{"title":"The Mastermind Attack on Genomic Data","authors":"M. Goodrich","doi":"10.1109/SP.2009.4","DOIUrl":null,"url":null,"abstract":"In this paper, we study the degree to which a genomic string, $Q$,leaks details about itself any time it engages in comparison protocolswith a genomic querier, Bob, even if those protocols arecryptographically guaranteed to produce no additional information otherthan the scores that assess the degree to which $Q$ matches stringsoffered by Bob. We show that such scenarios allow Bob to play variantsof the game of Mastermind with $Q$ so as to learn the complete identityof $Q$. We show that there are a number of efficient implementationsfor Bob to employ in these Mastermind attacks, depending on knowledgehe has about the structure of $Q$, which show how quickly he candetermine $Q$. Indeed, we show that Bob can discover $Q$ using anumber of rounds of test comparisons that is much smaller than thelength of $Q$, under various assumptions regarding the types of scoresthat are returned by the cryptographic protocols and whether he can useknowledge about the distribution that $Q$ comes from, e.g., usingpublic knowledge about the properties of human DNA. We also providethe results of an experimental study we performed on a database ofmitochondrial DNA, showing the vulnerability of existing real-world DNAdata to the Mastermind attack.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"140 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"58","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 30th IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.2009.4","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 58
Abstract
In this paper, we study the degree to which a genomic string, $Q$,leaks details about itself any time it engages in comparison protocolswith a genomic querier, Bob, even if those protocols arecryptographically guaranteed to produce no additional information otherthan the scores that assess the degree to which $Q$ matches stringsoffered by Bob. We show that such scenarios allow Bob to play variantsof the game of Mastermind with $Q$ so as to learn the complete identityof $Q$. We show that there are a number of efficient implementationsfor Bob to employ in these Mastermind attacks, depending on knowledgehe has about the structure of $Q$, which show how quickly he candetermine $Q$. Indeed, we show that Bob can discover $Q$ using anumber of rounds of test comparisons that is much smaller than thelength of $Q$, under various assumptions regarding the types of scoresthat are returned by the cryptographic protocols and whether he can useknowledge about the distribution that $Q$ comes from, e.g., usingpublic knowledge about the properties of human DNA. We also providethe results of an experimental study we performed on a database ofmitochondrial DNA, showing the vulnerability of existing real-world DNAdata to the Mastermind attack.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
