Skip navigation
Skip navigation

A critique and attack on "Blockchain-based privacy-preserving record linkage"

Christen, Peter; Schnell, Rainer; Ranbaduge, Thilina; Vidanage, Anushka

Description

Privacy-preserving record linkage (PPRL) is the process of identifying records in sensitive databases that refer to the same entities in applications where no private or confidential data can be shared by the owners of the databases being linked. In their paper “Blockchain-based Privacy-Preserving Record Linkage — Enhancing Data Privacy in an Untrusted Environment” (Nóbrega et al., 2021) (named BC-PPRL in the following), Nóbrega et al. (2021) proposed the use of blockchain technologies to...[Show more]

dc.contributor.authorChristen, Peter
dc.contributor.authorSchnell, Rainer
dc.contributor.authorRanbaduge, Thilina
dc.contributor.authorVidanage, Anushka
dc.date.accessioned2023-08-25T02:14:16Z
dc.identifier.issn0306-4379
dc.identifier.urihttp://hdl.handle.net/1885/296854
dc.description.abstractPrivacy-preserving record linkage (PPRL) is the process of identifying records in sensitive databases that refer to the same entities in applications where no private or confidential data can be shared by the owners of the databases being linked. In their paper “Blockchain-based Privacy-Preserving Record Linkage — Enhancing Data Privacy in an Untrusted Environment” (Nóbrega et al., 2021) (named BC-PPRL in the following), Nóbrega et al. (2021) proposed the use of blockchain technologies to provide accountability of the parties involved in a PPRL protocol and thereby allow the detection of misbehaving parties. While the use of blockchain techniques is an interesting and novel contribution to the research area of PPRL, as we show in this paper both theoretically and practically using a simple attack method, the BC-PPRL approach has some serious privacy weaknesses. We specifically highlight that one key aspect of the proposed approach, the exchange of Bloom filter segments between the database owners, can reveal substantially more sensitive information compared to what is stated in the paper by Nóbrega et al. (2021). Using a real-world data set we show how our attack can allow a database owner to reidentify with high accuracy a large number of the sensitive values that were encoded in the Bloom filter segments they receive from another database owner. We make the code and data sets of our attack available at: https://github.com/anushkavidanage/bc-pprlSegmentAtomAttack/.
dc.format.mimetypeapplication/pdf
dc.language.isoen_AU
dc.publisherElsevier Ltd
dc.rights© 2021 Elsevier Ltd.
dc.sourceInformation Systems
dc.subjectBloom filter
dc.subjectHash encoding
dc.subjectAtom attack
dc.subjectCovert adversary model
dc.subjectPrivacy attack
dc.subjectLinking sensitive data
dc.titleA critique and attack on "Blockchain-based privacy-preserving record linkage"
dc.typeJournal article
local.description.notesImported from ARIES
local.identifier.citationvolume108
dc.date.issued2021
local.identifier.absfor460402 - Data and information privacy
local.identifier.absfor460507 - Information extraction and fusion
local.identifier.absfor460502 - Data mining and knowledge discovery
local.identifier.ariespublicationa383154xPUB23992
local.publisher.urlhttps://www.elsevier.com/en-au
local.type.statusPublished Version
local.contributor.affiliationChristen, Peter, College of Engineering and Computer Science, ANU
local.contributor.affiliationSchnell, Rainer, University of Duisburg-Essen
local.contributor.affiliationRanbaduge, Thilina, College of Engineering and Computer Science, ANU
local.contributor.affiliationVidanage, Anushka, College of Engineering and Computer Science, ANU
local.description.embargo2099-12-31
local.bibliographicCitation.startpage101930-1
local.bibliographicCitation.lastpage101930-7
local.identifier.doi10.1016/j.is.2021.101930
dc.date.updated2022-07-24T08:20:02Z
local.identifier.scopusID2-s2.0-85118867729
CollectionsANU Research Publications

Download

File Description SizeFormat Image
1-s2.0-S0306437921001320-main.pdf430.04 kBAdobe PDF    Request a copy


Items in Open Research are protected by copyright, with all rights reserved, unless otherwise indicated.

Updated:  17 November 2022/ Responsible Officer:  University Librarian/ Page Contact:  Library Systems & Web Coordinator