Research projects

Our research goal is to extend this work further to decentralized networks where required computations can be performed on the data stored on a blockchain.

Academic publications

Made by TU Delft's researchers and published in various journals

Practical Multi-Party Private Set Intersection Protocols. IEEE Trans. Inf. Forensics Secur. 17: 1-15 (2022)
by Aslí Bay, Zekeriya Erkin, Jaap-Henk Hoepman, Simona Samardjiska, Jelle Vos

Read here: IEEE Transactions on Information Forensics and Security

Solving bin-packing problems under privacy preservation: Possibilities and trade-offs. Inf. Sci. 500: 203-216 (2019)
by Rowan Hoogervorst, Yingqian Zhang, Gamze Tillem, Zekeriya Erkin, Sicco Verwer

Read here: Information Sciences

Privacy-Preserving Bin-Packing With Differential Privacy, vol. 3, pp. 94-106, 2022, doi: 10.1109/OJSP.2022.3153231
by Tianyu Li, Zekeriya Erkin and Reginald L. Lagendijk

Read here: IEEE Open Journal of Signal Processing

Conference papers

Made by TU Delft's researchers and published in various journals

Decentralized Private Freight Declaration & Tracking with Data Validation. PerCom Workshops 2022: 267-272
by Tianyu Li, Jelle Vos, Zekeriya Erkin

Read here: IEEE

Efficient Joint Random Number Generation for Secure Multi-party Computation. SECRYPT 2021: 436-443
by Erwin Hoogerwerf, Daphne van Tetering, Aslí Bay, Zekeriya Erkin

Read here: SciTePress

Multi-Party Private Set Intersection Protocols for Practical Applications. SECRYPT 2021: 515-522
by Aslí Bay, Zeki Erkin, Mina Alishahi, Jelle Vos

Read here: SciTePress

Practical Exchange for Unique Digital Goods. DAPPS 2021: 49-58
by Oguzhan Ersoy, Ziya Alper Genç, Zekeriya Erkin, Mauro Conti

Read here: IEEE

How to Profit from Payments Channels. Financial Cryptography 2020: 284-303
by Oguzhan Ersoy, Stefanie Roos, Zekeriya Erkin

Read here: Springer

More to come soon...

PhD candidates

Made by TU Delft's PhD candidates and directed by Zekeriya Erkin

Decentralized Private Freight Declaration & Tracking with Data Validation (accepted by BRAIN 2022)
by Jelle Vos (j.v.vos@tudelft.nl) and Tianyu Li (tianyu.li@tudelft.nl)

In January 2017, a truck crossed the border between Spain and France for the first time using an e-CMR. Since that crossing, researchers and logistic organizations have proposed many ideas to further digitize Europe’s supply chain. Many of these ideas involve blockchains, but not all of them validate the data that is posted to them. As a result, participants can make illegitimate claims: Even though the blockchain enables transparency and immutability of the data stores, it does not ensure veracity. One work that does use the blockchain’s validation functionality is DEFEND. DEFEND addresses customs agencies’ lack of information for international freight inspection by tracking shipping containers throughout their journey. As containers pass from one operator to another, the blockchain participants ensure that containers are not doubly spent.

In our work, we propose an extension of DEFEND, in which we further extend the capabilities for validation. Moreover, we provide actual cryptographic protocols to preserve participants’ privacy while DEFEND only described privacy on a high level. Finally, by making a more fine-grained distinction between different actors in the chain, we model the entire supply chain from buyer to seller. Now, the buyer and seller can track the respective package’s whereabouts through each leg of its journey.

Recently, our paper of this work is accepted by the third Workshop on Blockchain theory and Applications, BRAIN 2022.

Privacy-Preserving Bin-Packing with Differential Privacy (accepted by the IEEE Open Journal of Signal Processing)
by Tianyu Li (tianyu.li@tudelft.nl)

With the emerging of e-commerce, package theft is at a high level: It is reported that 1.7 million packages are stolen or lost every day in the U.S. in 2020, which costs $25 million every day for the lost packages and the service. Information leakage during transportation is an important reason for theft since thieves can identify which truck is the target that contains the valuable products.

