Software

The following software tools have been created as results of our research with the goal to protect the privacy of critical data. The tools can be used as stand-alone solutions but also be embedded as library to existing projects.

All of our software is available at https://encrypto.de/code. Please refer to the referenced publications for background information about the underlying techniques and see the available source code and its documentation for implementation and deployment information.

Title: MOTION – A Framework for Mixed-Protocol Multi-Party Computation
Authors: Lennart Braun, Daniel Demmler, Thomas Schneider, and Oleksandr Tkachenko
Published: In ePrint Report 2020/1137 (Download)
Description: A fast, flexible, and asynchronous C++ framework for secure multi-party computation with N parties, full-threshold security, and conversions between all protocols.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols and Applications
Programming Language: C/C++
Software Repository: https://github.com/encryptogroup/MOTION

Title: PrivateDrop: Practical privacy-preserving authentication for Apple AirDrop
Authors: Alexander Heinrich, Matthias Hollick, Thomas Schneider, Milan Stute, and Christian Weinert
Published: In 30th USENIX Security Symposium (USENIX Security'21) (Download (opens in new tab))
Description: Implementation of our protocol PrivateDrop that fixes severe privacy issues (contact identifier leakage) in Apple's offline file sharing service AirDrop.
Target Group: Apple Developers
Software Development Phase: Implementation
Application Environment: Contact-based Mutual Authentication Protocols
Programming Language: Swift and C/C++
Software Repository: https://github.com/seemoo-lab/privatedrop

Title: Balancing Quality and Efficiency in Private Clustering with Affinity Propagation
Authors: Hannah Keller, Helen Möllering, Thomas Schneider, and Hossein Yalame
Published: In 18th International Conference on Security and Cryptography (SECRYPT'21)
Description: Implementation of privacy preserving affinity propagation using the secure multi-party computation framework MP-SPDZ.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Applications
Programming Language: Python
Software Repository: https://github.com/encryptogroup/ppAffinityPropagation

Title: DEMO: AirCollect: Efficiently recovering hashed phone numbers leaked via Apple AirDrop
Authors: Alexander Heinrich, Matthias Hollick, Thomas Schneider, Milan Stute, and Christian Weinert
Published: In 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec'21)
Description: Proof-of-concept implementation to demonstrate two possible attacks that result in contact identifier leakage due to design flaws Apple's AirDrop protocol for offline file sharing.
Target Group: Hackers
Software Development Phase: Implementation
Programming Language: Python and C/C++
Software Repository: https://github.com/seemoo-lab/opendrop/blob/poc-phonenumber-leak/README.PoC.md

Title: Privacy-preserving Density-based Clustering
Authors: Beyza Bozdemir, Sébastien Canard, Orhan Ermis, Helen Möllering, and Thomas Schneider
Published: In 16th ACM ASIA Conference on Computer and Communications Security (ASIACCS’21) (Download (opens in new tab))
Description: ppDBSCAN is a fully privacy-preserving DBSCAN clustering protocol that uses the two-party computation framework ABY. We also implemented an approximated distance metric for the DBSCAN-based trajectory clustering scheme called TRACLUS.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Applications
Programming Language: C/C++
Software Repository: https://github.com/encryptogroup/ppdbscan

Title: All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers
Authors: Christoph Hagen, Christian Weinert, Christoph Sendner, Alexandra Dmitrienko, and Thomas Schneider
Published: In 28th Annual Network and Distributed System Security Symposium (NDSS'21) (Download (opens in new tab))
Description: Implementation of a novel rate-limiting scheme for contact discovery, which significantly improves the protection against enumeration attacks for messaging services like Signal without server-side storage, while not impacting legitimate users negatively.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Messaging Services
Programming Language: Python
Software Repository: https://github.com/contact-discovery/incremental_contact_discovery

Title: All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers
Authors: Christoph Hagen, Christian Weinert, Christoph Sendner, Alexandra Dmitrienko, and Thomas Schneider
Published: In 28th Annual Network and Distributed System Security Symposium (NDSS'21) (Download (opens in new tab))
Description: RainbowPhones is a utility to efficiently crack hashes of phone numbers by using rainbow tables based on RainbowCrack V1.2. For this, we designed new reduction functions and added multi-threading via OpenMP. While we use our approach to optimize rainbow tables for phone numbers, our construction can also find application in other areas, e.g., advanced password cracking.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Messaging Services
Programming Language: C++
Software Repository: https://github.com/contact-discovery/rt_phone_numbers

Title: RiCaSi: Rigorous Cache Side channel mitigation via selective circuit compilation
Authors: Heiko Mantel, Lukas Scheidel, Thomas Schneider, Alexandra Weber, Christian Weinert, and Tim Weißmantel
Published: In 9th International Conference on Cryptology And Network Security (CANS'20) (Download (opens in new tab))
Description: Implementation of a toolchain for rigorous cache side channel mitigation via selective circuit compilation.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Crypto Implementations
Programming Language: Python and C/C++
Software Repository: https://www.mais.informatik.tu-darmstadt.de/ricasi

