A System for Privacy-Preserving Solvency Verification

A System for Privacy-Preserving Solvency Verification

Bachelor Thesis

Motivation

Today's determination of the solvency of a person depends on trusting third parties such as credit bureaus who collect personal information about the client. When a server requires to check the solvency of a client, these third parties calculate the function of the server based on the personal information of the client and share the result with one or both of the parties. However, they thus learn sensitive information about the client and the server's potentially private function as well. Secure and private function evaluation, i.e., interactive two-party computation protocols which jointly compute a function without revealing the inputs of a party to the other party, can be used to determine the solvency assumed the client's inputs are not manipulated.

Secure function evaluation with certified inputs has been studied by previous work [J18], but a trusted entity issuing the certificates on the client's input is still necessary. This thesis seeks to design a system which verifies the correctness of the client's input without the third party learning anything about the sensitive data of the client. Moreover, the client and the server can run interactive secure/private function evaluation to determine the solvency of the client in a privacy-preserving manner.

Goal

The goal of this thesis is to construct and implement a system based on ABY [DSZ15] which checks the correctness of the inputs of the client used in the secure/private function evaluation.

Tasks

The student will study the state-of-the-art solutions and check if they can be applied to verification of the input used in a secure/private function evaluation. The student will adapt the best solution to the solvency checking scenario and implement the solution with the most reasonable privacy-efficiency trade-off in the ABY framework [DSZ15] using universal circuits [GKS17] for the private circuit parts.

Requirements

Applicants should have outstanding academic records, solid C/C++ programming skills, and be able to work independently.

References

  • [DSZ15]: Daniel Demmler, Thomas Schneider and Michael Zohner: ABY – A Framework for Efficient Mixed-Protocol Secure Two-Party Computation. In NDSS'15.
  • [GKS17]: Daniel Günther, Ágnes Kiss and Thomas Schneider: More Efficient Universal Circuit Constructions. In ASIACRYPT'17.
  • [J18]: Myoungin Jeong: Input Certification for Secure Computation. Dissertation, 2018.

Supervisor