Cryptographic Tools for Privacy Preservation and Verifiable Randomness
Licentiatavhandling, 2018
Our society revolves around communication. The Internet is the biggest, cheapest and fastest digital communication channel used nowadays.
Due to the continuous increase of daily communication among people worldwide,
more and more data might be stolen, misused or tampered.
We require to protect our communications and data by achieving privacy and confidentiality.
Despite the two terms, "privacy" and "confidentiality",are often used as synonymous, in cryptography they are modelled in very different ways.
Intuitively, cryptography can be seen as a tool-box in which every scheme, protocol or primitive is a tool that can be used to solve specific problems and provide specific communication security guarantees such as confidentiality. Privacy is instead not easy to describe and capture since it often depends on "which" information is available, "how" are these data used and/or "who" has access to our data.
This licentiate thesis raises research questions and proposes solutions related to: the possibility of defining encryption schemes that provide both strong security and privacy guarantees; the importance of designing cryptographic protocols that are compliant with real-life privacy-laws or regulations; and the necessity of defining a post-quantum mechanism to achieve the verifiability of randomness.
In more details, the thesis achievements are:
(a) defining a new class of encryption schemes, by weakening the correctness property, that achieves Differential Privacy (DP), i.e., a mathematically sound definition of privacy;
(b) formalizing a security model for a subset of articles in the European General Data Protection Regulation (GDPR), designing and implementing a cryptographic protocol based on the proposed GDPR-oriented security model, and;
(c) proposing a methodology to compile a post-quantum interactive protocol for proving the correct computation of a pseudorandom function into a non-interactive one, yielding a post-quantum mechanism for verifiable randomness.
Due to the continuous increase of daily communication among people worldwide,
more and more data might be stolen, misused or tampered.
We require to protect our communications and data by achieving privacy and confidentiality.
Despite the two terms, "privacy" and "confidentiality",are often used as synonymous, in cryptography they are modelled in very different ways.
Intuitively, cryptography can be seen as a tool-box in which every scheme, protocol or primitive is a tool that can be used to solve specific problems and provide specific communication security guarantees such as confidentiality. Privacy is instead not easy to describe and capture since it often depends on "which" information is available, "how" are these data used and/or "who" has access to our data.
This licentiate thesis raises research questions and proposes solutions related to: the possibility of defining encryption schemes that provide both strong security and privacy guarantees; the importance of designing cryptographic protocols that are compliant with real-life privacy-laws or regulations; and the necessity of defining a post-quantum mechanism to achieve the verifiability of randomness.
In more details, the thesis achievements are:
(a) defining a new class of encryption schemes, by weakening the correctness property, that achieves Differential Privacy (DP), i.e., a mathematically sound definition of privacy;
(b) formalizing a security model for a subset of articles in the European General Data Protection Regulation (GDPR), designing and implementing a cryptographic protocol based on the proposed GDPR-oriented security model, and;
(c) proposing a methodology to compile a post-quantum interactive protocol for proving the correct computation of a pseudorandom function into a non-interactive one, yielding a post-quantum mechanism for verifiable randomness.
Confidentiality
Verifiable Randomness
Differential Privacy
GDPR
Privacy
Cryptography
Room ES53, EDIT Building, Maskingränd 2, Chalmers
Opponent: Paul Stankovski, Electrical and Information Technology, Lund University, Sweden
Författare
Carlo Brunetta
Chalmers, Data- och informationsteknik, Nätverk och system
Lattice-Based Simulatable VRFs: Challenges and Future Directions
Journal of Internet Services and Information Security,;Vol. 8(2018)p. 57-69
Artikel i vetenskaplig tidskrift
HIKE: Walking the Privacy Trail
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 11124 LNCS(2018)p. 43-66
Paper i proceeding
A Differentially Private Encryption Scheme
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 10599 LNCS(2017)p. 309-326
Paper i proceeding
PRECIS: Integritet och säkerhet i bärbara datorprylar
Vetenskapsrådet (VR) (2014-4845), 2015-01-01 -- 2018-12-31.
Ämneskategorier
Datorteknik
Annan data- och informationsvetenskap
Datavetenskap (datalogi)
Styrkeområden
Informations- och kommunikationsteknik
Utgivare
Chalmers
Room ES53, EDIT Building, Maskingränd 2, Chalmers
Opponent: Paul Stankovski, Electrical and Information Technology, Lund University, Sweden