Cloud services are an essential part of our digital infrastructure as organizations outsource large amounts of data storage and computations. While organizations typically keep sensitive data in encrypted form at rest, they decrypt it when performing computations, leaving the cloud provider free to observe the data. Unfortunately, access to raw data creates privacy risks. To alleviate these risks, researchers have developed secure outsourced data processing techniques. Such techniques enable cloud services that keep sensitive data encrypted, even during computations. For this purpose, fully homomorphic encryption is particularly promising, but operations on ciphertexts are computationally demanding. Therefore, modern fully homomorphic cryptosystems use packing techniques to store and process multiple values within a single ciphertext. However, a problem arises when packed data in one ciphertext does not align with another. For this reason, we propose a method to construct circuits that perform arbitrary permutations and mappings of such packed values. Unlike existing work, our method supports moving values across multiple ciphertexts, considering that the values in real-world scenarios cannot all be packed within a single ciphertext. We compare our open-source implementation against the state-of-the-art method implemented in HElib, which we adjusted to work with multiple ciphertexts. When data is spread among five or more ciphertexts, our method outperforms the existing method by more than an order of magnitude. Even when we only consider a permutation within a single ciphertext, our method still outperforms the state-of-the-art works implemented by HElib for circuits of similar depth.

@en

In our increasingly digital society, we are making a growing amount of data available to computers, networks and third parties. As a consequence, our sensitive data is in danger of getting exposed. The field of multi-party computation attempts to mitigate this by studying protocols that enable parties to perform their operations digitally, without the risk of privacy-violating data leaks. Among those operations are multi-party private set and multiset operations. In such a scenario, multiple parties, each with their own input set or multiset, want to collectively find the result of an operation over their inputs, without revealing these original inputs. Such operations are the cornerstone of many complex privacy-preserving protocols. For example, a two-party private set intersection forms the key to several privacy-preserving contact tracing protocols.

While multi-party private set and multiset operations have been studied for almost two decades, these privacy-preserving alternatives are often impractical: one limitation is that, to the best of our knowledge, all known protocols require several interactions between the cooperating parties. This means that rather than simply submitting their input, each party must actively take part in the protocol. In this thesis, we propose the first non-interactive protocols for privately computing set and multiset operations between multiple parties,
which rely on two constructions for non-interactive secret sharing. In addition, for operations that cannot be trivially performed using our non-interactive primitives, we propose minimally-interactive alternatives that instead rely on a homomorphic cryptosystem over elliptic curves. By using elliptic curves, this cryptosystem is faster and requires less bandwidth than the commonly used cryptosystems over integers, while retaining the same level of security. We provide proof-of-concept implementations of exact and more efficient approximate protocols that take on the order of seconds to minutes to compute, depending on the number of parties and possible inputs. Finally, we give formal proofs for the security of these protocols, so as to offer practical and provably privacy-preserving alternatives to otherwise sensitive operations.

ING wants to offer their customers the best experience possible. To achieve this goal, ING’s Customer Journey Experts (CJEs) constantly map and analyze the way customers use ING services in a Customer Journey Map. These maps however, are hard to share and collaborate on. ING needs an online tool in which they can, together with multiple people, build and maintain Customer Journey Maps. During our research phase we visited many different squads and found out that no single solution fits all needs. That is why we made our tool as customizable as possible with features such as: colors, text decorations, highlighting and templates. We worked in bi-weekly sprints for which we selected work from a top 50 issues board that we ordered by importance and difficulty. The final product, Mapp , allows CJEs to define, share and collaborate on customer journeys. CJEs can illustrate their customer’s steps using text, images, emotions, checkboxes andtimelines. TosharetheirworktheycanexportasPDFandprintinanysize. Andfinallytocollaborate they can simply share their journey’s URL. The product was user validated during a large midterm and endterm test, as well as during short weekly tests. All of the chapter leads we talked to were super excited and are soon marketing the product in their teams!