Primary supervisor
Muhammed EsginResearch area
CybersecurityPrivacy-Enhancing Technologies (PETs) are a set of cryptographic tools that allow information processing in a privacy-respecting manner. As an example, imagine we have a user, say Alice, who wants to get a service from a service provider, say SerPro. To provide the service, SerPro requests Alice's private information such as a copy of her passport to validate her identity. In a traditional setting, Alice has no choice but to give away her highly sensitive information.
A more ideal solution is to use a PET tool to provide Alice a way to (cryptographically) prove to SerPro that she is eligible to receive the service without revealing her passport to any third parties. For example, Alice can prove to SerPro that she has credentials from a certain government agency that she lives in Melbourne and is older than 18 years old without giving away any more personal details.
PETs are extremely powerful tools and have potential to solve major privacy issues encountered today. They can help to minimise private information held by service providers, which in turn can prevent data breaches as happened in the Optus and Medibank hacks. The particular PET tool to be used in this project is called "zero-knowledge proof", which is a proof system that reveals no information beyond the fact that a certain statement (relating to a private information) is true. The statement can, for example, be "I'm older than 18" (without revealing exact age), or "I have enough funds to pay X dollars" (without revealing how much funds exactly), or "I am legitimate member of X agency" (without revealing exactly who), or "My software is not on the blacklist" (without revealing the exact software).
There are multiple aspects of this project.
Design and analysis of new PETs:
This aspect requires a significant math background as it involves exploiting various mathematical results to develop a concrete cryptographic algorithm. Although desired, a strong cryptographic background is not a must. It is also a plus to have some programming experience.
Implementation of a PET algorithm:
This aspect requires significant programming skills as it involves writing efficient (e.g., C/C++) computer codes implementing a cryptographic algorithm. Although desired, a strong cryptographic background is not a must.
Application of a PET algorithm to solve a real-life problem:
This aspect relates to using existing PET algorithms to address a real-life problem that can be of a significant value for the society. There is effectively no limit to what social problem can be targeted. The goal can be to empower underrepresented groups; promote equity, diversity and inclusion; prevent online abuse; applications in the blockchain setting; and many more...
Keywords: cybersecurity, cryptography, privacy, zero-knowledge proofs, blockchain