Mechanism for the prevention of password reuse through Anonymized Hashes

Ali, Junade

doi:10.7287/peerj.preprints.3322

Cited by 2 publications

(6 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(Li et al, 2019) vides an overview of protocols for compromised credential checking (C3) services and a mechanism for empirically evaluating such protocols. Such protocols are based off the HIBP protocol whereby passwords are bucketed based on a hash prefix, allowing for kanonymous verification of a breached password as implemented in (Ali, 2017). This bucket is then served to the user to identify if the password is breached or not.…”

Section: Related Workmentioning

confidence: 99%

Practical Hash-based Anonymity for MAC Addresses

Ali¹,

Dyo

2020

Proceedings of the 17th International Joint Conference on E-Business and Telecommunications

Self Cite

View full text Add to dashboard Cite

Given that a MAC address can uniquely identify a person or a vehicle, continuous tracking over a large geographical scale has raised serious privacy concerns amongst governments and the general public. Prior work has demonstrated that simple hash-based approaches to anonymization can be easily inverted due to the small search space of MAC addresses. In particular, it is possible to represent the entire allocated MAC address space in 39 bits and that frequency-based attacks allow for 50% of MAC addresses to be enumerated in 31 bits. We present a practical approach to MAC address anonymization using both computationally expensive hash functions and truncating the resulting hashes to allow for k-anonymity. We provide an expression for computing the percentage of expected collisions, demonstrating that for digests of 24 bits it is possible to store up to 168, 617 MAC addresses with the rate of collisions less than 1%. We experimentally demonstrate that a rate of collision of 1% or less can be achieved by storing data sets of 100 MAC addresses in 13 bits, 1, 000 MAC addresses in 17 bits and 10, 000 MAC addresses in 20 bits. a https://orcid.

show abstract

Section: Related Workmentioning

confidence: 99%

Practical Hash-based Anonymity for MAC Addresses

Ali¹,

Dyo

2020

Proceedings of the 17th International Joint Conference on E-Business and Telecommunications

Self Cite

View full text Add to dashboard Cite

show abstract

“…The key issue to solve here is allowing for users to compute the Rolling Proximity Identifiers of users they may have come into contact with without leaking the information of all affected users. Developers of contact tracing apps [8] have sought guidance on implementing my original k-Anonymity communication protocol [9] to mitigate this effect (a protocol originally devised for compromised credential checking).…”

Section: Related Workmentioning

confidence: 99%

“…We seek to allow a user to query CCIs whilst minimising the privacy loss both on the server and for the client. Fortunately, this is a well explored problem in [9], [11], [12].…”

Section: B Efficient Rolling Proximity Identifier Searchmentioning

confidence: 99%

“…When a user's Temporary Exposure Key is uploaded to a server, the CCIs are computed for the period of exposure. They are then stored in k-Anonymous buckets described in [9]. The client simply needs to truncate the CCI hash to a desired number of bits such to grant anonymity (we provide both formal definitions and empirical analysis for applying k-Anonymity to hash based data sets in [14]).…”

Section: B Efficient Rolling Proximity Identifier Searchmentioning

confidence: 99%

“…During a k-Anonymous search protocol, this means the client discloses a partial hash as the search partition and then both parties are able to determine if the content of the clients search is in that partition without needing to disclosure any further information. Unlike the approach detailed in [9], this provides further cryptographic shielding of the hashes held by the server.…”

Section: B Efficient Rolling Proximity Identifier Searchmentioning

confidence: 99%

See 2 more Smart Citations

Cross Hashing: Anonymizing encounters in Decentralised Contact Tracing Protocols

Ali¹,

Dyo²

2020

Preprint

Self Cite

View full text Add to dashboard Cite

During the COVID-19 (SARS-CoV-2) epidemic, Contact Tracing emerged as an essential tool for managing the epidemic. App-based solutions have emerged for Contact Tracing, including a protocol designed by Apple and Google (influenced by an open-source protocol known as DP3T). This protocol contains two well-documented de-anonymisation attacks. Firstly that when someone is marked as having tested positive and their keys are made public, they can be tracked over a large geographic area for 24 hours at a time. Secondly, whilst the app requires a minimum exposure duration to register a contact, there is no cryptographic guarantee for this property. This means an adversary can scan Bluetooth networks and retrospectively find who is infected. We propose a novel "cross hashing" approach to cryptographically guarantee minimum exposure durations. We further mitigate the 24-hour data exposure of infected individuals and reduce computational time for identifying if a user has been exposed using k-Anonymity buckets of hashes and Private Set Intersection.

show abstract

Mechanism for the prevention of password reuse through Anonymized Hashes

Cited by 2 publications

References 0 publications

Practical Hash-based Anonymity for MAC Addresses

Practical Hash-based Anonymity for MAC Addresses

Cross Hashing: Anonymizing encounters in Decentralised Contact Tracing Protocols

Contact Info

Product

Resources

About