PCT-TEE: Trajectory-based Private Contact Tracing System with Trusted Execution Environment

Existing Bluetooth-based private contact tracing (PCT) systems can privately detect whether people have come into direct contact with patients with COVID-19. However, we find that the existing systems lack functionality and flexibility , which may hurt the success of contact tracing. Specifically, they cannot detect indirect contact (e.g., people may be exposed to COVID-19 by using a contaminated sheet at a restaurant without making direct contact with the infected individual); they also cannot flexibly change the rules of “risky contact,” such as the duration of exposure or the distance (both spatially and temporally) from a patient with COVID-19 that is considered to result in a risk of exposure, which may vary with the environmental situation. In this article, we propose an efficient and secure contact tracing system that enables us to trace both direct contact and indirect contact. To address the above problems, we need to utilize users’ trajectory data for PCT, which we call trajectory-based PCT . We formalize this problem as a spatiotemporal private set intersection that satisfies both the security and efficiency requirements. By analyzing different approaches such as homomorphic encryption, which could be extended to solve this problem, we identify the trusted execution environment (TEE) as a candidate method to achieve our requirements. The major challenge is how to design algorithms for a spatiotemporal private set intersection under the limited secure memory of the TEE. To this end, we design a TEE-based system with flexible trajectory data encoding algorithms. Our experiments on real-world data show that the proposed system can process hundreds of queries on tens of millions of records of trajectory data within a few seconds.

Computing Blindfolded on Data Homomorphically Encrypted under Multiple Keys: A Survey

With capability of performing computations on encrypted data without needing the secret key, homomorphic encryption (HE) is a promising cryptographic technique that makes outsourced computations secure and privacy-preserving. A decade after Gentry’s breakthrough discovery of how we might support arbitrary computations on encrypted data, many studies followed and improved various aspects of HE, such as faster bootstrapping and ciphertext packing. However, the topic of how to support secure computations on ciphertexts encrypted under multiple keys does not receive enough attention. This capability is crucial in many application scenarios where data owners want to engage in joint computations and are preferred to protect their sensitive data under their own secret keys. Enabling this capability is a non-trivial task. In this article, we present a comprehensive survey of the state-of-the-art multi-key techniques and schemes that target different systems and threat models. In particular, we review recent constructions based on Threshold Homomorphic Encryption (ThHE) and Multi-Key Homomorphic Encryption (MKHE). We analyze these cryptographic techniques and schemes based on a new secure outsourced computation model and examine their complexities. We share lessons learned and draw observations for designing better schemes with reduced overheads.

Exploring a Bilingual Next Word Predictor for a Federated Learning Mobile Application

We explore a bilingual next-word predictor (NWP) under federated optimization for a mobile application. A character-based LSTM is server-trained on English and Dutch texts from a custom parallel corpora. This is used as the target performance. We simulate a federated learning environment to assess the feasibility of distributed training for the same model. The popular Federated Averaging (FedAvg) algorithm is used as the aggregation method. We show that the federated LSTM achieves decent performance, yet it is still sub-optimal. We suggest possible next steps to bridge this performance gap. Furthermore, we explore the effects of language imbalance varying the ratio of English and Dutch training texts (or clients). We show the model upholds performance (of the balanced case) up and until a 80/20 imbalance before decaying rapidly. Lastly, we describe the implementation of local client training, word prediction and client-server communication in a custom virtual keyboard for Android platforms. Additionally, homomorphic encryption is applied to provide with secure aggregation guarding the user from malicious servers.

Exploring a Bilingual Next Word Predictor for a Federated Learning Mobile Application

We explore a bilingual next-word predictor (NWP) under federated optimization for a mobile application. A character-based LSTM is server-trained on English and Dutch texts from a custom parallel corpora. This is used as the target performance. We simulate a federated learning environment to assess the feasibility of distributed training for the same model. The popular Federated Averaging (FedAvg) algorithm is used as the aggregation method. We show that the federated LSTM achieves decent performance, yet it is still sub-optimal. We suggest possible next steps to bridge this performance gap. Furthermore, we explore the effects of language imbalance varying the ratio of English and Dutch training texts (or clients). We show the model upholds performance (of the balanced case) up and until a 80/20 imbalance before decaying rapidly. Lastly, we describe the implementation of local client training, word prediction and client-server communication in a custom virtual keyboard for Android platforms. Additionally, homomorphic encryption is applied to provide with secure aggregation guarding the user from malicious servers.

