Although contemporary cryptographic techniques guard transactions from
hackers, they often do not provide an adequate balance between the
privacy and the utility of stored data. In fact, data utility is often
grafted on top of the cryptographic mechanisms through monolithic key
management.
The
RECUP (Cryptographic techniques for reconciling utility with privacy in computer systems) project tackled this privacy-utility conundrum by finding ways of optimally protecting the user and provider of a service, without reducing the usability of the data.
RECUP developed security models and new encryption and authentication protocols that extend so-called fine-grain privacy controls. The focus was on cryptographic techniques that can be used to provide more effective key management procedures. The team also developed new models and protocols for operations such as encryption and authentication.
Modelling efforts dealt with all the basic cryptographic operations involved when a hacker tries to tamper with the internal state of the primitive.
Project partners studied and developed methods to utilise distributed systems that minimise vulnerability through special algorithms. The algorithms exploit any given entity in the network only once for a particular abstract operation. They also studied the issue of privacy-preserving aggregation of distributed data.
To enhance data security, the team invented a technique known as secure in-network processing of exact SUM queries, which is highly secure yet bandwidth friendly.
A new distributed password-based authenticated key exchange protocol was developed. This will help provide very efficient password-protected services for various highly mobile users who employ different devices. Project members are examining the possibility of integrating the protocol into related products and services.
RECUP introduced cryptographic technology so that computer systems and networks will be able to better carry sensitive data. Government, industry and the general public will benefit from data management approaches that minimise risks of unintended exposure to sensitive information.