Double Blind Comparison: Secure Database Integration with Minimal Database Aggregation
Date
2013-01-08
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The Database Inference Problem occurs when a user with legitimate access to a data set is able to infer information that he or she should not have access to; the Database Aggregation Problem occurs when two or more data sets are combined, and the resulting combination allows unauthorized inference to take place. Secure database integration is the study of legitimately combining information from two or more databases, while ensuring that database aggregation and inference are at least minimized, if not prevented. Pseudonymized database integration involves replacing the record identifier with an encrypted identifier called a pseudonym, to prevent unauthorized aggregation.
This thesis presents a new cryptographic primitive, Double Blind Comparison, which allows two co-operating users, who each hold a ciphertext, to determine whether the corresponding plaintexts are the same, even though neither user can discover any information about the plaintexts. Only if the two users co-operate can this comparison take place. The outcome of a Double Blind Comparison is that the user who submits the request (the submitter) learns nothing, while the user who makes the comparison (the comparer) learns only whether the two plaintexts are equal.
The thesis shows how Double Blind Comparison can be used to implement secure database integration while protecting against aggregation, by allowing the respective administrators to compare records on a case-by-case basis.
The thesis presents two practical realizations of Double Blind Comparison, one using groups with infeasible inversion and one using bilinear pairings. It also develops an efficient search capability, illustrated using groups with infeasible inversion. This is the only pseudonymized database integration scheme with an efficient search capability.
Description
Keywords
Computer Science
Citation
Lorimer, W. (2013). Double Blind Comparison: Secure Database Integration with Minimal Database Aggregation (Doctoral thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca. doi:10.11575/PRISM/25739