Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hash Range Queries

luke crouch
December 18, 2018

Hash Range Queries

For simple, privacy-preserving data-sharing.

luke crouch

December 18, 2018
Tweet

More Decks by luke crouch

Other Decks in Technology

Transcript

  1. Hash Range Queries
    For simple, privacy-preserving data-sharing

    View Slide

  2. https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/

    https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/
    Not my original idea

    View Slide

  3. https://api.pwnedpasswords.com/pwnedpassword/password
    A request for a single password reveals who is
    interested in this password.
    Maybe not that interesting for a widely-used value

    View Slide

  4. https://api.pwnedpasswords.com/pwnedpassword/p1nkyp13
    But how many people would use their favorite my
    little pony character with vowels replaced with
    numbers?

    View Slide

  5. Do you trust the person
    operating the service?
    • Are they doing something else with the data?

    • Are they securing the data?

    View Slide

  6. View Slide

  7. How can a client get a single
    record from a server without
    revealing the record identifier
    to the server?

    View Slide

  8. The Easiest Way:
    Hashed Identifiers

    View Slide

  9. View Slide

  10. View Slide

  11. But
    rainbow tables exist

    View Slide

  12. View Slide

  13. The Hard Way:
    Private Set Intersection

    View Slide

  14. View Slide

  15. View Slide

  16. The Middle Way:
    k-Anonymity

    View Slide

  17. https://en.wikipedia.org/wiki/K-anonymity
    Every record is unique

    View Slide

  18. https://en.wikipedia.org/wiki/K-anonymity
    k-Anonymity: 2
    for any combination of Age + Gender + State found in any row of the table
    there are always at least 2 rows with those exact attributes
    Suppression Suppression
    Generalization

    View Slide

  19. https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/
    By using this property, we are able to seperate hashes
    into anonymized "buckets".

    View Slide

  20. https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/
    A client is able to anonymize the user-supplied
    hash …

    View Slide

  21. https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/
    … and then download all hashes in the same
    anonymized "bucket" as that hash …
    {

    View Slide

  22. https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/
    {
    5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
    5baa61f4c0b12f0a6691121c7de9420c8ff12c1f
    5baa61aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
    5baa61bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
    5baa61cccccccccccccccccccccccccccccccccc
    5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
    5baa61f4c0b12f0a6691121c7de9420c8ff12c1f
    5baa61aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
    5baa61bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
    5baa61cccccccccccccccccccccccccccccccccc
    … then do an offline check to see if the user-
    supplied hash is in that breached bucket.

    View Slide