Projects & Funding Sources

The ENCRYPTO group is involved in several research projects and has received multiple research awards.

Upcoming Projects

European Research Council, 2025-2030

ERC Consolidator Grants with funding of up to €2M over five years are awarded to excellent researchers with seven to twelve years of experience since completion of the PhD whose independent research group is in its consolidation phase.

Privacy is a fundamental right and ideally both users’ data and organizations’ intellectual property are protected. Privacy Enhancing Technologies (PETs) can protect data and function privacy. A mature PET to protect data is Multi-Party Computation (MPC). Further PETs are Private Set Intersection (PSI) to compute functions on sets of elements, and Private Function Evaluation (PFE) to protect data and functions. The main goal of the ERC Consolidator Grant PRIVTOOLS is to develop composable PETs and corresponding open-source tools that make them accessible to developers who are non-experts in cryptography. So far, MPC, PSI and PFE were studied mostly separately, and their composition to more complex functions is open. We will develop composable and efficient PETs using various function representations.

Our objectives are:

1) Currently, each MPC framework uses a dedicated high-level language. The objective for MPCTool is to give developers unified access to multiple MPC frameworks and function representations from multiple programming languages. This allows technology transfer across MPC frameworks, compare their performance, and protects against vendor lock-in.

2) For set operations, a developer must currently generate circuits for postprocessing elements in the intersection which is cumbersome. To make PSI more accessible, PSITool will be the first tool for PSI that generates optimized PSI variant protocols from programs using common abstractions for sets.

3) For private functions, a developer must currently generate a circuit that is evaluated with a PFE protocol. This is inefficient and often only parts of the function must be hidden. PFETool will be a flexible tool for PFE that uses multiple function representations and automatically chooses efficient PFE protocols for subfunctions.

The tools built in PRIVTOOLS also work with each other, e.g., PFETool can hide the set operations in PSITool. They will allow protecting data and functions in a large variety of applications.

See also the official ERC fact sheet and the press releases by TU Darmstadt and the ERC.

Running Projects

European Research Council, 2020-2025

ERC Starting Grants with funding of up to €1.5M over five years are awarded to researchers with two to seven years of experience since completion of the PhD and a scientific track record showing great promise.

Users of Internet services currently have to entrust the respective service provider with their data. However, attackers or secret services can obtain access to that data by using vulnerabilities or backdoors in hard- or software. Moreover, authorities can force the service provider to give out data. The new EU General Data Protection Regulation (GDPR) now mandates that companies take appropriate measures to protect user data.

The ERC Starting Grant „PSOTI“ (Privacy-preserving Services On The Internet) will eliminate the need to trust a single service provider in Internet Services and empower users to keep full control over their data. For this, the user can choose from multiple service providers who jointly process the data, without gaining direct access to the contents. The data will be protected, as long as at least one provider is trustworthy.

The main goal of PSOTI is to develop privacy-preserving services for commonly used applications on the Internet like data storage, online surveys, and email. These services will provide extensive functionalities and will allow to securely and efficiently store, retrieve, search, and process data. This will allow to comply with the GDPR and preserve the fundamental rights to privacy and the protection of personal data.

A practical system for secure multi-party computations will be developed which can also be used for the secure processing of other sensitive data such as in the areas of genomics or machine learning. Also protocols for private search queries will be built that even hide the structure of the query and that can be used in multiple application scenarios.

See also the official ERC fact sheet and the press releases by TU Darmstadt and the ERC.

Deutsche Forschungsgemeinschaft (DFG), 2014-2026

Collaborative Research Centers (Sonderforschungsbereiche) are institutions funded by the German Research Foundation (DFG) and are established at universities to pursue a scientifically ambitious, complex, long-term research program. The goal of the center CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments is to provide cryptography-based security solutions enabling trust in new and next generation computing environments. The solutions will meet the efficiency and security requirements of the new environments and will have sound implementations. They will be easy to use for developers, administrators, and end users of IT, even if they are not cryptography experts. In CROSSING researchers from different areas such as cryptography, IT security, computing hardware, quantum physics, and software engineering will collaborate. In the first funding phase (2014-2018) of CROSSING, our group was involved in project S5 (Privacy-Preserving Computation) and project E4 (Compiler for Privacy-Preserving Protocols). In the second funding phase (2018-2022), both projects were merged into project E4 (Compiler for Privacy-Preserving Protocols). In the third funding phase (2022-2026), we continue with project E4 (Compiler for Privacy-Preserving Protocols) and are affiliated with the new project E7 (Transparency as User-Centered Intervention for Privacy and Security).

Deutsche Forschungsgemeinschaft (DFG), 2019-2024

The Doctoral College “Privacy and Trust for Mobile Users” is a Research Training Group (RTG) funded by the German Research Foundation (DFG). It is a highly interdisciplinary collaboration between Computer Science and the fields of Law, Economics, Sociology, and usability research. Mobile information and communication technology has become virtually ubiquitous due to the proliferation of smartphones and tablet computers; large sections of the society use it to their advantage. In reference to the relationship users-network, public debates highlight the increasing transparency of users (in the sense of a surveillance society) while the network is deemed to become increasingly nontransparent, i.e. inscrutable. The RTG focuses on major contributions to reversing this trend: It shall enable better privacy protection for users and better transparency, i.e., assessability of the network; Privacy protection shall be customizable to personal interests yet manageable by the lay person; Privacy-opposing economic or societal interests shall be better reconciled. The ENCRYPTO group is involved in research area A (Privacy and Trust in Service Networks).

