As today's world gets more and more connected, actors with different and potentially conflicting interests want to interact in many application scenarios. Examples are citizens and governments (electronic passport and id), patients and health insurances (electronic health card, e-health services), or companies (cloud computing). In this context, it is of foremost importance that the underlying IT systems and algorithms can fulfill the diverse security and privacy requirements of the involved parties. In particular, if sensitive (e.g., medical) data is processed by not fully trusted service providers (e.g., “in the cloud”), conformity with data privacy protection laws must be guaranteed.
Privacy-preserving cryptographic protocols allow to process such sensitive data in a provably secure way. Until today, the design and implementation of privacy-preserving protocols, efficient enough to be used in practical applications, is a challenging and error-prone task even for experts in the field. To make such protocols widely accessible to non-expert users, tools are needed that automatically generate efficient and secure privacy-preserving cryptographic protocols from high-level specifications.
The Engineering Cryptographic Protocols (ENCRYPTO) group investigates models, languages, and tools for security and privacy by design during the entire lifecycle of privacy-preserving protocols in various application scenarios.