Mayar Elfares, Zhiming Hu, Pascal Reisert, Andreas Bulling, and Ralf Küsters, “Federated Learning for Appearance-based Gaze Estimation in the Wild,” in NeuRIPS 2022 Workshop on Gaze Meets ML, 2022.
Abstract
Gaze estimation methods have significantly matured in recent years but the large number of eye images required to train deep learning models poses significant privacy risks. In addition, the heterogeneous data distribution across different users can significantly hinder the training process. In this work, we propose the first federated learning approach for gaze estimation to preserve the privacy of gaze data.
We further employ pseudo-gradients optimisation to adapt our federated learning approach to the divergent model updates to address the heterogeneous nature of in-the-wild gaze data in collaborative setups. We evaluate our approach on a real-world dataset (MPIIGaze dataset) and show that our work enhances the privacy guarantees of conventional appearance-based gaze estimation methods, handles the convergence issues of gaze estimators, and significantly outperforms vanilla federated learning by 15.8 % (from a mean error of 10.83 degrees to 8.95 degrees). As such, our work paves the way to develop privacy-aware collaborative learning setups for gaze estimation while maintaining the model's performance.BibTeX
Mayar Elfares, Zhiming Hu, Pascal Reisert, Andreas Bulling, and Ralf Küsters, “Federated Learning for Appearance-based Gaze Estimation in the Wild,” arXiv, Technical Report 2211.07330, 2022.
Abstract
Gaze estimation methods have significantly matured in recent years but the large number of eye images required to train deep learning models poses significant privacy risks. In addition, the heterogeneous data distribution across different users can significantly hinder the training process. In this work, we propose the first federated learning approach for gaze estimation to preserve the privacy of gaze data.
We further employ pseudo-gradients optimisation to adapt our federated learning approach to the divergent model updates to address the heterogeneous nature of in-the-wild gaze data in collaborative setups. We evaluate our approach on a real-world dataset (MPIIGaze dataset) and show that our work enhances the privacy guarantees of conventional appearance-based gaze estimation methods, handles the convergence issues of gaze estimators, and significantly outperforms vanilla federated learning by 15.8 % (from a mean error of 10.83 degrees to 8.95 degrees). As such, our work paves the way to develop privacy-aware collaborative learning setups for gaze estimation while maintaining the model's performance.BibTeX
Nicolas Huber, Ralf Küsters, Toomas Krips, Julian Liedtke, Johannes Müller, Daniel Rausch, Pascal Reisert, and Andreas Vogt, “Kryvos: Publicly Tally-Hiding Verifiable E-Voting,” in CCS ’22: ACM Conference on Computer and Communications Security,
November 7--11, 2022, Los Angeles, USA, 2022.
Abstract
Elections are an important corner stone of democratic processes. In
addition to publishing the final result (e.g., the overall winner),
elections typically publish the full tally consisting of all
(aggregated) individual votes. This causes several issues, including
loss of privacy for both voters and election candidates as well as
so-called Italian attacks that allow for easily coercing voters.
Several e-voting systems have been proposed to address these issues
by hiding (parts of) the tally. This property is called
tally-hiding. Existing tally-hiding e-voting systems in the
literature aim at hiding (part of) the tally from everyone,
including voting authorities, while at the same time offering
verifiability, an important and standard feature of modern e-voting
systems which allows voters and external observers to check that the
published election result indeed corresponds to how voters actually
voted. In contrast, real elections often follow a different common practice
for hiding the tally: the voting authorities internally compute (and
learn) the full tally but publish only the final result (e.g., the
winner). This practice, which we coin publicly tally-hiding,
indeed solves the aforementioned issues for the public, but
currently has to sacrifice verifiability due to a lack of practical
systems.
