What will you be doing?
Two conflicting needs are constantly rising to prominence in modern societies. On one hand, information sharing and collaboration is necessary to harness the full potential of today’s data analysis algorithms, with companies and public authorities alike striving for increased cooperation. On the other hand, privacy and confidentiality constraints are also becoming more and more prominent, with stringent regulation on citizens’ privacy (think, for instance, of the European GDPR), and with raising awareness on the risks and possible misuses of owning massive data sets. Moreover, data analysis algorithms are becoming so sophisticated that they are often able to extract sensitive information even if standard anonymization techniques are used.
Cryptography can play an important role in harmonizing these two conflicting needs. In particular, a set of advanced cryptographic tools known as Secure Multi-Party Computation, often shortened to MPC, directly tackles the issue of obtaining valuable information from private inputs. More precisely, assume that two or more parties hold private input, and that they wish to jointly evaluate a function on these inputs: MPC allows them to cooperate and to obtain the function output, while nobody will learn anything more than his/her own private input and the output of the function. Thus valuable knowledge is extracted from the input data, which remains nonetheless private.
While the concept of MPC dates back from the 1980s, MPC protocols have long suffered from high complexity, and only in the last decade of so they have become efficient enough to be implemented as proof-of-concepts and pilots. TNO is developing MPC-based protocols and software with the goal of enabling data analysis in a privacy-preserving ways in several areas of great importance for our society: notable examples include joint analysis of medical data, privacy-aware study of financial transactions to detect fraud and money laundering, judiciary investigations that protect the privacy of citizens, and tools for cooperative cyber-threat intelligence.
An example of MPC techniques with high potential impact on society is given by secure graph algorithms. Graphs are very widely-used models; think, for instance, of financial transaction networks, where nodes represent bank accounts and edges represent wire transfers; or of communication/IT networks, where nodes represents clients and servers and edges represent connections between the different machines. Graph algorithms such as max-flow, shortest path and PageRank play an important role in these domains since they can help with detecting fraudulent transactions and money laundering in financial transaction networks, and with optimizing routing or tracking malicious traffic in IT networks. However, these types of networks are typically divided among several banks or providers and no single entity alone knows what the complete network looks like. Thus again, the two striving needs arise in these domains: on one hand, the need to apply graph algorithms on complete transactions or IT networks, which requires cooperation between the different banks or providers; and on the other hand, the need to preserve the highly commercially- and privacy-sensitive knowledge of these networks, which hinders information exchange. MPC offers the possibility to apply advanced graph algorithms in these domains, while keeping the sensitive data of each party private.
What do we require of you?
- A master's student in the last phase of his Master in Computer Science.
- A strong background in either Cryptology or Graph Theory.
- Affinity with programming (Python in particular).
Together with our experts of the Cyber Security and Robustness department, you will actively contribute to the development of secure graph algorithms. Various aspects of this domain can be explored, also depending on your skills and preferences: for instance, you could be working on the conceptual development of secure graph algorithms, devising solutions that satisfy the security needs of customers while also having high efficiency; or you could focus on the implementation side, familiarizing with existing MPC software frameworks, analysing which one is better suited for the problem, and implementing proof-of-concepts.
What can you expect of your work situation?
During your time at TNO, you will be working with friendly and highly-motivated experts. The Department of Cyber Security and Robustness employs about forty-five professionals who combine a background in quantitative methods and modelling with knowledge of telecommunications, IT, and security. With our combined knowledge, we are able to predict, improve, and secure the IT services of our customers. Our ambition to be among the leading European positions in the associated research community is reflected in active participation in several national and international research programs. Of course, this hard effort is alternated with participation in coffee breaks, lunch-eating during outdoor walks, and monthly drinks with colleagues from other departments.
What can TNO offer you?
You want to work on the precursor of your career; a work placement gives you an opportunity to take a good look at your prospective future employer. TNO goes a step further. It’s not just looking that interests us; you and your knowledge are essential to our innovation. That’s why we attach a great deal of value to your personal and professional development. You will, of course, be properly supervised during your work placement and be given the scope for you to get the best out of yourself. Naturally, we provide suitable work placement compensation.
Has this vacancy sparked your interest?
Then please feel free to apply on this vacancy! For further questions don’t hesitate to contact us.
Note that applications via email and third party applications are not taken into consideration.
Contact: Gabriele Spini
Phone number: +31 (0)6-152 15043