With the fast development of e-commerce, there is a higher demand for timely delivery. Logistic companies want to send receivers a more accurate arrival prediction to improve customer satisfaction and lower customer retention costs. One approach is to share (near) real-time location data with recipients, but this also introduces privacy and security issues such as malicious tracking and theft. In this paper, we propose a privacy-preserving real-time location sharing system including (1) a differential privacy based location publishing method and (2) location sharing protocols for both centralized and decentralized platforms. Different from existing location perturbation solutions which only consider privacy in theory, our location publishing method is based on a real map and different privacy levels for recipients. Our analyses and proofs show that the proposed location publishing method provides better privacy protection than existing works under real maps against possible attacks. We also provide a detailed analysis of the choice of the privacy parameter and their impact on the suggested noisy location outputs. The experimental results demonstrate that our proposed method is feasible for both centralized and decentralized systems and can provide more precise arrival prediction than using time slots in current delivery systems.

In a blockchain network, transaction advertisement is the announcement of the new transactions to the participants (miners) who are responsible to validate them. Existing blockchain protocols lack an incentive-compatible advertisement process where a rational participant would gain from advertising a transaction. The deficiency can be solved by a Sybil-proof rewarding function which divides the transaction fee among the round leader and the nodes who advertise it. Up to now, there have been three rewarding function proposals, all of which require special constraints on the blockchain network model, e.g., tree-structured connections. In this work, we formulate the rewarding function and obtain the necessary conditions for Sybil-proofness and incentive-compatibility properties. To the best of our knowledge, we present the first rewarding function which is suitable for any blockchain network model. We introduce path length dependent rewarding for the nodes involved in the advertisement process, which helps us to overcome the impossibility results given in the previous works. Our rewarding function divides the transaction fee among the nodes who advertise it, the current round leader and the next round leader. In addition to these achievements, unlike previous proposals, our rewarding function provides resistance against the forking attacks where an adversary rejects a valid block and creates a fork to gain the transaction fees in the original block.

Genome sequencing has rapidly advanced in the last decade, making it easier for anyone to obtain digital genomes at low costs from companies such as Helix, MyHeritage, and 23andMe. Companies now offer their services in a direct-to-consumer (DTC) model without the intervention of a medical institution. Thereby, providing people with direct services for paternity testing, ancestry testing and disease susceptibility testing (DST) to infer diseases' predisposition. Genome analyses are partly motivated by curiosity and people often want to partake without fear of privacy invasion. Existing privacy protection solutions for DST adopt cryptographic techniques to protect the genome of a patient from the party responsible for computing the analysis. Said techniques include homomorphic encryption, which can be computationally expensive and could take minutes for only a few single-nucleotide polymorphisms (SNPs). A predominant approach is a solution that computes DST over encrypted data, but the design depends on a medical unit and exposes test results of patients to the medical unit, making the design uncomfortable for privacy-aware individuals. Hence it is pertinent to have an efficient privacy-preserving DST solution with a DTC service. We propose a novel DTC model that protects the privacy of SNPs and prevents leakage of test results to any other party save for the genome owner. Conversely, we protect the privacy of the algorithms or trade secrets used by the genome analyzing companies. Our work utilizes a secure obfuscation technique in computing DST, eliminating expensive computations over encrypted data. Our approach significantly outperforms existing state-of-the-art solutions in runtime and scales linearly for equivalent levels of security. As an example, computing DST for 10,000 SNPs requires approximately 96 milliseconds on commodity hardware. With this efficient and privacy-preserving solution which is also simulation-based secure, we open possibilities for performing genome analyses on collectively shared data resources.

Blockchain technology allows running ordered transactions within an immutable public ledger in a decentralized manner. It consists of two processes: Advertisement where the participants become aware of the new transactions and chain extension where the validated transactions are added into a block by extending the chain. Existing blockchain protocols have mainly focused on the chain extension, though the advertisement process has not been dealt with in depth. More specifically, transaction advertisement is fulfilled in an altruistic manner and the same gossip-like propagation mechanism is used for both transactions and blocks. Consequently, the existing protocols are not only incompatible within a rational setting where participants try to maximize their benefit but also suffering from inefficient bandwidth usage. In this work, we propose Tulip, a two-layered blockchain framework, which enriches any blockchain protocol with respect to the aforementioned advertisement issues. Tulip treats the advertisement and chain extension processes separately. Transactions are collected and verified by a transaction collector, whereas extending the chain with a new block is done by a round leader. In order to achieve a generic framework, we model the basic functionalities of a ledger. These functionalities are realized by any existing blockchain protocol and responsible for the chain extension process. Thanks to the modular structure of Tulip, the chain extension process can be combined with an incentive compatible and bandwidth-efficient advertisement process. Tulip can be built upon any blockchain protocol while preserving the ledger properties persistence and liveness. Moreover, it enhances the liveness into strong liveness property which requires only one honest participant, rather than all, to advertise a transaction. In this manner, to the best of our knowledge, Tulip forms the first blockchain protocol having incentive compatible chain extension and transaction advertisement processes. Finally, we show that Tulip can be used to reduce redundant bandwidth usage by up to 99%.

