Privacy-Friendly Services and Apps

Catuscia Palamidessi, INRIA Saclay

The goals of the project• How modern on-line services and applications may be engineered to provide

a higher degree of technical privacy protection.

• Systems that process personal information but generate information that is publicly disclosed.

• Systems that process personal information and generate private or confidential information.

• Develop principled and robust definitions of privacy, as well as methods for evaluating the quality of protection offered by different proposed mechanisms.

• Particular focus on Location Privacy

• Develop high quality software tools for developing and evaluating privacy-friendly services.

The participantsMSR Cambridge

• George Danezis • Andrew D. Gordon • Markulf Kohlweiss • Cédric Fournet • Santiago Zanella Béguelin

Inria Grenoble - Rhône-Alpes • Gergely Ács (Research engineer) • Claude Castelluccia • Daniel Le Métayer • Javier Parra-Arnau (Postdoc)

Inria Saclay

• Nicolas Bordenabe (ex PhD student) • Kostas Chatzikokolakis • Ehab El Salamouny (Postdoc) • Joris Lamare • Catuscia Palamidessi • Marco Stronati (Postdoc - ex PhD student)

Inria Rennes • Fabrizio Biondi (Postdoc) • Sébastien Gambs • Axel Legay

Key members

Kostas Chatzikokolakis (CNRS & INRIA)Quantitative information flow

Differential privacy Location privacy Location guard

Catuscia Palamidessi (INRIA)Quantitative information flow

Differential privacy Location privacy

Sébastian Gambs (INRIA)Location privacy, Geppetto (tool)

Santiago Zanella-Béguelin (MSR)Program specification and verification Verification of cryptographic systems

and their implementation

Marco Stronati (EP & INRIA)Location privacy,

Location guard (tool)

Markulf Kohlweiss (MSR)Verification of cryptographic protocols

Privacy issues in smart meters Zero-knowledge proofs

Malleability

Lines of collaboration• Expertize

• The MRS researchers are particularly expert in cryptographic protocols and zero-knowledge proof

• The INRIA researchers are particularly expert in differential privacy, quantitative information flow, and location privacy

• Some topics of cooperation:

• Use of cryptography for access control (confidentiality, privacy)

• Encompassing realistic (resource-bounded) adversaries in QIF

• Use of the QIF framework to measure the leakage in encrypted information (side channels attacks)

• Location Guard: Addition of mechanisms to protect kinds of information other than location

Activities• Two workshops organized by the project. October

2014 and September 2015.

• Two joint workshops with PRINCESS (associated team INRIA-FIU-NICTA). December 2014 and 2015.

• A postdoc hired on the project

• A PhD student hired on the project

• Several visitors

Related projects and cooperations

• Cooperation with several research institutes in Japan on the topics of Privacy and Cybersecurity. Proposed équipe associée in September 2015.

• Cooperation with Geoffrey Smith (USA), Annabelle McIver (Australia), Carroll Morgan (Australia) and Mario Alvim (Brazil) in the context of the équipe associée PRINCESS.

• Two ANR projects on the themes of QIF and Differential Privacy proposed this year.

Highlights

• Geo-indistinguishability: several citations, tool Location Guard used by more than 50,000 people• The PhD thesis of N. Bordenabe received awards:

• The price of the Ecole Polytechnique (about 1 out of 10 receives this price)

• The ACM SIGSAC award for the best thesis in Security and Privacy, AY 2014

• g-leakage: several citations, it is becoming one of the the standard frameworks in the community of Quantitative Information Flow• Our CSF 2014 paper received the NSA award for the best paper

on cybersecurity published in 2014

• Plenary keynote talk by Palamidessi at ETAPS 2015

• Santiago-Zanella participated in the discovery of a weakness in the way the Diffie-Hellman key exchange protocol is deployed, which lead to the widely advertised Logjam attack against the TLS protocol.