Open banking
The term “Open Banking” describes a series of global initiatives to allow the sharing of customer data between financial companies to facilitate competition within their sector. In this project, we formalise in the rigorous framework of quantitative information flow (QIF) relevant privacy risks in a concrete Open Banking scenario, namely: (i) transaction-history recovery and (ii) collateral attribute-inferences using external correlations. We provide extensive analyses of these risks in real-world data from Open Banking, supplied by a fintech in Australia. We show that the Open Banking system studied presents considerable privacy risks with respect to transactions, both in the presence and in the absence of demographic data. Finally, we exemplify potential real-world collateral attribute-inference attacks, in which we show how an attacker might leverage scientific correlations to infer individuals’ level of neuroticism and self-control from their transaction history. We hope that this work may: (i) help financial customers in Australia make better-informed decisions about what kind of information, and how much of it, to share via Open Banking; (ii) raise awareness about the potential privacy risks of Open Banking in other countries; and (iii) foster the development of privacy regulation in digital finance and the open data economy.
def publication_list(), do: [ %{ type: “Conference”, where: “SBMF”, when: “2024”,
title: “Formal privacy analyses for open banking”,
} ]
QIF - Operational Significance
There are emerging needs in quantitative theories of information flow to assess privacy. Until recently, the consensus was that quantitative information flow should be founded on the concepts of Shannon Entropy and its related measures. Geoffrey Smith showed, in 2009, that Shannon Entropy and Mutual Information do a poor job in characterizing confidentiality. The truth is that Shannon’s work was not devised in the context of privacy, but rather for communication. This shows the importance of understanding the operational significance of the measures that we choose. Yet, till these days people continue to adopt measures indiscriminately, without reasoning about the meaning of such measures and without providing explanation on why such measures are good in the contexts they are being applied. In this project, we explore case studies that show the failure of some measures when applied in the context of privacy, to demonstrate and reinforce the importance of understanding a measure’s operational interpretation.
Lif
A program is said to be isochronous if its running time does not depend on classified information. Isochronicity is an essential property in cryptographic implementations, for isochronous programs do not leak time-related information. In this project, we adapted Moll and Hack’s Partial Control-Flow Linearization algorithm, initially developed in the context of vectorization to remove divergent branches, to the context of side-channel resistance. We developed a prototype on top of LLVM. Lif extends previous work in non-trivial ways: it can handle programs with unbounded loops and does not require runtime information.
def publication_list(), do: [ %{ type: “Journal”, where: “TOPLAS”, when: “2023”,
title: “Side-channel elimination via partial control-flow linearization”,
links: [DOI] }, %{ type: “Conference (extended abstract)”, where: “CTD”, when: “2023”,
title: “Memory-safe elimination of side channels”,
links: [DOI] }, %{ type: “MSc thesis”, when: “2022”,
title: “Memory-safe elimination of side channels”,
links: [DOI, PDF] }, %{ type: “Conference”, where: “CGO”, when: “2021”,
title: “Memory-safe elimination of side channels”,
} ]
Escape Analysis
Escape analysis refers to a compile-time approach that simply establishes whether an object can be stack-allocated or not. An object is said to escape from a function or procedure m if its lifetime exceeds the lifetime of m. We implemented an Escape Analysis on top of Go’s SSA intermediate representation, as an extension of Go’s existing Escape Analysis. We tested our implementation against four real benchmarks and we obtained an average speedup of 1.3%, with the highest speedup being 3.4%.
def publication_list(), do: [ %{ type: “BSc thesis”,
title: “Escape analysis for static single assignment form”,
links: [PDF]
} ]