csstalk

In this talk, Sofía will present FrodoPIR, a highly configurable, stateful, singleserver Private Information Retrieval (PIR) scheme that involves an offline phase that is completely client-independent.

In this talk, Raul will present a novel methodology to quantify and prevent privacy risks by focusing on polygenic scores and phenotypic information.

This seminar presents research on anonymous credentials with Publicly Auditable Privacy Revocation (PAPR). PAPR credentials simultaneously provide conditional user privacy and auditable privacy revocation for credential systems.

Felix will introduce PrePaMS, an efficient participation management system that supports prerequisite checks and reward procedures in a privacy-preserving way. By using a set of proven cryptographic primitives and mechanisms, participations are protected so that service providers and organizers cannot derive the identity of participants even within the reward process.

In this talk, Lucas will address the under-researched area of combining social psychology findings with the construction of secure software systems.

In this talk, I will present DenIM (Deniable Instant Messaging), a novel protocol built on the idea of hiding traffic to make it unobservable to an adversary by piggybacking it on observable traffic. We posit that resilience to traffic analysis must be directly supported by major IM services themselves, and must be done in a low-latency manner without breaking existing features. Hence, DenIM is designed both for compatibility and performance; DenIM is a variant of the Signal protocol—commonly used for strong encryption in instant messaging services, and, DenIM’s bandwidth overhead scales with the volume of regular traffic, as opposed to scaling with time or the number of users.

Alley will argue in favor of using the real/ideal paradigm for defining security in a programming languages context, even when systems are entirely non-probabilistic.

Inevitably, personal data is transferred from EU to third countries. GDPR should follow this data wherever it is transferred. How can this requirement be enforced in practice? Currently, data transfers from EU to third countries are mostly regulated by legal agreements between data exporters and data importers. But these agreements tend to be complicated, unforeseeable, and ultimately inefficient. Technology can be employed to automatically ensure that transferred data is used by a third country is a way that does not violate GDPR. This talk explores information flow control as a tool to enforce GDPR, before it dives into new information flow semantics.

Rebekka will present techniques to build autonomous systems that are aware of humans and their changing preferences. Traditionally, autonomous systems have been designed to automate tasks for a set of predefined objectives (e.g., to reduce energy consumption and minimize cost). These objectives often need to be traded off against each other and might have to be changed over time. In this talk, Rebekka will explain how humans can be kept “on the loop” when working with autonomous systems and their quality trade-offs.

Victor will present in this introductory talk his past work on informed consent in the IoT, and his research perspectives for the CyberSecIT project. The first part of his presentation will summarize his PhD work, including a short video demonstration. The second part will introduce his interdisciplinary experience within the Sustainable Computing Lab in Vienna on the standardization of consent in the IoT. Finally, the third part will expose his research perspectives for the CyberSecIT project with the iSec group at Chalmers.