Paper 2018/1050

Towards Automatically Penalizing Multimedia Breaches

Easwar Vivek Mangipudi, Krutarth Rao, Jeremy Clark, and Aniket Kate

Abstract

This work studies the problem of automatically penalizing intentional or unintentional data breach (APB) by a receiver/custodian receiving confidential data from a sender. We solve this problem for multimedia data by augmenting a blockchain on-chain smart contract between the sender and receiver with an off-chain cryptographic protocol, such that any significant data breach from the receiver is penalized through a monetary loss. Towards achieving the goal, we develop a natural extension of oblivious transfer called doubly oblivious transfer (DOT) which, when combined with robust watermarking and a claim-or-refund blockchain contract provides the necessary framework to realize the APB protocol in a provably secure manner. In our APB protocol, a public data breach by the receiver leads to her Bitcoin (or other blockchain) private signing key getting revealed to the sender, which allows him to penalize the receiver by claiming the deposit from the claim- or-refund contract. Interestingly, the protocol also ensures that the malicious sender cannot steal the deposit, even as he knows the original multimedia document or releases it in any form. We implement our APB protocol, develop the required smart contract for Bitcoin and observe our system to be efficient and easy to deploy in practice for multimedia documents. We analyze our DOT-based design against partial adversarial leakages and observe it to be robust against even small leakages.