Research projects

Our research goal is to extend this work further to decentralized networks where required computations can be performed on the data stored on a blockchain.

PhD candidates

Made by TU Delft's PhD candidates and directed by Zekeriya Erkin

Decentralized Private Freight Declaration & Tracking with Data Validation (accepted by BRAIN 2022)
by Jelle Vos (j.v.vos@tudelft.nl) and Tianyu Li (tianyu.li@tudelft.nl)

In January 2017, a truck crossed the border between Spain and France for the first time using an e-CMR. Since that crossing, researchers and logistic organizations have proposed many ideas to further digitize Europe’s supply chain. Many of these ideas involve blockchains, but not all of them validate the data that is posted to them. As a result, participants can make illegitimate claims: Even though the blockchain enables transparency and immutability of the data stores, it does not ensure veracity. One work that does use the blockchain’s validation functionality is DEFEND. DEFEND addresses customs agencies’ lack of information for international freight inspection by tracking shipping containers throughout their journey. As containers pass from one operator to another, the blockchain participants ensure that containers are not doubly spent.

In our work, we propose an extension of DEFEND, in which we further extend the capabilities for validation. Moreover, we provide actual cryptographic protocols to preserve participants’ privacy while DEFEND only described privacy on a high level. Finally, by making a more fine-grained distinction between different actors in the chain, we model the entire supply chain from buyer to seller. Now, the buyer and seller can track the respective package’s whereabouts through each leg of its journey.

Recently, our paper of this work is accepted by the third Workshop on Blockchain theoRy and ApplicatIoNs, BRAIN 2022.

Privacy-Preserving Bin-Packing with Differential Privacy (accepted by the IEEE Open Journal of Signal Processing)
by Tianyu Li (tianyu.li@tudelft.nl)

With the emerging of e-commerce, package theft is at a high level: It is reported that 1.7 million packages are stolen or lost every day in the U.S. in 2020, which costs $25 million every day for the lost packages and the service. Information leakage during transportation is an important reason for theft since thieves can identify which truck is the target that contains the valuable products.

In this paper, we address the privacy and security issues in bin-packing, which is an algorithm used in delivery centres to determine which packages should be loaded together to a certain truck. Data such as the weight of the packages is needed when assigning items into trucks, which can be called bins. However, the information is sensitive and can be used to identify the contents in the package. To provide security and privacy during bin-packing, we propose two different privacy-preserving data publishing methods. Both approaches use differential privacy (DP) to hide the existence of any specific package to prevent it from being identified by malicious users.

The paper of this work is accepted by the IEEE Open Journal of Signal Processing.

Privacy-preserving real-time location sharing system for supply chains
by Tianyu Li (tianyu.li@tudelft.nl)

With the fast development of e-commerce, there is a higher demand for timely delivery. Logistic companies want to send receivers a more accurate arrival prediction to improve customer satisfaction and lower customer retention costs. One possible approach is to share real-time location data with receivers, but this can also introduce privacy and security issues such as malicious tracking and theft.

In our work, we propose a privacy-preserving real-time location sharing system including: (1) a location perturbation method for location publishing with consideration of a real map and different privacy levels for receivers, and (2) a blockchain-based location sharing platform involving three parties: Receiver, Sender and Truck.

A Privacy Preserving Multi-Depot Vehicle Routing Protocol
by Miray Aysen and you may contact Tianyu Li (tianyu.li@tudelft.nl)

Decreasing costs may play a crucial role in small and medium-sized enterprises' (SMEs) growth. To decrease transportation costs, these companies may form a collaboration for order sharing. Collaboration is crucial for the customer orders that they cannot fulfil in time or fulfil with low vehicle utilization. Various studies prove the significance of order sharing. However, the privacy of the data that are shared during this process does not take into account.

