REPHRAIN

National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online

Announced by UK Research and Innovation (UKRI) on 14 October 2020, REPHRAIN will explore how to keep people safe online while allowing them to fully participate in digital technologies and the contributions they make to an innovative, inclusive and healthy economy and society.

Latest News

February 2024 – REPHRAIN Showcase and first ever REPRHAIN Festival of Privacy!

REPHRAIN is pleased to announce two fantastic events for March 2024!

25 March – REPHRAIN Showcase

The REPHRAIN Showcase will be an in-person event, taking place at the MShed in Bristol, featuring some of the exciting work that REPHRAIN members have been undertaking since the Research Centre launched in October 2020 – in particular, attendees will have to chance to view demonstrations of key REPHRAIN resources, such as the REPHRAIN Map, the Testbed, Toolbox and Data Archive.

26 March – REPHRAIN Festival of Privacy

Are you interested in learning how to protect privacy online? Do you want to know how to use the internet safely?

Join researchers from the REPHRAIN Research Centre and the Jean Golding Institute at the University of Bristol who are partnering to run the first ever REPHRAIN Festival of Privacy!

Taking place at the MShed in Bristol, you are invited to take part in fun, interactive sessions on how to make sense of the internet, apps and online technology. Learn about privacy with games and discover data through visualisations! Try our hands-on workshops on the metaverse, virtual/augmented reality, privacy and much more!

The REPHRAIN Research Centre is focused on keeping people safe online – as featured on the BBC, our groundbreaking research has informed government policy and helped improve the safety of industry practice. Come along and see how our work is serving the community!

Register for the Showcase here and the Festival of Privacy here – a full itinerary for both events will be shared with registrants in due course.

If you have any questions, please contact rephrain-centre@bristol.ac.uk. We look forward to seeing you there!

January 2024 – Launch of Strategic Funding Call 4 Projects!

We are very pleased to announce, following a competitive process, the four projects have been awarded grants from the fourth REPHRAIN Strategic Funding call. An overview of these projects is as follows:
  • Toolbox for Measuring Online Child Sexual Exploitation and Abuse
  • Addressing Privacy Risks and Legal Challenges in the Emergent Use of Text-based Generative AI for UK Research
  • MAFFIN: Mapping Fuzzy Finfluencers’ Landscape
  • Survivors’ Experiences of Online-Facilitated Child Sexual Abuse
We’ll be updating our pages with more detail in the coming days – please keep an eye on our social media channels for further updates.
Congratulations to all – we look forward to working with you and continuing our important work in protecting citizens online!

November 2023 – Fedi-verse Impact Booster Award project

REPHRAIN are pleased to announce the first Impact Booster Award project, awarded to Ignacio Castro to facilitate work on building a fedi-observatory!

This fedi-observatory will be a pump priming project to begin initial work on designing a single-point of access for the broader research community as well as policy makers for studying harms and moderation in the fediverse.

The fedi-observatory’s long-term goal will be to provide access to data and tools to support moderation efforts in the fediverse and allow study by researchers and policy makers, filling in the gap left by the forgone access to the Twitter API.

We’ll be posting more about this project as this work develops – please keep an eye on our social media accounts for more news about this resource!

November 2023 – REPHRAIN at the European Parliament

As a continuation of REPHRAIN’s research into privacy and end-to-end encryption (E2EE), Claudia Peersman participated in the EDPS Seminar on the CSAM Proposal: “The Point of No Return?”, presenting the Centre’s work on evaluating prototypes on detecting child abuse material in E2EE applications. A summary report has now been produced by the EDPS which makes reference to this work – you can read this report here.

September 2023 – REPHRAIN on the Online Safety Bill

As part of REPHRAIN’s commitment to inform responsible policy and legislation, Professor Awais Rashid, the Director of REPHRAIN, spoke to BBC’s Newsnight on Tuesday’s programme to discuss the privacy harms of the provision to scan end-to-end encrypted (E2EE) messages in the Online Safety Bill.

