Confidential Computing: Fighting Crime & Cyber Attacks

in a Privacy Preserving WayDr. Alex Antic (ANU/AUSTRAC)

Show Me The Money!

Alice Bob Jane Sarah

Show Me The Money!

Privacy-Preserving Data Matching

Alice Bob Jane Sarah

Show Me The Money!

Homomorphic Encryption

Privacy-Preserving Data Matching

Alice Bob Jane Sarah

Show Me The Money!

Calculate Average Bonus using

Encrypted Maths

Homomorphic Encryption

Privacy-Preserving Data Matching

Alice Bob Jane Sarah

Show Me The Money!

Decryption$5,000

Calculate Average Bonus using

Encrypted Maths

Homomorphic Encryption

Privacy-Preserving Data Matching

Alice Bob Jane Sarah

Privacy Preserving Data Matching

Jane Doe

Paul Doe

Jim Clark

Kate Clark

Shane Bo

Reg Pal

Janet Doe

Bob Doe

Jim Clark

Kat Clark

Shane Bo

Joe Smith

a8bf342

f72630b

14fbe54

a72bef4

7830530

4bf6021

a8bf242

b3894f3

14fbe54

672bef4

7830530

80ac364

Fuzz

y M

atch

ing

One way “hash” functions One way “hash” functions

Homomorphic Encryption

3 E7117593598749643033862322306020184392520845976281563526294981559259516861516633702469933935260534155369128712003211669147527394965883186987430405887069486581926553537132809459595364742532851158563479115837779718562708357817416015729957944589069202390269842442766563604072938327792655060957281939887206011…..........

655353713280945959536474253285115856347911583777971856270835781741601572995794458906920239026984244276656360407297610413871592061969995217697451818900805720754176976456091364980410538327792655060957281939887206011322264791188672934779233385835564950538042608146734818512597009355808913268579338921386569…....

2 E

+

9536474253285115856347911583777971856270835781741601572995794458906920239026984244276656360407297610413871592061969995217697451818900805118867293477923338583556495053804260814673481851259710956280997821095895622448011352839812888469270046257630846965506077009355808913268579338921386560873168564095306973507787453445216634333195600873200349632089270046257630846…....

D5=

Individual Privacy

Detect. Deter. Disrupt.

$US2.5 trillion

1%

In Search of Smurfs

Detect, Deter & Disrupt Money Launderingand Terrorism Financing

AUSTRAC

FINANCIAL INTELLIGENCE AGENCY & REGULATOR

TTR

SMR CBM IFTI

Up to 1 million/day

Confidential Computing in Action

CASH DEPOSITS BANK A BANK BINTERNATIONAL

TRANSFERS

IFTIsCash deposits Domestic inter-bank transfers

Generating Alerts (Future State)

Risk Modelling using Encrypted

Maths

Homomorphic Encryption

Privacy-Preserving Data Matching

REs FIUs LEAs PAs DecryptionEncrypted

POI

RE = Reporting Entity (banks, casinos, remitters, etc)FIU = Financial Intelligence Units (AUSTRAC, FinCen, etc)LEA = Law enforcement agenciesPA = Partner agencies (e.g. ATO, DHS)

Fighting Cyber Crime

State Actors are Playing Up

Over the past 3 FY’s, there were 1,097 cyber incidents affecting unclassified and classified government networks which were “considered serious enough to warrant an operational response”

Cyber attacks against Australian government infrastructure are the “new normal”

- Tom Sears (cyber defence expert)

Cyber Crime – It’s an Epidemic

Common methods used to model and analyse cyber epidemics, such as malware propagation, include susceptible-infected-susceptible (SIS)/susceptible-infected-removed (SIR)

However, privacy issues make it difficult to collect adequate data to count/estimate infected networks

Sharing is Caring…

Confidential Computing: Analyse & Use Data Without Seeing It

Healthcare Systems & Beyond…

“In Australian cybersecurity, there are only two types of healthcare organisations - those that know they've been hacked and those that don't know they’ve

been hacked.”Dr Nathan Pinskier (Royal Australian College of General Practitioners

& e-health specialist)

alex.antic@anu.edu.au

www.linkedin.com/in/alexantic/