Data Encryption
Description:

Data breaches are an ever increasing concern nowadays. For instance, the 2017 Equifax breach exposed sensitive financial information of an estimated 143 millions US persons. Furthermore, companies are often powerless to protected themselves as exemplified by Yahoo! which was breached in 2013 and then again in 2014!

As a defense, some security researchers have advocated for the use of always-encrypted databases. A prominent approach to construct always-encrypted databases is to leverage weak forms of encryption which expose, in their ciphertexts, some plaintext information in order to preserve

Smartphone - Location
Description:

Location data is a particularly sensitive type of data because human mobility reveals so much information about our lives. Where we are and where we go defines the blueprint of our lives and divulges our social relationships. Yet in the age of smartphones and location-enhanced services, our location data is increasingly exposed to untrusted and sometimes untrustworthy third parties. The broad goal of this project is to understand salient threats to location privacy in our daily lives, as well as to design and analyze techniques to preserve privacy when sharing location data.

Biometrics
Description:

Machine learning helps us distill the unreasonable complexity of the world around us into (relatively) simple models. In theory, models should learn facts about the population from which their training dataset is sampled. In practice, models often learn about the idiosyncrasies of the data they are fed. As a result, there is a concern that machine learning models could leak sensitive information in unpredictable ways. The goal of this project is to understanding when, how, and why this can occur and what can be done about it.

Circuit board
Description:

Side-channel attacks exploit the implementation of a system rather than its design. For example, such attacks include extracting cryptographic keys by probing the CPU cache during a decryption operation or through inference from a power analysis trace. Despite a growing set of prominent instances targeting real-world systems such as Spectre and Meltdown, side-channel threats remain poorly understood. There is a dearth of systematic knowledge about the cause of side-channel vulnerabilities and ways to effectively mitigate them. This project seeks to better understand side-channel threats