Private Account Recovery for an Anonymous Web Service
Contributor(s)
Ryan Little, Lucy Qin, Mayank Varia
Session
Cryptography & Privacy for the People
Abstract
Callisto is a non-profit organization that provides web-based services for survivors of sexual assault. Due to the extreme privacy needs of their users, Callisto does not store identifiable user information, including usernames and email addresses. This talk will describe the authors' joint work with Callisto to design a cryptographic system that allows users to recover their accounts if they forget their password, without needing to maintain any personal information. Additionally, this talk will explain how the unique needs of Callisto and their users influenced the modeling and design of a real-world privacy-preserving system.