Privacy-Enhancing Technologies

Wouter Lueks

News

Project 3 Release

Written on 25.06.25 by Tim Rausch

Hi everyone,
 
we're releasing Project 3 today. The submission is due on August 15. As with the previous projects, there is a handout in the materials section and here are further instructions on how to access the skeleton, use our remote development environment, and to submit your… Read more
Hi everyone,
 
we're releasing Project 3 today. The submission is due on August 15. As with the previous projects, there is a handout in the materials section and here are further instructions on how to access the skeleton, use our remote development environment, and to submit your solution:
 
To get the skeleton code for project 3, you need to pull the project3 branch from the reference repo. Below is an example of how this can be done:
  
# check if you have added the reference repo as an upstream
$ git remote -v

# if not, add the reference repo as an upstream
# if you use git over SSH, consider using ssh://git@lab-pets.privacy-preserving.systems:2224/pets25-h/ref/ref.git
$ git remote add ref https://lab-pets.privacy-preserving.systems/pets25-h/ref/ref.git

# pull the new branches and checkout
$ git pull

$ git checkout project3

# if you so wish, you can create a separate branch to host your work
$ git checkout -b project3-wip
 
This project requires collecting traces of traffic over the Tor network. For this, we have set up a test Tor network as well as a remote developing environment with the necessary facilities pre-installed. Use the following information to access your personal dev env:
 
- Host: lab-pets.privacy-preserving.systems
- Port: 6565
- Username & password: as per CMS notes (same as for project 2)
 
Once you have successfully logged into the remote environment, you can toy around and start working:
 
- You can safely save your code and traces under /persist, this directory persists through server maintenance and restart, while files stored elsewhere will be lost.
- You should be able to use the petrelic package in Python as well as other necessary tools for capturing the traffic (e.g. tcpdump)
 
A few points to note:
 
- As always, please use the persistent storage with courtesy, do not use it as your Google Drive.
- Use this environment only for collecting traces. In particular, do not run resource-intensive tasks.
- Start early on. Collecting traces needs time. Our test Tor network is also configured to mimic real network's delay & jitter. Leaving things until the last minute might expose you to all kinds of unforeseen problems.
- If you need addition Python packages, use pip inside a virtual environment.
- If you need any other tools that are otherwise impossible to install or run without root privilege, please get in touch. However, you shouldn't need extra tools than the ones provided for this project.
- In the rare case where your dev env or our test Tor network requires a restart, we will issue a notification in advance, so you can plan accordingly.
- Backup your progress often, including your traces. We have configured the persistent storage to persist, of course, but backing up is always a good idea.
 
To submit:
 
- Push your code to the project3-submission branch of your personal repo before the deadline.
 
Should you have any questions or run into unexpected issues, don't hesitate to ask on Mattermost.

Reminder: Tomorrow's class (June 17) online

Written on 16.06.25 by Wouter Lueks

Just a gentle reminder: tomorrow's class (June 17) is online. You can find the link in the materials section. Next week's lecture will be in person again as usual.

Looking forward to seeing many of you tomorrow online and in person next week.

 - Wouter

Updated Schedule: Class tomorrow (May 20) & next week (May 27), no class June 3

Written on 19.05.25 by Wouter Lueks

Hi Everyone,

Just a quick update on the schedule. We had to make a slight update in the class schedule for the next few weeks.

  • May 20 (tomorrow): Anonymous Communication
  • May 27: Censorship Resistance
  • June 3: no class
  • June 10: Website Fingerprinting

We’ll dive into a lot of… Read more

Hi Everyone,

Just a quick update on the schedule. We had to make a slight update in the class schedule for the next few weeks.

  • May 20 (tomorrow): Anonymous Communication
  • May 27: Censorship Resistance
  • June 3: no class
  • June 10: Website Fingerprinting

We’ll dive into a lot of network-level privacy systems in these weeks. All classes will be in person. We strongly encourage you all to attend.