REPHRAIN has previously provided the expertise of the Centre’s researchers as independent evaluators for the Safety Tech Challenge Fund’s prototypes for client-side scanning prior to encryption. The evaluation concluded that, from a Human Rights perspective, the confidentiality of the E2EE service users’ communications cannot be guaranteed when all content intended to be sent privately within the E2EE service is monitored pre-encryption.

In his conversation with the BBC, Professor Rashid highlighted the impact on fundamental human rights noting that “this would be the equivalent of us all moving around having a surveillance camera attached to ourselves”. He also noted such a provision would mean that “the UK seriously risks losing its position as one of the leading places for security and privacy”. Earlier this year, UK’s broader cyber security community issued an open letter (signed by many members of REPHRAIN) to the UK Parliament to consider the scientific evidence available to them before voting on the Online Safety Bill.

You can watch the Newsnight report and Professor Rashid’s interview here, (26:34 mins), read the REPHRAIN Safety Tech Challenge Fund Evaluation Report here and the open letter from the community here.

August 2023 – REPHRAIN cited in CMS Committee Report on Connected Tech

The Commons CMS Committee has published a report on Connected Tech, which heavily cites the expert input of REPHRAIN researchers, covering the harms and benefits of connected tech, with particular attention to the debate around physical labelling of devices.

Read the full CMS report here – the REPHRAIN report cited can be found on our Policy and Regulation pages.

July 2023 – REPHRAIN on the Online Safety Bill

REPHRAIN have issued a press statement, amplifying an open letter from the broader community, calling on the UK Parliament to consider independent scientific evaluation before voting through the Online Safety Bill, specifically regarding concerns around privacy and End-to-End Encryption (E2EE).

This statement reiterates the findings of our report into end-to-end encryption, where the technology assessed was not fit as a solution – this report is available to read here.

REPHRAIN remains committed to tackling online child sexual abuse and exploitation and encourages the UK parliament to take the scientific evidence in this report into account.

February 2023 – Safety Tech Challenge Evaluation Report

The REPHRAIN research centre are pleased to announce to release of “Towards a Framework for Evaluation CSAM Prevention and Detection Tools in the Context of End-to-end encryption Environments: a Case Study”.

Through the Safety Tech Challenge Fund, the UK Government awarded funding to five projects to prototype innovative, automated technologies to help keep children safe in E2EE environments, such as online messaging platforms, while ensuring user privacy is respected.

To enable academic scrutiny, the UK National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online (REPHRAIN) was requested to act as an independent, external evaluator to each of these five projects. To our knowledge, this is the first independent, public evaluation of automated industry tools developed for online child protection.

You can read more about this report on our dedicated page here – the report can be downloaded here.

December 2022 – Safety Tech Challenge Fund Update

The Safety Tech Challenge Fund evaluation report is under production by the REPHRAIN team but is currently delayed due to unforeseen personal and health reasons impacting the key REPHRAIN personnel involved.

An updated schedule for delivery and publication will be released once confirmed.

November 2022 – January 2023 Showcase!

We are pleased to announce that REPHRAIN is hosting a Showcase in January 2023!

We have secured Goodenough College in London as the venue for both days, with the Showcase to take place on 19 January, followed by a sandpit and All Hands Meeting on 20 January.

The open showcase will involve presentations from our researchers, workshops and discussions involving our external partners – a whole range of activities to provide our researchers and the wider community the platform to exhibit and celebrate their excellent work and the progress we’ve made as a Centre. We hope to have representation from all of our projects at this event, so there should be something for everyone!

Delegates can register here – an agenda will be shared in due course.

if you have any questions in the meantime, please don’t hesitate to get in touch via rephrain-centre@bristol.ac.uk.

November 2022 – Welcome to our Third Academic Fellow!