Awards and Other Funding Sources

Intel Corporation, 2019

The ENCRYPTO group was awarded by Intel Corporation for our research in the area of “Secure and Privacy Preserving AI Frameworks and Run-Times for Data Scientists and Service Providers”. The ENCRYPTO group already has an ongoing research collaboration with the Privacy and Security Research team in Intel AI, San Diego, CA USA headed by Rosario Cammarota.

Intel, 2012

The Intel Early Career Faculty Honor Program was created to promote the careers of the best and brightest early career faculty members at the top universities around the world. Awardees are selected through a competitive and rigorous application process and they receive recognition as well as a cash award to help fund their research and sponsor travel to Intel to collaborate with Intel researchers. The Early Career Faculty Honor Program is an annual award that is currently open to select universities in the U.S., Europe, China, and Taiwan.

Finished Projects

Intel & Avast & VMware, 2021-2023

For our project proposal “Engineering Private AI Systems (EPAI)”, the ENCRYPTO Group was awarded to participate in the Private AI Collaborative Research Institute, which is formed and funded by Intel, Avast, and VMware. The center aims at advancing technologies for privacy and trust in decentralized AI. Additional information can be found in Intel's blog post.

Bundesministerium für Bildung und Forschung (BMBF) & Hessisches Ministerium für Wissenschaft und Kunst (HMWK), 2019-2022

The National Research Center for Applied Cybersecurity ATHENE conducts cutting-edge research for the benefit of business, society and government and strives for academic leadership. ATHENE is an agile research organization and therefore capable of responding quickly to new challenges and emerging threats. ATHENE is funded by the German Federal Ministry of Education and Research (BMBF) and the Hessian State Ministry for Higher Education, Research and the Arts (HMWK). The ENCRYPTO group is involved in the following subproject:

  • Practical Private Set Intersection for Data Protection (01.01.2019 – 31.12.2022, as part of the mission User-centered Security and Privacy (UCSP)): we will improve the practicality of private set intersection (PSI) protocols that allow to match (and further process) sensitive data collections in a provably secure way without unjustifiably compromising the privacy of the associated individuals.

Bundesministerium für Bildung und Forschung (BMBF) & Hessisches Ministerium für Wissenschaft und Kunst (HMWK), 2015-2019

The former IT security centers EC SPRIDE and CASED funded by the German Federal Ministry of Education and Research (BMBF) and the Hessian State Ministry for Higher Education, Research and the Arts (HMWK) respectively have been united to bundle their strengths in the “Center for Research in Security and Privacy (CRISP)”. Under the core topic “Security at Large” its research activities focus on the study of security for large systems, starting with their individual components up to their interaction within comprehensive security solutions. The ENCRYPTO group was involved in the following subprojects:

  • IP3 – Protection Mechanisms for Big Data and Complex Private Functions (01.06.2017 – 31.05.2020): we developed protection mechanisms for big data and complex private functions based on cryptographic protocols for secure computation as well as hardware measures in the form of Trusted Execution Environments such as Intel SGX; the PIs are Prof. Thomas Schneider , Prof. Stefan Katzenbeisser, and Prof. Patrick Eugster
  • IP1 – Scalable Privacy-Preserving Protocols (01.10.2015 – 31.3.2018): we developed innovative methods that guarantee the protection of privacy, can be integrated into applications, and scale even for large amounts of data; the PIs are Prof. Thomas Schneider and Prof. Kay Hamacher.

European Commission (FP7), 2013-2016

The mission of PRACTICE is to design cloud computing technologies that allow computations in the cloud thus enabling new business processes while keeping the used data secret. Unlike today – where insiders can access sensitive data – PRACTICE will prevent cloud providers and other unauthorized parties from obtaining secret or sensitive information. Information processed by businesses, government organizations and individuals often comes with confidentiality and integrity requirements that the processing party must adhere to. As a result, data processors must deploy security controls for their ICT infrastructure, protecting it against external as well as internal attackers. This is relatively easy when this infrastructure is local and controlled by the processing party, but much harder when it is provided by an external service provider. Cloud services promise great benefits in terms of financial savings, easy and convenient access to data and services, as well as business agility. Organizations and individuals therefore choose to outsource their data to the cloud, where an untrusted party is in charge of storage and computation. A major concern for the adoption of cloud computing is the inability of the cloud to build user trust in the information security measures deployed in cloud services. Common computing techniques cannot be applied on encrypted data, and therefore the data and the programs that compute on the data must be decrypted before being run on the cloud infrastructure. A comprehensive solution for securing the cloud computing infrastructure can be based on cryptographic mechanisms of secure computation. These mechanisms allow for distributed computation of arbitrary functions of private (secret) inputs, while hiding any information about the inputs to the functions.

Landes-Offensive zur Entwicklung Wissensch.-ökonomischer Exzellenz (LOEWE), 2008-2016

CASED is a collaborative project of the Technische Universität Darmstadt, the Fraunhofer Society and the University of Applied Science (Hochschule) Darmstadt. In the research areas Secure Data, Secure Things, and Secure Services the cluster develops applicable basic knowledge and IT security solutions. Thanks to its broadly-based position in regard to topics and competencies, the cluster and its headquarters CASED can realize especially complex projects efficiently and sustainably. Our group is part of the research area Secure Data and of the Cryptography Lab.

Bundesministerium für Bildung und Forschung (BMBF), 2011-2015

The BMBF project EC SPRIDE researches how IT developers can optimally secure software and IT systems from the very beginning, i.e. “by Design”, and throughout the entire lifecycle. EC SPRIDE provides the base funding for our group. Within this project, we develop models, languages, and tools for security and privacy by design during the entire lifecycle of privacy-preserving protocols in various application scenarios.