Tokenless

Privacy

IronDict: Transparent Dictionaries from Polynomial Commitments

IronDict: Transparent Dictionaries from Polynomial Commitments

Hossein Hafezi from NYU presents IronDict, a novel transparent dictionary construction using polynomial commitment schemes. IronDict addresses the major limitations of existing Merkle tree-based systems, such as high auditing costs and imperfect privacy. By modeling the dictionary with polynomials and leveraging the algebraic properties of the KZH commitment scheme, IronDict achieves perfect privacy and dramatically reduces auditing overhead, making it feasible for end-users to verify the system's integrity on consumer devices.

Efficient Secure Aggregation for Federated Learning

Efficient Secure Aggregation for Federated Learning

Varun Madathil from Yale University presents Tacita, a novel, single-server protocol for secure aggregation in Federated Learning (FL). Tacita is designed to address the unique constraints of the FL environment, such as client dropouts and the absence of client-to-client communication. The protocol achieves one-shot execution with constant-size communication and robustness against dropouts by introducing two new cryptographic primitives: succinct multi-key linearly homomorphic threshold signatures (MKLHTS) and a homomorphic variant of Silent Threshold Encryption.

Biometrics & Security: Privacy, Deepfakes, & Cyber Threats

Biometrics & Security: Privacy, Deepfakes, & Cyber Threats

An in-depth analysis of biometric authentication, exploring how the technology works, its applications in security, and the significant privacy risks involved. The summary covers biometric templates, threats like deepfakes, and mitigation strategies such as cancellable biometrics and multi-factor authentication.

Evaluating Privacy Policies under Modern Privacy Laws At Scale: An LLM-Based Automated Approach

Evaluating Privacy Policies under Modern Privacy Laws At Scale: An LLM-Based Automated Approach

Qinge Xie from Georgia Tech presents a large-scale evaluation of modern website privacy policies using a novel LLM-based framework. The research systematizes privacy practices from 10 major US and EU regulations into 34 clauses and analyzes over 100,000 websites to reveal current trends in data collection, sharing, and consumer rights disclosure.

Encrypted Access Logging for Online Accounts: Device Attributions without Device Tracking

Encrypted Access Logging for Online Accounts: Device Attributions without Device Tracking

Client-Side Encrypted Access Logging (CSAL) is a proposed protocol that uses OS-level cryptography and FIDO2-style attestations to create trustworthy, privacy-preserving account activity logs, resolving the tension between preventing user tracking and accurately detecting account compromise.

How to scam an AI agent, DDoS attack trends and busting cybersecurity myths

How to scam an AI agent, DDoS attack trends and busting cybersecurity myths

A discussion on novel methods for hijacking AI agents through social engineering, the evolution of DDoS attacks, the legacy of Zero Trust, and the glaring security flaws in AI training data apps.

Next →