We are pleased to announce that Beate Grawemeyer has joined REPHRAIN as an Academic Fellow via our Researcher-in-Residence Programme!

Beate will be working on her AIEX Project, as summarised on her profile page – you can read more about Beate and her work there!

If you would like to read more about how to apply to our Researcher-in-Residence Programme, you can do so here – please contact rephrain-centre@bristol.ac.uk with any questions.

November 2022 – New REPHRAIN Blogpost!

Andrés Domínguez, one of our Core Researchers, has written a blog on the possible implications of the mass adoption of a metaverse – this includes a short story exploring and narrativising this critical debate.

You can read this excellent piece of writing here, along with all of our other blogposts!

October 2022 – the third REPHRAIN Strategic Funding Call is now live!

We are delighted to announce the launch of the third REPHRAIN Strategic Funding Call!

Since our launch, the REPHRAIN Centre team have been engaging in a series of scoping activities – these include consultation workshops with the wider community and literature reviews with leading experts from industry and academia. Due to the engagement and success of these activities, we have been able to identify a series of priority areas for research in this Strategic Funding Call.

Proposals should be submitted by 4pm on 25 November 2022. See below for a schedule of key dates and deadlines:

Call opens: 17 October 2022
Call closes: 25 November 2022
Decision panel: w/c 23 January 2023
Successful applicants notified: w/c 30 January 2023
Projects to start from: 1 March 2023

Full details of the call, topics and submission process and deadlines are available on our dedicated pages here.

Please get in touch with any questions via rephrain-centre@bristol.ac.uk – we look forward to reading your proposals!

October 2022 – Welcome to our Second Academic Fellow!

We are pleased to announce that Hen Wilkinson has joined REPHRAIN as an Academic Fellow via our Researcher-in-Residence Programme!

Hen will be working on her PeaceTech Project, as summarised on her profile page – you can read more about Hen and her work there!

If you would like to read more about how to apply to our Researcher-in-Residence Programme, you can do so here – please contact rephrain-centre@bristol.ac.uk with any questions.

October 2022 – Launch of the REPHRAIN Map!

We are delighted to announce that the REPHRAIN Map is now online!

The REPHRAIN Map is a living resource of knowledge around the areas of privacy, harms and risks online. The Map provides a shared understanding of this landscape, establishing a baseline of current state-of-the-art. The content of the map is co-created and routinely updated by researchers within REPHRAIN, based on developments within the field and community feedback.

The current list of harms, risks and vulnerabilities reflects the research being conducted within the Centre and used the UK online harms bill and Solove’s taxonomy of privacy as its starting point. This list will continually evolve as more projects join REPHRAIN and outcomes emerge. Each of the items in the map includes definitions, relevant literature and ongoing projects, as well as useful tools and approaches.

A live version of the Map can be found here.

September 2022 – A new paper from REPHRAIN!

From Utility to Capability: A New Paradigm to Conceptualise and Develop Inclusive PETs

Prepared by Partha Das Chowdhury, Andrés Domínguez Hernández, Kopo Marvin Ramokapane & Awais Rashid.

Abstract: The wider adoption of Privacy Enhancing Technologies (PETs) has relied on usability studies – which focus mainly on an assessment of how a specified group of users interface, in particular contexts, with the technical properties of a system. While human-centred efforts in usability aim to achieve important technical improvements and drive technology adoption, a focus on the usability of PETs alone is not enough. PETs development and adoption requires a broadening of focus to adequately capture the specific needs of individuals, particularly of vulnerable individuals and/or individuals in marginalized populations. We argue for a departure, from the utilitarian evaluation of surface features aimed at maximizing adoption, towards a bottom-up evaluation of what real opportunities humans have to use a particular system. We delineate a new paradigm for the way PETs are conceived and developed. To that end, we propose that Amartya Sen’s capability approach offers a foundation for the comprehensive evaluation of the opportunities individuals have based on their personal and environmental circumstances which can, in turn, inform the evolution of PETs. This includes considerations of vulnerability, age, education, physical and mental ability, language barriers, gender, access to technology, freedom from oppression among many important contextual factors.

