Cryptology ePrint Archive: Report 2018/697

AUDIT: Practical Accountability of Secret Processes

Jonathan Frankle and Sunoo Park and Daniel Shaar and Shafi Goldwasser and Daniel J. Weitzner

Abstract: The US federal court system is exploring ways to improve the accountability of electronic surveillance, an opaque process often involving cases sealed from public view and tech companies subject to gag orders against informing surveilled users. One judge has proposed publicly releasing some metadata about each case on a paper cover sheet as a way to balance the competing goals of (1) secrecy, so the target of an investigation does not discover and sabotage it, and (2) accountability, to assure the public that surveillance powers are not misused or abused.

Inspired by the courts' accountability challenge, we illustrate how accountability and secrecy are simultaneously achievable when modern cryptography is brought to bear. Our system improves configurability while preserving secrecy, offering new tradeoffs potentially more palatable to the risk-averse court system. Judges, law enforcement, and companies publish commitments to surveillance actions, argue in zero-knowledge that their behavior is consistent, and compute aggregate surveillance statistics by multi-party computation (MPC). We demonstrate that these primitives perform efficiently at the scale of the federal judiciary. To do so, we implement a hierarchical form of MPC that mirrors the hierarchy of the court system. We also develop statements in succinct zero-knowledge (SNARKs) whose specificity can be tuned to calibrate the amount of information released. All told, our proposal not only offers the court system a flexible range of options for enhancing accountability in the face of necessary secrecy, but also yields a general framework for accountability in a broader class of "secret information processes."

Category / Keywords:

Original Publication (in the same form): USENIX Security Symposium 2018

Date: received 20 Jul 2018, last revised 8 Aug 2018

Contact author: sunoo at csail mit edu

Available format(s): PDF | BibTeX Citation

Note: TItle differs from the conference (USENIX Security) version. The conference version title does not include "AUDIT"

Version: 20180808:064510 (All versions of this report)

Short URL: ia.cr/2018/697

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]