News

Updated Schedule: Class tomorrow (May 20) & next week (May 27), no class June 3

Written on 19.05.25 by Wouter Lueks

Hi Everyone,

Just a quick update on the schedule. We had to make a slight update in the class schedule for the next few weeks.

May 20 (tomorrow): Anonymous Communication
May 27: Censorship Resistance
June 3: no class
June 10: Website Fingerprinting

We’ll dive into a lot of… Read more

Hi Everyone,

Just a quick update on the schedule. We had to make a slight update in the class schedule for the next few weeks.

May 20 (tomorrow): Anonymous Communication
May 27: Censorship Resistance
June 3: no class
June 10: Website Fingerprinting

We’ll dive into a lot of network-level privacy systems in these weeks. All classes will be in person. We strongly encourage you all to attend.

See y’all tomorrow,

- Wouter

Project 2 Release

Written on 29.04.25 (last change on 30.04.25) by Tim Rausch

Hi everyone,

as announced in the lecture, we're releasing project 2 today. Submission deadline is July 4. Along with the handout in the Materials section, here are further instructions for how to access the skeleton, use our remote development environment, and how to submit your solution:

To… Read more

Hi everyone,

To get the skeleton code for project 2, you need to pull the project2 branch from the reference repo. Below is an example of how this can be done:

# add the reference repo as an upstream if you have not done so already
# if you use SSH, replace the URL with ssh://git@lab-pets.privacy-preserving.systems:2224/pets25-h/ref/ref.git
$ git remote add ref https://lab-pets.privacy-preserving.systems/pets25-h/ref/ref.git

# pull the new branches and checkout
$ git pull
$ git checkout project2

# if you so wish, you can create a separate branch to host your work
$ git checkout -b project2-wip

The project skeleton depends on the petrelic library. See the project REAMDE for installation instructions. We also provide you with a remote development environment that already has the library pre-installed for your convenience. Use the following information to access your personal development environment via SSH:

- Host: lab-pets.privacy-preserving.systems

- Port: 6464

- Username & password: as shown in the note on your Personal Status page in CMS, format: username,password

Once your SSH session is active, you can toy around and start working:

- Files under /persist will be persisted, so you can safely store your code here. All other files may be lost during server maintenance and restart.

- You should be able to use the petrelic package in Python.

- You should be able to upload your code via SFTP.

A few points to note:

- Please use the persistent storage with courtesy, do not use it as your Google Drive.

- Use this environment only for working on this project. In particular, do not run resource-intensive tasks.

- If you need addition Python packages, use pip inside a virtual environment.

- In the rare case where the envs might need a restart, we will publish a notification in advance on Mattermost, so you can plan accordingly.

- Backup your progress often. We have configured the persistent storage to persist, of course, but backing up is always a good idea.

To submit:

- Push your code to the project2-submission branch of your personal repo and

- Upload your report as a PDF to CMS (on your Personal Status page)

before the deadline on July 4.

Should you have any questions or run into unexpected issues, don't hesitate to ask on Mattermost.

Project 1 Release

Written on 15.04.25 by Tim Rausch

Hi everyone,

the first project will be released today. There will be a brief introduction in today's lecture and we will release the project description afterwards.

The project code will be distributed via a Git repository and you must submit your solutions to the same repository as… Read more

Hi everyone,

the first project will be released today. There will be a brief introduction in today's lecture and we will release the project description afterwards.

The project code will be distributed via a Git repository and you must submit your solutions to the same repository as follows:

1. Login to https://lab-pets.privacy-preserving.systems with your CMS credentials (via the Login with GitHub button).
2. Once logged in, wait while the system initialises your repository automatically. This may take up to 15 minutes.
3. Verify that you have been granted access to a repo named pets25-h-[0-9|A-Z]+, and that this repo contains a project1 branch. On this branch, you will find the skeleton code for project 1.
4. Create a personal access token or upload your SSH key.
5. You can now clone the repository and start working on your code. You can push and save progress to the project1 branch at any time. Testing pipelines will run automatically after each push.
6. Submit your code to project1-submission branch. This branch does not exist by default, so you need to branch out locally and push it to your repo. Remember that this branch will be protected and you cannot force push to it:

$ git checkout -b project1-submission
$ git push origin projet1-submission

Feel free to already log in to the Gitlab, but we highly recommend only starting to work on the project after it was presented during today's lecture.

