Jan Henrik Ziegeldorf

San Juan, Puerto Rico

In December 2017, I defended my PhD thesis “Designing Digital Services with Cryptographic Guarantees for Data Security and Privacy” [1] (it is available online on RWTH’s publication server, open-access for everyone to enjoy). I had spent most of the summer in the office writing down my thesis and starting up aedifion with my fellow co-founders. I hadn’t been running much and CODASPY’17 at Scottsdale in March 2017 had been my last conference trip. And, although I’m still overjoyed with finishing my PhD and having my own exciting startup, I did miss the conference trips and exotic half-marathons. Early 2018, I thus decided it was time for one more paper, one more conference trip, and one more half-marathon.

I sat down and wrote “SHIELD: A Framework for Efficient and Secure Machine Learning Classification in Constrained Environments” [2] which builds on our previous Priward paper [3]. Using SHIELD, two parties can run different machine learning classification algorithms privately, i.e., without sharing their confidential models or inputs with the other. In December 2018, I flew to San Juan, Puerto Rico, to present our work at ACSAC’18.

Arriving three days before the conference, I took my running shoes up a few trails* of El Yunque, the tropical rainforest in northeastern Puerto Rico, to warm up for my traditional half-marathon sight-seeing run. Briefly, I thought about running a first half-marathon right there, but there weren’t enough open trails* and I didn’t feel like running up and down the main road. When the conference finally started on Wednesday, I literally couldn’t wait to get out and run San Juan. Euphorically, I took off in the first lunch break in the midst of the tropical day, with a nice cloud cover and a light breeze, temperatures a comfy ~30 °C.

Total distance: 21.35 km
Max elevation: 40 m
Total climbing: 445 m

Where to run? 

I stayed at an Airbnb from somewhere in-between Condado (boring big hotels) and Santurce (not boring big graffitis). My initial plan was to go all the way to the western tip of Old San Juan then run the full length of Condado eastwards and from there back to the Airbnb. I quickly adjusted that plan after the first steps into Old San Juan and decided to do as many of the 21kms there only leaving a few for the way back.

  • Laguna del Condado: Heading west towards Old San Juan, I first passed the Laguna del Condado which invites you to go kajaking or SUPing or just to run alongside and enjoy the only advisable view of Condado – from the outside.
  • Luiz Muñoz Rivera Park, Parque del Tercer Milenio, and Playa El Escambrón: Entering the peninsula of Old San Juan, these patches of green offered space for a much welcomed ~1km long relief from the first 2km of concrete through Condado and Santurce. I even ran a few hundred meters through the Playa’s sand but decided that it was far to exhausting.
  • Castillo des San Cristóbal: Continuing westwards along the north shore, I passed the first Castillo which, disappointedly, I first mistook for the second one, my main goal of the run, the Castillo San Felipe. Trying in vain to find an entrance that hadn’t 7$ written on it cost me a few detours before a very friendly groundskeeper tipped me off with his favorite route to the main Castillo San Felipe.
  • La Perla: The groundkeepers route took me straight down to La Perla, a poorer part of Old San Juan that got some recent fame for being the location where parts of the Despacito music video was shot. It has a reputation as a high crimes area and isn’t even shown on some maps. All I found was friendly locals, libros libres, and all the colors of the Caribbean.
  • Cementerio Santa María: Existing la Perla, the view on Castillo San Felipe opens up and might quickly divert attention from this small gem, a little very old cemetery right on the seaside. Tombs and crypts with a view.  
  • Castillo San Felipe: Sitting right on the westernmost rocky tip of the Old San Juan peninsula, Castillo San Felipe held some unexpected verticals in store that presented a real challenge – by then, I finally realized that I had gloriously underestimated how quickly the tropical noon would drain my strength and endurance.
  • Paseo del Morro: From the Castillo through a little gate, a path leads down to the Paseo del Morro, a walkway all around the western and southern flank of the castle. I gratefully recharged on the way down and enjoyed 1-2 kms of perfectly lonely seaside running under the towering 16th century walls. The Paseo del Morro ends a few hundred meters further from the red Puerta de San Juan, the most remarkable one of the city’s five old gates.
  • The old town: Over the Paseo de la Princesa, I now really entered the old town and started playing snake, i.e., covering as much distance without biting my own GPS tail. I came by more great sights than I can remember, e.g., Bastión de las Palmas de San José, La Fortaleza (agin), Catedral de San Juan Bautista, Casa Blanca, Plaza del Totem. At this point, the heat was really taking to me and it took all power of will that I could muster not to simple stop at one of the many ambient pubs. On Friday after the conference, I came back for La Factoría, La Taberna Lúpulo, and an absolute gem right next to the small Capilla del Santo Cristo de la Salud.
  • Plaza Salvador Brau down to Ferry Terminal: Having stacked up ~15kms, I started my way back down Plaza Salvador Brau to the Ferry Terminal. I briefly stopped to watch one disgusting monster of a cruise ship drop anchors then continued what turned out to be a much too hot, boring, and exhausting way back.

