More about HKUST
Improving the Reliability of Privacy-Enhancing Technology (PET) Systems
The Hong Kong University of Science and Technology Department of Computer Science and Engineering PhD Thesis Defence Title: "Improving the Reliability of Privacy-Enhancing Technology (PET) Systems" By Mr. Dongwei XIAO Abstract: Growing worries about data security and privacy are driving the development of privacy-enhancing technologies (PETs) like secure multiparty computation (MPC) and zero-knowledge (ZK) proofs. These technologies offer strong theoretical guarantees for protecting sensitive data while still allowing its use. Critical sectors like finance and healthcare are increasingly adopting PETs, facilitated by complex PET systems designed for secure and efficient implementation. However, despite the theoretical strengths of PETs, the intricate nature of these systems can create practical vulnerabilities. Severe incidents have already caused significant financial losses and eroded trust. This thesis tackles these reliability concerns by systematically testing modern PET systems. The first work in this thesis uncovers logic bugs in secure multiparty computation (MPC) compilers. These compilers automatically transform high-level MPC programs, written in domain-specific languages (DSLs), into low-level MPC executables. We introduce MT-MPC, a metamorphic testing (MT) framework, to test MPC compilers using three tailored metamorphic relations (MRs). Despite the high engineering quality of MPC compilers, MT-MPC finds 13 bugs in leading compilers, which compromises the dependability of MPC systems. The second work focuses on the correctness and security of zero-knowledge (ZK) compilers, which compile ZK DSL programs into ZK circuits. We propose MTZK, a MT framework that uncovers logic bugs in ZK compilers. These bugs can allow attackers to generate false ZK proofs that ZK verifiers unexpectedly accept, leading to security breaches and financial losses. MTZK uses two carefully designed MRs to deliver effective test cases for ZK compilers. Evaluation of four industrial ZK compilers reveals 21 bugs. We also demonstrate the severe security implications of these bugs through potential exploits. The third work unveils a new class of vulnerabilities in PET-enhanced machine learning (ML) models. We present ConPETro, the first attack on PET-enhanced ML models with maliciously crafted configurations. These configurations cause PET-enhanced models to behave similarly to plaintext models under normal inputs, but exhibit significantly reduced robustness under trigger-embedded inputs. ConPETro achieves an average maximum attack success rate of 65.6% while maintaining merely 4% of accuracy drop on normal inputs. We also show that such attacks are highly stealthy and can hardly be detected or defended by traditional mechanisms. Date: Tuesday, 9 September 2025 Time: 10:00am - 12:00noon Venue: Room 5501 Lifts 25/26 Chairman: Dr. Ding PAN (PHYS) Committee Members: Dr. Shuai WANG (Supervisor) Prof. Raymond WONG Prof. Charles ZHANG Dr. Qijia SHAO (ISD) Dr. Ming WEN (HUST)