Publication

Bridging the gap between theoretical and practical privacy technologies for at-risk populations

Kasra Edalatnejadkhamene
2023
EPFL thesis
Abstract

With the pervasive digitalization of modern life, we benefit from efficient access to information and services. Yet, this digitalization poses severe privacy challenges, especially for special-needs individuals. Beyond being a fundamental human right, privacy is crucial for roles sensitive in nature, including investigative journalists exposing corruption and humanitarian organizations supporting refugees or survivors of violence. This thesis leverages privacy-enhancing technologies to mitigate the risks of digitalization while retaining its advantages.Recent breakthroughs in cryptography, such as fully homomorphic encryption and secure multiparty computation, provide robust tools for privacy. However, there is still no silver bullet solution that can achieve efficient privacy out of the box. We observe that there often is a gap between theoretical cryptographic solutions and real-world problems. Identifying and bridging these gaps enables us to design pragmatic privacy-enhancing technologies tailored for real-world deployment. In this thesis, we identify and solve four real-world problems.We first present the problem of searching sensitive documents among a network of investigative journalists. In collaboration with the International Consortium of Investigative Journalists, we design a decentralized peer-to-peer privacy-preserving search engine called DatashareNetwork. Our solution enables journalists to find colleagues who have relevant documents for their topic of investigation and anonymously discuss the possibility of collaboration. We develop a prototype of DatashareNetwork and demonstrate that it scales to thousands of journalists and millions of documents.We introduce a new class of problems called private collection matching in which a client aims to determine whether a collection of sets owned by a server matches their interests such as searching confidential chemical compound databases. We design a framework based on fully homomorphic encryption to solve these problems. Our solution, takes the data minimization principle to the maximum and shows the possibility of satisfying clients' needs by only revealing a single bit. We evaluate our framework and show that it significantly improves the latency, client computation cost, and communication cost with respect to generic solutions that offer the same privacy guarantee.We examine the problem of preventing double registration in humanitarian aid distribution with a focus on the needs of the International Committee of Red Cross. In response, we design Janus, a privacy-preserving biometric deduplication system that is compatible with fingerprints, irises, and face recognition; and supports both biometric alignment and fusion. We design and develop three instantiations of Janus based on secure multiparty computation, somewhat homomorphic encryption, and trusted execution environments. We evaluate Janus to show it satisfies theprivacy, accuracy, and performance needs of humanitarian organizations.Finally, we study the problem of detecting insecure ciphers in aircraft communication at scale. We design and develop a decision support system that helps human analysts to detect new ciphertexts in aircraft communication. We evaluate our system by applying it to real-world data and asking our analyst to use our support system to find new ciphers. Our analysis led to uncovering of 9 previously unknown (and potentially insecure) ciphers which we disclose to various stakeholders.

About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.
Related concepts (39)
Right to privacy
The right to privacy is an element of various legal traditions that intends to restrain governmental and private actions that threaten the privacy of individuals. Over 150 national constitutions mention the right to privacy. On 10 December 1948, the United Nations General Assembly adopted the Universal Declaration of Human Rights (UDHR), originally written to guarantee individual rights of everyone everywhere; while right to privacy does not appear in the document, many interpret this through Article 12, which states: "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation.
Privacy law
Privacy law is the body of law that deals with the regulating, storing, and using of personally identifiable information, personal healthcare information, and financial information of individuals, which can be collected by governments, public or private organisations, or other individuals. It also applies in the commercial sector to things like trade secrets and the liability that directors, officers, and employees have when handing sensitive information.
Humanitarian aid
Humanitarian aid is material and logistic assistance to people who need help. It is usually short-term help until the long-term help by the government and other institutions replaces it. Among the people in need are the homeless, refugees, and victims of natural disasters, wars, and famines. Humanitarian relief efforts are provided for humanitarian purposes and include natural disasters and human-made disasters. The primary objective of humanitarian aid is to save lives, alleviate suffering, and maintain human dignity.
Show more
Related publications (75)

Differentially private multi-agent constraint optimization

Boi Faltings, Sujit Prakash Gujar, Aleksei Triastcyn, Sankarshan Damle

Distributed constraint optimization (DCOP) is a framework in which multiple agents with private constraints (or preferences) cooperate to achieve a common goal optimally. DCOPs are applicable in several multi-agent coordination/allocation problems, such as ...
Dordrecht2024

The Privacy Power of Correlated Noise in Decentralized Learning

Rachid Guerraoui, Martin Jaggi, Anastasiia Koloskova, Youssef Allouah, Aymane El Firdoussi

Decentralized learning is appealing as it enables the scalable usage of large amounts of distributed data and resources (without resorting to any central entity), while promoting privacy since every user minimizes the direct exposure of their data. Yet, wi ...
PMLR2024

PRO-Face C: Privacy-Preserving Recognition of Obfuscated Face via Feature Compensation

Touradj Ebrahimi, Lin Yuan, Xiao Pu, Yao Zhang, Hongbo Li

The advancement of face recognition technology has delivered substantial societal advantages. However, it has also raised global privacy concerns due to the ubiquitous collection and potential misuse of individuals' facial data. This presents a notable par ...
Ieee-Inst Electrical Electronics Engineers Inc2024
Show more
Related MOOCs (1)
Humanitarian Action in the Digital Age
The first MOOC about responsible use of technology for humanitarians. Learn about technology and identify risks and opportunities when designing digital solutions.

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.