Speakers

• Belguith Sana, School of Computer Science, the University of Bristol, UK
  Title: Navigating the Privacy-Utility Trade-off: An Introduction to Privacy-Enhancing Technologies (PETs)
  Abstract: As our digital infrastructure becomes increasingly decentralized and data-driven, the traditional perimeter-based approach to personal data protection is no longer sufficient to ensure individual privacy. This talk explores the paradigm shift toward Privacy-Enhancing Technologies (PETs), a suite of mathematical and computational tools designed to protect sensitive information.The session will bridge the gap between theory and practice by discussing PETS real-world deployments in various domains, while also addressing the inherent trade-offs in privacy preservation, computational overhead, data accuracy and data utility. Participants will leave with a clear framework for evaluating which PETs are most suitable for specific data-sharing challenges. We will also discuss interdisciplinary approaches to privacy while exploring the legal frameworks such as GDPR, in addition to discussing emergent privacy challenges such as privacy preservation in machine learning applications.

• Besson Frédéric, Inria, Univ Rennes, CNRS, IRISA
  Title: Information Flow - static analysis, dynamic monitoring and compiler preservation
  Abstract: Confidentiality is a fundamental security property which can be rephrased as an information flow property - intuitively secret information should not leak. We will focus on the strongest property,non-interference, which states that there should be no flow of information from secret data to public data. Starting from the seminal work of Bell and LaPadula, we will investigate how to state and verify non-interference using type systems. We will then consider dynamic information flow tracking and ways to combine static and dynamic information flow tracking. We will also cover the preservation of information flow properties through compilation and study the case of constant-time programming. This programming discipline can be formalised as a non-interference property and is essential to protect cryptographic implementations from timing attacks.

• Boudguiga Aymen, CEA LIST, Université Paris-Saclay
  

• Cremers Cas, CISPA Helmholtz Center for Information Security
  

• Debant Alexandre, Inria, Nancy
  

• Faonio Antonio, EURECOM, Sophia Antipolis
  

• Feneuil Thibauld, CryptoExperts
  Title: Beyond SNARKs: Hash-Based Zero-Knowledge for Post-Quantum Signatures
  Abstract: Zero-knowledge proof systems are a central tool in modern cryptography, enabling the verification of statements without revealing the underlying witness. While many efficient constructions rely on algebraic assumptions such as elliptic curves or pairings, hash-based alternatives provide an attractive route toward post-quantum security, relying only on well-established symmetric primitives. Although hash-based proof systems have been studied for nearly a decade, primarily in the context of designing efficient SNARKs, their use for zero-knowledge proofs targeting small statements -where both the witness size and statement complexity are minimal- has only recently gained attention. This line of work was notably initiated by the VOLE-in-the-Head and TC-in-the-Head frameworks, which led to highly compact post-quantum signature schemes derived from MPC-in-the-Head techniques. These constructions introduced efficient methods for committing to and evaluating small polynomials using only symmetric cryptography, relying on structures such as GGM trees and Merkle trees. In this lecture, we provide an overview of hash-based proof systems and explain how they can be leveraged to construct efficient post-quantum signature schemes based on a broad range of conservative security assumptions. We then explore how these techniques extend naturally to richer cryptographic functionalities, including ring signatures and blind signatures. Such advanced primitives play a central role in many privacy-enhancing technologies, highlighting the broader potential of hash-based zero-knowledge proofs beyond the traditional SNARK setting.

• Izabachène Malika, ETIS, CY Cergy Paris Université, ENSEA, CNRS
  

• Levallois-Barth Claire, IMT Atlantique
  Title: Legal aspects of the European Union Digital Identity Wallets
  Abstract: To address the challenges posed by identity theft, fraud, and cyberattacks such as phishing, the European Union adopted the eIDAS 2 Regulation in 2024. By the end of 2026, every citizen and resident of the EU will be able to have access to a European Digital Identity Wallet, interoperable across all the EU Member States. In France, this wallet will take the form of France Identité. It will enable users to store on their smartphones their digital identity data (such as surname, first name, date of birth, nationality …), electronic attestations of attributes (including a driving license, passport, medical prescription, transport tickets, and others), and even to sign electronically. The so-called qualified electronic signature will thereby have the same legal value as a handwritten signature. The wallet is intended to allow users to maintain control over their identity and personal data, and to access cross-border public and private digital services. The implementation of this pan-European infrastructure requires overcoming a substantial number of obstacles, both with respect to the wallets themselves and to the services provided through them. In particular, personal data must be processed in accordance with the GDPR. This entails, among other things, the implementation of privacy-enhancing technologies and the assurance of the security of the entire system. In that sense, each wallet must obtain a cybersecurity certification before its launch.
  Biography: Claire Levallois-Barth, professor of Public law at IMT Atlantique, Holder of the Research Chairs Values and Policies of Personnel Information and Data Common, Work Package Leader in the EU project APTITUDE on EU Digital Identity Wallet, WP 7 Compliance, European Values and Civil Society

• Palamidessi Catuscia, LIX, INRIA Saclay, IPP
  

More information about the program here.