Introduction to Privacy Enhancing Technologies:
A Classification-Based Approach to Understanding PETs
by Carlisle Adams
Springer Verlag 2021.
ISBN ISBN 978-3-030-81042-9; ISBN 978-3-030-81043-6 (eBook)
Reviewed by Sven Dietrich 12/1/21
Privacy is on many citizens' minds in this pandemic world. Talk of (pandemic) contact tracing may cause shivers to run down our spines as our social network accounts, location data, movement profile, shopping habits, call patterns, and surfing behavior are revealed to government and non-government entities. Many of us cherish our privacy: the idea of being "unbehelligt" in German (literally "not shined on with a light", but which could be roughly translated as "unchecked" in English), seems appealing to some.
Today's data correlation and fusion abilities can quickly deanonymize vague references to individuals, something that seemed highly unlikely just a few years ago. Collected data from viewed ads might reconstruct much information about a (fictitious) person browsing the web from apartment 2G at 314 West 72nd St on the Upper West Side in Manhattan. Many people are woefully unconcerned and trade their privacy for free services on this big thing called the Internet and also elsewhere. There are privacy tools available to us, and it is important to apply and deploy them adequately to maximize their benefit.
Carlisle Adams talks about those tools in his new graduate-level textbook "Introduction to Privacy Enhancing Technologies". It has the introductory material, and the end of each chapter features solid research paper references as well as thought-provoking questions for sparking a discussion either for the reader or for an entire class to talk amongst themselves. Many sidebars provide more in-depth knowledge about related topics for each chapter.
The book is divided into twelve chapters: the first ten chapters cover the core parts of the book, whereas the last two chapters, clearly delimited, cover cryptography basics and provide a compiled bibliography with all the references used in the book. It is a solid book with technical foundations and proper real-world context.
The first chapter "The Privacy Minefield" sets the initial stage for the book and elaborates on the privacy problems. It introduces our beloved characters Alice and Bob in the privacy context, and shows why privacy matters in modern society.
The second chapter "A Collection of Tools: The Privacy Tree" covers four decades of privacy enhancing technologies (aka PETs) in this classification-based approach, as befits the subtitle of the book being "A Classification-Based Approach to Understanding PETs." The author builds on his own approach of the "privacy tree" while melding in previous taxonomies from that time period. Here the author lays out the foundations of his classification, which are then covered in the following six chapters.
"Limiting Exposure by Hiding the Identity" is the title of the third chapter, which summarizes the early approaches such as Chaumian networks, "Mix Networks," anonymous remailers, and last but not least onion routing and Tor. Here the reader learns about this perspective for protecting the privacy of the online user.
The fourth chapter summarizes "Limiting Exposure by Hiding the Action" by discussing tools such as TLS, IPsec, and Private Information Retrieval. TLS and IPsec will be familiar to many users from common usage of secure connections to websites or VPNs, very much common practice these days.
Moving forward to "Limiting Exposure by Hiding the Identity-Action Pair" in chapter five, the reader sees another form of network layer security, still IPsec but in a different mode, and a tool perhaps known from certain aspects of investigative journalism, OTR or Off-The-Record. Here the separation of Identity and Action is at play, a different view of the previous two chapters.
Switching from exposure concerns to disclosure concerns, the author proceeds to talk about "Limiting Disclosure by Hiding the Identity." The reader is taught about improving privacy by hiding in a group via "k-anonymity" and about "digital credentials."
Continuing on the disclosure track, the next chapter, chapter seven, "Limiting Disclosure by Hiding the Attribute" delves into differential privacy, database privacy, garbled circuits, and multi-party computation.
Chapter eight, "Limiting Disclosure by Hiding the Identity-Attribute Pair" goes on to elaborate on Hippocratic Databases (what an apropos name, mind you, given the current state of the world), the privacy preferences project (P3P) with its Privacy Bird browser plugin (which almost gave one of my colleagues a heart attack while browsing the web due to its bone-chilling "warning call" many years ago), and other architectures for privacy enforcement.
The parts become the whole in the next chapter which presents a practical viewpoint for the above-mentioned technologies in "Using the Privacy Tree in Practice". It provides, among other things, insight for security technologies on the legal side as well as software-defined networking and machine learning.
Chapter ten, "The Path Forward", motivates further reflection on the variety of privacy enhancing approaches in the previous nine chapters. It allows the reader to make decisions in the privacy game of "Hide-and-seek."
Chapters eleven is the "Cryptography Primer" mentioned above. Many readers won't need it, but it provides an on-demand reference for the cryptography terminology and concepts used throughout the book.
Chapter twelve is the complete set of references, compiled from what was given at the end of each chapter, as a single source for the researcher, graduate student, practictioner, or the super-curious readers wanting to know more.
Carlisle Adams has written a nice textbook to be used for a graduate privacy course, a supplement for a computer security course, or a self-learning guide on privacy, covering most of the desired, relevant topics. It was a fun book to read, with quite a few detours down memory lane for me, having learned about many of these techniques as they got published in the past years. The book will be yet another addition to my new bookshelf, which is still under pandemic construction.