پروتکل هایی که ترجیحات کاربر در معاملات الکترونیکی را پنهان می کند

The Internet creates many new threats to personal privacy and raises some unique privacy concerns. In this paper we study the problem of how to protect users’ privacy in web transactions of digital products. In particular, we introduce a system which (1) allows a user to disclose his/her identity information (such as user account or credit card number) to a web site in exchange for a digital product, but (2) prevents the web site from learning which specific product the user intends to obtain. The problem concerned here is orthogonal to the problem of anonymous transactions [M. Reed, P. Syverson, D. Goldschag, Anonymous connections and Onion Routing, IEEE Journal of Selected Areas in Communication 16 (4) (1998) 482–494; M. Reiter, A. Rubin, Crowds: anonymity for web transactions, ACM Transactions on Information System Security, 1 (1) (1998) 66–92] but commensurate with the general problem of PIR (private information retrieval) [B. Chor, O. Goldreich, E. Kushilevita, M. Sudan, Private information retrieval, in: Proceedings of 36th FOCS, 1995, pp. 41–50; B. Chor, N. Gilboa, Computational private information retrieval, in: Proceedings of 29th STOC, 1997, pp. 304–313]. Most of the existing results in PIR, however, are theoretical in nature and can not be applied in practice due to their huge communication and computational overheads. In the present paper, we introduce two practical solutions that satisfy the above two requirements and analyze their security and performance. Another issue we study in this paper is how to recover sales statistics data in our user privacy-protected system. We present a novel solution to the problem along with its security analysis.

Privacy has been a sensitive issue long before the advent of the Internet. However, the Internet creates many new threats to personal privacy and raises some unique privacy concerns. Such concerns have been magnified in recent years due to widespread use of the world wide web and the accompanying e-commerce activities. Information sent over the Internet may pass through dozens of different computer systems on the way to its destination. Each of these systems may be capable of monitoring, capturing, and storing on-line communications. When a user surfs the web, many web sites deposit user’s browsing patterns or transaction generated data on the user’s hard drive which can be reused by the web sites when the user returns. Most web browsers invisibly provide web sites with information about user’s computer (such as IP address, domain name, screen resolution, available plug-ins) as well as with information about the locations of other web sites a user has visited. The highly connected nature of the Internet makes it easy to automatically collect users’ information from many different sources and compile a dossier about an individual—his or her likes and dislikes, shopping patterns, whereabouts and so on. Such data is a potentially valuable source of revenue for many businesses - it is useful to direct marketers as a basis for deriving targeted lists of users with similar likes; it can also be the source of abuses that may cause embarrassment for users who have accessed sensitive or controversial materials on-line. Not only the Internet users are concerned about privacy when surfing the web, organisations are starting to take customers’ on-line privacy seriously to build users’ confidence on their business. Over the recent years, a number of web sites have been caught in high-profile blow-ups over how they collect and utilize user data. After on-line advertising company DoubleClick revealed its now abandoned practice to cross reference data about users’ off-line purchasing behaviour with their on-line habits, the company’s stock dived. The present paper studies the technical aspect for on-line user privacy protection. A number of systems and tools have been developed to allow web user anonymity while retrieving information on the web. One type of commercial available tools is anonymizer, such as Anonymizer from Anonymizer.com [2] and Freedom from Zero-Knowledge System Inc [24]. Anonymizer is a service that submits http requests to web sites on behalf of its users. Because the request is submitted by the anonymizer agent rather than the user, the only IP address revealed to the web sites is that of the agent. However, users of this service have to trust the anonymizer to keep their IP addresses and their web activities private since they are not anonymous to the anonymizer itself. Onion Routing[19] and Crowds[20] are two anonymity systems that do not require users to trust a single third party to maintain anonymity. Onion Routing is a general-purpose infrastructure for anonymous communication over a public network. It operates by dynamically building anonymous connections within a network of real-time Chaum Mixes[6]. A Mix is a store-and-forward device that accepts a number of fixed-length messages from numerous sources, performs cryptographic transformations on the messages, and then forwards the messages to the next destination in a random order. A single Mix makes tracking of a particular message either by specific bit-pattern, size, or ordering with respect to other messages difficult. By routing through numerous Mixes in the network, determining who is talking to whom is even more difficult. Crowds is a system for protecting users’ anonymity on the web. It is named for the notion of “blending into a crowd” and operates by grouping users into a large and geographically diverse group, i.e., crowd, that collectively issues http requests on behalf of its members. In Crowds, web servers are unable to trace the source of a request because it is equally likely to have originated from any member of the crowd, and even collaborating crowd members can not distinguish the originator of a request from a member who is merely forwarding the request on behalf of another. The above anonymous systems are useful for web surfing in which users have no desire or not required to be identified. Therefore, they are mostly useful when users visit free web sites and download free digital products. However, when users wish to make on-line purchasing using their credit card numbers or membership accounts, they need to provide some identifying or authenticating information. In such situations the issue of privacy protection is not user anonymity, but how to hide users’ shopping/surfing patterns as much as possible from web servers. This problem is in essence orthogonal to the anonymous communications problem. The former is concerned with hiding user’s surfing activities from the server but the user is required to reveal his/her identification information to the server while the latter is concerned with hiding user’s identity but all the user’s surfing activities are under the prey eyes of the server. In this paper we propose an architecture and the corresponding protocols which protect users’ privacy in web transactions of digital products. Our proposed solution works in conjunction with anonymous systems such as Anonymizer[2], Freedom[24], Crowds and Onion Routing, but serves a very different purpose. Specifically, we introduce a system which allows a user to disclose his/her identification information (such as user account or credit card number) to a web site in exchange for a digital product, but prohibits the web site from learning which specific product the user intends to obtain. Moreover, we require that the system be highly efficient in operations and do not impose unacceptable processing burden to on-line transactions. A natural problem arising in such a system is that the merchant can never know how many copies of certain digital products have been sold while statistic data on sales is really desired by the merchant for business reasons. We propose a system in which a trusted center helps the merchant to recover the sales statistic data. The merchant periodically submits batches of transaction transcripts to the center so that the center can find out the number of copies of each digital products been sold. The rest of the paper is organised as follows. In Section 2 we review private information retrieval (PIR) schemes in the literature [9], [10], [15], [14] and [5]. The original research objective of PIR is to allow users to retrieve information from a database while keeping their queries private from the server. So far most of the existing results in PIR are theoretical in nature. We will discuss why they can not be applied in our system. In Section 3 we describe the principle and the architecture of our solution with an emphasis on practicality and efficiency of its implementation. In Section 4 we present our first protocol based on blinding RSA decryption along with its performance and security analysis. In Section 5 we show our second protocol based on commutative symmetric key ciphers. In Section 6 we present a system with a trusted centre which can recover sales statistics data. Section 7 concludes the paper.