In our work, we describe a privacy-preserving protocol for order sharing. We work on a case where each company has a single depot in a different location, formally named multi-depot vehicle routing problem (MD-VRP). The customer orders are distributed among companies by cyclic assignment, with the aim of minimizing the total distance travelled. In our protocol, we use threshold cryptography to make sure no single company can use the data based on their interest. By homomorphic properties and secure comparison protocol, we make sure the third party that executes the cyclic assignment does not learn anything about the data.

Master thesis

Made by TU Delft's Master students and directed by Zekeriya Erkin

Collective access management: Distributed access control for co-owned resources
by Ásta Magnúsdóttir

Collaboration in supply chain management allows participants to obtain the benefits of cooperation using each other’s expertise to develop a product. The benefits include the sharing of knowledge or resources to create products more economically than individually. Collaboration encounters challenges such as vast geological distances between participants and large amounts of shared information. In a supply chain, many participants contribute information about a resource. In our work, we assume that the resource information is co-owned by all contributing participants and includes a range of relevant information such as transportation documents and product patents. Some of this information is private and should only be shared on a need-to-know basis. We design a protocol that supports the privacy of each owner’s partial access decision while maintaining verifiability in a distributed system using an owner-controlled blockchain to create a shared platform for data control and access management.

Link

Forward-looking consistency in Attribute-Based Credentials
by Christian van Bruggen

Collaboration in supply chain management allows participants to obtain the benefits of cooperation using each other’s expertise to develop a product. The benefits include the sharing of knowledge or resources to create products more economically than individually. Collaboration encounters challenges such as vast geological distances between participants and large amounts of shared information. In a supply chain, many participants contribute information about a resource. In our work, we assume that the resource information is co-owned by all contributing participants and includes a range of relevant information such as transportation documents and product patents. Some of this information is private and should only be shared on a need-to-know basis. We design a protocol that supports the privacy of each owner’s partial access decision while maintaining verifiability in a distributed system using an owner-controlled blockchain to create a shared platform for data control and access management.

Link

A Decentralised Key Management System for the European Railway Signalling System
by David Kester

There is an increase in interest and necessity for an interoperable and efficient railway network across Europe, creating a key distribution problem between train and trackside entities’ key management centers (KMC). This work proposes a scalable and decentralized key management system that allows KMC to share cryptographic keys using transactions while keeping relationships anonymous. Using noninteractive proofs of knowledge and assigning each entity a private and public key, private key owners can issue valid transactions while all system actors can validate them. Our performance analysis shows that the proposed system is scalable when a proof of concept is implemented with settings close to the expected railway landscape in 2030.

Link

(Ongoing) A privacy-preserving recovaction mechanism for verifiable credentials
by Li Xu

People need certificates to prove their identity in their daily lives (e.g., students use proof of enrollment to prove they are students). To correctly pass the identity verification, people need to give valid certificates. In other words, people need to prove the issuer of the certificate does not revoke the certificate. Traditional revocation status check methods use identifiers like serial numbers to check the validity of a certificate. However, using identifiers may cause unwanted correlation, resulting in significant privacy issues. Currently, we try to overcome the privacy concerns brought by identifiers. The research focuses on using zero-knowledge proof techniques such as cryptographic accumulators to enable people to prove a certificate is not revoked in a privacy-preserving way.

Selected Bachelor end projects

Made by TU Delft's Bachelor students and directed by Zekeriya Erkin

Secure multi-party computation for supply chain collaboration
by Danila Romanov. Link

Blockchain-based DNS and PKI to solve issues of trust, security and censorship in the context of the IoT
by Leon de Klerk. Link

Blockchain-based solutions for privacy in the Internet of Things Smart Environment
by Shubhankar Darbari. Link

A Comparative Study on Pseudo Random Number Generators in IoT devices
by Efe Alkan. Link

Other resources

Made by teams of students together with partners of the Spark! consortium

A shipment amortization by blockchain repro - A Blocklab & TU Delft collab 

A Corda-based Supply Chain Visibility Design

BlockCert: Blockchain in the supply infrastructure