See y’all tomorrow,

 - Wouter

Project 2 Release

Written on 29.04.25 (last change on 30.04.25) by Tim Rausch

Hi everyone,

as announced in the lecture, we're releasing project 2 today. Submission deadline is July 4. Along with the handout in the Materials section, here are further instructions for how to access the skeleton, use our remote development environment, and how to submit your solution:

To… Read more

Hi everyone,

as announced in the lecture, we're releasing project 2 today. Submission deadline is July 4. Along with the handout in the Materials section, here are further instructions for how to access the skeleton, use our remote development environment, and how to submit your solution:

To get the skeleton code for project 2, you need to pull the project2 branch from the reference repo. Below is an example of how this can be done:
# add the reference repo as an upstream if you have not done so already
# if you use SSH, replace the URL with ssh://git@lab-pets.privacy-preserving.systems:2224/pets25-h/ref/ref.git
$ git remote add ref https://lab-pets.privacy-preserving.systems/pets25-h/ref/ref.git

# pull the new branches and checkout
$ git pull
$ git checkout project2

# if you so wish, you can create a separate branch to host your work
$ git checkout -b project2-wip
 
The project skeleton depends on the petrelic library. See the project REAMDE for installation instructions. We also provide you with a remote development environment that already has the library pre-installed for your convenience. Use the following information to access your personal development environment via SSH:
- Host: lab-pets.privacy-preserving.systems
- Port: 6464
- Username & password: as shown in the note on your Personal Status page in CMS, format: username,password
 
Once your SSH session is active, you can toy around and start working:
- Files under /persist will be persisted, so you can safely store your code here. All other files may be lost during server maintenance and restart.
- You should be able to use the petrelic package in Python.
- You should be able to upload your code via SFTP.
 
A few points to note:
- Please use the persistent storage with courtesy, do not use it as your Google Drive.
- Use this environment only for working on this project. In particular, do not run resource-intensive tasks.
- If you need addition Python packages, use pip inside a virtual environment.
- In the rare case where the envs might need a restart, we will publish a notification in advance on Mattermost, so you can plan accordingly.
- Backup your progress often. We have configured the persistent storage to persist, of course, but backing up is always a good idea.
 
To submit:
- Push your code to the project2-submission branch of your personal repo and
- Upload your report as a PDF to CMS (on your Personal Status page)
before the deadline on July 4.
 
Should you have any questions or run into unexpected issues, don't hesitate to ask on Mattermost.
 

Project 1 Release

Written on 15.04.25 by Tim Rausch

Hi everyone,

the first project will be released today. There will be a brief introduction in today's lecture and we will release the project description afterwards.

The project code will be distributed via a Git repository and you must submit your solutions to the same repository as… Read more

Hi everyone,

the first project will be released today. There will be a brief introduction in today's lecture and we will release the project description afterwards.

The project code will be distributed via a Git repository and you must submit your solutions to the same repository as follows:

1. Login to https://lab-pets.privacy-preserving.systems with your CMS credentials (via the Login with GitHub button).
2. Once logged in, wait while the system initialises your repository automatically. This may take up to 15 minutes.
3. Verify that you have been granted access to a repo named pets25-h-[0-9|A-Z]+, and that this repo contains a project1 branch. On this branch, you will find the skeleton code for project 1.
4. Create a personal access token or upload your SSH key.
5. You can now clone the repository and start working on your code. You can push and save progress to the project1 branch at any time. Testing pipelines will run automatically after each push.
6. Submit your code to project1-submission branch. This branch does not exist by default, so you need to branch out locally and push it to your repo. Remember that this branch will be protected and you cannot force push to it:

$ git checkout -b project1-submission
$ git push origin projet1-submission

Feel free to already log in to the Gitlab, but we highly recommend only starting to work on the project after it was presented during today's lecture.

Privacy-Enhancing Technologies

Digital technologies have become an essential part of our day-to-day lives. While often beneficial, these technologies also bring great privacy risks. In this course, you will learn how to mitigate these risks by designing privacy-friendly systems and how to evaluate the privacy protections offered by systems.

