Seminar Privacy und Technischer Datenschutz

  • Type: seminar
  • Chair: KIT-Fakultäten - KIT-Fakultät für Informatik - Institut für Telematik - ITM Strufe
    KIT-Fakultäten - KIT-Fakultät für Informatik
  • Semester: summer of 2021
  • Place:


  • Lecturer:

    Prof. Dr. Thorsten Strufe
    M.Sc. Thomas Agrikola
    M.Sc. Christiane Kuhn

  • SWS: 2
  • Lv-No.: 2400087

The seminar covers current topics in the research area of technical data protection.

These include, for example:

- Anonymous communication

- Network security

- Anonymous online services

- Anonymous digital payment systems

- Evaluation of the anonymity of online services

- Anonymized publication of data (differential privacy, k-anonymity)

- Transparency/awareness enhancing systems

- Media understanding support


language of lecture


About the seminar

Important Dates

April 12

Organization intro (online, ILIAS video)
Topics presentation (online, ILIAS video)

April 19

Kickoff Reading, Writing, Presenting (online, ILIAS video)

April 20

Topic preferences due

April 23

Topic assignment

July 2

Paper submission deadline

July 9

Reviews due

July 16

Revision deadline

~July 26





#1 Machine Learning with Differential Privacy

Supervisor: Prof. Dr. Thorsten Strufe

Differential Privacy can guarantee the absence of information disclosure in a scenario where a curator calculates operators on databases and applies chosen statistical mechanisms. Machine learning extracts patterns from data, and while the corresponding algorithms can be viewed as operators on databases, they do not lend themselves well to DP analyses. Learning models with DP guarantees has been shown for specific models, but is yet an unsolved problem in the general case.
Shokri and Shmatikov present a first investigation on the matter in 2015 [1], extended by Abadi et al. in 2016 [2].
The task of this seminar topic is to investigate ML algorithms that yield models with DP guarantees (also for simple models, like SVMs, etc), and subsequently describe the state of the art of ML algorithms that aim to achieve models with DP, and the corresponding metrics to measure privacy (for instance membership inference attacks)

[1] Shokri, R.and V. Shmatikov, “Privacy-preserving deep learning,” in ACM CCS, 2015.
[2] Abadi, M. et al., "Deep learning with differential privacy", ACM CCS, 2016.


#2 Covert Computation

Supervisor: M.Sc. Sven Maier

Secure Multi-Party Computation has been around since the 1980s. It enables a set on n parties to securely compute a function without leaking any information on the private inputs that can not be derived from the function output. However, in many scenarios a user already leaks too much information by suggesting to securely compute a certain function - for example, an undercover agent who infiltrated the Mafia would not want to suggest securely computing an AND-gate to an other gang member to find out whether both of them are undercover agents. Covert Two-Party Computation [1] hides not only the inputs, but also the computation itself. Only if the output value is desirable and both parties followed the protocol the output is revealed. Otherwise the parties do not even learn whether or not the other party participated in the computation. This implies a much stronger level of privacy.

The student is free to either introduce the technical details in the construction of [1] or to provide a survey on the achieved level of privacy and efficiency in [1] and in follow-up work [2, 3, 4].

[1] L. von Ahn, N. J. Hopper, and J. Langford. "Covert two-party computation." (2005)
[2] N. Chandran, V. Goyal, R Ostrovsky, and A. Sahai. "Covert Multi-Party Computation." (2007)
[3] G. Couteau. "Revisiting Covert Multiparty Computation." (2016)
[4] S. Jarecki. "Efficient Covert Two-Party Computation." (2018)


#3 Privacy-Preserving Digital Loyalty Programs

Supervisor: M.Sc. Christoph Coijanovic

Loyalty programs have been a staple of the retail and service industry for a long time.
Classically, customers receive a special stamp on a paper card for every purchase.
Once a predefined number of stamps has been reached, the customer can exchange her card for a gift or a rebate.
In recent years, these programs have been increasingly digitized.
This certainly comes with advantages for the customer (less stuff to carry), but also potential privacy risks:
Store owners might be able to link customers to their purchase over multiple visits building detailed profiles.
The situation worsens if loyalty programs are shared between multiple stores (e.g., Payback).
There has been research to bring the privacy-preserving nature of analog loyalty programs to the digital world [1,2], in parts also at KIT [3,4].

