Archives for category: Science

Last week I presented at a workshop on Smart Sharing at the European Parliament organised by the European Data Protection Supervisor. My co-presenter, Gabriela Zanfir, told the following story when asked by the audience why privacy is important. I very much liked the example. That’s why I am sharing it here.
Read the rest of this entry »

Only the owner of a cryptographic key can decrypt any message encrypted against it. Therefore, if you want to send a message securely to another person, you have to know and use his key to encrypt the message. You have to be certain that it belongs to that person, and not to somebody else that tries to eavesdrop on your communication. This is why many secure communication apps allow you to verify keys using a short fingerprint that is uniquely tied to the key and that can be verified ‘out of band’. This means you have to ask for someone’s fingerprint (over the phone, or by looking at his business card) and compare it to the fingerprint your app shows for that person’s key. Apple’s iMessage is a notable exception, though. And frequently criticised for it.
Read the rest of this entry »

Gisteren berichtte de Correspondent dat het gratis draadloze (WiFi) netwerk in de trein volstrekt onveilig is. Vandaag nam o.a. de Volkskrant dat bericht over. Mijn eerste reactie was: wat een open deur! Maar in tweede instantie realiseerde ik mij dat het wel degelijk interessant is om te kijken wat er nou precies aan de hand is, of daar wat aan te doen is, en of de NS nou echt zoveel te verwijten is.

Wat is er aan de hand?

Read the rest of this entry »

The 15th Privacy Enhancing Technologies Symposium (PETS) was held June 30 – July 20 2015 at Drexel University, Philadelphia. Please find below a summary of some of the presentations given on day #1. (I have not included a summary of all talks, and do not pay an equal amount of attention to all talks).

I have also made reports for day #1.
Read the rest of this entry »

The 15th Privacy Enhancing Technologies Symposium (PETS) was held June 30 – July 20 2015 at Drexel University, Philadelphia. Please find below a summary of some of the presentations given on day #1. (I have not included a summary of all talks, and do not pay an equal amount of attention to all talks).


Read the rest of this entry »

In this blog post I present a secure and privacy friendly asynchronous point-to-point message exchange protocol using a public bulletin board that makes individual send or receive events unlinkable to one another. While the clients must securely run in the user’s endpoint device, the bulletin board can be hosted on an arbitrary public cloud at no additional risk. In fact the protocol provides the same unlinkability guarantees as the underlying mixing network thus also protecting the social graph. The protocol is efficient, and the central bulletin board can adaptively be scaled and distributed depending on the load.

This blog post describes the details of the design of the Burnrchat app that was the result of a design sprint I previously discussed on this blog.

Read the rest of this entry »

Some time ago I participated in a design sprint, organised by the Innovation Lab of AVG in Amsterdam. Initially, the idea was to design a clear and easy to understand mechanism to securely exchange keys for secure communication. In the end we designed and sketched the implementation of a privacy friendly and fully anonymous messaging app called ‘Burnrchat’.

We agreed beforehand that everything we would produce during the design sprint would be open source and in the public domain. That is one of the reasons I am writing this blog.
Read the rest of this entry »