<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: arial,helvetica,sans-serif; font-size: 10pt; color: #000000'>Ian Davey will be presenting his research seminar/general exam (talk only) on <br>Wednesday January 23 at 2PM in Sherrerd 306 (Note Location!). The members <br>of his committee are: Ed Felten (advisor), Michael Freedman, and Zeev Dvir. <br>Everyone is invited to attend his talk. <br><br><hr id="zwchr"><div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><font face="arial,helvetica,sans-serif" size="2"><br></font><div dir="ltr"><div><font face="arial,helvetica,sans-serif" size="2"><b><div style="display:inline!important"><b>Collective Security for Resistance to Mass Harvesting of Publicly-Available Information</b></div></b><br></font></div><div><font face="arial,helvetica,sans-serif" size="2"><b><div style="display:inline!important"><b><br>
</b></div></b></font></div><div><div><font face="arial,helvetica,sans-serif" size="2">As internet users produce and share increasing amounts of content, some new privacy concerns appear. <br>In particular, various entities who have no personal interest in any particular author will nonetheless crawl <br>the internet and harvest any public data they can find. While users may be perfectly happy to share thoughts, <br>photos, video, and contact information with other human users (including complete strangers), they may not <br>wish for the data to be grabbed automatically at scale and used for targeted advertising, spam, search indexing and archiving, etc.</font></div><font face="arial,helvetica,sans-serif" size="2">
</font><div><font face="arial,helvetica,sans-serif" size="2"><br></font></div><div><font face="arial,helvetica,sans-serif" size="2">Ultimately this becomes an instance of the key distribution problem --- while normal encryption may appear <br>at first the obvious solution, in this case we cannot expect the author to have an existing relationship with <br>his/her audience, and thus there is not necessarily an out-of-band channel through which to exchange key data. <br>However, also in this case, while each member of the desired audience has a limit to the amount of content he/she <br>wishes to view, the adversary has no such limit and wishes to scrape everything. We can exploit this property to find a solution.</font></div><font face="arial,helvetica,sans-serif" size="2">
</font><div><font face="arial,helvetica,sans-serif" size="2"><br></font></div><div><font face="arial,helvetica,sans-serif" size="2">In this talk we formally define a notion of ``collective security,'' which allows for the recovery of individual pieces of <br>data but provides resistance to mass harvesting of the entire corpus of content. We then propose methods which <br>use weak symmetric ciphers and/or hyperencryption to fill this requirement and prove a theoretical upper bound on <br>its effectiveness. We also propose a system of ``shortcuts'' in case a (possibly one-way) channel for key exchange <br>exists between an author and a viewer. We then present experimental results, explore an economy where barriers <br>to mass information harvesting exist, and describe a browser extension which implements some of our techniques.</font></div>
</div><div><br></div></div><div class="gmail_extra"><br></div>
</div><br></div></body></html>