The goal of this work is to survey state-of-the art in privacy preserving loyalty programs and to determine how they stack up against the stamp-and-cardboard version.

[1] Eskandarian, S. (2020). Fast Privacy-Preserving Punch Cards. ArXiv, abs/2006.06079.
[2] Bobolz, J., Eidens, F., Krenn, S., Slamanig, D., & Striecks, C. (2020). Privacy-Preserving Incentive Systems with Highly Efficient Point-Collection. Proceedings of the 15th ACM Asia Conference on Computer and Communications Security.
[3] Hoffmann, M., Fetzer, V., Nagel, M., Rupp, A., & Schwerdt, R. (2018). P4TC—Provably-Secure yet Practical Privacy-Preserving Toll Collection. Proceedings on Privacy Enhancing Technologies, 2020, 62 - 152.
[4] Hartung, G., Hoffmann, M., Nagel, M., & Rupp, A. (2017). BBA+: Improving the Security and Applicability of Privacy-Preserving Point Collection. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security.


#4 Unknown Caller: Anonymous Voice Calls

Supervisor: M.Sc. Christoph Coijanovic

Voice over IP (VoIP) applications require very low end-to-end latency to enable smooth communication. Since private information is often exchanged "over the phone", users might want to remain anonymous when using VoIP services. However, this has been a challenge in the past, since protection mechanisms added too much overhead and latency. Recently, a number of protocols have been introduced that claim to be efficient enough for VoIP applications.
In this work, we want to examine two state-of-the-art protocols, Yodel [1] and Aloha [2], and see how they compare with regards to adversary and trust assumptions, used primitives, and introduced overhead.
[1] Lazar, D., Gilad, Y., & Zeldovich, N. (2019). Yodel: strong metadata security for voice calls. Proceedings of the 27th ACM Symposium on Operating Systems Principles.
[2] Ahmad, I., Yang, Y., Agrawal, D., Abbadi, A.E., & Gupta, T. (2021). Aloha: Metadata-private voice communication over fully untrusted infrastructure. IACR Cryptol. ePrint Arch., 2021, 44.


#5 Accountable Anonymous Communication

Supervisor: M.Sc. Christiane Kuhn

To protect whistleblowers and the privacy of the general public from governments and big companies means to communicate anonymously are necessary. However, without accountability such technologies also invite for abuse [2]. While accountability seems to contradict anonymity at the first glance, there are approaches [2,3] to integrate both.

Your task will be to survey anonymous communication networks that include measures for accountability.

[1] Pfitzmann, Andreas, and Marit Hansen. "A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management." (2010).
[2] Diaz, Claudia, and Bart Preneel. "Accountable anonymous communication." Security, Privacy, and Trust in Modern Data Management. Springer, Berlin, Heidelberg, 2007. 239-253.
[3] Backes, Michael, et al. "BackRef: Accountability in anonymous communication networks." International Conference on Applied Cryptography and Network Security. Springer, Cham, 2014.


#6 How to evaluate the anonymization of biometric data?

Supervisor: M.Sc. Simon Hanisch

It has long been known that biometric data is privacy sensitive, as it allows the recognition of individuals and the inference of private attributes. To protect against these threats various anonymization/de-identification methods have been propose and evaluated. However, due to a large number of different biometric traits, their evaluations also vary. The goal of this seminar is to compare the evaluation methodology of biometric traits to find similarities and limitations. Through this, we want to answer the question of how biometric anonymization should be evaluated correctly.

[1] B. M. Lal Srivastava, N. Vauquier, M. Sahidullah, A. Bellet, M. Tommasi and E. Vincent, "Evaluating Voice Conversion-Based Privacy Protection against Informed Attackers," ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Barcelona, Spain, 2020, pp. 2802-2806, doi: 10.1109/ICASSP40776.2020.9053868.
[2] Michael Brennan, Sadia Afroz, and Rachel Greenstadt. 2012. Adversarial stylometry: Circumventing authorship recognition to preserve privacy and anonymity. ACM Trans. Inf. Syst. Secur. 15, 3, Article 12 (November 2012), 22 pages. DOI:
[3] Tekli, Jimmy, et al. "A Framework for Evaluating Image Obfuscation under Deep Learning-Assisted Privacy Attacks." 2019 17th International Conference on Privacy, Security and Trust (PST). IEEE, 2019.


