<p> The modern internet and phone networks offer very little security, privacy, or accountability to their users. As people conduct their business and social lives online and over the phone, they naturally generate private or sensitive data about themselves. But any number of parties can and do track this data. Not only the services people interact with everyday, but third-party services for ad tracking, malicious hackers, government agencies operating with nebulous legal authority, and service providers themselves can and do observe and track users. They can then use the sensitive data in a variety of objectionable ways.</p><p> Changing this state of affairs without an earth-shattering technological breakthrough may appear to be a hopeless situation. But, in this dissertation, we demonstrate how existing technology can, if deployed and used properly, markedly improve privacy for users and accountability for those collecting data. We discuss two techniques for achieving these improvements: privacy-preserving surveillance and anonymous communication. For each technique, we present example protocols for which we have implemented fast prototypes running on commercial hardware.</p><p> First, we define the notion of privacy-preserving surveillance. Currently, a government agency can collect and examine bulk user data while making no distinction between the legitimate target of investigation and the average person, and with little or no oversight from other agencies. Privacy-preserving surveillance is an alternative legal regime in which searches of sensitive user data could only take place with the active collaboration of multiple government agencies. Trust is distributed amongst these agencies, assuring that no single authority can unilaterally view sensitive user data (or metadata). We then show how two types of bulk surveillance, currently in use by the authorities, could be made privacy-preserving by the adoption of modern cryptographic protocols to secure data.</p><p> We also discuss protocols for anonymous communication. We take two approaches to anonymity. First, we present an improvement to the Tor network, an anonymity substrate based on onion routing that is already deployed in the wild. Second, we present a complete specification of the dining-cryptographers-based Verdict protocol arid formally prove its anonymity, security, and accountability properties. </p>
| Identifer | oai:union.ndltd.org:PROQUEST/oai:pqdtoai.proquest.com:10584958 |
| Date | 27 July 2017 |
| Creators | Segal, Aaron |
| Publisher | Yale University |
| Source Sets | ProQuest.com |
| Language | English |
| Detected Language | English |
| Type | thesis |
Page generated in 0.0745 seconds