Sara Ricci

Brno University of Technology · Department of Telecommunications

Privacy-preserving data splitting is a technique that aims to protect data privacy by storing different fragments of data in different locations. In this work we give a new combinatorial formulation to the data splitting problem. We see the data splitting problem as a purely combinatorial problem, in which we have to split data attributes into diff...

Elliptic curves are very often used in the cryptographic protocol design due to their memory efficiency and useful features, such as the bilinear pairing support. However, in many cryptographic papers, elliptic curves are used as a black box, without deeper consideration of their mathematical properties and, even more importantly, without consideri...

Data controllers accumulate more and more data on people, of which a substantial proportion are personally identifiable and hence sensitive data. Storing and processing those data in local premises is increasingly inconvenient, but resorting to cloud storage and processing raises security and privacy issues. We show how to use untrusted clouds to c...

In the last decades, several signcryption schemes have been proposed for different privacy-enhancing purposes. In this paper, we propose a new privacy-enhancing group signcryption scheme that provides: unforgeability, confidentiality, ciphertext and sender anonymity, traceability, unlinkability, exculpability, coalition-resistance, and unforgeable...

The recent COVID-19 pandemic situation highlights the importance of digital vaccine certificates. In response, the European Union (EU) developed EU Digital Vaccine Certificates to enable proof of non-infectivity and completed vaccinations. However, these solutions suffer from several shortcomings, such as ineffective certificate holder identificati...

Threshold signatures have gained increased attention especially due to their recent applications in blockchain technologies. In fact, current cryptocurrencies such as Bitcoin, and Cardano started to support multi-signature transactions. Even if the Schnorr-based threshold signatures improve the blockchain’s privacy and scalability, these schemes do...

Threshold signatures received renewed interest in recent years due to their practical applicability to Blockchain technology. In this article, we propose a novel (n, t)-threshold signature scheme suitable for increasing security and privacy in Blockchain technology. Our scheme allows splitting a Blockchain wallet into multiple devices so that a thr...

This article presents a new free web-based application, the Cybersecurity Job Ads Analyzer, which has been created to collect and analyse job adverts using a machine learning algorithm. This algorithm enables the detection of the skills required in advertised cybersecurity work positions. The application is both interactive and dynamic allowing for...

Cybersecurity education and training are essential prerequisites of achieving a secure and privacy-friendly digital environment. Both professionals and the general public widely acknowledge the need for high-quality university education programs and professional training courses. However, guides, recommendations, practical tools, and good examples...

As we move into a new decade, the global world of Intelligent Infrastructure (II) services integrated into the Internet of Things (IoT) are at the forefront of technological advancements. With billions of connected devices spanning continents through interconnected networks, security and privacy protection techniques for the emerging II services be...

The paper presents a hardware-accelerated cryptographic solution for Field Programmable Gate Array (FPGA) based network cards that provide throughput up to 200 Gpbs. Our solution employs a Software-Defined Network (SDN) concept based on the high-level Programming Protocol-independent Packet Processors (P4) language that offers flexibility for netwo...

Cyber security education is an important and pertinent topic as it plays a major role in mitigating the risks caused by a global shortage of cyber security experts. In order to better support this crucial function, a cyber security skills framework needs to be agreed upon by academics in this field, along with an increase in the visibility of cyber...

Outsourcing data storage and computation to the cloud is appealing due to the cost savings it entails. However, when the data to be outsourced contain private information, appropriate protection mechanisms should be implemented by the data controller. Data splitting, which consists of fragmenting the data and storing them in separate clouds for the...

Most of the cryptographic constructions deployed in practical systems today, in particular digital signatures and key-establishment schemes, are vulnerable to attacks using quantum computers. Post-quantum cryptography (PQC) deals with the design and implementation of cryptographic algorithms that are resistant to these attacks. In this paper, we ev...

The world has seen an influx of connected devices through both smart devices and smart cities, paving the path forward for the Internet of Things (IoT). These emerging intelligent infrastructures and applications based on IoT can be beneficial to users only if essential private and secure features are assured. However, with constrained devices bein...

Variety of users cyber data are daily collected by enterprises and governments. These data are processed in order to improve users lifestyle, e.g. improving healthcare and optimizing traffic. Cloud computing is often the only possible strategy which allows processing these big amount of information due to the associated costs. However, data owners...

The information ratio of a secret sharing scheme Σ is the ratio between the length of the largest share and the length of the secret, and it is denoted by σ(Σ). The optimal information ratio of an access structure Γ is the infimum of σ(Σ) among all schemes Σ with access structure Γ, and it is denoted by σ(Γ). The main result of this work is that fo...

We present here a methodology to compare statistical disclosure control methods for microdata in terms of how they perform regarding the risk-utility trade-off. Previous comparative studies (e.g. [3]) usually start by selecting some parameter values for a set of SDC methods and evaluate the disclosure risk and the information loss yielded by the me...

We consider the problem of privacy-preserving cloud-based statistical computation on sensitive categorical data. Specifically, we focus on protocols to obtain the contingency matrix and the sample covariance matrix of the categorical data set. A multi-cloud is used not only to store the sensitive data but also to perform computations on them. Howev...

Before releasing an anonymized data set, the data protector must know how safe the data set is, that is, how much disclosure risk is incurred by the release. If no privacy model is used to select specific privacy guarantees prior to anonymization, posterior disclosure risk assessment must be performed based on the anonymized data set and, if the re...

The life history of the fruit fly (Drosophila melanogaster) is well understood, but fitness components are rarely measured by following single individuals over their lifetime, thereby limiting insights into lifetime reproductive success, reproductive senescence and post-reproductive lifespan. Moreover, most studies have examined long-established la...