#7 Security and usability of password managers: a survey.

Supervisor: Dr. Patricia Arias Cabarcos

Following security best practices, we should create passwords that are long, highly entropic, and unique for every account, which becomes a complex task given the increased number of services we use today. Furthermore, there are serious privacy implications of password leaks or credential theft, such as user impersonation or blackmailing. In this context, Password Managers (PM’s) were designed as tools to improve both the usability and security of password. These programs work as digital “wallets” that store all user credentials, automating the login process (autofill feature) and helping in the creation of strong passwords.

The goal of this seminar work is to review, categorize, and analyze research works dealing with password managers. The paper will provide an overview of the evolution of research on the security and usability of password managers, identifying open issues and future research directions.

[1] Lyastani, S.G., Schilling, M., Fahl, S., Backes, M. and Bugiel, S., 2018. Better managed than memorized? Studying the Impact of Managers on Password Strength and Reuse. In 27th {USENIX} Security Symposium ({USENIX} Security 18) (pp. 203-220).
[2] Nora Alkaldi and Karen Renaud. 2016. Why Do People Adopt, or Reject, Smartphone Password Managers?. In 1st EuropeanWorkshop on Usable Security (EuroSec2016). 1–14
[3] Stobert, E. and Biddle, R., 2018. The password life cycle. ACM Transactions on Privacy and Security (TOPS), 21(3), pp.1-32.
[4] Seiler-Hwang, S., Arias-Cabarcos, P., Marín, A., Almenares, F., Díaz-Sánchez, D. and Becker, C., 2019, November. " I don't see why I would ever want to use it" Analyzing the Usability of Popular Smartphone Password Managers. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (pp. 1937-1953).
[5] Pearman, S., Zhang, S.A., Bauer, L., Christin, N. and Cranor, L.F., 2019, August. Why people (don’t) use password managers effectively. In Fifteenth Symposium On Usable Privacy and Security (SOUPS 2019). USENIX Association, Santa Clara, CA (pp. 319-338).


#8 Detecting malicious VNF chains and VNF attack defenses in programmable networks

Supervisor: M.Sc. Amr Osman

Network Function Virtualization (NFV) and Service Function Chaining (SFC) have become key technological enablers in modern-day cloud networks. Through SFC, network flows are steered towards an ordered list of network functions that implement key network services. For example, rate-limiting, Deep Packet Inspection (DPI), or Intrusion Detection based on the content (i.e. payload and/or headers) of the observed packets.
However, malicious VNFs may collude and disrupt the intended behavior of the SFC through dropping or modifying packets. They could also mis-behave so that proceeding benign network functions fail to correctly implement their functionality, as they operate on forged, or falsified results from the preceding VNFs. In this work, a survey of the state of the art in VNF attacks and defenses is to be conducted.

[1] A. T. Mizrak, Y. -. Cheng, K. Marzullo and S. Savage, "Fatih: detecting and isolating malicious routers," 2005 International Conference on Dependable Systems and Networks (DSN'05), Yokohama, Japan, 2005, pp. 538-547, doi: 10.1109/DSN.2005.49.
[2] Arash Shaghaghi, Mohamed Ali Kaafar, and Sanjay Jha. 2017. WedgeTail: An Intrusion Prevention System for the Data Plane of Software Defined Networks. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (ASIA CCS '17). Association for Computing Machinery, New York, NY, USA, 849–861. DOI:
[3] Dhawan, Mohan, et al. "SPHINX: detecting security attacks in software-defined networks." Ndss. Vol. 15. 2015.
[4] Nam, Jaehyun, Junsik Seo, and Seungwon Shin. "Probius: Automated approach for vnf and service chain analysis in software-defined nfv." Proceedings of the Symposium on SDN Research. 2018.
[5] Reynaud, François, et al. "Attacks against network functions virtualization and software-defined networking: State-of-the-art." 2016 IEEE NetSoft Conference and Workshops (NetSoft). IEEE, 2016.
[6] Mijumbi, Rashid, et al. "Network function virtualization: State-of-the-art and research challenges." IEEE Communications surveys & tutorials 18.1 (2015): 236-262.