In this paper, we address the privacy and security issues in bin-packing, which is an algorithm used in delivery centres to determine which packages should be loaded together to a certain truck. Data such as the weight of the packages is needed when assigning items into trucks, which can be called bins. However, the information is sensitive and can be used to identify the contents in the package. To provide security and privacy during bin-packing, we propose two different privacy-preserving data publishing methods. Both approaches use differential privacy (DP) to hide the existence of any specific package to prevent it from being identified by malicious users.

The paper of this work is accepted by the IEEE Open Journal of Signal Processing.

Privacy-preserving real-time location sharing system for supply chains
by Tianyu Li (tianyu.li@tudelft.nl)

With the fast development of e-commerce, there is a higher demand for timely delivery. Logistic companies want to send receivers a more accurate arrival prediction to improve customer satisfaction and lower customer retention costs. One possible approach is to share real-time location data with receivers, but this can also introduce privacy and security issues such as malicious tracking and theft.

In our work, we propose a privacy-preserving real-time location sharing system including: (1) a location perturbation method for location publishing with consideration of a real map and different privacy levels for receivers, and (2) a blockchain-based location sharing platform involving three parties: Receiver, Sender and Truck.

A Privacy Preserving Multi-Depot Vehicle Routing Protocol
by Miray Aysen and you may contact Tianyu Li (tianyu.li@tudelft.nl)

Decreasing costs may play a crucial role in small and medium-sized enterprises' (SMEs) growth. To decrease transportation costs, these companies may form a collaboration for order sharing. Collaboration is crucial for the customer orders that they cannot fulfil in time or fulfil with low vehicle utilization. Various studies prove the significance of order sharing. However, the privacy of the data that are shared during this process does not take into account.

In our work, we describe a privacy-preserving protocol for order sharing. We work on a case where each company has a single depot in a different location, formally named multi-depot vehicle routing problem (MD-VRP). The customer orders are distributed among companies by cyclic assignment, with the aim of minimizing the total distance travelled. In our protocol, we use threshold cryptography to make sure no single company can use the data based on their interest. By homomorphic properties and secure comparison protocol, we make sure the third party that executes the cyclic assignment does not learn anything about the data.

Master thesis

Made by TU Delft's Master students and directed by Zekeriya Erkin

Exploring factors influencing the adoption of blockchain technology: from a TOE framework perspective
by Dennis Krijger

The increasing interest in Blockchain Technologies also concerns the supply chain sector. Blockchain caught large logistics firms' attention to invest money and energy into this technology. This is mainly due to the trend of pressuring organisations towards a more transparent supply chain, combined with the hype around the technology. Besides, Blockchain technology’s benefits seem promising and solve most supply chain issues. However, not all organisations have succeeded in adopting these technologies yet. Therefore, this research explored how the technological, organisational and environmental contextual variables influence the adoption of blockchain technology.  Based on a qualitative research approach through semi-structured interviews with experts in multiple cases of Spark! Living Lab. The research contributed empirical evidence to the limited amount of research available on the adoption of blockchain technology. Furthermore, the analysis showed how the contextual variables influence the adoption process of blockchain technology. The study explored that the technology variable is similar across cases and presented that complexity, costs, and design disrupted the adoption and the relative advantage positively affected the adoption process. For the organisational variable, the alignment of values, employees’ skills, and experience were the most disruptive in the cases. However, when used correctly could empower the process. For the environmental variable, commitment and partners were preventing the adoption. Additionally, the governmental support, geographical location, developing market and legislation were disruptive to the adoption. At the same time, supply chain integration could be an enabler for adoption. Ultimately, the environmental variable explored as the most critical for adopting BCT. The limitations of this research were that most cases came from Spark! Living Lab and a small amount from outside the consortia, lacking cases that did not adopt the blockchain technology.

