Skip to content Search

Privacy in machine learning

A number of machine learning applications cover topics where privacy is of particular importance. This applies both to cases where secrecy concerns the training data on which the algorithm is trained (e.g. when this data contains medical information); as well as those in which the algorithm itself is protected because, for example, its knowledge reveals certain information about the training data. The development of privacy protection methods is the focal point of the research.

We investigate solutions based on multiparty computation protocols. This technology allows calculations to be performed on distributed data in such a way that the data is not disclosed to third parties. A related method that we also explore in this context is so-called homomorphic encryption, which further minimizes the need for interaction between the parties executing the algorithm. Moreover, research conducted at IDEAS NCBR concerns the possible applications of the so-called trusted execution environments to increase the privacy of the calculations performed.

A separate issue is ensuring that the calculation result does not reveal private information about the input data. The technology we use in this context is the so-called differential privacy. The method is based on adding random noise to the calculation result so that information about individual elements of the input data cannot be deduced from it.

The technologies mentioned above have been developed in theoretical computer science for many years. The added value of our research results from cooperation with other IDEAS NCBR research teams that deal with machine learning. These interactions allow solutions to be tailored to specific problems in this field of research.

Machine learning in security analysis

One of the main problems with multi-tenant cryptographic protocols is that decentralized solutions are typically more complex and error-prone than centralized solutions, and errors in such protocols can lead to significant financial losses. At IDEAS NCBR, we deal with solving these problems using tools derived from formal methods. In particular, we are working on using machine learning methods to prove the correctness of cryptographic protocols. This is a promising approach because in many cases this analysis contains repeatable elements that can potentially be automated. The challenge, however, is finding appropriate training data.

A more secure blockchain

Blockchain technology was introduced in 2008. This name usually refers to cryptographic protocols used to achieve consensus on a large scale in distributed networks. These protocols can work in the so-called permissionless variant, in which the set of participants is not defined a priori, or in the permissioned variant, in which consensus is maintained by predefined groups of servers.

The initial applications of this technology were in the financial sector and were mainly used to create new virtual cryptocurrencies (such as bitcoin). However, the technology is now believed to have many more applications, particularly in digital identity management systems, mortgage management, land ownership registration systems, supply chain monitoring, insurance, clinical trials, copyright management, running decentralized organizations, and in energy management or in the Internet of Things (LOT). At IDEAS NCBR, we research practical aspects of this technology, such as the security of so-called cryptocurrency wallets, consensus protocols and smart contracts.

Research Group Leader


Stefan Dziembowski

Stefan Dziembowski is a professor at the Faculty of Mathematics, Computer Science and Mechanics at the University of Warsaw. His research interests concern theoretical and applied cryptography, in particular issues related to physical attacks on cryptographic devices and blockchain technology.

Dziembowski received a master’s degree in computer science in 1996 at the University of Warsaw, a doctorate in computer science in 2001 at the University of Aarhus (Denmark) and a habilitation in mathematical sciences in 2012 at the University of Warsaw. He completed postdoctoral internships at ETH in Zurich, CNR in Pisa and at the University of Rome  Sapienza, where he became an assistant professor in 2008. In 2010, he moved to the University of Warsaw, where he runs the Cryptography and Blockchain Laboratory.

His work has appeared at leading IT conferences (FOCS, STOC, CRYPTO, EUROCRYPT, ACM CCS, ASIACRYPT, TCC, IEEE S&P, ACM CCS, LICS, and others); and in journals (Communications of the ACM, Journal of Cryptology IEEE Transactions on Information Theory, Journal of the ACM, Communications of the ACM). He was repeatedly invited to the program committees of leading conferences CRYPTO, EUROCRYPT, ACM CCS, ASIACRYPT, TCC, ICALP and others. His co-authored works received awards for the best papers (Best Paper Awards) at the EUROCRYPT and IEEE S&P conferences (in 2014). In 2015, he was the chairman of the organizing committee (general chair) of the Theory of Cryptography Conference, and in 2008, he was co-chair of its program committee (PC co-chair). He was elected co-chair of Eurocrypt 2022.  He delivered a keynote talk at the Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020.

Stefan Dziembowski received two European Research Council grants; ERC Starting Grant (2007) and ERC Advanced Grant (2019), two grants from the Foundation for Polish Science: FNP Welcome and FNP Team; two NCN Opus grants from the National Science Center, a Marie-Curie grant for a post-doctoral internship, and a Start scholarship from the Foundation for Polish Science. He is also a winner of the Polish-German Copernicus Prize (in 2020, together with Professor Sebastian Faust) and the Professor Kazimierz Bartel Prize (2016). In the 2021-2024 term, Stefan Dziembowski will be a member of the Council of the National Science Center. He supervised five PhD students.

Other research groups and teams

  • Precision Forestry The use of remote sensing data in obtaining information about forests has a long, almost 100-year history.
    Krzysztof Stereńczak
  • Sustainable Computer Vision For Autonomous Machines Our solutions could potentially be used in drones as a tool supporting the protection of national parks, including animals against poaching. They allow for fast and efficient monitoring of large land areas in remote locations...
    Bartosz Zieliński
  • Psychiatry and Computational Phenomenology Most mental disorders are highly complex and have high phenotypic variability, partially vague diagnostic criteria, and a significant overlap ratio.
    Marcin Moskalewicz