Huge amounts of data exist about every one of us, the use of which has the potential to improve our lives and the world we live in. However, concerns about the privacy of this data have naturally become an increasingly prevalent issue. The aim of privacy-preserving analysis is to utilise this data to its fullest potential without compromising our privacy.
Explaining the science
In this talk we consider FHE schemes based on the Ring Learning with Errors (Ring-LWE) problem and focus on two matters of practical interest. The first is the selection of secure Ring-LWE parameters. In particular, we discuss the differing estimates used in the submissions to the NIST process for the running time of algorithms to solve Ring-LWE. The second is the choice of an appropriate encoding from raw data into the plaintext space, which can impact on efficiency.
Privacy-preserving algorithms for decentralised collaborative learning: Dr Aurélien Bellet
Dr Emiliano De Cristofaro's research is in security and privacy enhancing technologies. He's currently working on understanding and countering security issues via measurement studies and data-driven analysis, as well as tackling problems at the intersection of machine learning and security & privacy.
Private set intersection (PSI) allows two parties to compute the intersection of their sets without revealing any information about items that are not in the intersection. This talk surveys several custom PSI protocols, and describe how to apply generic MPC protocols to computing PSI while computing only a linear number of comparisons.
Differential privacy is a robust mathematical framework for designing privacy-preserving computations on sensitive data. This tutorial covers the key definitions and intuitions behind differential privacy and introduces the core building blocks used by most differentially private mechanisms.
Hiding memory access patterns is required for secure computation, but remains prohibitively expensive for many interesting applications. This talk presents two works addressing this question: a new oblivious RAM (ORAM) construction and a secure computation scheme using ORAM in the context of Boolean database queries.
- To understand the interplay between different privacy-enhancing techniques and how they can be used in practice for privacy-preserving data analysis.
- It is important to develop a unified approach to secure, privacy-preserving data analysis as well as finding an effective, mathematically robust definition of privacy.
- We will organise periodic workshops and talks at the Turing, as well as lectures and tutorials aimed at a general audience. Although the focus of the group is on technical aspects, engaging with researchers on ethical and regulatory aspects will be one of the workshops’ goals.
- Privacy-preserving data analysis has become a crucial aspect of data science, and is recognised as an important problem within several research communities.
- Recent advances in cryptography, systems, and hardware security, have made privacy-preserving computation practical.
- There are several deployments in existing and new products, and lots of interest both from industry and the government.
Finding secure ways of providing public access to private datasets
Challenges: Technical issues, security breaches, human errors or scalability
Example output: Making health data accessible to researchers
Enabling joint analysis on private data held by several organisations
Challenges: Privacy concerns
Example output: Joining data from two medical organisations to produce more accurate analysis
Securely outsourcing computations on private data
Challenges: A cryptographic approach or a hardware based approach, or a combination
Example output: Leveraging cloud infrastructure to free organisations from having to maintain their own secure data centres
Securely decentralising services that rely on private data from individuals
Challenges: Avoiding storing particular individual’s data in a central server, avoiding re-identification
Example output: Computing aggregate statistics from user data collected from mobile devices or internet browsers
How to get involved
Amir Houmansadr, University of Massachusetts Amherst
Antti Koskela, University of Helsinki
Aurélien Bellet, Inria
Georgi Ganev, Hazy and UCL
Boris Köpf, Microsoft Research
Borja Balle, DeepMind
Bristena Oprisanu, UCL
Benny Pinkas, Bar-Ilan University
Carmela Troncoso, EPFL
Florian Tramèr, Stanford University
Hamed Haddadi, Imperial College
Jamie Hayes, DeepMind
Jason McFall, Privitar
Lorenzo Cavallaro, King’s College London
Luca Melis, AWS Security
Mohammad Naseri, UCL
Nicolas Papernot, University of Toronto
Olya Ohrimenko, University of Melbourne
Santiago Zanella-Béguelin, Microsoft Research
Shruti Tople, Microsoft Research
Tejas Kulkarni, Aalto University
Yang Zhang, CISPA Helmholtz Center for Information Security