Chair of IT Security (PS)

Privacy Enhancing Technologies

  • Type: seminar
  • Semester: winter of 2020/2021
  • Place:


  • Lecturer:

    M.Sc. Christiane Kuhn

About the seminar

The seminar follows the idea of a scientific conference.

  • As scientific conferences are hold in English, this seminar is hold in English, too.
  • Each participant will get a topic (topic suggestions can be found below later) to which he/she writes a short paper in the following 6-8 weeks. This paper is then submitted for review. At this point the content of the paper must be complete and the paper written entirely. Unfinished submissions will be excluded from the remainder of the course.
  • Each participant will peer-review 2 or 3 papers written by other participants in the next 1-2 weeks. "Reviewing" means reading the paper in-depth and making suggestions for improvements.
  • Each participant will receive the reviews to his/her work and will revise his/her paper in the following 1-2 weeks.
  • At the end of the term (date will be announced later) the conference will take place. Each participant gives a presentation, which is followed by a short discussion. For the grade, preparation and presentation of the work as well as the quality of the reviews and the report are taken into account.

You can register for this seminar via the corresponding ILIAS course. The German name for this seminar is "Privacy and Technischer Datenschutz".

Important dates

November 2

Organization intro (online, ILIAS video)
Topics presentation (online, ILIAS video)
November 5 Kickoff Reading, Writing, Presenting (not mandatory, online, ILIAS video)
November 6 Topic preferences due
November 9 Topic assignment
January 25 Paper submission deadline
February 3 Reviews due
February 10 Revision deadline
TBD (~February 20) Presentations




Topic 1: A survey on privacy-preserving biometrics

Supervisor: Dr. Patricia Arias Cabarcos

New biometric technologies for authentication are being developed as alternative to passwords. A promising type of solutions are behavioral-based approaches that collect user patterns (e.g., keystrokes, gait) for implicit and continuous identification. However, this kind of mechanisms, as well as more traditional biometrics like fingerprint, raise privacy concerns. For example, biometric data can leak sensitive information (gender, age, medical conditions), or could be used to impersonate users if not properly protected.

The goal of this seminar work is to research, categorize, and analyze works dealing with privacy-preserving biometrics.

[1] Belguechi, Rima, et al. "An overview on privacy preserving biometrics." Recent Application in Biometrics (2011): 65-84.
[2] Rathgeb C, Uhl A. A survey on biometric cryptosystems and cancelable biometrics. EURASIP Journal on Information Security. 2011 Dec 1;2011(1):3.
[3] Bringer, J., Chabanne, H. and Patey, A., 2013. Privacy-preserving biometric identification using secure multiparty computation: An overview and recent trends. IEEE Signal Processing Magazine, 30(2), pp.42-52.


Topic 2: A review of Privacy-Enhancing Technologies through the lens of usability

Supervisor: Dr. Patricia Arias Cabarcos

There are numerous Privacy Enhancing Technologies (PETs) for online and mobile protection, such as anti-tracking extensions like Privacy Badger, anonymous communication tools like TOR, or email encryption services like ProtonMail, which could offer valuable support in avoiding unwanted processing of personal data. However, the adoption of PETs by the general public is still low and usability issues are known to be a barrier for acceptance.

The goal of this seminar work is to research, categorize, and analyze works dealing with the usability of PETs in order to identify open challenges and future directions to bring these tools closer to users.

[1] ENISA. Privacy Enhancing Technologies.
[2] Shen, Yun, and Siani Pearson. "Privacy enhancing technologies: A review." HP Laboratories 2739 (2011): 1-30.


Topic 3: Privacy preserving techniques in smart grids

Supervisor: Dr. Andres Marin Lopez <andres marin∂uc3m es>

Electrical grids are evolving from simple electricity transportation means to additionally offer duplex communication channels for advanced services. Those services include improved energy generation, transportation and distribution, and the users benefit from Demand-Response, own electricity generation (Prosumers), etc. The other face of the coin are the new security and privacy challenges of this evolution (see [1]). This work consists of selecting one of the proposals in [2-5] to do a critical analysis and propose some improvement. 

[1] McDaniel, P., & McLaughlin, S. (2009). Security and privacy challenges in the smart grid. IEEE Security & Privacy, 7(3), 75-77.

[2] Lyu, L., Nandakumar, K., Rubinstein, B., Jin, J., Bedo, J., & Palaniswami, M. (2018). PPFA: Privacy preserving fog-enabled aggregation in smart grid. IEEE Transactions on Industrial Informatics, 14(8), 3733-3744.
[3] Liu, Y., Guo, W., Fan, C. I., Chang, L., & Cheng, C. (2018). A practical privacy-preserving data aggregation (3PDA) scheme for smart grid. IEEE Transactions on Industrial Informatics, 15(3), 1767-1774.
[4] Gai, K., Wu, Y., Zhu, L., Xu, L., & Zhang, Y. (2019). Permissioned blockchain and edge computing empowered privacy-preserving smart grid networks. IEEE Internet of Things Journal, 6(5), 7992-8004.
[5] Li, D., Yang, Q., Yu, W., An, D., Zhang, Y., & Zhao, W. (2019). Towards differential privacy-based online double auction for smart grid. IEEE Transactions on Information Forensics and Security, 15, 971-986.