To reason about the privacy of systems you will learn how to define desirable privacy properties and how to reason about privacy attackers. Privacy can be violated both at the application level (i.e., what data parties exchange) as well as on the meta-data level (i.e., how parties exchange data). You will learn about techniques to offer protection at both of these layers.

On the application layer, we’ll discuss cryptographic techniques such as secure multi-party computation, homomorphic encryption, and anonymous authentication that together can be used to ensure privacy at the application layer. We will also discuss data anonymisation techniques such as k-anonymity and differential privacy to enable privacy-friendly data publishing. On the meta-data level, we’ll explore techniques for anonymous communication, censorship resistance, (browser) tracking, and location privacy.

At the end of this course you will be able to:

  • Explain basic building blocks for designing privacy-friendly systems
  • Combine these building blocks to solve simple problems while maintaining privacy
  • Evaluate the privacy of simple proposed systems.

Prerequisites

The privacy-enhancing technologies class is an advanced lecture. You will learn a lot about how to design and analyse privacy-friendly systems, but this is not an easy 6EC course. A basic understanding of security and cryptography (as taught for example in CySec1/CySec2 or the Security course) is essential to be able to follow the material in this course. If you have not mastered this material we strongly recommend you to take this course next year instead.

Schedule

Main Lecture: Tuesday from 2pm c.t. to 4pm
Exercises/Discussion: Tuesday from 4pm s.t. to 5pm
Room: E9.1 (CISPA building), room 0.05 (main lecture room)

Schedule

The following schedule is subject to small changes.

  • April 8: Introduction to Privacy
  • April 15: Secure Multi-Party Computation (remote)
  • April 22: Crypto Recap + Zero-knowledge Proofs (recorded)
  • Apr 29: Attribute-Based Credentials
  • May 6: Tracking
  • May 13: Fully-Homomorphic Encryption
  • May 20: Anonymous Communication
  • May 27: Censorship Resistance
  • June 3: no class
  • June 10: Website Fingerprinting
  • June 17: Anonymization / Protected Data Release (online)
  • June 24: Differential Privacy
  • July 1: (Bonus) End-to-End Privacy-Friendly Systems

Format

The course will be hybrid, but attending the lectures and exercise sessions is strongly recommended for UdS students. Attending online only possible in exceptional cases. We will publish recordings of the lectures. We will not publish recordings of the exercise/discussion sessions. Learning to reason about privacy is difficult. We strongly recommend that you attend the exercise/discussion sessions to practice your reasoning skills.

 

Exercise Class / Office Hours

We offer office hours to answer questions regarding the content of the lecture, exercise sheets, and projects. Feel free to drop by in person or remotely if you have any questions.

In Person

Times: Wednesday, 3pm s.t. -- 4pm
Location: CISPA building (E9.1), Room 1.02

Remote

The remote office hours are primarily intended for those who cannot attend the in-person office hour. Please book a time slot in advance via the sheet linked in the Materials section.

Times: Wednesday, 2pm s.t. -- 3pm
Location: Zoom (Link in Materials section)

 

Grading

The final grade for this course consists of 60% for the final exam and 40% for the projects.

Grading subject to small changes. Details will be explained in the first lecture.

Projects

As part of this class you will work on three projects to implement and evaluate a privacy-preserving system. The projects contribute 40% to the final grade: 10% for the first project and 15% for each of the second and third projects. There is no option to improve the grade for the projects.

Final Exam

Exam date: August 1, 2025, 9:30am s.t. -- 11:30am
Format: Written exam
Location: tbd

The final written exam tests your understanding of the material covered in the class, exercises, and projects. You must receive a passing grade on the exam alone. If you do, the exam is graded and contributes 60% to the final grade.

The re-exam will take place on:

Exam date: September 19, 2025, 9:30am s.t. -- 11:30am
Format: Written Exam
Location: tbd

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.