Improving the Reliability of Privacy-Enhancing Technology (PET) Systems

The Hong Kong University of Science and Technology
Department of Computer Science and Engineering


PhD Thesis Defence


Title: "Improving the Reliability of Privacy-Enhancing Technology (PET) 
Systems"

By

Mr. Dongwei XIAO


Abstract:

Growing worries about data security and privacy are driving the development 
of privacy-enhancing technologies (PETs) like secure multiparty computation 
(MPC) and zero-knowledge (ZK) proofs. These technologies offer strong 
theoretical guarantees for protecting sensitive data while still allowing its 
use. Critical sectors like finance and healthcare are increasingly adopting 
PETs, facilitated by complex PET systems designed for secure and efficient 
implementation. However, despite the theoretical strengths of PETs, the 
intricate nature of these systems can create practical vulnerabilities. 
Severe incidents have already caused significant financial losses and eroded 
trust. This thesis tackles these reliability concerns by systematically 
testing modern PET systems.

The first work in this thesis uncovers logic bugs in secure multiparty 
computation (MPC) compilers. These compilers automatically transform 
high-level MPC programs, written in domain-specific languages (DSLs), into 
low-level MPC executables. We introduce MT-MPC, a metamorphic testing (MT) 
framework, to test MPC compilers using three tailored metamorphic relations 
(MRs). Despite the high engineering quality of MPC compilers, MT-MPC finds 13 
bugs in leading compilers, which compromises the dependability of MPC 
systems.

The second work focuses on the correctness and security of zero-knowledge 
(ZK) compilers, which compile ZK DSL programs into ZK circuits. We propose 
MTZK, a MT framework that uncovers logic bugs in ZK compilers. These bugs can 
allow attackers to generate false ZK proofs that ZK verifiers unexpectedly 
accept, leading to security breaches and financial losses. MTZK uses two 
carefully designed MRs to deliver effective test cases for ZK compilers. 
Evaluation of four industrial ZK compilers reveals 21 bugs. We also 
demonstrate the severe security implications of these bugs through potential 
exploits.

The third work unveils a new class of vulnerabilities in PET-enhanced machine 
learning (ML) models. We present ConPETro, the first attack on PET-enhanced 
ML models with maliciously crafted configurations. These configurations cause 
PET-enhanced models to behave similarly to plaintext models under normal 
inputs, but exhibit significantly reduced robustness under trigger-embedded 
inputs. ConPETro achieves an average maximum attack success rate of 65.6% 
while maintaining merely 4% of accuracy drop on normal inputs. We also show 
that such attacks are highly stealthy and can hardly be detected or defended 
by traditional mechanisms.


Date:                   Tuesday, 9 September 2025

Time:                   10:00am - 12:00noon

Venue:                  Room 5501
                        Lifts 25/26

Chairman:               Dr. Ding PAN (PHYS)

Committee Members:      Dr. Shuai WANG (Supervisor)
                        Prof. Raymond WONG
                        Prof. Charles ZHANG
                        Dr. Qijia SHAO (ISD)
                        Dr. Ming WEN (HUST)