Project members: Prof. Dr. Ghassan Karame, Pascal Zimmer
Project period: 06/2023 – 05/2027
TRAIN is one of the few strategic projects selected in 2022 by ANR-BMBF part of German-French joint call for proposals on Artificial Intelligence – Edition 2022. The goal of TRAIN is to explore two main barriers to the widespread deployment of AI: the lack of trustworthiness and the lack of robustness. TRAIN, comprising of Inria (French Coordinator) and EURECOM from France and the Chair for Information Security at RUB (German Coordinator) and Fraunhofer IPT from Germany, will design, develop and evaluate new AI solutions that address these two challenges. The development of such AI systems requires careful attention at every aspect of the model development pipeline, starting from construction and training of models all the way to evaluation and deployment. The proposed research agenda focuses on the more challenging federated learning (FL) setting as a key paradigm to enable trustworthiness in the training phase. We also investigate trustworthiness and robustness of the evaluation and deployment phase in both centralized and collaborative machine learning. TRAIN solutions will be integrated into real-world frameworks in two main application domains: healthcare and smart industry.
Project members: Prof. Dr. Ghassan Karame, Jannik Albrecht, Malcom Mohamed, Anna Piscitelli
Project period: 06/2023 – 05/2026
Blockchains and decentralized applications thereof are evolving rapidly. The initial wave of interest in cryptocurrencies,initiated with Bitcoin, envisioned permissionless blockchains as an ideal solution to realize trustless payments over the Internet, allowing peers to exchange assets without the intermediation of financial institutions. Despite the initial fame, Bitcoin and follow-up permissionless systems have been found to suffer a number of shortcomings, limiting their adoption in real-world applications. A major obstacle to their widespread adoption is rooted in their probabilistic consistency and liveness guarantees, offering a rather weak notion of “eventual consensus”. Concretely, although blocks are generated at a regular pace, the blockchain nodes cannot be certain that these blocks are stable in the ledger—they can only become more confident that a given block will not be reverted as more blocks are added “on top” of it. Probabilistic finality of blocks directly reflects on the ledger in terms of transaction-confirmation time. This means that transactions cannot be confirmed with certainty, and after being included to the ledger, high-confidence confirmation is possible only once they are deep enough in the blockchain. As a result, the latency and throughput of permissionless systems are extremely limited compared to that of classical consensus protocols. In contrast, permissioned blockchains offer an attractive, faster alternative to permissionless solutions, particularly for industrial deployments. It is therefore no surprise that prominent financial institutions are exploring permissioned blockchains to improve their services and modernize their businesses. On the downside, permissioned consensus protocols scale rather poorly in the number of consensus nodes, which limits their deployment to small- and medium-scale scenarios. Moreover, compared to permissionless blockchains, permissioned blockchains face an “adoption” challenge as some retailers prefer to receive known cryptocurrencies, suchas BTC and ETH, as opposed to yet another locally created cryptocurrency. This project addresses the following challenges:
- How can we quantify the security of existing blockchain deployments?
- How can we ensure the security of decentralized applications against front-running attacks?
- How can we scale existing deployments without compromising security?
Trusted execution environments (TEEs) enable applications to execute in isolation from other software on the same platform, including the OS. Technologies, such as Intel SGX, allow to run applications in so-called enclaves and provide them with encrypted runtime memory, encrypted storage, and mechanisms to issue authenticated statements on the
enclave software configuration. As such, a number of practitioners believe that TEEs are particularly suited for cloud deployments since it allows to outsource applications to the cloud, with the assurance that outsourced applications run untampered and their data is not available to any (privileged) software on the same host. In this project, we first explore how to secure TEEs themselves against attacks. We also explore how to make use of trusted hardware support to improve the security and privacy of existing decentralized platforms, as a means to boostrap truly trustworthy environments.