Link

A privacy-preserving tamper-evident revocation mechanism for verifiable credentials
by Li Xu

Third-party verified credentials (e.g. passports, diplomas) are essential in our daily life. The usage of third-party verified credentials bring us convenience in authentication. The Verifiable Credential (VC) data model is a new standard proposed by the W3C association to ease the expression and verification of third-party verified credentials on the Internet. The issuance and presentation of verifiable credentials are tamper-evident and privacy-preserving by design. However, the current verifiable credential data model lacks an explicit revocation design that guarantees the secure operations of the system. The lack of a revocation mechanism significantly limits the application of verifiable credentials. This thesis studies the revocation mechanisms of existing verifiable credential implementations. The existing revocation mechanisms are either tamper-evident or privacy-preserving. None of them can achieve the two properties together. To evolve the revocation mechanism to be both tamper-evident and privacy-preserving by design, we propose a new method which combines the BBS+ signature, a cryptographic accumulator and the blockchain. Our design enables the verifier to verify the presented credential’s revocation status without compromising the credentials holders’ privacy. We implement a proof-of-concept of our revocation mechanism to show it is practical in the real world. The experimental results show that after adding our revocation mechanism, the presentation time of a five-attribute credential changes from 22.22ms to 62.11ms (+39.89ms), and the verification time changes from 13.36ms to 44.56ms (+31.86ms). Moreover, the scalability analysis shows that our revocation mechanism can satisfy the need for revocation in the real world.

Link

Collective access management: Distributed access control for co-owned resources
by Ásta Magnúsdóttir

Collaboration in supply chain management allows participants to obtain the benefits of cooperation using each other’s expertise to develop a product. The benefits include the sharing of knowledge or resources to create products more economically than individually. Collaboration encounters challenges such as vast geological distances between participants and large amounts of shared information. In a supply chain, many participants contribute information about a resource. In our work, we assume that the resource information is co-owned by all contributing participants and includes a range of relevant information such as transportation documents and product patents. Some of this information is private and should only be shared on a need-to-know basis. We design a protocol that supports the privacy of each owner’s partial access decision while maintaining verifiability in a distributed system using an owner-controlled blockchain to create a shared platform for data control and access management.

Link

Forward-looking consistency in Attribute-Based Credentials
by Christian van Bruggen

Collaboration in supply chain management allows participants to obtain the benefits of cooperation using each other’s expertise to develop a product. The benefits include the sharing of knowledge or resources to create products more economically than individually. Collaboration encounters challenges such as vast geological distances between participants and large amounts of shared information. In a supply chain, many participants contribute information about a resource. In our work, we assume that the resource information is co-owned by all contributing participants and includes a range of relevant information such as transportation documents and product patents. Some of this information is private and should only be shared on a need-to-know basis. We design a protocol that supports the privacy of each owner’s partial access decision while maintaining verifiability in a distributed system using an owner-controlled blockchain to create a shared platform for data control and access management.

Link

A Decentralised Key Management System for the European Railway Signalling System
by David Kester

There is an increase in interest and necessity for an interoperable and efficient railway network across Europe, creating a key distribution problem between train and trackside entities’ key management centers (KMC). This work proposes a scalable and decentralized key management system that allows KMC to share cryptographic keys using transactions while keeping relationships anonymous. Using noninteractive proofs of knowledge and assigning each entity a private and public key, private key owners can issue valid transactions while all system actors can validate them. Our performance analysis shows that the proposed system is scalable when a proof of concept is implemented with settings close to the expected railway landscape in 2030.

Link

Selected Bachelor end projects

Made by TU Delft's Bachelor students and directed by Zekeriya Erkin

Secure multi-party computation for supply chain collaboration
by Danila Romanov. Link

Blockchain-based DNS and PKI to solve issues of trust, security and censorship in the context of the IoT
by Leon de Klerk. Link

Blockchain-based solutions for privacy in the Internet of Things Smart Environment
by Shubhankar Darbari. Link

A Comparative Study on Pseudo Random Number Generators in IoT devices
by Efe Alkan. Link

Other resources

Made by teams of students together with partners of the Spark! consortium

A shipment amortization by blockchain repro - A Blocklab & TU Delft collab 

A Corda-based Supply Chain Visibility Design

BlockCert: Blockchain in the supply infrastructure