CS Colloquium: Privacy despite mass surveillance
In the past decade there has been a significant increase in the collection of personal information and communication metadata (with whom users communicate, when, how often) by governments, Internet providers, companies, and universities. While there are many ongoing efforts to secure users' communications, namely end-to-end encryption messaging apps and E-mail services, safeguarding metadata remains elusive.
I will present a system called Pung that makes progress on this front. Pung lets users exchange messages over the Internet without revealing any information in the process. Perhaps surprisingly, Pung achieves this strong privacy property even when all providers (ISPs, companies, etc.) are arbitrarily malicious.
I will also present several improvements to a general cryptographic building block called private information retrieval (PIR) that underlies many privacy preserving systems including Pung. Among these improvements, I will discuss SealPIR, a new PIR library that achieves orders of magnitude more network efficiency than the state-of-the-art. Finally, I will briefly touch on some of my work on verifiable computation and interfacing with malicious USB devices.