There are various cryptographic primitives, techniques and protocols of interest to privacy enhancing applications. They can serve as enablers of responsible data sharing and interactions, in settings where otherwise (without PEC) one may lack trust to partake in such processes, or be unable to meet privacy regulatory requirements.  

For example, zero-knowledge proofs (ZKPs) allow one party (the prover) to prove to another party (the verifier) that a given statement is true and/or that the solution to some mathematical problem is known to the prover, without revealing any information about the solution itself. More generally, secure multi-party computation (SMPC or MPC) allows multiple parties, often mutually distrustful, to compute some property of their joint inputs, as if it were computed by a trusted third party. This means that the computation occurs without sharing inputs, and while ensuring correct outputs. As another example, fully homomorphic encryption (FHE) allows performing computation on encrypted data without having to perform decryption, which in turn can be used to delegate computation to untrusted parties. Other PEC tools include group signatures, searchable encryption, private information retrieval, private set intersection and functional encryption. See more notes here. 

The PEC project initiated the "Special Topics on Privacy and Public Auditability" (STPPA) series of talks in January of 2020. Each event will include talks on various interconnected topics related to privacy and public auditability. The goal is to convey basic technical background, incite curiosity, suggest research questions, and discuss applications. See details here.

A PEC use-case suite would constitute a set of proofs of concepts, showcasing the use of cryptographic tools for enabling privacy in various applications. A preliminary draft is available (January 2021) to motivate initial public feedback. See details here.

As part of a broad initiative by NIST researchers to address the Covid-19 pandemic, PEC team members looked at "encounter metrics": measuring the levels of interaction in a population of autonomous agents equipped with Bluetooth broadcasting devices. Our approach aims to mitigate privacy concerns related to automated contact tracing efforts, including to promote privacy by design in potential pilots of implementations of exposure notification and automated contact tracing. See details here.

ZKProof is an open initiative, of academia and industry, that is developing reference material to promote the secure, efficient and interoperable use of zero-knowledge-proofs technology. Since 2019, the NIST-PEC team has provided public feedback and collaborated in the development of reference material open to the public. See related documentation here.

NIST held a PEC meeting in 2011, hosting talks on various PEC tools. A future workshop is under consideration.

• Minimum-disclosure credential: A person has a credential, issued and digitally signed by an authority, and containing private identifiable information (PII). The credential is used to prove some predicate P() on the PII (e.g., the person is of voting age). We want to allow practical protocols by which only the predicate P() is revealed to a verifier. 

• Brokered identification: Identity providers (IDPs) can enable users to authenticate to service providers (SPs). Some settings require a broker to mediate this transaction, to allow authentication of a passive user (not having any specialized software) between the IDP and SP, while blinding the IDP and SP from one another. Using PEC, the user privacy can be preserved even with respect to the mediator. 

• Students right to know: A U.S. congress bill proposes the use of SMPC to calculate, on behalf of students, the expected monetary return on the investment made on their college degrees. The data required to make this calculation is held by multiple sources. Because of privacy concerns, these sources cannot simply release their data. 

• Combining privacy and public auditability: The NIST Randomness Beacon publishes a random 512-bit number every minute. The numbers are signed by NIST, time-stamped, and chained into an immutable chain. A trusted source of public randomness can help numerous parties to coordinate on future randomness to use, while also allowing post-facto public verification that correct randomness was used. Using PEC, e.g., zero-knowledge proofs, it is possible to allow such public auditability, while also satisfying privacy requirements. 

A more comprehensive list of examples will be compiled in the scope of the PEC use-case suite. Feedback is appreciated.