Privacy Protection & Cryptography

As digitalization of society keeps progressing, notably with cloud computing and the Internet of Things, the need to protect data increases. This pillar develops technologies that open doors to new use cases and business opportunities in which sensitive data, such as health, biometric or other highly-personal data, can be used with strong privacy guarantees. It also seeks to strengthen existing guarantees.

A key goal is to develop and adapt advanced cryptographic techniques for privacy-preserving data sharing and data analytics. This includes techniques that maintain the absolute secrecy of private data when it is shared or analysed, notably homomorphic encryption, zero-knowledge proofs, privacy-preserving authentication, and secure multiparty computation approaches such as garbled circuits or secret sharing. It also includes techniques to control and manage lost privacy and protect against inference (differential privacy).

Furthermore, underlying much of existing data protection approaches is a form of cryptography (public key) that is at risk because of the progress of quantum computers. The pillar will include the development of post-quantum cryptography, capable of responding to these near-future threat models for data sharing and data analytics.

Techniques to help quantify lost privacy (information leakage) will complement the cryptographic aspect of the pillar. Key will be the ability to evaluate complex scenarios that include partially-trusted or untrusted cloud providers. It will require an understanding of information leakage not only in end results, but also at the site of intermediate computations. Such techniques are essential for risk assessments, notably for compliance with data protection regulations in the EU and elsewhere.