Forgetting with puzzles: Using cryptographic puzzles to support digital forgetting

Ghous Amjad, Muhammad Shujaat Mirza, Christina Poepper

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Digital forgetting deals with the unavailability of content uploaded to web and storage servers after the data has served its purpose. The content on the servers can be deleted manually, but this does not prevent data archival and access at different storage locations. This is problematic since then the data may be accessed for unintended or even malicious purposes long after the owners have decided to abandon the public availability of their data. Approaches which assign a lifetime value to data or use heuristics like interest in data to make it inaccessible after some time have been proposed, but digital forgetting is still in its infancy and there are a number of open problems with the proposed approaches. In this paper, we outline a general use case of cryptographic puzzles in the context of digital forgetting which—to the best of our knowledge—has not been proposed or explored before. One problem with recent proposals for digital forgetting is that attackers could collect or even delete anyone’s public data during their lifetime. In our approach, we deal with these problems by making it hard for the attacker to delete large quantities of data while making sure that the proposed solutions will not adversely deteriorate user experience in a disturbing manner. As a proof-of-concept, we propose a system with cryptographic (time-lock) puzzles that deals with malicious users while ensuring the permanent deletion of data when interest in it dies down. We have implemented a prototype and evaluate it thoroughly with promising results.

Original languageEnglish (US)
Title of host publicationCODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy
PublisherAssociation for Computing Machinery, Inc
Pages342-353
Number of pages12
Volume2018-January
ISBN (Electronic)9781450356329
DOIs
StatePublished - Mar 13 2018
Event8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018 - Tempe, United States
Duration: Mar 19 2018Mar 21 2018

Other

Other8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018
CountryUnited States
CityTempe
Period3/19/183/21/18

Fingerprint

Servers
Availability

Keywords

  • Cryptographic Puzzles
  • Digital Forgetting
  • Time-lock Puzzles

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems
  • Software

Cite this

Amjad, G., Mirza, M. S., & Poepper, C. (2018). Forgetting with puzzles: Using cryptographic puzzles to support digital forgetting. In CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy (Vol. 2018-January, pp. 342-353). Association for Computing Machinery, Inc. https://doi.org/10.1145/3176258.3176327

Forgetting with puzzles : Using cryptographic puzzles to support digital forgetting. / Amjad, Ghous; Mirza, Muhammad Shujaat; Poepper, Christina.

CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. Vol. 2018-January Association for Computing Machinery, Inc, 2018. p. 342-353.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Amjad, G, Mirza, MS & Poepper, C 2018, Forgetting with puzzles: Using cryptographic puzzles to support digital forgetting. in CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. vol. 2018-January, Association for Computing Machinery, Inc, pp. 342-353, 8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018, Tempe, United States, 3/19/18. https://doi.org/10.1145/3176258.3176327
Amjad G, Mirza MS, Poepper C. Forgetting with puzzles: Using cryptographic puzzles to support digital forgetting. In CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. Vol. 2018-January. Association for Computing Machinery, Inc. 2018. p. 342-353 https://doi.org/10.1145/3176258.3176327
Amjad, Ghous ; Mirza, Muhammad Shujaat ; Poepper, Christina. / Forgetting with puzzles : Using cryptographic puzzles to support digital forgetting. CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. Vol. 2018-January Association for Computing Machinery, Inc, 2018. pp. 342-353
@inproceedings{9340a57c281249e5b685dfe299a15856,
title = "Forgetting with puzzles: Using cryptographic puzzles to support digital forgetting",
abstract = "Digital forgetting deals with the unavailability of content uploaded to web and storage servers after the data has served its purpose. The content on the servers can be deleted manually, but this does not prevent data archival and access at different storage locations. This is problematic since then the data may be accessed for unintended or even malicious purposes long after the owners have decided to abandon the public availability of their data. Approaches which assign a lifetime value to data or use heuristics like interest in data to make it inaccessible after some time have been proposed, but digital forgetting is still in its infancy and there are a number of open problems with the proposed approaches. In this paper, we outline a general use case of cryptographic puzzles in the context of digital forgetting which—to the best of our knowledge—has not been proposed or explored before. One problem with recent proposals for digital forgetting is that attackers could collect or even delete anyone’s public data during their lifetime. In our approach, we deal with these problems by making it hard for the attacker to delete large quantities of data while making sure that the proposed solutions will not adversely deteriorate user experience in a disturbing manner. As a proof-of-concept, we propose a system with cryptographic (time-lock) puzzles that deals with malicious users while ensuring the permanent deletion of data when interest in it dies down. We have implemented a prototype and evaluate it thoroughly with promising results.",
keywords = "Cryptographic Puzzles, Digital Forgetting, Time-lock Puzzles",
author = "Ghous Amjad and Mirza, {Muhammad Shujaat} and Christina Poepper",
year = "2018",
month = "3",
day = "13",
doi = "10.1145/3176258.3176327",
language = "English (US)",
volume = "2018-January",
pages = "342--353",
booktitle = "CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy",
publisher = "Association for Computing Machinery, Inc",

