Analysis and Prevention of Averaging Attacks Against Obfuscation Protocols.

Verification and traceability of supply-chain data is a common example for public analysis of confidential data. Finding the correct balance between confidentiality and utility often is anything but trivial. In order to ensure confidentiality and thus protect companies’ competitive advantages, existing approaches employ probabilistic output obfuscation. However, it is known that this form of obfuscation might render a system subject to averaging attacks. In these attacks, an adversary repeatedly queries for the same analysis and combines the probabilistic outputs, thus implementing an estimator that eliminates the obfuscation. A clear picture on the performance of such attacks is missing, information that is crucial for mitigating averaging attacks. Our contributions are threefold: First, using an existing supply-chain verification protocol (RVP) as a particularly efficient example of protocols with output obfuscation, we extensively analyze the risk posed by averaging attacks. We prove rigorously that such attacks perform exceptionally well if obfuscation is based on random values sampled independently in every query. We generalize our analysis to all protocols that employ probabilistic output obfuscation. Second, we propose the paradigm of data-dependent deterministic obfuscation (D 3 O) to prevent such attacks. Third, we present mRVP, a D 3 O-based version of RVP, and empirically demonstrate practicality and effectiveness of D 3 O. The results show that our mitigations add negligible runtime overhead, do not affect accuracy, and effectively retain confidentiality.