SATE: Robust and Private Allegation Escrows

by   Venkat Arun, et al.

For fear of retribution, the victim of a crime may be willing to report the crime only if others victimized by the same perpetrator also step forward. Common examples include identifying oneself as the victim of sexual harassment by a person in a position of authority or accusing an influential politician, an authoritarian government or ones own employer of corruption. To handle such situations, legal literature has proposed the concept of an allegation escrow, a neutral third-party that collects allegations anonymously, matches allegations against each other, and de-anonymizes allegers only after de-anonymity thresholds (in terms of number of allegers), pre-specified by the allegers, are reached. An allegation escrow can be realized as a single trusted third party; however, such a party is exposed to attacks on the confidentiality of accusations and the anonymity of accusers. To address this problem, this paper introduces split, anonymizing, threshold escrows (SATEs). A SATE is a group of parties with independent interests and motives, acting jointly as an escrow for collecting allegations from individuals, matching the allegations, and revealing the allegations when designated thresholds are reached. By design, SATEs provide a very strong property: No less than a majority of parties constituting a SATE can de-anonymize or disclose the content of an allegation without a sufficient number of matching allegations (even in collusion with any number of other allegers). Once a sufficient number of matching allegations exist, all parties can simultaneously disclose the allegation with a verifiable proof of the allegers' identities. We describe how SATEs can be constructed using a novel anonymous authentication protocol and an allegation thresholding and matching algorithm. We give formal proofs of the security, and evaluate a prototype implementation, demonstrating feasibility in practice.


Introducing a Framework to Enable Anonymous Secure Multi-Party Computation in Practice

Secure Multi-Party Computation (SMPC) allows a set of parties to securel...

A partisan districting protocol with provably nonpartisan outcomes

We design and analyze a protocol for dividing a state into districts, wh...

An Almost-Optimally Fair Three-Party Coin-Flipping Protocol

In a multiparty fair coin-flipping protocol, the parties output a common...

DP-PSI: Private and Secure Set Intersection

One way to classify private set intersection (PSI) for secure 2-party co...

TPMDP: Threshold Personalized Multi-party Differential Privacy via Optimal Gaussian Mechanism

In modern distributed computing applications, such as federated learning...

Approval-Based Apportionment

In the apportionment problem, a fixed number of seats must be distribute...

Verifiable and Auditable Digital Interchange Framework

We address the problem of fairness and transparency in online marketplac...

Please sign up or login with your details

Forgot password? Click here to reset