Abstract
Recent web-based applications offer users free service in exchange for access to personal communication, such as on-line services and instant messaging. The inspection and retention of user communication is generally intended to enable targeted marketing. However, unless specifically stated otherwise by the collecting service’s privacy policy, such records have an indefinite lifetime and may be later used or sold without restriction. In this paper, we show that it is possible to protect a user’s privacy from these risks by exploiting mutually oblivious, competing communication channels. We create virtual channels over online services (e.g., Google’s Gmail, Microsoft’s Hotmail) through which messages and cryptographic keys are delivered. The message recipient uses a shared secret to identify the shares and ultimately recover the original plaintext. In so doing, we create a wired “spread-spectrum” mechanism for protecting the privacy of web-based communication. We discuss the design and implementation of our open-source Java applet, Aquinas, and consider ways that the myriad of communication channels present on the Internet can be exploited to preserve privacy.
| Original language | English (US) |
|---|---|
| Title of host publication | Algorithms, Architectures And Information Systems Security |
| Publisher | World Scientific Publishing Co. |
| Pages | 349-371 |
| Number of pages | 23 |
| ISBN (Electronic) | 9789812836243 |
| DOIs | |
| State | Published - Jan 1 2008 |
All Science Journal Classification (ASJC) codes
- General Computer Science
- General Engineering