Title: Linear-Complexity Private Function Evaluation is Practical
Authors: Marco Holz, Ágnes Kiss, Deevashwer Rathee, and Thomas Schneider
Published: In 25th European Symposium on Research in Computer Security (ESORICS) (Download (opens in new tab))
Description: Implementation of linear-complexity Private Function Evaluation (PFE) based on homomorphic encryption. The project provides implementations and benchmarking infrastructure for PFE using DJN (Pailler), EC ElGamal and the Brakerski/Fan-Vercauteren (BFV) scheme.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C++
Software Repository: https://github.com/encryptogroup/linearPFE

Title: MP2ML: A Mixed-Protocol Machine Learning Frameworkfor Private Inference
Authors: Fabian Boemer, Rosario Cammarota, Daniel Demmler, Thomas Schneider, and Hossein Yalame
Published: In 15th International Conference on Availability, Reliability and Security (ARES'20) (Download (opens in new tab))
Description: Our implementation of MP2ML, integrating our ABY framework with Intel's nGraph compiler.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C++
Software Repository: https://github.com/IntelAI/he-transformer

Title: CryptoSPN: Privacy-preserving Sum-Product Network Inference
Authors: Amos Treiber, Alejandro Molina, Christian Weinert, Thomas Schneider, and Kristian Kersting
Published: In 24th European Conference on Artificial Intelligence (ECAI'20) (Download (opens in new tab))
Description: Our implementation of CryptoSPN, an extension of SPFlow to enable easily usable privacy-preserving Sum-Product Network (SPN) inference.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: Python
Software Repository: https://github.com/encryptogroup/CryptoSPN

Title: Mobile Private Contact Discovery at Scale
Authors: Daniel Kales, Christian Rechberger, Thomas Schneider, Matthias Senker, and Christian Weinert
Published: In 28th USENIX Security Symposium (USENIX Security'19) (Download (opens in new tab))
Description: Our implementation of two OPRF-based unbalanced PSI protocols for mobile contact discovery with security against malicious clients in C/C++ that utilize the ARM Cryptography Extensions.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C++
Software Repository: https://github.com/contact-discovery

Title: SoK: Modular and Efficient Private Decision Tree Evaluation
Authors: Ágnes Kiss, Masoud Naderpour, Jian Liu, N. Asokan, and Thomas Schneider
Published: In Proceedings on Privacy Enhancing Technologies (PoPETs), 2019(2) (Download (opens in new tab))
Description: Our efficient and modular implementation of private decision tree evaluations based on garbled circuits and/or homomorphic encryption techniques.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Applicatons
Programming Language: C++
Software Repository: https://github.com/encryptogroup/PDTE

Title: Privacy-Preserving PLDA Speaker Verification using Outsourced Secure Computation
Authors: Amos Treiber, Andreas Nautsch, Jascha Kolberg, Thomas Schneider, and Christoph Busch
Published: In Speech Communication 2019 (Download (opens in new tab))
Description: We implemented a privacy-preserving biometric speaker verification architecture based on state-of-the-art PLDA speaker recognition. The framework can be run in a variety of settings on real-world voice data and was shown to be much faster than prior work.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Applicatons
Programming Language: C++
Software Repository: https://github.com/encryptogroup/PrivateASV

Title: Private set intersection for unequal set sizes with mobile applications
Authors: Ágnes Kiss, Jian Liu, Thomas Schneider, N. Asokan, and Benny Pinkas
Published: In Proceedings on Privacy Enhancing Technologies (PoPETs), 2017(4) (Download (opens in new tab))
Description: We transformed four existing PSI protocols into the so-called precomputation form such that in the setup phase the communication is linear only in the size of the larger input set, while in the online phase the communication is linear in the size of the smaller input set. The implementation contains all four protocols and can be used to run experiments between two PCs and between a PC and a smartphone to create a systematic comparison of their performance.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C/C++/Java
Software Repository: https://github.com/encryptogroup/MobilePSI (opens in new tab)

Title: OnionPIR: Effective protection of sensitive metadata in online communication networks
Authors: Daniel Demmler, Marco Holz, and Thomas Schneider
Published: In 15th International Conference on Applied Cryptography and Network Security (ACNS'17) (Download (opens in new tab))
Description: We proposed and implemented OnionPIR, an anonymous messaging service as an example application for PIR combined with onion routing that prevents the leakage of communication meta-data. The evaluation of this prototype shows that OnionPIR is usable in practice.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C/C++
Software Repository: https://github.com/encryptogroup/onionPIR (opens in new tab)

Title: Implementation of Valiant's Universal Circuit Construction Optimized for Private Function Evaluation
Authors: Ágnes Kiss and Thomas Schneider
Published: In 35th Advances in Cryptology (EUROCRYPT'16) (Download (opens in new tab))
Description: Our Universal Circuit Compiler implements the most efficient UC construction, originally proposed by Leslie G. Valiant in STOC'76. It accepts any Boolean circuit as input in SHDL format, provided that the gates have at most two incoming edges, and outputs the topology of the UC along with its programming bits corresponding to the circuit.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C/C++
Software Repository: https://github.com/encryptogroup/UC (opens in new tab)