In this paper, we close this gap. We formalize the common notion of
publicly tally-hiding and propose the first provably secure
verifiable e-voting system, called Kryvos, which directly
targets publicly tally-hiding elections. We
instantiate our system for a wide range of both simple and complex
voting methods and various result functions. We provide an extensive
evaluation which shows that Kryvos is practical and able to
handle a large number of candidates, complex voting methods and
result functions. Altogether, Kryvos shows that the concept of
publicly tally-hiding offers a new trade-off between privacy and
efficiency that is different from all previous tally-hiding systems
and which allows for a radically new protocol design resulting in a
practical e-voting system.BibTeX
Nicolas Huber, Ralf Küsters, Toomas Krips, Julian Liedtke, Johannes Müller, Daniel Rausch, Pascal Reisert, and Andreas Vogt, “Kryvos: Publicly Tally-Hiding Verifiable E-Voting,” Cryptology ePrint Archive, Technical Report 2022/1132, 2022.
Abstract
Elections are an important corner stone of democratic processes. In
addition to publishing the final result (e.g., the overall winner),
elections typically publish the full tally consisting of all
(aggregated) individual votes. This causes several issues, including
loss of privacy for both voters and election candidates as well as
so-called Italian attacks that allow for easily coercing voters.
Several e-voting systems have been proposed to address these issues
by hiding (parts of) the tally. This property is called
tally-hiding. Existing tally-hiding e-voting systems in the
literature aim at hiding (part of) the tally from everyone,
including voting authorities, while at the same time offering
verifiability, an important and standard feature of modern e-voting
systems which allows voters and external observers to check that the
published election result indeed corresponds to how voters actually
voted. In contrast, real elections often follow a different common practice
for hiding the tally: the voting authorities internally compute (and
learn) the full tally but publish only the final result (e.g., the
winner). This practice, which we coin publicly tally-hiding,
indeed solves the aforementioned issues for the public, but
currently has to sacrifice verifiability due to a lack of practical
systems.
In this paper, we close this gap. We formalize the common notion of
publicly tally-hiding and propose the first provably secure
verifiable e-voting system, called Kryvos, which directly
targets publicly tally-hiding elections. We
instantiate our system for a wide range of both simple and complex
voting methods and various result functions. We provide an extensive
evaluation which shows that Kryvos is practical and able to
handle a large number of candidates, complex voting methods and
result functions. Altogether, Kryvos shows that the concept of
publicly tally-hiding offers a new trade-off between privacy and
efficiency that is different from all previous tally-hiding systems
and which allows for a radically new protocol design resulting in a
practical e-voting system.BibTeX
David Mestel, Johannes Müller, and Pascal Reisert, “How Efficient are Replay Attacks against Vote Privacy? A Formal Quantitative Analysis,” in 35th IEEE Computer Security Foundations Symposium, CSF 2022, Haifa,
Israel, August 7-10, 2022, 2022.
Abstract
Replay attacks are among the most well-known attacks against vote privacy. Many e-voting systems have been proven vulnerable to replay attacks, including systems like Helios that are used in real practical elections. Despite their popularity, it is commonly believed that replay attacks are inefficient but the actual threat that they pose to vote privacy has never been studied formally. Therefore, in this paper, we precisely analyze for the first time how efficient replay attacks really are.
We study this question from commonly used and complementary perspectives on vote privacy, showing as an independent contribution that a simple extension of a popular game-based privacy definition corresponds to a strong entropy-based notion. Our results demonstrate that replay attacks can be devastating for a voter’s privacy even when an adversary’s resources are very limited. We illustrate our formal findings by applying them to a number of real-world elections, showing that a modest number of replays can result in significant privacy loss. Overall, our work reveals that, contrary to a common belief, replay attacks can be very efficient and must therefore be considered a serious threat.BibTeX
David Mestel, Johannes Müller, and Pascal Reisert, “How Efficient are Replay Attacks against Vote Privacy? A Formal Quantitative Analysis,” Cryptology ePrint Archive, Technical Report 2022/743, 2022.
Abstract
Replay attacks are among the most well-known attacks against vote privacy. Many e-voting systems have been proven vulnerable to replay attacks, including systems like Helios that are used in real practical elections. Despite their popularity, it is commonly believed that replay attacks are inefficient but the actual threat that they pose to vote privacy has never been studied formally. Therefore, in this paper, we precisely analyze for the first time how efficient replay attacks really are.
