Keynote Speakers

Marten van Dijk

CWI

Marten van Dijk, IEEE Fellow, is group leader and founder of the Computer Security group at CWI, the Netherlands, with over 20 years of experience in both industry (Philips Research and RSA Laboratories) and academia (MIT, University of Connecticut, Vrije Universiteit van Amsterdam). His work has been recognized by the IEEE CS Edward J. McCluskey Technical Achievement Award 2023, the A. Richard Newton Technical Impact Award in Electronic Design Automation 2015, and has received several best and test-of-time paper awards, see also https://www.cwi.nl/en/people/marten-van-dijk/. He is known for his work on secure computation, in particular, the AEGIS processor -- the first single-chip secure processor, Physical Unclonable Functions (PUFs), Fully Homomorphic Encryption over the Integers, and Oblivious RAM. He is now actively researching the intersecting field of security and machine learning.

Keynote Title: Can we protect our private data in the Machine Learning age?

Abstract: Protecting data for training machine learning models comes at a significant cost. We shortly explain how secure processor architectures and secure multi-party computation can protect the confidentiality of computations that lead to a final global machine learning model. We explain in more detail how we can add a differential privacy mechanism to limit privacy leakage from the outputted/queryable final global model. We demonstrate that no meaningful differential privacy guarantee can be obtained together with practical utility (test accuracy). The recent introduction of PAC Privacy for instance-based security may be the needed paradigm shift.