研究生: |
劉洧聿 Liu, Wei-Yu |
---|---|
論文名稱: |
以零知識證明建立可信的隱私保護資料使用機制 Establishing Trusted Mechanisms for Privacy Preserving Data Usage Using Zero-Knowledge Proofs |
指導教授: |
黃冠寰
Hwang, Gwan-Hwan |
口試委員: |
黃冠寰
Hwang, Gwan-Hwan 張道顧 Chang, Tao-Ku 梁家為 Liang, Chia-Wei |
口試日期: | 2024/07/29 |
學位類別: |
碩士 Master |
系所名稱: |
資訊工程學系 Department of Computer Science and Information Engineering |
論文出版年: | 2024 |
畢業學年度: | 112 |
語文別: | 中文 |
論文頁數: | 40 |
中文關鍵詞: | 零知識證明 、隱私保護 、數據分析 |
英文關鍵詞: | Zero-Knowledge Proof, Privacy-Preserving, Data Analysis |
研究方法: | 實驗設計法 |
DOI URL: | http://doi.org/10.6345/NTNU202401611 |
論文種類: | 學術論文 |
相關次數: | 點閱:112 下載:2 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
隨著人工智慧技術的飛速發展,數據分析在各領域展現出巨大的應用潛力和商業價值。然而,數據分析依賴於大量涉及個人隱私的數據,這引發了對隱私保護的高度關注。現有的去識別化技術雖然可以在一定程度上保護隱私,但仍存在數據質量和準確性受損的問題。此外,合約和第三方稽核機構在保護資料隱私方面也面臨著效率和成本的挑戰。
本篇論文提出了一套基於公開金鑰基礎建設和零知識證明的資料交換系統,以應對上述問題。公開金鑰基礎建設技術能夠提供安全的身份驗證和數據加密,確保數據在傳輸過程中的安全性。零知識證明技術則允許在不洩露原始數據的前提下進行數據分析,僅返回分析結果,從而大大降低了隱私洩露的風險。此外,零知識證明還能生成與原始資料無關的證明,使稽核過程自動化並降低稽核成本。
這套資料交換系統預期能夠在不損害數據質量的前提下,有效保護隱私資料,提升數據分析的效率和安全性。儘管零知識證明技術需要耗費大量算力,計算成本和時間成本需要進一步評估,但其在隱私保護和稽核自動化方面的優勢,使其成為解決數據分析中隱私保護問題的有效方法。
With the rapid development of artificial intelligence technology, data analysis has demonstrated significant application potential and commercial value across various fields. However, data analysis relies heavily on vast amounts of personal data, raising serious concerns about privacy protection. Existing de-identification techniques can protect privacy to some extent, but they often compromise data quality and accuracy. Additionally, contracts and third-party auditing organizations face efficiency and cost challenges in safeguarding data privacy.
This paper proposes a data exchange system based on Public Key Infrastructure (PKI) and Zero-Knowledge Proofs (ZKP) to address these issues. PKI technology provides secure authentication and data encryption, ensuring data security during transmission. Zero-Knowledge Proof technology allows data analysis without revealing the original data, returning only the analysis results, thus significantly reducing the risk of privacy leakage. Furthermore, Zero-Knowledge Proofs can generate proofs unrelated to the original data, automating the auditing process and reducing audit costs.
This data exchange system is expected to effectively protect privacy data and enhance the efficiency and security of data analysis without compromising data quality. Although Zero-Knowledge Proof technology requires substantial computational power and its computational and time costs need further evaluation, its advantages in privacy protection and audit automation make it an effective solution to privacy issues in data analysis.
Bahri, S., Zoghlami, N., Abed, M., & Tavares, J. M. R. (2018). Big data for healthcare: a survey. IEEE access, 7, 7397-7408.
Jaiswal, A., & Bagale, P. (2017, October). A survey on big data in financial sector. In 2017 International Conference on Networking and Network Applications (NaNA) (pp. 337-340). IEEE.
"Google DeepMind", https://deepmind.google/
Silver, D., Huang, A., Maddison, C. J., Guez, A., Sifre, L., van den Driessche, G., ... & Hassabis, D. (2016). Mastering the game of Go with deep neural networks and tree search. Nature, 529(7587), 484–489.
Luke D. (2014). Google Acquires Artificial Intelligence Company DeepMind For $500 Million. https://www.cultofandroid.com/50541/google-acquires-artificial-intelligence-company-deepmind-500-million/
Tammy L. (2022). Google and DeepMind face legal claim for unauthorised use of NHS medical records https://www.healthcareitnews.com/news/emea/google-and-deepmind-face-legal-claim-unauthorised-use-nhs-medical-records
European Union. (2016). General Data Protection Regulation (GDPR). Official Journal of the European Union, L 119, 1-88. Retrieved from https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679
El Emam, K., & Malin, B. (2021). De-identification practices for open health data: The case of the Heritage Health Prize claims dataset. Journal of the American Medical Informatics Association, 20(1), 38-40.
Adams, C., & Lloyd, S. (2003). Understanding PKI: Concepts, Standards, and Deployment Considerations. Addison-Wesley Professional.
Goldwasser, S., Micali, S., & Rackoff, C. (1985). The Knowledge Complexity of Interactive Proof-Systems. SIAM Journal on Computing, 18(1), 186-208.
Mendes, R., & Vilela, J. P. (2017). Privacy-preserving data mining: Methods, metrics, and applications. IEEE Access, 5, 10562-10582.
Samarati, P., & Sweeney, L. (1998). Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. IEEE Symposium on Research in Security and Privacy.
Machanavajjhala, A., Kifer, D., Gehrke, J., & Venkitasubramaniam, M. (2007). l-diversity: Privacy beyond k-anonymity. ACM Transactions on Knowledge Discovery from Data (TKDD), 1(1), 3.
Li, N., Li, T., & Venkatasubramanian, S. (2007). t-closeness: Privacy beyond k-anonymity and l-diversity. IEEE 23rd International Conference on Data Engineering.
Dwork, C. (2006). Differential privacy. Automata, languages and programming, 1-12.
Merkle, R. C. (1988). A Digital Signature Based on a Conventional Encryption Function. In Advances in Cryptology—CRYPTO '87 (pp. 369-378). Springer.
Goldreich, O., Micali, S., & Wigderson, A. (1991). Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. Journal of the ACM, 38(3), 690-728.
Parno, B., Howell, J., Gentry, C., & Raykova, M. (2013). Pinocchio: Nearly practical verifiable computation. In Proceedings of the IEEE Symposium on Security and Privacy (SP) (pp. 238-252).
"iden3", https://iden3.io/
"Circom 2 Documentation", https://docs.circom.io/
Grassi, L., Khovratovich, D., Rechberger, C., Roy, A., & Schofnegger, M. (2021). Poseidon: A new hash function for {Zero-Knowledge} proof systems. In 30th USENIX Security Symposium (USENIX Security 21) (pp. 519-535).
Bernstein, D. J., Duif, N., Lange, T., Schwabe, P., & Yang, B.-Y. (2012). High-speed high-security signatures. Journal of Cryptographic Engineering, 2, 77-89.
Groth, J. (2016). On the size of pairing-based non-interactive arguments. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 305-326).