}

TY - GEN

T1 - Forgetting with puzzles

T2 - Using cryptographic puzzles to support digital forgetting

AU - Amjad, Ghous

AU - Mirza, Muhammad Shujaat

AU - Poepper, Christina

PY - 2018/3/13

Y1 - 2018/3/13

N2 - Digital forgetting deals with the unavailability of content uploaded to web and storage servers after the data has served its purpose. The content on the servers can be deleted manually, but this does not prevent data archival and access at different storage locations. This is problematic since then the data may be accessed for unintended or even malicious purposes long after the owners have decided to abandon the public availability of their data. Approaches which assign a lifetime value to data or use heuristics like interest in data to make it inaccessible after some time have been proposed, but digital forgetting is still in its infancy and there are a number of open problems with the proposed approaches. In this paper, we outline a general use case of cryptographic puzzles in the context of digital forgetting which—to the best of our knowledge—has not been proposed or explored before. One problem with recent proposals for digital forgetting is that attackers could collect or even delete anyone’s public data during their lifetime. In our approach, we deal with these problems by making it hard for the attacker to delete large quantities of data while making sure that the proposed solutions will not adversely deteriorate user experience in a disturbing manner. As a proof-of-concept, we propose a system with cryptographic (time-lock) puzzles that deals with malicious users while ensuring the permanent deletion of data when interest in it dies down. We have implemented a prototype and evaluate it thoroughly with promising results.

AB - Digital forgetting deals with the unavailability of content uploaded to web and storage servers after the data has served its purpose. The content on the servers can be deleted manually, but this does not prevent data archival and access at different storage locations. This is problematic since then the data may be accessed for unintended or even malicious purposes long after the owners have decided to abandon the public availability of their data. Approaches which assign a lifetime value to data or use heuristics like interest in data to make it inaccessible after some time have been proposed, but digital forgetting is still in its infancy and there are a number of open problems with the proposed approaches. In this paper, we outline a general use case of cryptographic puzzles in the context of digital forgetting which—to the best of our knowledge—has not been proposed or explored before. One problem with recent proposals for digital forgetting is that attackers could collect or even delete anyone’s public data during their lifetime. In our approach, we deal with these problems by making it hard for the attacker to delete large quantities of data while making sure that the proposed solutions will not adversely deteriorate user experience in a disturbing manner. As a proof-of-concept, we propose a system with cryptographic (time-lock) puzzles that deals with malicious users while ensuring the permanent deletion of data when interest in it dies down. We have implemented a prototype and evaluate it thoroughly with promising results.

KW - Cryptographic Puzzles

KW - Digital Forgetting

KW - Time-lock Puzzles

UR - http://www.scopus.com/inward/record.url?scp=85052027058&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85052027058&partnerID=8YFLogxK

U2 - 10.1145/3176258.3176327

DO - 10.1145/3176258.3176327

M3 - Conference contribution

AN - SCOPUS:85052027058

VL - 2018-January

SP - 342

EP - 353

BT - CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy

PB - Association for Computing Machinery, Inc

ER -