NTT Research, Inc., a division of NTT, announced that a team from NTT Global in Belgium took first place in its hackathon on attribute-based encryption (ABE). Held September 16-29 at the NTT Research offices in Sunnyvale, Calif., the hackathon drew five NTT-affiliated teams from around the world. The winning demonstration, built by Senior Software Engineer Pascal Mathis and Data Scientist Jean-Philippe Cabay, both of NTT in Belgium, was titled “Confidentiality in Images.” The team delivered a presentation video on this groundbreaking application for ABE at the NTT R&D Forum, a virtual business conference that took place Nov. 16-18. Honorable mentions at the invitation-only event went to demos created by NTT DATA teams from Italy and Romania. A panel from NTT DATA, NTT Research and the NTT Service Innovation Laboratory served as the hackathon’s judges. The competing teams were tasked with building an implementation of ABE, a type of public-key encryption that allows for sharing data based on policies and attributes of the users.
The main idea of the Belgian team’s demonstration was to apply ABE to images. “In many projects, we need to get images that contain private or sensitive data,” Mr. Cabay said. “Using ABE on the sensitive parts of the images could ensure a fine-grained control on who can access which information.” Images containing information that could be used to identify people, for instance, include building logos, faces and license plates, as well as underlying metadata containing GPS information. Other sensitive data could be contained in parts of scanned medical documents, answers to tests, or any images where privacy regulations apply. The team’s three-part demo involved 1) detecting and labeling the object, either through a neural network or manually; 2) encrypting the images and mapping between labels and ABE policies (e.g., only a user with certain attributes can decrypt an object labeled with ‘face’); and 3) storing the objects, the metadata and the blurred images in a database. The big picture is an “extract, transfer load (ETL) pipeline,” said Dr. Mattis, who has a Ph.D. in computer science and is also a tech lead at NTT. He also said the technique is “doable.” The artificial intelligence (i.e., a convolutional neural network) and encryption engine can reside close to the camera on an edge device, which then sends back only encrypted data to the database. Access is so locked-down that even the database administrator only sees images with blurred spots and encrypted information.
CIO INFLUENCE: Ericsson presents a Green Financing Framework
“We are thrilled with the participation of all participants in our ABE hackathon and congratulate Team Belgium on their win,” said Takashi Goto, head of the NTT Research Technology Promotion Team. “These demonstrations successfully advanced our goal of exploring the market potential and use cases for this innovative encryption technology, and we look forward to encouraging its further development and growth.”
One of several technologies at NTT Research being considered for commercialization, ABE was introduced in 2005 in a paper co-authored by Cryptography & Information Security (CIS) Lab Director, Brent Waters. In 2020, that paper was recognized with an International Association for Cryptologic Research (IACR) Test of Time Award. Dr. Waters served as one of the five judges of this hackathon. The hackathon’s runners-up from NTT DATA teams in Italy and Romania focused, respectively, on supporting a ticket subscriptions and physical access control to a new transportation service in Rome; and enabling secure IoT protocols on vehicle’s electronic sensors that would give the owner control over data monetization options. The other two teams were from Japan and India. The Japanese team, drawn from NTT DATA, NTT TechnoCross and NTT Social Informatics Lab, proposed an ABE privacy-safe call solution, which would allow staff with the appropriate role and location, or in emergency situations, to call an employee’s personal mobile number. The Indian team, from NTT DATA Services, focused on shifting a banking system from coarse-grained, role-based access control (RBAC) system, which grants or denies access based on a single factor, to the ABE’s more fine-grained control.
The hackathon began with a one-day ABE workshop and continued over two weeks of idea implementation. Participants had access to ABE libraries and APIs, smart building IoT data, an Innovative Optical Wireless Network (IOWN) test bed, and a secure implementation environment. The NTT executive panel of judges evaluated final demonstrations on site. In addition to presenting at the NTT R&D Forum, the winners will also be recognized at the NTT Research Upgrade 2023 event where they will give a talk on this fascinating application. At Upgrade 2021, Kei Karasawa, Director, Planning Department, NTT Service Innovation Lab. Group, demonstrated ABE access control in secure-wallet scenarios involving airport security, transit pass reloading, and proof of vaccination.
NTT Research has been discussing ABE with NTT operating companies on the assumption that relevant solutions could address security and privacy needs in the health care, medical, financial, education, government, and other sectors. In November 2021, NTT announced an agreement with the University of Technology Sydney (UTS), which includes conducting a proof-of-concept (POC) platform of ABE aimed at making the UTS internal systems more secure. The ABE encryption scheme has global standards support. In 2018, European Telecommunications Standards Institute (ETSI) published related specifications, which it updated in 2021. In addition to ABE, other NTT Research-related technologies with potential commercial byproducts include applications of multiparty computation (MPC), another area of research for the CIS Lab, and implementations of the coherent Ising machine (CIM), a quantum computing-related technology that is an area of focus for the NTT Research Physics & Informatics (PHI) Lab.
[To share your insights with us, please write to email@example.com]