Paper available for download here.

August 2022 – Welcome to our first Academic Fellow!

We are pleased to announce that Tom van Neunen has joined REPHRAIN as an Academic Fellow via our Researcher-in-Residence Programme!

Tom will be working on his INTERSECT Project, as summarised on his profile page – you can read more about Tom and his work there (as well as our upcoming newsletter)!

If you would like to read more about how to apply to our Researcher-in-Residence Programme, you can do so here – please contact rephrain-centre@bristol.ac.uk with any questions.

July 2022 – REPHRAIN Publication accepted at IJCAI-ECAI 2022!

We are pleased to announce that Nadin Kokciyan of the CONTEXT project, working in collaboration with Pinar Yolum, has successfully submitted a publication to IJCAI-ECAI 2022, the 31st International Joint Conference on Artificial Intelligence, due to take place over July 23-29 in Vienna. A copy of this paper and an abstract can be found below – congratulations to all involved!

Taking Situation-Based Privacy Decisions: Privacy Assistants Working with Humans

Abstract: Privacy on the Web is typically managed by giving consent to individual Websites for various aspects of data usage. This paradigm requires too much human effort and thus is impractical for Internet of Things (IoT) applications where humans interact with many new devices on a daily basis. Ideally, software privacy assistants can help by making privacy decisions in different situations on behalf of the users. To realize this, we propose an agent-based model for a privacy assistant. The model identifies the contexts that a situation implies and computes the trustworthiness of these contexts. Contrary to traditional trust models that capture trust in an entity by observing large number of interactions, our proposed model can assess the trust-worthiness even if the user has not interacted with the particular device before. Moreover, our model can decide which situations are inherently ambiguous and thus can request the human to make the decision. We evaluate various aspects of the model using a real-life data set and report adjustments that are needed to serve different types of users well.

Paper available for download here.

June 2022 – new publications from the PriXR and CLARITI Projects!


Safeguarding Privacy in the Age of Everyday XR

Prepared by Pejman Saeghe, Mark McGill & Mohamed Khamis

Abstract: The commercialisation of extended reality (XR) devices provides new capabilities for its user, such as the ability to continuously capture their surroundings. This introduces novel privacy risks and challenges for XR users and bystanders alike. In this position paper, we use an established taxonomy of privacy to highlight its limitations when dealing with everyday XR. Our aim is to highlight a need for an update in our collective understanding of privacy risks imposed by everyday XR technology.

Paper available for download here.

 MuMiN: A Large Scale Multilingual Multimodal Fact-Checked Misinformation Social Network Dataset

Prepared by Dan S. Nielsen & Ryan McConville

Abstract: Misinformation is becoming increasingly prevalent on social media and in news articles. It has become so widespread that we require algorithmic assistance utilising machine learning to detect such content. Training these machine learning models require datasets of sufficient scale, diversity and quality. However, datasets in the field of automatic misinformation detection are predominantly monolingual, include a limited amount of modalities and are not of sufficient scale and quality. Addressing this, we develop a data collection and linking system (MuMiN-trawl), to build a public misinformation graph dataset (MuMiN), containing rich social media data (tweets, replies, users, images, articles, hashtags) spanning 21 million tweets belonging to 26 thousand Twitter threads, each of which have been semantically linked to 13 thousand fact-checked claims across dozens of topics, events and domains, in 41 different languages, spanning more than a decade. The dataset is made available as a heterogeneous graph via a Python package (mumin). We provide baseline results for two node classification tasks related to the veracity of a claim involving social media, and demonstrate that these are challenging tasks, with the highest macro-average F1- score being 62.55% and 61.45% for the two tasks, respectively. The MuMiN ecosystem is available at https://mumin-dataset.github.io/, including the data, documentation, tutorials and leaderboards.