In this paper we have proposed a system architecture for user privacy protection in transactions of digital products. We also presented two protocols that are secure and highly efficient. Although our system makes use of an anonymous communication system for on-line distribution of digital products, they are not absolutely necessary. Some other means can achieve certain degree of user anonymity. For example, using a free proxy can protect user’s IP address, domain name and the owner name of the user’s host server. By disabling cookies in user’s browser, a web site will not be able to correlate the user previous connections to the site. It is commonly recognized that one of the most important issues for e-commerce of digital products is content protection and management. This is an on-going effort in a number of industrial initiatives. So far it is still not clear what copyright protection technology will finally be adopted by industries. There have been extensive research efforts for copyright protection, such as watermarking, fingerprint, tamper-resistant hardware and tamper-resistant software. Although not explicitly stated, tamper-resistant hardware or software are gaining momentum. This is evident from EBX and SDMI technical specifications. In the technical specification of EBX v8.0 [13], it is required that all the e-books must be encrypted for any form of distribution and be decrypted within e-book readers, which should be a sort of tamper-resistant system. The proposed system in this paper is in general compatible with EBX and SDMI frameworks. However, additional efforts are required to study detailed integration issues with specific content distribution and protection systems. For example, in EBX v8.0, voucher management plays an important role. Therefore it is necessary to study how to seamlessly integrate our system with EBX’s voucher management system. Sometimes it is necessary for a merchant to know the sales figures, such as the number of copies sold for each digital product. To guarantee both privacy protection and sales statistics recovery, more sophisticated cryptographic techniques are used. However, the method presented in this paper is not very efficient when the required public key operations are implemented in software. There is a tradeoff between number of providers that can be supported and the processing speed. Finding more efficient method could be a research challenge.