Advanced encryption powers privacy-protecting gun registry
Researchers at Brown University have developed a proof of concept for an encrypted gun registry that places control of the database in the hands of county officials, rather than the federal government.
Just as discussions about gun control on the rise in the wake of recent mass shootings, researchers at Brown University announced they have developed a proof of concept for a national, decentralized privacy-protecting gun registry that places control of the database in the hands of county officials, rather than the federal government.
The proposed system protects privacy with advanced encryption that allows the database to be searched without being decrypted. A global directory would contain only the make, model and serial number of legally owned guns in each participating county. It would connect the guns to their owners with a registration number, rather than to constituents’ personally identifying information.
County officials would control the decryption key with a device like a Yubikey. Officials would insert the token into a laptop to allow their county’s data to be searched by authorized users such as law enforcement, county officials or gun sellers.
If police officers wanted to find the owner of a gun found at a crime scene, for example, they could use the gun’s serial number to search the entire system. Without ever decrypting the data, the system would identify which county database contained a gun with that serial number. If the county official controlling the local database allows, the officers could then decrypt the relevant record.
“All of the servers that are storing the data and all of the computers that are doing these operations, they're just processing encrypted data and they never actually see anything,” Brown computer science professor Seny Kamara said. “That provides really strong privacy throughout the process because none of the data can ever be seen without the decryption key.” If a county decides to end its participation in the network, “the official just pulls that hardware token out of the laptop and that’s it -- nothing works,” he said. “The data is encrypted and the key is unavailable, so nothing can happen.
Creation of the registry was prompted by Sen. Ron Wyden (D-Ore.), who was looking for ideas on how such a database might be constructed.
“The senator’s office had this idea for a database where counties are incentivized to participate, but they could pull out at any time,” Kamara said. “For the senator’s office, that ability for counties to walk away and basically pull their data offline was really important.”
The fact that participation is voluntary obviously limits the system’s usefulness, but the researchers told Wired that participation a policy issue, “outside the scope of their work.” They were focused on giving each county control of their data, they said.
For the study, the researchers used synthetic data to show that searches were computationally practical, with results returned in a minute or less. While the proof of concept needs refinement, it would likely be relatively inexpensive for participants. Each county database could be stored for less than $1,000 per year, and the global directory would cost less than $500 per year, Brown officials said.
People imagine gun registries as publicly searchable databases, “but with advanced cryptography, that’s not necessarily true,” Kamara. “This is an example of how you can have technology folks and policymakers working in concert, and it changes the conversation. It’s been a really great collaboration."
The research paper was accepted to the IEEE Symposium on Security and Privacy and will be presented in May.