ABY Logo

Title: ABY – A Framework for Efficient Mixed-protocol Secure Two-party Computation
Authors: Daniel Demmler, Thomas Schneider, Michael Zohner
Published: In 21st Network and Distributed System Security Symposium (NDSS'15) (Download (opens in new tab))
Description: ABY is a framework for implementing secure two-party computation protocols in three different domains that allows to freely and efficiently convert between them. ABY enables the developer to abstract from smaller protocol building blocks in order to realize complex applications.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C/C++
Software Repository: https://github.com/encryptogroup/ABY (opens in new tab)

PSI Logo

Title: PSI
Authors: Benny Pinkas, Thomas Schneider, Michael Zohner
Published: In 23rd USENIX Security Symposium (USENIX'14) (Download (opens in new tab)) and 24th USENIX Security Symposioum (USENIX'15) (Download (opens in new tab))
Description: Many actions in the digital world require the user to reveal his complete data. However, often the user does not want all of his data to be disclosed to a third party. For example, when using mobile messaging apps, the app requires access to the user's address book in order to identify the contacts that also use this app. This tool implements Private Set Intersection (PSI) protocols, a cryptographic technique, which allows a secure identification of common contacts, without disclosing any other data. The implemented PSI protocols thereby enable a user-controlled and privacy-preserving comparison of data.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C/C++
Software Repository: https://github.com/encryptogroup/PSI (opens in new tab)

Title: RAID-PIR – Practical multi-server PIR
Authors: Daniel Demmler, Amir Herzberg, and Thomas Schneider
Published: In 6th ACM Cloud Computing Security Workshop (CCSW'14) (Download (opens in new tab))
Description: RAID-PIR is an efficient and simple multi-server PIR scheme, which has similar approach to RAID (Redundant Arrays of Inexpensive Disks) systems. Each server stores only a part of the database, its computational complexity depends only on this part, and multiple blocks can be queried efficiently in parallel. RAID-PIR improves efficiency over known PIR protocols, using only very efficient cryptographic primitives (pseudo-random generator).
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C/Python
Software Repository: https://github.com/encryptogroup/RAID-PIR (opens in new tab)

GSHADE Logo

Title: Faster Privacy-Preserving Distance Computation and Biometric Identification
Authors: Julien Bringer, Herve Chabanne, Melanie Favre, Alain Patey, Thomas Schneider, Michael Zohner
Published: In 2nd ACM Workshop on Information Hiding and Multimedia Security (IHMMSEC'14) (Download (opens in new tab))
Description: GSHADE is a tool for privacy-preserving distance computation which can be used for privacy-preserving biometric identification. GSHADE supports the following distance metrics: Hamming distance, normalized Hamming distance, Euclidean distance, and Scalar product.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C/C++
Software Repository: https://github.com/encryptogroup/GSHADE (opens in new tab)

Authors: Gilad Asharov, Yehuda Lindell, Thomas Schneider, and Michael Zohner
Published: In 20th ACM Conference on Computer and Communications Security (CCS'13) (Download (opens in new tab))
Description: This tool implements an OT extension protocol that has less communication and computation complexity than the original OT extension protocol by Ishai et al. (CRYPTO'03) and thereby achieves a runtime improvement of at least factor 3 over existing OT extension implementations. It supports highly parallel architectures by running in a block-wise and multi-threaded fashion. Moreover, it implements the correlated and random OT functionality, which allows several secure computation protocols to further decrease the amount of data that has to be sent over the network. The tool can be applied in a wide range of deployment scenarios by allowing the designer to choose between different levels of security as well as underlying cryptographic assumptions. This tool can be used for the development of privacy preservingapplications as well as a tool to protect information in applications.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Secure Computation Protocols
Programming Language: C/C++
Software Repository: https://github.com/encryptogroup/OTExtension (opens in new tab)

me-sfe Logo

Authors: Wilko Henecka, Thomas Schneider
Published: In: 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS'13) (Download (opens in new tab))
Description: The tool is an improved implementation of Yao’s garbled circuit protocol in the semi-honest adversaries setting which is up to 10 times faster than previous implementations. Its improvements include

  • the first multi-threaded implementation of the base oblivious transfers resulting in a speedup of a factor of two
  • techniques for minimizing the memory footprint during oblivious transfer extensions and processing of circuits
  • compilation of sub-circuits into files, and
  • caching of circuit descriptions and network packets.

This tool can be used for the development of privacy preserving applications as well as a tool to protect information in applications.
Target Group: Developers
Software Development Phase: Implementation
Application Environment: Compiler for Memory-Efficient Two-Party Secure Function Evaluation
Programming Language: Java

Software Repository: https://github.com/encryptogroup/me-sfe (opens in new tab)