Paper available for download here.

May 2022 – Launch of Strategic Funding Call 2 Projects!

We are very pleased to announce, following a competitive process, the following projects have successfully been awarded grants from the second REPHRAIN Strategic Funding call.

Congratulations to all and we look forward to working with you and continuing this important work!

We’ll be updating our pages with more detail in the coming days – in the meantime, please refer to the University of Bristol’s press release here.

May 2022 – Launch of Impact Booster Awards!

We are pleased to announce the launch of our Impact Booster Award programme!

This programme offers funding opportunities to current REPHRAIN projects to support the development of the external impact of your research with partner organisations – examples of outcomes include production of guidance, policy input or commercial output, and proposals with partner organisations from a range of sectors (including internationals) are welcomed.

Full details (including how to apply) can be found here – please direct any queries to rephrain-centre@bristol.ac.uk.

We look forward to receiving your applications!

May 2022 – LAWREG abstract accepted at BILETA Conference

We are pleased to announce that the LAWREG project, involving Asma Vranaki and Francesca Farmer, successfully submitted an abstract to BILETA. This paper is titled Third-Party Cookies, Data Analytics and Targeted Advertisements: Of Data Protection Law and Regulation and we look forward to sharing further details, including the completed paper, in due course. Congratulations Asma and Francesca!

March 2022 – Scoping the evaluation of CSAM prevention and detection tools in the context of End-to-End encryption environment document

We released the Scoping the evaluation of CSAM prevention and detection tools in the context of End-to-End encryption environment document for public consultation (document can be found here) – this community consultation closed on Friday 08 April 2022.

The evaluation criteria document describes the scoping stage of REPHRAIN’s independent evaluation of Proof-of-Concept tools for preventing and detecting child sexual abuse media (CSAM) within end-to-end encryption (E2EE) environments that are currently being developed within five different projects funded by the Safety Tech Challenge Fund.
Given the tensions that arise between protecting vulnerable users and protecting user privacy at large, the key steps in REPHRAIN’s evaluation process are (1) to seek input from the community and (2) to publicly publish all results, whilst ensuring that academic rigour and objectivity remain the core of our work, and to inform future directions in this area.
We welcomed constructive comments on the following:
  • Positive points on the evaluation criteria – What did you like about the evaluation criteria?
  • What is missing from the evaluation criteria and why?
  • Should anything be removed from the evaluation criteria and why?
  • How could the evaluation criteria be improved? Please include examples and references.

Thank you to all for their contributions and participation in making this consultation a success – please keep an eye on our channels for further news!

January 2022 – two new publications from the REPHRAIN Team!

Multi-party Updatable Delegated Private Set Intersection

Prepared by Aydin Abadi, Changyu Dong, Steven Murdoch and Sotirios Terzis

Abstract: With the growth of cloud computing, the need arises for Private Set Intersection protocols (PSI) that can let parties outsource the storage of their private sets and securely delegate PSI computation to a cloud server. The existing delegated PSIs have two major limitations; namely, they cannot support (1) efficient updates on outsourced sets and (2) efficient PSI among multiple clients. This paper presents “Feather”, the first lightweight delegated PSI that addresses both limitations simultaneously. It lets clients independently prepare and upload their private sets to the cloud once, then delegate the computation an unlimited number of times. We implemented Feather and compared its costs with the state of the art delegated PSIs. The evaluation shows that Feather is more efficient computationally, in both update and PSI computation phases.

A copy of this paper is available for download here.

Nothing to Be Happy About: Consumer Emotions and AI

Prepared by Mateja Durovic and Jonathan Watson

Abstract: Advancements in artificial intelligence and Big Data allow for a range of goods and services to determine and respond to a consumer’s emotional state of mind. Considerable potential surrounds the technological ability to detect and respond to an individual’s emotions, yet such technology is also controversial and raises questions surrounding the legal protection of emotions. Despite their highly sensitive and private nature, this article highlights the inadequate protection of emotions in aspects of data protection and consumer protection law, arguing that the contribution by recent proposal for an Artificial Intelligence Act is not only unsuitable to overcome such deficits but does little to support the assertion that emotions are highly sensitive.