Processing encrypted data is a well-known solution when protecting privacy-sensitive data from untrusted processing units. However, data expansion, as a result of data encryption, makes undesired computational and communicational overheads in the cryptographic applications. Data packing is one of the useful tools to minimize the overheads. In this work, we introduce a novel approach for packing encrypted data based on the subset sum problem. We show that our data packing achieve high performance in reducing the overheads and it is significantly more efficient than existing techniques. Moreover, we show that our approach perfectly matches with secure searching protocols for secure data retrieval.

Genetic data are important dataset utilised in genetic epidemiology to investigate biologically coded information within the human genome. Enormous research has been delved into in recent years in order to fully sequence and understand the genome. Personalised medicine, patient response to treatments and relationships between specific genes and certain characteristics such as phenotypes and diseases, are positive impacts of studying the genome, just to mention a few. The sensitivity, longevity and non-modifiable nature of genetic data make it even more interesting, consequently, the security and privacy for the storage and processing of genomic data beg for attention. A common activity carried out by geneticists is the association analysis between allele-allele, or even a genetic locus and a disease. We demonstrate the use of cryptographic techniques such as homomorphic encryption schemes and multiparty computations, how such analysis can be carried out in a privacy friendly manner. We compute a 3 × 3 contingency table, and then, genome analyses algorithms such as linkage disequilibrium (LD) measures, all on the encrypted domain. Our computation guarantees privacy of the genome data under our security settings, and provides up to 98:4% improvement, compared to an existing solution.

The growing complexity of software with respect to technological advances encourages model-based analysis of software systems for validation and verification. Process mining is one recently investigated technique for such analysis which enables the discovery of process models from event logs collected during software execution. However, the usage of logs in process mining can be harmful to the privacy of data owners. While for a software user the existence of sensitive information in logs can be a concern, for a software company, the intellectual property of their product and confidential company information within logs can pose a threat to company's privacy. In this paper, we propose a privacy-preserving protocol for the discovery of process models for software analysis that assures the privacy of users and companies. For this purpose, our proposal uses encrypted logs and processes them using cryptographic protocols in a two-party setting. Furthermore, our proposal applies data packing on the cryptographic protocols to optimize computations by reducing the number of repetitive operations. The experiments show that using data packing the performance of our protocol is promising for privacy-preserving software analysis. To the best of our knowledge, our protocol is the first of its kind for the software analysis which relies on processing of encrypted logs using process mining techniques.

Secure equality testing of two private values is one of the fundamental building blocks of many cryptographic protocols designed for Signal Processing in the Encrypted Domain (SPED). Existing protocols introduce significant amount of computation and computational overhead, which makes it essential to search for new and novel, efficient equality tests for the design of SPED algorithms. In this paper, we first describe the state-of-The-Art equality tests, and then propose two cryptographic protocols which are significantly more efficient than the existing work. Our proposals achieve high performance due to algorithmic changes and successful deployment of data packing. Furthermore, we also present a novel secure exponentiation protocol as a part of our first equality test. Complexity and performance analyses clearly indicate the high efficiency of our protocols in terms of computation cost.

In smart grids, providing power consumption statistics to the customers and generating recommendations for managing electrical devices are considered to be effective methods that can help to reduce energy consumption. Unfortunately, providing power consumption statistics and generating recommendations rely on highly privacy-sensitive smart meter consumption data. From the past experience, we see that it is essential to find scientific solutions that enable the utility providers to provide such services for their customers without damaging customers’ privacy. One effective approach relies on cryptography, where sensitive data is only given in the encrypted form to the utility provider and is processed under encryption without leaking content. The proposed solutions using this approach are very effective for privacy protection but very expensive in terms of computation and communication. In this paper, we focus on an essential operation for designing a privacy-preserving recommender system for smart grids, namely comparison, that takes two encrypted values and outputs which one is greater than the other one. We improve the state-of-the-art comparison protocol based on Homomorphic Encryption in terms of computation and communication by 56 and 25 %, respectively, by introducing algorithmic changes and data packing. As the smart meters are very limited devices, the overall improvement achieved is promising for the future deployment of such cryptographic protocols for enabling privacy enhanced services in smart grids.