* Many of El Yunque’s trails were still closed due to 2017’s Hurricane Maria. Day one, I took off from Palo Colorado Visitor center up to Mt. Britton, then continued via Mt. Britton-Spur trail to El Yunque Peak and returned via the forest maintenance road to the visitor center. Day two, I went up and down El Toro (which I can recommend).

[1] [doi] J. H. Ziegeldorf, “Designing Digital Services with Cryptographic Guarantees for Data Security and Privacy,” PhD Thesis, 2018.
  abstract = {In the past two decades, tremendously successful digital services have been built that collect, process, and monetize massive amounts of personal user data, up to the point where data is proclaimed the oil of the 21st century. Along come serious threats to data security and privacy that significantly increase the demand for effective protection, e.g., as manifested in the growth of encrypted Internet traffic. Communication security protocols, however, protect data against external attackers and do not address the root cause of almost all privacy threats, the need to share sensitive data with third parties. These third parties may illicitly process data beyond its original purpose of collection or be hacked and forced to provide data access. Countering these threats requires the development of Privacy Enhancing Technologies that complement or replace traditional communication security protocols. We identify Secure Multiparty Computation (SMC) as a rigorous approach not only to provide data security and privacy protection, but even to reconcile privacy interests with seemingly adverse public and business interests. However, the potential of SMC is foremost on the theoretical level - it is often dismissed for being too inefficient and impedimentary for real-world applications. This thesis bridges the gap between the theoretical strength of SMC and the feeble realization of its potential in practice. To this end, we conduct a qualitative and quantitative analysis of SMC frameworks and abstract three research challenges: i) Extending the functionality and ii) increasing the efficiency of SMC as well as iii) customizing it to challenged environments. We choose a use case-driven research methodology to address these questions, which allows us to motivate and validate all our contributions in practice. First, we motivate the problem of financial privacy in cryptocurrencies and propose decentralized mixing as a solution. We recognize the advantages of securing mixing operations with SMC and contribute secure protocols to technically realize our novel approach. As a result, our mixing system achieves stronger security and privacy guarantees than prior works while remaining highly scalable and fully compatible with the prevalent designs of decentralized cryptocurrencies such as Bitcoin. Second, we propose efficient SMC designs for different classification algorithms to address data security and privacy issues in pattern recognition and machine learning. The evaluation of our classifiers shows that they are secure, accurate, and outperform the state of the art. We demonstrate three real-world use cases that prove applicability of our classifiers but also motivate their deployment in challenged environments. Thus, we present two additional approaches, bandwidth optimizations and secure outsourcing, to bring our secure classifiers to these scenarios. Finally, we investigate secure outsourcing as a general strategy to customize SMC to challenged deployment and operation scenarios by the example of computing set intersections, a universal building block in many real-world applications and a well studied SMC problem. We present efficient schemes with negligible overheads for the outsourcers and demonstrate their applicability in two comprehensive case studies, privacy-preserving crowd-sensing and genetic disease testing in the cloud. In summary, the contributions made in this thesis widen the technical solution space for practical data security and privacy protection in data-driven digital services.},
