Organisation

In this seminar, students will research one of the given topics (see below) to write a short seminar paper during the semester. At the end, they will present their paper to their peers and engage in discussions about the various topics.

The seminar aims to teach students in three aspects:

• Technical knowledge in various areas of security and privacy.
• Basic skills related to scientific research, paper writing and a scientific style.
• The basics of the scientific process, how conferences and peer reviews work.

Schedule

Registration

Registration is done in ILIAS, please join the course. You can find the link on the top of this page. There will be a limited number of slots available, which will be distributed on a first-come-first-served basis.

Preliminary list of topics

This is a preliminary list of available topics. Further topics may be added until the introductory session.

#1 Selective Failure Attacks on Private Information Retrieval

Supervisor: Christoph Coijanovic

Private Information Retrieval (PIR) is a useful building block of anonymous communication because it allows a client to retrieve a record from a server's database without the server knowing which record the client wants. Most PIR protocols are vulnerable to selective failure attacks: Suppose the server suspects that a client is interested in the ith record. If the server corrupts only that record, the client's post-retrieval behavior may reveal whether it really wanted the ith record (e.g., by re-retrieving due to the corruption).

Recently, there has been much interest in making PIR secure against selective failure attacks [1-5].

The goal of this seminar paper is to understand how selective failure attacks work, under what conditions a PIR scheme is vulnerable to them, and how they can be mitigated.

References:

1. Colombo, Simone et al. “Authenticated private information retrieval.” IACR Cryptology ePrint Archive (2023).
2. Dietz, Marian and Stefano Tessaro. “Fully Malicious Authenticated PIR.” IACR Cryptology ePrint Archive (2023).
3. Wang, Yinghao et al. “Crust: Verifiable And Efficient Private Information Retrieval with Sublinear Online Time.” IACR Cryptol. ePrint Arch. 2023 (2023): 1607.
4. Castro, Leo de and Keewoo Lee. “VeriSimplePIR: Verifiability in SimplePIR at No Online Cost for Honest Servers.” IACR Cryptol. ePrint Arch. 2024 (2024): 341.
5. Falk, Brett Hemenway et al. “Malicious Security for PIR (almost) for Free.” IACR Cryptol. ePrint Arch. 2024 (2024): 964.

#2 Quantum Homomorphic Encryption (QHE)

Supervisor: Shima Hassanpour

Survey the existing approaches proposed for quantum homomorphic encryption. Categorise them in terms of method and privacy solution.

References:

• Rohde, P.P., Fitzsimons, J.F., Gilchrist, A.: Quantum walks with encrypted data. Phys. Rev. Lett. 109(15), 150501 (2012)
• Zhang, Yuan-Jing, et al. “Quantum homomorphic encryption based on quantum obfuscation.” 2020 International Wireless Communications and Mobile Computing (IWCMC). IEEE, 2020.

#3 Quantum Physical Unclonable Function (PUF)

Supervisor: Shima Hassanpour

Survey the existing quantum PUF-based protocols proposed as a cryptographic primitives and investigate the adversarial model.

References:

• Arapinis, Myrto, et al. “Quantum physical unclonable functions: Possibilities and impossibilities.” Quantum 5 (2021): 475.
• Nilesh, Kumar, Christian Deppe, and Holger Boche. “Quantum PUF and its Applications with Information Theoretic Analysis.” 2024 IEEE 10th World Forum on Internet of Things (WF-IoT). IEEE, 2024.

#4 Atagging Tor

Supervisor: Daniel Schadt

Tor is a widely used network that anonymizes a user's connections by routing them over a series of volunteer-run relays. However, Tor is susceptible to a so-called tagging attack, where a relay early in the circuit modifies the data stream in a way that a relay further down the path can recognize and undo the modifications, thereby identifying the circuit's source.

Such attacks have been known since Tor's inception, but their impact was underrated, as Tor already allows for time-based end-to-end correlation anyway. However, their severity has been re-assessed and the project is now looking to find solutions.

Your task in this seminar is to summarize those assessments [1, 2], and compare proposed countermeasures [3, 4, 5].

References:

1. The23rd Raccoon: How I Learned to Stop Ph34ring NSA and Love the Base Rate Fallacy, https://archive.torproject.org/websites/lists.torproject.org/pipermail/tor-dev/2008-September/002493.html
2. The 23rd Raccoon: Analysis of the Relative Severity of Tagging Attacks, https://archive.torproject.org/websites/lists.torproject.org/pipermail/tor-dev/2012-March/003347.html
3. Nick Mathweson: AEZ for relay cryptography, Tor proposal 261, https://spec.torproject.org/proposals/261-aez-crypto.html
4. Tomer Ashur, Orr Dunkelman, Atul Luykx: Using ADL for relay cryptography, Tor proposal 295, https://spec.torproject.org/proposals/295-relay-crypto-with-adl.html
5. Degabriele et al: Counter Galois Onion: Fast Non-Malleable Onion Encryption for Tor, https://eprint.iacr.org/2025/583.pdf

#5 Lightweight Privacy Protections for Video Data

Supervisor: Simon Hanisch

For privacy protection techniques to be effective, they must be applied as close as possible to the sensor collecting the data. To achieve this, we need lightweight privacy protectors that can run on embedded hardware, close to the recording sensors. These privacy protections must be fast enough to handle large data streams and then effectively anonymize them. The goal of this seminar is to find and compare suitable privacy protections that are lightweight enough to be used in an embedded scenario.

References:

• PrivacyLens: On-Device PII Removal from RGB Images using Thermally-Enhanced Sensing
• CIAGAN: Conditional Identity Anonymization Generative Adversarial Networks

#6 Survey on Gait-based Acoustic Identification

Supervisor: Julian Todt

Gait—the way that we walk—is a very distinctive biometric trait that can be reliably used to identify individuals. Most commonly, this identification occurs using videos or motion captures of individual's gait. But, there have also been studies that use sound recordings of gait in order to identify individuals.

The goal of this seminar topic is to survey the literature on gait-based identification using acoustic recordings and compare the approaches.

References:

• Wei Xu, ZhiWen Yu, Zhu Wang, Bin Guo, and Qi Han. 2019. AcousticID: Gait-based Human Identification Using Acoustic Signal. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. 3, 3, Article 115 (September 2019), 25 pages. https://doi.org/10.1145/3351273
• Jürgen T. Geiger, Maximilian Kneißl, Björn W. Schuller, and Gerhard Rigoll. 2014. Acoustic Gait-based Person Identification using Hidden Markov Models. In Proceedings of the 2014 Workshop on Mapping Personality Traits Challenge and Workshop (MAPTRAITS '14). Association for Computing Machinery, New York, NY, USA, 25–30. https://doi.org/10.1145/2668024.2668027