Topic 4: Private Information Retrieval - Writing 

Supervisor: M.Sc. Christoph Coijanovic

Private Information Retrieval (PIR) allows users access to items of an external database without the database knowing which items where accessed [1,2]. While PIR is a very active field of research, this topic wants to focus on the "other direction", i.e., PIR-Writing (also known as Private Information Storage or Private Database Modification) [3-6], which receives considerably less attention. The goal of this topic is to find state of the art PIR-writing protocols and to compare them based on assumed adversary model, given privacy guarantees and performance.

[1] B. Chor, O. Goldreich, E. Kushilevitz and M. Sudan, "Private information retrieval," Proceedings of IEEE 36th Annual Foundations of Computer Science, Milwaukee, WI, USA, 1995, pp. 41-50, doi: 10.1109/SFCS.1995.492461.
[2] E. Kushilevitz and R. Ostrovsky, "Replication is not needed: single database, computationally-private information retrieval," Proceedings 38th Annual Symposium on Foundations of Computer Science, Miami Beach, FL, USA, 1997, pp. 364-373, doi: 10.1109/SFCS.1997.646125.
[3] Boneh D., Kushilevitz E., Ostrovsky R., Skeith W.E. (2007) Public Key Encryption That Allows PIR Queries. In: Menezes A. (eds) Advances in Cryptology - CRYPTO 2007. CRYPTO 2007. Lecture Notes in Computer Science, vol 4622. Springer, Berlin, Heidelberg.
[4] Ostrovsky, R., & Shoup, V. (1997, May). Private information storage. In Proceedings of the twenty-ninth annual ACM symposium on Theory of computing (pp. 294-303).
[5] Lipmaa H., Zhang B. (2010) Two New Efficient PIR-Writing Protocols. In: Zhou J., Yung M. (eds) Applied Cryptography and Network Security. ACNS 2010. Lecture Notes in Computer Science, vol 6123. Springer, Berlin, Heidelberg.
[6] Eskandarian, S., Corrigan-Gibbs, H., Zaharia, M., & Boneh, D. (2019). Express: Lowering the Cost of Metadata-hiding Communication with Cryptographic Privacy. arXiv preprint arXiv:1911.09215.


Topic 5: Anonymous Broadcast

Supervisor: M.Sc. Christoph Coijanovic

There are a number of protocols offering an "anonymous broadcast" functionality, e.g., [1,2,3]. However, what goals are actually aimed to be achieved and what assumptions are made differs significantly between approaches. The goal of this topic is to provide an overview of what kinds of anonymous broadcast exist and how such functionalities can be achieved.

[1] Stajano F., Anderson R. (2000) The Cocaine Auction Protocol: On the Power of Anonymous Broadcast. In: Pfitzmann A. (eds) Information Hiding. IH 1999. Lecture Notes in Computer Science, vol 1768. Springer, Berlin, Heidelberg.
[2] Zamani, M., Saia, J., Movahedi, M., & Khoury, J. (2013). Towards provably-secure scalable anonymous broadcast. In 3rd {USENIX} Workshop on Free and Open Communications on the Internet ({FOCI} 13).
[3] Abraham, I., Pinkas, B., & Yanai, A. (2020). Blinder: MPC Based Scalable and Robust Anonymous Committed Broadcast. IACR Cryptol. ePrint Arch., 2020, 248.


Topic 6: Enhancing Privacy with Quantum Technologies

Supervisor: M.Sc. Marcel Tiepelt

Quantum Computing is likely to be the next level of technological evolution. In the field of IT security this step allows significant speedups for some computational problems threatening secure commutation, but also enables new protocol constructions. In terms of privacy, quantum technology allows to achieve stronger security notions such as hiding the identity of communicating parties.

In this seminar, the aim is to survey the possibilities enabled by quantum computing, e.g. perfectly traceless anonymous transmission of information, which frankly is not possible in the classical model. Open challenges as well as known impossibility results may complement the survey.



Topic 7: Accountable Anonymous Communication

Supervisor: M.Sc. Christiane Kuhn

To protect whistleblowers and the privacy of the general public from governments and big companies means to communicate anonymously are necessary. However, without accountability such technologies also invite for abuse [2]. While accountability seems to contradict anonymity at the first glance, there are approaches [2,3] to integrate both.

Your task will be to survey anonymous communication networks that include measures for accountability.

[1] Pfitzmann, Andreas, and Marit Hansen. "A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management." (2010).
[2] Diaz, Claudia, and Bart Preneel. "Accountable anonymous communication." Security, Privacy, and Trust in Modern Data Management. Springer, Berlin, Heidelberg, 2007. 239-253.
[3] Backes, Michael, et al. "BackRef: Accountability in anonymous communication networks." International Conference on Applied Cryptography and Network Security. Springer, Cham, 2014.


Topic 8: Secure Network Tunnel SmartNIC offload

Supervisor: M.Sc. Simon Hanisch

Secure network tunnels are a core building block for network security as they offer confidentiality and integrity for network packets.  However, this security comes at the price of a performance overhead that secure network tunnels impose on their transported packets.  Therefore it is desirable to keep the performance overhead minimal to not impact applications requiring low latency and high throughput. A new hardware option to decrease this overhead are fully programmable network interface cards (NIC), so-called smartNICs. The task of this seminar is to review the literature regarding the overhead reduction of secure network tunnels. The main focus should be on latency and the secondary focus should be on throughput.