore Management University), Yue Xue (MetaTrust Labs), Daoyuan Wu (The Hong Kong University of Science and Technology), Yuqiang Sun (Nanyang Technological University), Yi Li (Nanyang Technological University), Miaolei Shi (MetaTrust Labs), Yang Liu (Nanyang Technological University)

Read More

Blackbox Fuzzing of Distributed Systems with Multi-Dimensional Inputs and...

Yonghao Zou (Beihang University and Peking University), Jia-Ju Bai (Beihang University), Zu-Ming Jiang (ETH Zurich), Ming Zhao (Arizona State University), Diyu Zhou (Peking University)

Read More