System-wide auditability through cryptographic techniques

PhD Thesis Proposal Defence


Title: "System-wide auditability through cryptographic techniques"

by

Mr. Vlasios KOUTSOS


Abstract:

Outsourcing data and computation to powerful servers is standard in modern
computing. On one hand, services and applications generally require users to
relinquish control of their data and trust the provider for correctly
executing the desired functionalities on it. On the other, providers usually
cannot evaluate the quality of user-provided data. This is especially
problematic in cases where sensitive data is required and entities with
competing interests do not trust each other. In fact, to overcome these
issues an external verifier often regulates the system’s functionality,
raising the following, fundamental issue: How can trust be alleviated from
both sides, and how can an external entity verify the system’s correctness.

Auditability comes in various shapes and forms, but at its core it is an
add-on feature mainly serving the following purpose: It enables external
entities to verify the system’s functionality, safeguarding participants from
malicious behaviours, offering overall a notion of control. Interestingly,
existing cryptographic techniques can and have been used to realize
auditability features for various settings, however, introducing complex
notions of auditability as mentioned above at a wider, system level is not
trivial.

This proposal presents four novel auditability-focused schemes, where
specialized protocols are designed, supporting different auditing notions,
tailored for each different target application's intricacies. First, it
introduces publicly auditable functional encryption, a direct
function-agnostic extension to a popular cryptographic scheme. Next, it
presents a cryptographic protocol for financial auditing, where a committee
can verify the system-level correctness without accessing any underlying data
in raw, plaintext format. Third, a protocol for crowdsourcing is introduced
reconciling the properties of anonymity with verifiable task execution and
payments; properties inherently incompatible with each other. Last, for human
activity recognition, it introduces a notion of user identity and activities
control, enabling subjects to safeguard their data, simultaneously
eliminating occupancy-related security threats.


Date:                   Tuesday, 18 November 2025

Time:                   10:00am - 12:00noon

Venue:                  Room 5501
                        Lifts 25/26

Committee Members:      Dr. Dimitris Papadopoulos (Supervisor)
                        Prof. Charles Zhang (Chairperson)
                        Dr. Long Chen