The course covers in depth major issues in computer security related to protecting privacy as well as threats to the privacy of computer users. In particular is covers the theory and practice of:
(1) Private communications, anonymous communications, censorship circumvention and traffic analysis.
(2) Private authentication, selective disclosure credentials for identify management, and zero-knowledge proof techniques.
(3) Private statistics and computations through homomorphic encryption and secure multi-party computation and differential privacy.
Students are introduced to both privacy threats such as pervasive surveillance, profiling, location analysis, and traffic analysis, as well as the technical mitigation techniques relying on modern cryptography and differential privacy.
The course starts with an introduction to the social, economic and legal context of privacy protection, privacy policies and standard privacy practices. At the same time standard threats to on-line privacy such as profiling, and location analysis are discussed.
The course then covers in depth techniques to achieve strong private communications that hide both content and the meta-data associated with whom is talking to who (anonymous communications). These are studied in the context of private polling and elections.
The students are then introduced to techniques to mitigate abuses arising from anonymous communication, while preserving privacy, through the use of private authentication, and selective disclosure credentials that can be used to build digital cash systems. The engineering of zero-knowledge proofs and their use as building blocks of privacy enhancing technologies will be studied in detail.
Finally, students are introduced to the problem of computing on private data using simple homomorphic encryption schemes as well as modern secure multi-party computation techniques. Statistical disclosure control is discussed, ad-hoc techniques are analyzed and defeated, and techniques based on differential privacy discussed.