Jaideep Vaidya

Elisa Bertino, Ramana Kompella, Ashish Kundu et al.

Large-scale quantum computers threaten the public-key cryptographic foundations underpinning today's network security infrastructures. While significant progress has been made in standardizing post-quantum cryptographic (PQC) primitives and adapting individual protocols such as TLS and SSH, far less attention has been paid to the broader architectural consequences of the post-quantum transition for networked systems. In particular, many real-world deployments such as mobile networks, industrial control systems, IoT environments, and regulated infrastructures cannot assume the universal availability, deployability, or desirability of PQ public-key infrastructures. This paper presents the first comprehensive systematization of PQ-resistant network architectures, focusing on key distribution and management as a system-level design problem rather than a protocol-local substitution. We introduce a unified taxonomy spanning cryptographic foundations (symmetric-only, PQ-PKI, hybrid, and information-theoretic multi-path), key-distribution architectures (centralized, hierarchical, replicated, threshold, MPC-backed, and serverless), trust and threat models, key-management lifecycle, and deployment environments. Using this framework, we analyze the security, scalability, and operational trade-offs of a wide range of architectures under realistic PQ adversary assumptions, including harvest-now, decrypt-later attacks and partial infrastructure compromise. Our study highlights fundamental gaps in existing approaches, clarifies when PQ-PKI is necessary or avoidable, and identifies promising research directions for building cryptographically agile, quantum-resilient network infrastructures.

Wenbiao Li, Anisa Halimi, Xiaoqian Jiang et al.

This paper presents a framework for privacy-preserving verification of machine learning models, focusing on models trained on sensitive data. Integrating Local Differential Privacy (LDP) with model explanations from LIME and SHAP, our framework enables robust verification without compromising individual privacy. It addresses two key tasks: binary classification, to verify if a target model was trained correctly by applying the appropriate preprocessing steps, and multi-class classification, to identify specific preprocessing errors. Evaluations on three real-world datasets-Diabetes, Adult, and Student Record-demonstrate that while the ML-based approach is particularly effective in binary tasks, the threshold-based method performs comparably in multi-class tasks. Results indicate that although verification accuracy varies across datasets and noise levels, the framework provides effective detection of preprocessing errors, strong privacy guarantees, and practical applicability for safeguarding sensitive data.

Anisa Halimi, Leonard Dervishi, Erman Ayday et al.

Providing provenance in scientific workflows is essential for reproducibility and auditability purposes. Workflow systems model and record provenance describing the steps performed to obtain the final results of a computation. In this work, we propose a framework that verifies the correctness of the statistical test results that are conducted by a researcher while protecting individuals' privacy in the researcher's dataset. The researcher publishes the workflow of the conducted study, its output, and associated metadata. They keep the research dataset private while providing, as part of the metadata, a partial noisy dataset (that achieves local differential privacy). To check the correctness of the workflow output, a verifier makes use of the workflow, its metadata, and results of another statistical study (using publicly available datasets) to distinguish between correct statistics and incorrect ones. We use case the proposed framework in the genome-wide association studies (GWAS), in which the goal is to identify highly associated point mutations (variants) with a given phenotype. For evaluation, we use real genomic data and show that the correctness of the workflow output can be verified with high accuracy even when the aggregate statistics of a small number of variants are provided. We also quantify the privacy leakage due to the provided workflow and its associated metadata in the GWAS use-case and show that the additional privacy risk due to the provided metadata does not increase the existing privacy risk due to sharing of the research results. Thus, our results show that the workflow output (i.e., research results) can be verified with high confidence in a privacy-preserving way. We believe that this work will be a valuable step towards providing provenance in a privacy-preserving way while providing guarantees to the users about the correctness of the results.

Yuan Hong, Jaideep Vaidya, Haibing Lu

Combinatorial optimization is a fundamental problem found in many fields. In many real life situations, the constraints and the objective function forming the optimization problem are naturally distributed amongst different sites in some fashion. A typical approach for solving such problem is to collect all of this information together and centrally solve the problem. However, this requires all parties to completely share their information, which may lead to serious privacy issues. Thus, it is desirable to propose a privacy preserving technique that can securely solve specific combinatorial optimization problems. A further complicating factor is that combinatorial optimization problems are typically NP-hard, requiring approximation algorithms or heuristics to provide a practical solution. In this paper, we focus on a very well-known hard problem -- the distributed graph coloring problem, which has been utilized to model many real world problems in scheduling and resource allocation. We propose efficient protocols to securely solve such fundamental problem. We analyze the security of our approach and experimentally demonstrate the effectiveness of our approach.

Jason N. Doctor, Jaideep Vaidya, Xiaoqian Jiang et al.

Secure computation of equivalence has fundamental application in many different areas, including healthcare. We study this problem in the context of matching an individual identity to link medical records across systems. We develop an efficient solution for equivalence based on existing work that can evaluate the greater than relation. We implement the approach and demonstrate its effectiveness on data, as well as demonstrate how it meets regulatory criteria for risk.

Yuan Hong, Jaideep Vaidya, Nicholas Rizzo et al.

With the rapid increase in computing, storage and networking resources, data is not only collected and stored, but also analyzed. This creates a serious privacy problem which often inhibits the use of this data. In this chapter, we investigate and resolve the privacy issues in a fundamental optimization problem -- linear programming (LP) which is formulated by data collected from different parties. We first consider the case where the objective function and constraints of the linear programming problem are not partitioned between two parties where one party privately holds the objective function while the other party privately holds the constraints. Second, we present a privacy preserving technique for the case that objective function and constraints are arbitrarily partitioned between two parties where each party privately holds a share of objective function and constraints. Finally, we extend the technique for securely solving two-party arbitrarily partitioned linear programming problems to a multi-party scenario. In summary, we propose a set of efficient and secure transformation based techniques that create significant value-added benefits of being independent of the specific algorithms used for solving the linear programming problem.