RICERCA ITALIANA     

Privacy aware processing of encrypted signals for treating sensitive information

Università degli Studi di Siena

Abstract

Processing sensitive information like biometric or biomedical signals in a non-trusted scenario, while ensuring that the privacy of the involved parties is preserved, requires that new tools and solutions are developed. In this project we investigate the possibility of processing signals in the encrypted domain for privacy-aware treatment of sensitive information. By relying on advanced cryptographic primitives like homomorphic encryption, multiparty computation and zero knowledge protocols, we will analyse the possibility of developing secure signal processing primitives like linear transforms, scalar products or FIR filters capable of operating on encrypted data. The developed signal processing primitives will be assembled into a set of basic pattern recognition tools (e.g. neural networks or classifiers) forming the basis for the analysis and interpretation of encrypted signals. At an even higher level, the pattern recognition primitives will be applied to practical scenarios involving the treatment of biometric signals, like face or iris images, or other kinds of sensitive data, like biomedical signals. The requirements stemming from the application level, including those raised by the current privacy regulation, will be considered, so to cast the activity into a practical set up. The architectural and data flow constraints will be considered as well, so to encompass all the levels of the addressed scenario.

From a scientific point of view, the research >>>

Principal Investigator

Mauro Barni Università degli Studi di SIENA

Research Objectives

Recent advances in the acquisition, delivery and processing of digital contents have made available a large number of new opportunities for the storage, transmission, and consumption of these contents. At the same time, these rapid technological developments have raised several important concerns regarding the security of such data. A field where security concerns assume a crucial importance is the treatment of sensitive information subject to privacy protection regulations. Consider, for example, the storage and manipulation of medical data. Obviously this kind of information (e.g., the outcome of diagnostic tests on human physiological fluids, the measurement of human physiological signals such as the electrocardiogram, the biomedical images obtained by radiography or ultrasound images) is a very critical one since it characterizes the health conditions of persons. Its disclosure to persons other than the patient's doctor should not occur without the patient's authorization in order to protect his/her fundamental right to privacy of personal medical conditions. Alternatively, we can consider the use of biometric information in security applications wherein various kinds of biometric data (e.g. fingerprint, iris and face images) are used to identify the persons or their behaviour. Given that biometric traits are irreplaceable since the physical features of the owner should be modified they are invaluable to the owners. Their protection is therefore critical to >>>

First Results

The potential impact of the proposed project spans across several levels covering both short term and long term aspects.

SCIENTIFIC AND TECHNOLOGICAL LEVEL

From a purely scientific point of view, the research activity carried out during the project could lead to the birth of a new interdisciplinary research field, given by a general theory of signal processing operations in the encrypted domain. Cryptology and signal processing are by themselves highly interdisciplinary research areas; each of them, in fact, uses techniques and theories coming from several domains of mathematics and computer science. This new field could improve the collaboration between the two worlds of signal processing and of cryptography, and, especially, will give the opportunity to open new areas of joint research, by using different expertise’s to explore the same issue.
The results of the project will have a great impact on the technology design involving all the applications where there are two (or more) communicating parties distrusting each other, with particular reference to the cases where the preservation of the privacy of the final user is strictly required.

ECONOMIC AND SOCIAL LEVEL

As technology is becoming increasingly powerful, it is becoming more pervasive and less visible to the user. Businesses and governments are increasingly networked. So are citizens, and technology is being rapidly assimilated into both the home and >>>

Timescale

24 months

National and international background

In several application scenarios it happens that valuable or trusted information must be sent to a non-trusted device for some form of processing. This is the case, for example, of medical information sent to a remote server providing an on-line diagnosis service, or that of biometric data that has to be processed for granting someone the access to a particular service or content. One way to solve the security problems stemming from the above situations is to use methods that can process sensitive information while the information is in encrypted format.
In contrast to traditional approaches, which build a secure layer on top of the processing module and assume that the involved parties trust each other, the above approach allows valuable information to be processed by mutually distrusting parties.

Whereas the development of methods to process encrypted data may seem a formidable task, some recent studies, spanning from digital watermarking [Adel02] [Wong01] through secure compression [John04], privacy preserving machine learning [Barn06], and data mining algorithms [Agra03], have shown that the application of signal processing in the encrypted domain is indeed feasible.

The problem of computing with encrypted data has been intensively studied in the past 30 years [Rive78], as it is of fundamental importance to understand encryption and it has many practical applications. This is a particular instance of the more general problem of secure >>>