Keywords: AI; consumer law; new technologies; regulation; emotions; EU Law

A copy of this paper is available for download here.

December 2021 – the second REPHRAIN Strategic Funding call is now closed!

Since our launch, the REPHRAIN Centre team have been engaging in a series of scoping activities – these include consultation workshops with the wider community and literature reviews with leading experts from industry and academia. Due to the engagement and success of these activities, we have been able to identify a series of priority areas for research in this Strategic Funding Call.

See below for a deadline of key dates in relation to this funding call:

Call opens: 6 December 2021
Call closes: 28 January 2022
Decision panel: w/c 14 March 2022
Successful applicants notified: w/c 21 March 2022
Projects to start from: w/c 1 May 2022

Full details of the call, topics and submission process and deadlines are available on our dedicated pages here.

Please get in touch with any questions via rephrain-centre@bristol.ac.uk – we look forward to reading your proposals!

December 2021 – a REPHRAIN Publication on personal data

 

A Consumer Law Perspective on the Commercialization of Data

Prepared by Mateja Durovic and Franciszek Lech

Abstract: Commercialization of consumers’ personal data in the digital economy poses serious, both conceptual and practical, challenges to the traditional approach of European Union (EU) Consumer Law. This article argues that mass-spread, automated, algorithmic decision-making casts doubt on the foundational paradigm of EU consumer law: consent and autonomy. Moreover, it poses threats of discrimination and under- mining of consumer privacy. It is argued that the recent legislative reaction by the EU Commission, in the form of the ‘New Deal for Consumers’, was a step in the right direction, but fell short due to its continued reliance on consent, autonomy and failure to adequately protect consumers from indirect discrimination. It is posited that a focus on creating a contracting landscape where the consumer may be properly informed in material respects is required, which in turn necessitates blending the approaches of competition, consumer protection and data protection laws.

Paper available for download here.

November 2021 – Release of draft REPHRAIN map for community consultation

We are very pleased to announce the release of the draft version of the REPHRAIN Map. The REPHRAIN Map will be open for review and community consultation for a 4 week period until Tuesday 14 December 2021.

All constructive comments are welcome so please let us know what you think. We would appreciate if comments could be based around the following points.

  • Four categories used in the Map (State of the art, Challenges, Tools & Approaches, Projects)
  • Map structure
  • Content of the Map
  • How useful the Map is

Please submit your comments using this survey – we look forward to hearing your thoughts!

November 2021 – Strategic Funding Call 1 Projects!

We are very pleased to announce, following a competitive process, the following projects have successfully been awarded grants from the first REPHRAIN Strategic Funding call.

Congratulations to all and we look forward to working with you!

More details of how these projects match up with the REPHRAIN missions can be found here and the University of Bristol’s press release here.

October 2021 – Another publication on our privacy testbed!

Further to our presentation at SECPRE 2021, as detailed below, the REPHRAIN Testbed team have published another paper on their work on one of our central projects.

Building a Privacy Testbed: Use Cases and Design Considerations

Prepared by Joseph Gardiner, Partha Das Chowdhury, Jacob Halsey, Mohammad Tahaei, Tariq Elahi and Awais Rashid.

Abstract: Mobile application (app) developers are often ill-equipped to understand the privacy implications of their products and services, especially with the common practice of using third-party libraries to provide critical functionality. To add to the complexity, most mobile applications interact with the “cloud”—not only the platform provider’s ecosystem (such as Apple or Google) but also with third-party servers (as a consequence of library use). This presents a hazy view of the privacy impact for a particular app. Therefore, we take a significant step to address this challenge and propose a testbed with the ability to systematically evaluate and understand the privacy behavior of client server applications in a network environment across a large number of hosts. We reflect on our experiences of successfully deploying two mass market applications on the initial versions of our proposed testbed. Standardization across cloud implementations and exposed end points of closed source binaries are key for transparent evaluation of privacy features.

