Cryptographic Tools for Privacy Preservation
Doktorsavhandling, 2021
Data permeates every aspect of our daily life and it is the backbone of our digitalized society. Smartphones, smartwatches and many more smart devices measure, collect, modify and share data in what is known as the Internet of Things.
Often, these devices don’t have enough computation power/storage space thus out-sourcing some aspects of the data management to the Cloud. Outsourcing computation/storage to a third party poses natural questions regarding the security and privacy of the shared sensitive data.
Intuitively, Cryptography is a toolset of primitives/protocols of which security prop- erties are formally proven while Privacy typically captures additional social/legislative requirements that relate more to the concept of “trust” between people, “how” data is used and/or “who” has access to data. This thesis separates the concepts by introducing an abstract model that classifies data leaks into different types of breaches. Each class represents a specific requirement/goal related to cryptography, e.g. confidentiality or integrity, or related to privacy, e.g. liability, sensitive data management and more.
The thesis contains cryptographic tools designed to provide privacy guarantees for different application scenarios. In more details, the thesis:
(a) defines new encryption schemes that provide formal privacy guarantees such as theoretical privacy definitions like Differential Privacy (DP), or concrete privacy-oriented applications covered by existing regulations such as the European General Data Protection Regulation (GDPR);
(b) proposes new tools and procedures for providing verifiable computation’s guarantees in concrete scenarios for post-quantum cryptography or generalisation of signature schemes;
(c) proposes a methodology for utilising Machine Learning (ML) for analysing the effective security and privacy of a crypto-tool and, dually, proposes a secure primitive that allows computing specific ML algorithm in a privacy-preserving way;
(d) provides an alternative protocol for secure communication between two parties, based on the idea of communicating in a periodically timed fashion.
Often, these devices don’t have enough computation power/storage space thus out-sourcing some aspects of the data management to the Cloud. Outsourcing computation/storage to a third party poses natural questions regarding the security and privacy of the shared sensitive data.
Intuitively, Cryptography is a toolset of primitives/protocols of which security prop- erties are formally proven while Privacy typically captures additional social/legislative requirements that relate more to the concept of “trust” between people, “how” data is used and/or “who” has access to data. This thesis separates the concepts by introducing an abstract model that classifies data leaks into different types of breaches. Each class represents a specific requirement/goal related to cryptography, e.g. confidentiality or integrity, or related to privacy, e.g. liability, sensitive data management and more.
The thesis contains cryptographic tools designed to provide privacy guarantees for different application scenarios. In more details, the thesis:
(a) defines new encryption schemes that provide formal privacy guarantees such as theoretical privacy definitions like Differential Privacy (DP), or concrete privacy-oriented applications covered by existing regulations such as the European General Data Protection Regulation (GDPR);
(b) proposes new tools and procedures for providing verifiable computation’s guarantees in concrete scenarios for post-quantum cryptography or generalisation of signature schemes;
(c) proposes a methodology for utilising Machine Learning (ML) for analysing the effective security and privacy of a crypto-tool and, dually, proposes a secure primitive that allows computing specific ML algorithm in a privacy-preserving way;
(d) provides an alternative protocol for secure communication between two parties, based on the idea of communicating in a periodically timed fashion.
Outsourced Computation
Verifiability
Cryptography
Privacy
Cloud Computing
Room 8103, EDIT Building, Maskingränd 2, Chalmers |Zoom: for the password, contact Carlo Brunetta.
Opponent: Prof. Thomas Johansson, Electrical and Information Technology, Lund University, Lund, Sweden
Författare
Carlo Brunetta
Chalmers, Data- och informationsteknik, Nätverk och system
A Differentially Private Encryption Scheme
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 10599 LNCS(2017)p. 309-326
Paper i proceeding
HIKE: Walking the Privacy Trail
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 11124 LNCS(2018)p. 43-66
Paper i proceeding
Lattice-Based Simulatable VRFs: Challenges and Future Directions
Journal of Internet Services and Information Security,;Vol. 8(2018)p. 57-69
Artikel i vetenskaplig tidskrift
Code-Based Zero Knowledge PRF Arguments
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 11723(2019)p. 171-189
Paper i proceeding
Modelling Cryptographic Distinguishers Using Machine Learning
Journal of Cryptographic Engineering,;Vol. 12(2022)p. 123-135
Artikel i vetenskaplig tidskrift
Non-Interactive, Secure Verifiable Aggregation for Decentralized, Privacy-Preserving Learning
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 13083 LNCS(2021)p. 510-5128
Paper i proceeding
Turn-Based Communication Channels
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 13059 LNCS(2021)p. 376-392
Paper i proceeding
Data permeates every aspect of our daily life and it is the backbone of our digitalized society. Smartphones, smartwatches and many more smart devices measure, collect, modify and share data in what is known as the Internet of Things. Often, these devices don’t have enough computation power/storage space thus outsourcing some aspects of the data management to the Cloud. Outsourcing computation/storage to a third party poses natural questions regarding the security and privacy of the shared sensitive data.
This thesis provides a classification of any form of data leakage while providing a separation between cryptographic and privacy guarantees. Intuitively, Cryptography is a toolset of primitive/protocols of which security properties are formally proven secure. On the other hand, Privacy captures additional social/legislative requirements that relate more to the concept of “trust” between people, “how” data is used and/or “who” has access to the data. For this reason, this thesis provides novel crypto-tools that guarantee privacy by design in several realistic applications.
This thesis provides a classification of any form of data leakage while providing a separation between cryptographic and privacy guarantees. Intuitively, Cryptography is a toolset of primitive/protocols of which security properties are formally proven secure. On the other hand, Privacy captures additional social/legislative requirements that relate more to the concept of “trust” between people, “how” data is used and/or “who” has access to the data. For this reason, this thesis provides novel crypto-tools that guarantee privacy by design in several realistic applications.
PRECIS: Integritet och säkerhet i bärbara datorprylar
Vetenskapsrådet (VR) (2014-4845), 2015-01-01 -- 2018-12-31.
Ämneskategorier
Annan data- och informationsvetenskap
Matematik
Data- och informationsvetenskap
Systemvetenskap
Datavetenskap (datalogi)
Styrkeområden
Informations- och kommunikationsteknik
ISBN
978-91-7905-528-8
Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 4995
Utgivare
Chalmers
Room 8103, EDIT Building, Maskingränd 2, Chalmers |Zoom: for the password, contact Carlo Brunetta.
Opponent: Prof. Thomas Johansson, Electrical and Information Technology, Lund University, Lund, Sweden