We study this question from commonly used and complementary perspectives on vote privacy, showing as an independent contribution that a simple extension of a popular game-based privacy definition corresponds to a strong entropy-based notion. Our results demonstrate that replay attacks can be devastating for a voter’s privacy even when an adversary’s resources are very limited. We illustrate our formal findings by applying them to a number of real-world elections, showing that a modest number of replays can result in significant privacy loss. Overall, our work reveals that, contrary to a common belief, replay attacks can be very efficient and must therefore be considered a serious threat.BibTeX
Toomas Krips, Ralf Küsters, Pascal Reisert, and Marc Rivinius, “Arithmetic Tuples for MPC,” Cryptology ePrint Archive, Technical Report 2022/667, 2022.
Abstract
Some of the most efficient protocols for Multi-Party Computation (MPC) use a two-phase approach where correlated randomness, in particular Beaver triples, is generated in the offline phase and then used to speed up the online phase. Recently, more complex correlations have been introduced to optimize certain operations even further, such as matrix triples for matrix multiplications. In this paper, our goal is to speed up the evaluation of multivariate polynomials and therewith of whole arithmetic circuits in the online phase. To this end, we introduce a new form of correlated randomness: arithmetic tuples. Arithmetic tuples can be fine tuned in various ways to the constraints of application at hand, in terms of round complexity, bandwidth, and tuple size. We show that for many real-world setups an arithmetic tuples based online phase outperforms state-of-the-art protocols based on Beaver triples.BibTeX
Marc Rivinius, Pascal Reisert, Daniel Rausch, and Ralf Küsters, “Publicly Accountable Robust Multi-Party Computation,” in 43rd IEEE Symposium on Security and Privacy (S&P 2022), 2022, pp. 2430--2449.
Abstract
In recent years, lattice-based secure multi-party computation (MPC) has seen a rise in popularity and is used more and more in large scale applications like privacy-preserving cloud computing, electronic voting, or auctions. Many of these applications come with the following high security requirements: a computation result should be publicly verifiable, with everyone being able to identify a malicious party and hold it accountable, and a malicious party should not be able to corrupt the computation, force a protocol restart, or block honest parties or an honest third-party (client) that provided private inputs from receiving a correct result. The protocol should guarantee verifiability and accountability even if all protocol parties are malicious. While some protocols address one or two of these often essential security features, we present the first publicly verifiable and accountable, and (up to a threshold) robust SPDZ-like MPC protocol without restart. We propose protocols for accountable and robust online, offline, and setup computations. We adapt and partly extend the lattice-based commitment scheme by Baum et al. (SCN 2018) as well as other primitives like ZKPs. For the underlying commitment scheme and the underlying BGV encryption scheme we determine ideal parameters. We give a performance evaluation of our protocols and compare them to state-of-the-art protocols both with and without our target security features: public accountability, public verifiability and robustness.BibTeX
Marc Rivinius, Pascal Reisert, Daniel Rausch, and Ralf Küsters, “Publicly Accountable Robust Multi-Party Computation,” Cryptology ePrint Archive, Technical Report 2022/436, 2022.
Abstract
In recent years, lattice-based secure multi-party computation (MPC) has seen a rise in popularity and is used more and more in large scale applications like privacy-preserving cloud computing, electronic voting, or auctions. Many of these applications come with the following high security requirements: a computation result should be publicly verifiable, with everyone being able to identify a malicious party and hold it accountable, and a malicious party should not be able to corrupt the computation, force a protocol restart, or block honest parties or an honest third-party (client) that provided private inputs from receiving a correct result. The protocol should guarantee verifiability and accountability even if all protocol parties are malicious. While some protocols address one or two of these often essential security features, we present the first publicly verifiable and accountable, and (up to a threshold) robust SPDZ-like MPC protocol without restart. We propose protocols for accountable and robust online, offline, and setup computations. We adapt and partly extend the lattice-based commitment scheme by Baum et al. (SCN 2018) as well as other primitives like ZKPs. For the underlying commitment scheme and the underlying BGV encryption scheme we determine ideal parameters. We give a performance evaluation of our protocols and compare them to state-of-the-art protocols both with and without our target security features: public accountability, public verifiability and robustness.BibTeX