back to list

Web Application for Privacy-Preserving Scheduling

Bachelor Thesis

Author

Oliver Schick

Motivation

Web applications currently used for scheduling meetings – such as Doodle – do not protect the privacy of their users, i.e., compute the results based on the clear inputs of the participants. Though privacy-friendly variants of Doodle already exist based on public-key encryption [TUD], these solutions assume a trusted party whose private key can be used to decrypt all inputs. Secure computation, which allows two parties to jointly compute a function while both parties keep their inputs private, is a promising approach to provide privacy for the users' inputs without the use of a trusted poll initiator.

Goal

The goal of this thesis is to develop a web application where users can participate in a poll for scheduling meetings. This is achieved by secret-sharing the votes among two non-colluding servers, which then perform secure two-party computation to solve the scheduling problem defined beforehand.

Requirements

Applicants should have outstanding academic records and solid C/C++ programming skills. They should have basic JavaScript knowledge to develop the web application.

Tasks

The student will design the Boolean circuits for a set of pre-defined problems for scheduling meetings (similar to the options available in Doodle), based on the building blocks available in the secure computation framework ABY [DSZ15]. Moreover he/she should develop a web application that takes care of the secret sharing on the user's side in JavaScript.

References

  • [TUD]: TU Dresden: dudle.inf.tu-dresden.de
  • [DSZ15]: Daniel Demmler, Thomas Schneider and Michael Zohner: ABY – A Framework for Efficient Mixed-Protocol Secure Two-Party Computation. In NDSS'15.

Supervisor

Publications