An Industrial IoT-Based Blockchain-Enabled Secure Searchable Encryption Approach for Healthcare Systems Using Neural Network

The IoT refers to the interconnection of things to the physical network that is embedded with software, sensors, and other devices to exchange information from one device to the other. The interconnection of devices means there is the possibility of challenges such as security, trustworthiness, reliability, confidentiality, and so on. To address these issues, we have proposed a novel group theory (GT)-based binary spring search (BSS) algorithm which consists of a hybrid deep neural network approach. The proposed approach effectively detects the intrusion within the IoT network. Initially, the privacy-preserving technology was implemented using a blockchain-based methodology. Security of patient health records (PHR) is the most critical aspect of cryptography over the Internet due to its value and importance, preferably in the Internet of Medical Things (IoMT). Search keywords access mechanism is one of the typical approaches used to access PHR from a database, but it is susceptible to various security vulnerabilities. Although blockchain-enabled healthcare systems provide security, it may lead to some loopholes in the existing state of the art. In literature, blockchain-enabled frameworks have been presented to resolve those issues. However, these methods have primarily focused on data storage and blockchain is used as a database. In this paper, blockchain as a distributed database is proposed with a homomorphic encryption technique to ensure a secure search and keywords-based access to the database. Additionally, the proposed approach provides a secure key revocation mechanism and updates various policies accordingly. As a result, a secure patient healthcare data access scheme is devised, which integrates blockchain and trust chain to fulfill the efficiency and security issues in the current schemes for sharing both types of digital healthcare data. Hence, our proposed approach provides more security, efficiency, and transparency with cost-effectiveness. We performed our simulations based on the blockchain-based tool Hyperledger Fabric and OrigionLab for analysis and evaluation. We compared our proposed results with the benchmark models, respectively. Our comparative analysis justifies that our proposed framework provides better security and searchable mechanism for the healthcare system.

Privacy-Preserving Federated Learning Using Homomorphic Encryption

Federated learning (FL) is a machine learning technique that enables distributed devices to train a learning model collaboratively without sharing their local data. FL-based systems can achieve much stronger privacy preservation since the distributed devices deliver only local model parameters trained with local data to a centralized server. However, there exists a possibility that a centralized server or attackers infer/extract sensitive private information using the structure and parameters of local learning models. We propose employing homomorphic encryption (HE) scheme that can directly perform arithmetic operations on ciphertexts without decryption to protect the model parameters. Using the HE scheme, the proposed privacy-preserving federated learning (PPFL) algorithm enables the centralized server to aggregate encrypted local model parameters without decryption. Furthermore, the proposed algorithm allows each node to use a different HE private key in the same FL-based system using a distributed cryptosystem. The performance analysis and evaluation of the proposed PPFL algorithm are conducted in various cloud computing-based FL service scenarios.

Deep Learning Based Homomorphic Secure Search-Able Encryption for Keyword Search in Blockchain Healthcare System: A Novel Approach to Cryptography

Due to the value and importance of patient health records (PHR), security is the most critical feature of encryption over the Internet. Users that perform keyword searches to gain access to the PHR stored in the database are more susceptible to security risks. Although a blockchain-based healthcare system can guarantee security, present schemes have several flaws. Existing techniques have concentrated exclusively on data storage and have utilized blockchain as a storage database. In this research, we developed a unique deep-learning-based secure search-able blockchain as a distributed database using homomorphic encryption to enable users to securely access data via search. Our suggested study will increasingly include secure key revocation and update policies. An IoT dataset was used in this research to evaluate our suggested access control strategies and compare them to benchmark models. The proposed algorithms are implemented using smart contracts in the hyperledger tool. The suggested strategy is evaluated in comparison to existing ones. Our suggested approach significantly improves security, anonymity, and monitoring of user behavior, resulting in a more efficient blockchain-based IoT system as compared to benchmark models.