Privacy-Enhancing Technologies

Digital technologies have become an essential part of our day-to-day lives. While often beneficial, these technologies also bring great privacy risks. In this course, you will learn how to mitigate these risks by designing privacy-friendly systems and how to evaluate the privacy protections offered by systems.

To reason about the privacy of systems you will learn how to define desirable privacy properties and how to reason about privacy attackers. Privacy can be violated both at the application level (i.e., what data parties exchange) as well as on the meta-data level (i.e., how parties exchange data). You will learn about techniques to offer protection at both of these layers.

On the application layer, we’ll discuss cryptographic techniques such as secure multi-party computation, homomorphic encryption, and anonymous authentication that together can be used to ensure privacy at the application layer. We will also discuss data anonymisation techniques such as k-anonymity and differential privacy to enable privacy-friendly data publishing. On the meta-data level, we’ll explore techniques for anonymous communication, censorship resistance, (browser) tracking, and location privacy.

At the end of this course you will be able to:

Explain basic building blocks for designing privacy-friendly systems
Combine these building blocks to solve simple problems while maintaining privacy
Evaluate the privacy of simple proposed systems.

Prerequisites

The privacy-enhancing technologies class is an advanced lecture. You will learn a lot about how to design and analyse privacy-friendly systems, but this is not an easy 6EC course. A basic understanding of security and cryptography (as taught for example in CySec1/CySec2 or the Security course) is essential to be able to follow the material in this course. If you have not mastered this material we strongly recommend you to take this course next year instead.

Schedule

Main Lecture: Tuesday from 2pm c.t. to 4pm
Exercises/Discussion: Tuesday from 4pm s.t. to 5pm
Room: E9.1 (CISPA building), room 0.05 (main lecture room)

Schedule

The following schedule is subject to small changes.

April 8: Introduction to Privacy
April 15: Secure Multi-Party Computation (remote)
April 22: Crypto Recap + Zero-knowledge Proofs (recorded)
Apr 29: Attribute-Based Credentials
May 6: Tracking
May 13: Fully-Homomorphic Encryption
May 20: Anonymous Communication
May 27: Censorship Resistance
June 3: no class
June 10: Website Fingerprinting
June 17: Anonymization / Protected Data Release (online)
June 24: Differential Privacy

Format

The course will be hybrid, but attending the lectures and exercise sessions is strongly recommended for UdS students. Attending online only possible in exceptional cases. We will publish recordings of the lectures. We will not publish recordings of the exercise/discussion sessions. Learning to reason about privacy is difficult. We strongly recommend that you attend the exercise/discussion sessions to practice your reasoning skills.

Exercise Class / Office Hours

We offer office hours to answer questions regarding the content of the lecture, exercise sheets, and projects. Feel free to drop by in person or remotely if you have any questions.

In Person

Times: Wednesday, 3pm s.t. -- 4pm
Location: CISPA building (E9.1), Room 1.02

Remote

The remote office hours are primarily intended for those who cannot attend the in-person office hour. Please book a time slot in advance via the sheet linked in the Materials section.

Times: Wednesday, 2pm s.t. -- 3pm
Location: Zoom (Link in Materials section)

Grading

The final grade for this course consists of 60% for the final exam and 40% for the projects.

Grading subject to small changes. Details will be explained in the first lecture.

Projects

As part of this class you will work on three projects to implement and evaluate a privacy-preserving system. The projects contribute 40% to the final grade: 10% for the first project and 15% for each of the second and third projects. There is no option to improve the grade for the projects.

Final Exam

Exam date: August 1, 2025, 9:30am s.t. -- 11:30am
Format: Written exam
Location: tbd

The final written exam tests your understanding of the material covered in the class, exercises, and projects. You must receive a passing grade on the exam alone. If you do, the exam is graded and contributes 60% to the final grade.

The re-exam will take place on:

Exam date: September 19, 2025, 9:30am s.t. -- 11:30am
Format: Written Exam
Location: tbd