  author    = {Jan Henrik Ziegeldorf},
  title     = {Designing Digital Services with Cryptographic Guarantees for Data
               Security and Privacy},
  school    = {{RWTH} Aachen University, Germany},
  year      = {2018},
  url       = {http://publications.rwth-aachen.de/record/722141},
  urn       = {urn:nbn:de:101:1-201805203549},
  isbn      = {978-3-8440-5837-6},
  timestamp = {Wed, 07 Nov 2018 00:00:00 +0100},
  doi       = {10.18154/RWTH-2018-223431},
  biburl    = {https://dblp.org/rec/bib/phd/dnb/Ziegeldorf18},
  bibsource = {dblp computer science bibliography, https://dblp.org}
[2] [pdf] J. H. Ziegeldorf, J. Metzke, and K. Wehrle, “SHIELD: A Framework for Efficient and Secure Machine Learning Classification in Constrained Environments,” in Proceedings of the 34rd Annual Computer Security Applications Conference, New York, NY, USA, 2018, pp. 1-15.
  Abstract = {Machine learning classification has enabled many innovative services, e.g., in medicine, biometrics, and finance.
Current practices of sharing sensitive input data or classification models, however, causes privacy concerns among the users and business risk among the providers.
In this work, we resolve the conflict between privacy and business interests using Secure Two-Party Computation.
Concretely, we propose SHIELD, a framework for efficient, and accurate machine learning classification with security in the semi-honest model.
Building on SHIELD, we realize several widely used classifiers and real-world use cases that compare favorably against related work.
Departing definitively from prior works, all of SHIELD's protocols are designed from the ground up to enable secure outsourcing to untrusted computation clouds enabling even constrained devices to handle our most complex use cases in (milli)seconds.},
  Acceptancerate = {21 %},
  Address = {New York, NY, USA},
  Author = {Ziegeldorf, Jan Henrik and Metzke, Jan and Wehrle, Klaus},
  Booktitle = {Proceedings of the 34rd Annual Computer Security Applications Conference},
  Date-Added = {2018-10-10 14:11:45 +0000},
  Date-Modified = {2018-10-10 14:20:39 +0000},
  Location = {San Juan, Puerto Rico, USA},
  Month = {December},
  Pages = {1--15},
  Publisher = {ACM},
  Series = {ACSAC'18},
  Title = {SHIELD: A Framework for Efficient and Secure Machine Learning Classification in Constrained Environments},
  Year = {2018},
  Bdsk-Url-1 = {https://doi.org/10.1145/3029806.3029816}}
[3] [pdf] [doi] J. H. Ziegeldorf, J. Metzke, J. Rüth, M. Henze, and K. Wehrle, “Privacy-Preserving HMM Forward Computation,” in Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, New York, NY, USA, 2017, pp. 83-94.
  Acceptancerate = {16 %},
  Acmid = {3029816},
  Address = {New York, NY, USA},
  Author = {Ziegeldorf, Jan Henrik and Metzke, Jan and R\"{u}th, Jan and Henze, Martin and Wehrle, Klaus},
  Booktitle = {Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy},
  Date-Added = {2018-10-06 16:03:52 +0000},
  Date-Modified = {2018-10-10 05:36:57 +0000},
  Doi = {10.1145/3029806.3029816},
  Isbn = {978-1-4503-4523-1},
  Keywords = {forward algorithm, garbled circuits, hidden Markov models, privacy-preserving protocols, secure two-party computation},
  Location = {Scottsdale, Arizona, USA},
  Note = {Outstanding Paper Award},
  Numpages = {12},
  Pages = {83--94},
  Publisher = {ACM},
  Series = {CODASPY '17},
  Title = {Privacy-Preserving HMM Forward Computation},
  Url = {http://doi.acm.org/10.1145/3029806.3029816},
  Year = {2017},
  Bdsk-Url-1 = {http://doi.acm.org/10.1145/3029806.3029816},
  Bdsk-Url-2 = {https://doi.org/10.1145/3029806.3029816}}

Leave a Reply

Your email address will not be published. Required fields are marked *