Paper available for download here.

October 2021 – Presentation to the Dutch Senate!

Congratulations to one of our Practitioners-in-Residence, Erik van de Sandt, who presented his publication Towards Data Scientific Investigations to the Dutch Senate.

Read Erik’s paper here and read details of this event here.

October 2021 – see a presentation on our testbed!

Further to the below, the REPHRAIN Testbed team will be presenting during the 5th International Workshop on SECurity and Privacy Requirements Engineering (SECPRE) workshop programme, in conjunction with ESORICS 2021 – this will be taking place at 11.30 CET, 8 October.

Interested parties can register here – SECPRE will be held as a virtual event to ensure all are able to attend.

September 2021 – A publication on our testbed!

A Privacy Testbed for IT Professionals: Use Cases and Design Considerations

Prepared by Joseph Gardiner, Mohammad Tahaei, Jacob Halsey, Tariq Elahi and Awais Rashid

Abstract: We propose a testbed to assist IT professionals in evaluating privacy properties of software systems. The goal of the testbed, currently under construction, is to help IT professionals systematically evaluate and understand the privacy behaviour of applications. We first provide three use cases to support developers and privacy engineers and then describe key design considerations for the testbed.

Paper available for download here.

September 2021 – Launch of REPHRAIN Masterclasses

Starting from 2 September, REPHRAIN will be running and hosting a series of masterclasses on specialised topics – these sessions will allow a collaborative space for researchers, industry and interested parties to discuss the challenges and best practice principles in specific areas.

These masterclasses will involve our researchers presenting case studies on their work, as well as panel-based / round-table Q&A sessions. The events will be hosted online for the time being and will be free to attend – tickets can be reserved via Eventbrite and the masterclasses will be advertised via this website, our newsletter and our Twitter account.

For more information on our masterclass series, including our current schedule, check our dedicated page here.

16 August, 2021 – A new research paper on PSIs!

Polynomial Representation Is Tricky: Maliciously Secure Private Set Intersections Revisited

As accepted at ESORICS 2021! Prepared by Aydin Abadi, Steven Murdoch, Thomas Zacharias

Abstract: Private Set Intersection protocols (PSIs) allow parties to compute the intersection of their private sets, such that nothing about the sets’ elements beyond the intersection is revealed. PSIs have a variety of applications, primarily in efficiently supporting data sharing in a privacy-preserving manner. At Eurocrypt 2019, Ghosh and Nilges proposed three efficient PSIs based on the polynomial representation of sets and proved their security against active adversaries. In this work, we show that these three PSIs are susceptible to several serious attacks. The attacks let an adversary (1) learn the correct intersection while making its victim believe that the intersection is empty, (2) learn a certain element of its victim’s set beyond the intersection, and (3) delete multiple elements of its victim’s input set. We explain why the proofs did not identify these attacks and propose a set of mitigations.

Paper available for download here.

Practitioner-in-Residence / Researcher-in-Residence Programmes

REPHRAIN is delighted to announce we are accepting expressions of interest for our practitioner-in-residence programme and applications for our researcher-in-residence programme!

These programmes aim to cultivate and provide a public space to maximise collaboration with the wider community and to offer an environment for mutual engagement and learning. The remit of the programmes is to host researchers and practitioners from the wider UK/international community in its touchdown space in Bristol and its partner organisations (current Government restrictions pending) to enable access to the Centre’s facilities, including datasets and testbed, and for the Centre to benefit in return from proposal outputs.

Both are open, rolling calls and submissions will be welcome until 31 March 2023.

More details on both can be found on their dedicated pages – Practitioner-in-residence & Researcher-in-residence.

Explore more: