PhD Thesis

PhD Defence Information

Title: Cryptographic Tools for Privacy Preservation
PDF: Thesis PDF
Date: 2021 August 27 - from 1500
Location: Zoom + Room (TBD)
Chairman: David Sands (Webpage)

Opponent: Thomas Johansson : Lund University (Sweden)

Committee:

• Daniel Slamanig : AIT Austrian Instintute of Technology (Austria)
• Foteini Baldimtsi : George Mason University (VA, USA)
• Andy Rupp : University of Luxembourg (Luxemburg)

Stand-By Committee:

• Alejandro Russo : Chalmers University of Technology

Cryptographic Tools for Privacy Preservation

Abstract

Data permeates every aspect of our daily life and it is the backbone of our digitalized society. Smartphones, smartwatches and many more smart devices measure, collect, modify and share data in what is known as the Internet of Things.

Often, these devices don’t have enough computation power/storage space thus outsourcing some aspects of the data management to the Cloud. Outsourcing computation/storage to a third party poses natural questions regarding the security and privacy of the shared sensitive data.

Intuitively, Cryptography is a toolset of primitive/protocols by which security properties are formally proven secure while Privacy captures additional social/legislative requirements that relate more to the concept of “trust” between people, “how” data is used and/or “who” has access to data. This thesis separates the concepts by introducing an abstract model that classifies data leaks into different types of breaches. Each class represents a specific requirement/goal related to cryptography, e.g. confidentiality or integrity, or related to privacy, e.g. liability, sensitive data management and more.

The thesis contains cryptographic tools designed to provide privacy guarantees for different application scenarios. In more detail, the thesis:

1. defines new encryption schemes that provide formal privacy guarantees such as theoretical privacy definitions like Differential Privacy (DP), or concrete privacy-oriented applications covered by existing regulations such as the European General Data Protection Regulation (GDPR);

2. proposes new tools and procedures for providing verifiable computations guarantees in concrete scenarios for post-quantum cryptography or generalisation of signature schemes;

3. proposes a methodology for utilising Machine Learning (ML) for analysing the effective security and privacy of a crypto-tool and, dually, proposes a secure primitive that allows computing specific ML algorithms in a privacy-preserving way;

4. provides an alternative protocol for secure communication between two parties, based on the idea of communicating in a periodically timed fashion.

Thesis’ Content

1. A Differentially Private Encryption Scheme
   Accepted at ISC 2017

2. HIKE - Walking the Privacy Trail
   Accepted at CANS 2018

3. Lattice-Based Simulatable VRFs - Challenges and Future Directions
   Accepted at PROVSEC 2018 Workshop, published in JISIS

4. Code-Based Zero Knowledge PRF Arguments
   Accepted at ISC 2019

5. Towards Stronger Functional Signatures
   Manuscript

6. Modelling Cryptographic Distinguishers Using Machine Learning
   Accepted at JCEN

7. Non-Interactive, Secure Verifiable Aggregation for Decentralized, Privacy-Preserving Learning
   Accepted at ACISP 2021

8. Turn Based Communication Channel
   Accepted at PROVSEC 2021