Transparent decryption


Transparent decryption is a method of decrypting data which unavoidably produces evidence that the decryption operation has taken place.[1] The idea is to prevent the covert decryption of data. In particular, transparent decryption protocols allow a user Alice to share with Bob the right to access data, in such a way that Bob may decrypt at a time of his choosing, but only while simultaneously leaving evidence for Alice of the fact that decryption occurred. Transparent decryption supports privacy, because this evidence alerts data subjects to the fact that information about them has been decrypted and disincentivises data misuse.[2]

Applications

edit

Transparent decryption has been proposed for several systems where there is a need to simultaneously achieve accountability and secrecy. For example:

  • In lawful interception, law enforcement agencies can access private messages and emails. Transparent decryption can make such accesses accountable,[2] giving citizens guarantees about how their private information is accessed.[3][4]
  • Data arising from vehicles and IoT devices may contain personal information about the vehicle or device owners and their activities. Nevertheless, the data is typically processed in order to provide user functionality and also to investigate and fight crime. Transparent decryption can be used to help users monitor when and how data about them is being accessed and used.[5]

Implementation

edit

In transparent decryption, the decryption key is distributed among a set of agents (called trustees); they use their key share only if the required transparency conditions have been satisfied. Typically, the transparency condition can be formulated as the presence of the decryption request in a distributed ledger.[2]

Alternative solutions

edit

Besides transparent decryption, some other techniques have been proposed for achieving law enforcement while preserving privacy.

  • Solutions that allow competing parties to unify their data access policies. Attribute-based encryption with oblivious attribute translation (OTABE) is an extension of attribute-based encryption that allows translation between proprietary attributes belonging to different organisations, and it has been applied to the problem of law-enforcement access to phone call metadata.[6]
  • Solutions that rely on sophisticated cryptography, such as zero-knowledge proofs that the actions of law enforcement is consistent with judge rulings and the actions of companies, and multi-party computation to compute results.[7]

References

edit
  1. ^ Cheval, Vincent; Moreira, José; Ryan, Mark (2023-04-16). "Automatic verification of transparency protocols (extended version)". arXiv:2303.04500 [cs.CR].
  2. ^ a b c Ryan, Mark D. (2017). "Making Decryption Accountable". In Stajano, Frank; Anderson, Jonathan; Christianson, Bruce; Matyáš, Vashek (eds.). Security Protocols XXV. Lecture Notes in Computer Science. Vol. 10476. Cham: Springer International Publishing. pp. 93–98. doi:10.1007/978-3-319-71075-4_11. ISBN 978-3-319-71074-7. Retrieved 2024-08-29.
  3. ^ J. Kroll, E. Felten, and D. Boneh, Secure protocols for accountable warrant execution, 2014
  4. ^ Nuñez, David; Agudo, Isaac; Lopez, Javier (2019). "Escrowed decryption protocols for lawful interception of encrypted data". IET Information Security. 13 (5): 498–507. doi:10.1049/iet-ifs.2018.5082. ISSN 1751-8717.
  5. ^ Li, Meng; Chen, Yifei; Lal, Chhagan; Conti, Mauro; Alazab, Mamoun; Hu, Donghui (2023-01-01). "Eunomia: Anonymous and Secure Vehicular Digital Forensics Based on Blockchain". IEEE Transactions on Dependable and Secure Computing. 20 (1): 225–241. doi:10.1109/TDSC.2021.3130583. ISSN 1545-5971.
  6. ^ Idan, Lihi; Feigenbaum, Joan (2022-07-21). "PRShare: A Framework for Privacy-preserving, Interorganizational Data Sharing". ACM Trans. Priv. Secur. 25 (4): 29:1–29:38. doi:10.1145/3531225. ISSN 2471-2566.
  7. ^ Frankle, Jonathan; Park, Sunoo; Shaar, Daniel; Goldwasser, Shafi; Weitzner, Daniel (2018). "Practical Accountability of Secret Processes". USENIX Security Symposium: 657–674. ISBN 978-1-939133-04-5.