1. A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1 Purdue University 2 KAUST University 3 UT Dallas

2. 2 Outline  LBS Privacy Overview Spatial Cloaking Techniques Cryptographic Techniques (PIR)  Proposed Hybrid Approach Private Evaluation of Point-Rectangle Enclosure Fragmentation-aware Indexing Experimental Evaluation

3. 3 Location-Based Services (LBS)  LBS users Mobile devices with GPS capabilities  Spatial Queries E.g., NN Queries Location server is NOT trusted “Find closest hospital to my present location” Problem Statement: How to protect the identity and location of the query source?

4. 4 Spatial Cloaking  Privacy through Cloaking Regions (CRs) Spatial Anonymity (e.g., CliqueCloak, Casper) Spatial Diversity (PROBE)

5. 5 Continuous Queries [CM07]  Problems ASRs grows large Query dropped if some user disconnects [CM07] C.-Y. Chow and M. Mokbel “Enabling Private Continuous Queries For Revealed User Locations”. In Proc. of SSTD 2007 u1u1 u3u3 u2u2

6. 6 Private Information Retrieval (PIR) Computationally hard to find i from q(i) Bob can easily find X i from r (trap-door)

7. 7 PIR Protocol for Binary Data 0101 1101 0101 0111 a b Get X 10 a=2, b=3, N=35 QNR={3,12,13,17,27,33} QR={1,4,9,11,16,29} 4 16 17 33 QNR z4z3z2z1z4z3z2z1 z 2 =QNR => X 10 =1 z 2 =QR => X 10 =0 [KO97 ]E. Kushilevitz and R. Ostrovsky. Replication is NOT needed: Single database, computationally-private information retrieval. In IEEE Symposium on Foundations of Computer Science, pages 364–373, 1997. X 10 27 3 2716

8. 8 Approximate Nearest Neighbor Data organized as a square matrix  Each column corresponds to index leaf  An entire leaf is retrieved – the closest to the user p4p4 p6p6 p5p5 p8p8 p1p1 p2p2 p7p7 p9p9 p3p3 u

9. 9 Motivation  Spatial Cloaking Cheap, but vulnerable  PIR Secure, but expensive  Severe disclosure of POI information O(|D|), O(√|D|), respectively

10. 10 Hybrid Approach Overview Apply PIR to a dynamic window Hide enclosure relationship Minimize leaf fragmentation Dataspace CR POI Index abcdef Leaf Nodes CR abc PIR Matrix

11. 11 Homomorphic Encryption (Paillier) plaintext space E[m 1 ] * E[m 2 ] = E[m 1 +m 2 ] (mod N 2 ) E[m] r = E[r*m] (mod N 2 ) Protocol to determine privately sign(b-a) Paillier encryption + random blinding Private Point-Rectangle Enclosure

12. 12 Private Evaluation of (b-a) |a-b|<M, M << N A: m 1 = N-a --- E[m 1 ] --> B: m 2 = b <-- E[m 1 +m 2 ] --- A: res= D[E[m 1 +m 2 ]] 0 N-1 M N-M a ≤ b a > b res:

13. 13 Private Evaluation of sign(b-a) |a-b|<M, M << N, r < M/N A: m 1 = N-a --- E[m 1 ] --> B: m 2 = b <-- E[m 1 +m 2 ]^r --- A: res= D[E[m 1 +m 2 ]] 0 N-1 M N-M a ≤ ba > b res: N/2

14. Fragmentation-aware Indexing 14 Assume Disclosure Threshold is 3 Median Split Our Approach

15. 15 Experimental Settings  Datasets Sequoia dataset: 62K POI  Modulus up to 1280 bits  P4, 2.8GHz CPU

16. 16 POI Disclosure

17. 17 Execution Time

18. 18 Communication Overhead

19. 19 Conclusions  Hybrid LBS privacy Limit the amount of POI disclosure Reduce processing overhead  Future work Support more complex types of queries  Apply fully homomorphic functions Investigate less costly PIR protocols

20. 20 Casper [Mok06]  Quad-tree based Fails to preserve anonymity for outliers Unnecessarily large ASR size u1u1 u2u2 u3u3 u4u4 A1A1 A2A2 u 4 ’s identity is disclosed If u 4 queries, ASR is A 2 If any of u 1, u 2, u 3 queries, ASR is A 1 Let K=3 [Mok06] – Mokbel et al, The New Casper: Query Processing for Location Services without Compromising Privacy, VLDB 2006

21. 21 Hilbert Cloak (HC) u2u2 u3u3 u6u6 u1u1 u5u5 u4u4 u3u3 u6u6 u1u1 u5u5 u4u4 u2u2 B1B1 B2B2

22. 22 Space Encryption [KS07]  Drawbacks answers are approximate makes use of tamper-resistant devices may be vulnerable if some POI are known [KS07] A. Khoshgozaran, C. Shahabi. Blind Evaluation of Nearest Neighbor Queries Using Space Transformation to Preserve Location Privacy, In Proc. Of SSTD 2007 P1P1 P2P2 P3P3 P4P4 P1P1 P2P2 P4P4 121419 P3P3 24 Q 15 NN(15)=P 2 Hilbert Mapping Server

23. 23 Let N =q 1 *q 2, q 1 and q 2 large primes Quadratic Residuosity Assumption (QRA)  QR/QNR decision computationally hard (in )  Essential properties: QR * QR = QR QR * QNR = QNR PIR Theoretical Foundations

24. 24 Z4Z3Z2Z1Z4Z3Z2Z1 Exact Nearest Neighbor QNR Only z 2 needed p4p4 p3p3 p2p2 p1p1 4 3 2 1 DCBA A3: p 1, p 2, p 3 A4: p 1, --, -- u Y 1 Y 2 Y 3 Y 4

25. 25 Avoiding Redundant Computations  Data mining Identify frequent partial products

26. 26 Precision

27. 27 Spatial Cloaking  Privacy through Cloaking Regions (CRs) Spatial Anonymity (e.g., CliqueCloak, Casper) Spatial Diversity (PROBE)

28. 28 Reciprocity u2u2 u3u3 u1u1 u4u4 u6u6 u5u5 u2u2 u3u3 u5u5 u1u1 u4u4 u6u6 [KGMP07] – Kalnis P., Ghinita G., Mouratidis K., Papadias D., "Preventing Location-Based Identity Inference in Anonymous Spatial Queries", IEEE TKDE 2007.