Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Privacy Preserving Methods in the Metaverse Environment Using Secure Multi-Party Computation

안전한 다자간 연산을 활용한 메타버스 환경에서의 프라이버시 보존 방안 연구

  • Jiun Jang (University of Science and Technology) ;
  • Kwantae Cho (Electronics and Telecommunocations Research Institute) ;
  • Sangrae Cho (Electronics and Telecommunocations Research Institute) ;
  • Soo Hyung Kim (Electronics and Telecommunocations Research Institute)
  • 장지운 (과학기술연합대학원대학교) ;
  • 조관태 (한국전자통신연구원) ;
  • 조상래 (한국전자통신연구원) ;
  • 김수형 (한국전자통신연구원)
  • Received : 2024.03.19
  • Accepted : 2024.06.14
  • Published : 2024.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

The rapidly growing metaverse environment has received widespread attention across various fields such as health and medicine, culture and gaming, as well as politics. However, the excessive collection of personal data by the diverse sensors and devices used in the metaverse environment poses a substantial threat to user privacy. In this paper, we investigate existing cases of secure Multi-Party Computation(MPC) applications, examine the services anticipated to be necessary for the expansion of the metaverse environment, and analyze the privacy issues present in the metaverse environment as well as the limitations of current real-world services. Based on these findings, we propose application scenarios that utilize MPC to preserve user privacy in the metaverse environment. These proposed MPC application scenarios present a new perspective in metaverse security research. In the future, they are expected to be utilized in the development of secure metaverse services.

최근 급격하게 성장한 메타버스 환경은 건강과 의료, 문화와 게임, 정치 등 다양한 분야에서 각광받고 있다. 하지만 메타버스 환경에서 사용하는 다양한 센서와 기기들의 과도한 개인정보 데이터 수집으로 인해 사용자의 프라이버시가 크게 위협받고 있다. 본 논문에서는 메타버스 환경에서의 사용자 프라이버시 위협을 해결하기 위해 안전한 다자간 연산 응용 연구 사례를 조사하고, 메타버스 환경의 확장에 필요할 것으로 예상되는 서비스를 분석하였다. 또한, 메타버스 환경에 존재하는 프라이버시 이슈와 현실 세계 서비스의 한계점을 정리하였다. 이를 바탕으로 메타버스 환경에서 안전한 다자간 연산을 활용하여 사용자의 프라이버시를 보존하는 응용 연구 시나리오를 제안하였다. 제안한 다자간 연산 응용 연구 시나리오는 메타버스 보안 연구에 새로운 관점을 제시하며, 향후 안전한 메타버스 서비스 구축에 활용할 수 있을 것으로 기대된다.

Keywords

Acknowledgement

이 논문은 2023년도 정부(과학기술정보통신부)의 재원으로 정보통신기획평가원의 지원을 받아 수행된 연구임. (RS-2023-00229400, 안전한 메타버스 환경을 위한 사용자 인증 및 프라이버시 보호 기술 개발)

References

  1. J. Smart, J. Cascio, J. Paffendorf, C. Bridges, J. Hummel, J. Hursthouse, and R. Moss, "A cross-industry public foresight project," Metaverse Roadmap Pathways 3D Web, Acceleration Studies Foundation, Apr. 2007.
  2. A.C. Yao, "Protocols for secure computations," Proceedings of the 23rd Annual IEEE Symposium on Foundations of Computer Science, pp.160-164, Nov. 1982.
  3. O. Goldreich, S. Micali and A. Wigderson, "How to play any mental game, or a completeness theorem for protocols with honest majority," Proceedings of the 19th Annual ACM Symposium on Theory of Computing, pp. 218-229, May. 1987.
  4. A. Shamir, "How to share a secret," Communication of the ACM, vol. 22,no. 11, pp. 612-613, Nov. 1979.
  5. M. Ben-Or, S. Goldwasser and A. Wigderson, "Completeness theorems for non-cryptographic fault-tolerant distributed computation," Proceedings of the 20th Annual ACM Symposium on Theory of Computing, pp. 1-10, May. 1988.
  6. D. Beaver, S. Micali and P. Rogaway, "The round complexity of secure protocols," Proceedings of the 22ndAnnual ACM Symposium on Theory of Computing, pp. 503-513, May. 1990.
  7. M.S. Riazi, M. Javaheripi, S.U. Hussain, and F. Koushanfar, "MPCircuits: optimized circuit generation for secure multi-party computation," Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, pp. 198-207, May. 2019.
  8. R. Tso, A. Alelaiwi, S.M. Mizanur Rahman, M.E. Wu, and M.S. Hossain, "Privacy-preserving data communication through secure multi-party computation in healthcare sensor cloud," Journal of Signal Processing Systems, vol. 89, no. 1, pp. 51-59, Oct. 2017.
  9. M. Zanin, T.T. Delibasi, J.C. Triana, V. Mirchandani, E. Alvarez Pereira, A. Enrich, D. Perez, C. Pasaoglu, M. Fidanoglu, E. Koyuncu, G. Guner, I. Ozkol, and G. Inalhan, "Towards a secure trading of aviation CO2 allowance," Journal of Air Transport Management, vol. 56, no. Part A, pp. 3-11, Sep. 2016.
  10. R. Lindemann, D. Baghdasaryan, B. Hill, J.E. Hill and D. Biggs, "FIDO security reference," fido-security-ref-v2.1-ps-20220523, May. 2022.
  11. J. Bradley, J. Hodges, M.B. Jones, A. Kumar, R. Lindemann, C. Armstrong, K. Georgantas, F. Kaczmarczyck, N. Satragno and N. Sung, "Client to authenticator protocol (CTAP)," fido-client-to-authenticator-protocol-v2.1-pserrata-20220621, Jun. 2022.
  12. J. Hodges, J.C. Jones, M.B. Jones, A. Kumar, E. Lundberg, J. Bradley, C. Brand, A. Langley, G. Mandyam, N. Satragno, N. Steele, J. Tan, S. Weeden, M. West and J. Yasskin, "Web authentication: an API for accessing public key credentials level 2-W3C recommendation," REC-webauthn-2-20210408, Apr. 2021.
  13. H.J. Cho, "E-democracy and internet voting: a case study of the Estonia," Journal of Korean Association of Party Studies, 7(2), pp. 159-187, Aug.2008.
  14. Estonian National Electoral Committee, "E-voting system: General overview," Estonian National Electoral Committee, 2010.
  15. P. Vinke, "Internet voting inestonia," Proceedings of the 16thNordicConference on Secure IT Systems, LNCS 7161, pp. 4-12, 2012.
  16. A.Y. Kim, "Private data ecosystem in metaverse platforms," 2021 KISA Report 6(8), Korean Internet & Security Agency, Jul. 2021.
  17. K.S. Min, G.Y. Kim, J.S. Park, J.H. Baek, H. Kwon, and J.D. Jang,"Metaverse and NFT, cybersecurity threat outlook and analysis," KISA Insight 2022 Vol.04, Korean Internet & Security Agency, Jun. 2022.
  18. D. Springall, T. Finkenauer, Z. Durumeric, J. Kitcat, H. Hursti, M. MacAlpine and J. A. Halderman, "Security analysis of the Estonian internet voting system," Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 703-715, Nov. 2011.