Lecture Type
Prof. Dr. Michael Backes
Kick-Off ( Fri, 25.11.2016, 16-17 in E 9.1 Room 0.06 )
see below, 12-15 slots
Office hours
By Arrangement, email to advisors

Latest News

  • 02.02.2017: Updated Seminar Kickoff Slides with new presentation day times
  • 16.01.2017: Summary of upcoming important dates:
    • Final Review Submission Deadline: 23.01.2017, 12pm
    • Rebuttal Deadline: 30.01.2017, 12pm
    • Presentation HowTo-Session: 02.02.2017, 4pm, Room 3.21 in E9.1
    • Slide Review: Please make an individual appointment with your advisor 1 week before the presentation at the latest.
    • Presentation Day: 09.02.2017, 8.30am – 3.30pm
  • 29.11.2016: Seminar Kickoff Slides
  • 06.10.2016: Seminar website goes online


In this seminar, we will discuss recent theoretical developments in privacy and security research. We will simulate a computer science conference’s review process by critically reviewing, presenting and discussing research papers with the participants in a block seminar.
The topics will include (but are not limited to) formal methods for security, adversarial machine learning and cryptographic tools such as fully homomorphic encryption and multi-party computation with a special focus on applications in genomic privacy.

The list of discussed papers is as follows.

From the area of formal methods:

  • Algorithmic Transparency via Quantitative Input Influence: Theory and Experiments with Learning Sytems . Anupam Datta, Shayak Sen, Yair Zick.
  • Policy Auditing over Incomplete Logs: Theory, Implementation and Applications . Deepak Garg, Limin Jia, Anupam Datta.
  • Program Actions as Actual Causes: A Building Block for Accountability . Anupam Datta, Deepak Garg, Dilsun Kaynar, Divya Sharma, Arunesh Sinha.
  • Causes and Explanations: A Structural-Model Approach — Part I: Causes . Joseph Y. Halpern, Judea Pearl.
  • CoSP: A General Framework For Computational Soundness Proofs. Michael Backes, Dennis Hofheinz, Dominique Unruh.

From the area of adversarial machine learning:

  • Cryptography and Machine Learning . Ronald L. Rivest.
  • Generative Adversarial Nets . Ian J. Goodfellow, Jean Pouget-Abadie, Medhi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville, Yoshua Bengio.
  • Some submodular data-poisoning attacks on machine learners . Shike Mei, Xiaojin Zhu.
  • Adversarial Perturbations Against Deep Neural Networks for Malware Classification Kathrin Grosse, Nicolas Papernot, Praveen Manoharan, Michael Backes, Patrick McDaniel.
  • Transferability in Machine Learning: from Phenomena to Black-Box Attacks using Adversarial Samples . Nicolas Papernot, Patrick McDaniel, Ian Goodfellow.

From the area of Fully Homomorphic Encryption:

  • A Guide to Fully Homomorphic Encryption . Frederik Armknecht, Colin Boyd, Christopher Carr, Kristian Gjøsteen, Angela Jaeschke, Christian A. Reuter, Martin Strand.
  • Malicious Circuit Private FHE . Rafail Ostrovsky, Anat Paskin-Cherniavsky, Beni Paskin-Cherniavsky.
  • Private Computation on Encrypted Genomic Data . Kristin Lauter, Adriana Lopez-Alt, Michael Naehrig.

From the area of Secure Multiparty Computation:

  • Secure Multiparty Computation for Privacy-Preserving Data Mining . Yehuda Lindell, Benny Pinkas.
  • Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation . Marina Blanton, Fattaneh Bayatbabolghani.
  • Non-Interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers . Rosario Gennaro, Craig Gentry, Bryan Parno.


The official registration for the seminar will occur at the organizational meeting. Students are encouraged to pre-register before this initial meeting by writing an email to kathrin.grosse(aeht)cispa.saarland including name, matriculation number and field of study. Please also list 3 papers you could imagine presenting in the order of your preference.

Pre-registration is not binding. For final registration you have to show up in the organizational meeting. Places for the final registration will be provided in the order of pre-registration until all places are taken.

Mailing list

Once registration is complete, we will set up a mailing list you can use for general discussions and to ask questions.
We will also set up a conference paper management system where you will need to register to get access to the research papers and submit your reviews.

Assignment and Grading

You will write 3 critical reviews for research papers, write one rebuttal based on 3 reviews for one paper, present one paper 20 minute presentation plus 5 minutes for questions and discussion. You will discuss other students’ presentations and reviews critically. Grading will be based on your written work, your presentations and your participation in the discussion of the papers.