Current Topics in Cryptography (Sommersemester 2020)
Dozent: Prof. Dr. Anja Lehmann
(Cyber Security - Identity Management)
- Semesterwochenstunden: 4
- ECTS: 6
- Einschreibefrist: 01.04.2020 - 22.04.2020
- Lehrform: Seminar
- Belegungsart: Wahlpflichtmodul
- Lehrsprache: Englisch
- Maximale Teilnehmerzahl: 10
Studiengänge & Module
- ISAE-Techniken und Werkzeuge
- ISAE-Konzepte und Methoden
Due to the current situation, the originally planned lecture/seminar is replaced by a more collaborative (online) seminar with max. 10 participants and will take place via zoom.
The goal of the seminar is to investigate, analyze and develop cryptographic approaches for privacy-preserving contact tracing apps, and will consist of three main parts:
Introduction into privacy-preserving cryptography
We will start with a brief introduction on the privacy risks of location data and discuss a number of privacy-preserving building blocks and protocols, such as private set intersection, privacy-preserving authentication (group and traceable signatures) and "privacy-modes" for encryption (key privacy, re-randomizable encryption). This introduction should mainly give an idea how certain functionality and operations can be done in a privacy-friendly manner.
Current approaches to (privacy-preserving) contact tracing apps
A number of contact tracing apps and projects to develop such functionality in a more privacy-preserving way have already been proposed (e.g., SafeTrace, PEPP-PT, DP-3T, TraceTogether, ...). For the second part we will look into these existing and planned solutions, and analyze and compare their different approaches, e.g., centralized services, decentralized tracing via bluetooth beacons, bulletin boards with encrypted location data, etc. This work will be assigned to small groups of 2-3 students at the beginning of the seminar, and each group will present their results to the rest of group. The selection of existing solutions is quite a fast moving target at the moment and will be refined at the beginning of the seminar.
Security and privacy of contact tracing
Finally, we look at how security and privacy properties can be defined formally, formulate and formalize the desireable properties of such tracing apps; and analyze which of the current approaches achieve them, or if/how they can be made secure.
Disclaimer: The goal of this seminar is not to develop a functioning app for such contract tracing, but to understand, formulate, analyze and possibly improve the security and privacy guarantees of such solutions.
Introduction to Modern Cryptography. Katz and Lindell.
50% Seminar participation
50% Project report