Privacy Engineering

Module aims

This module will teach you and have you practice state-of-the-art attacks against privacy-preserving mechanisms and systems. For each attack, we will then review defense mechanisms and the associated trade-offs.

First, we will review anonymisation strategies for small and big data datasets and their limits. We will then do the same for query-based systems before learning and applying a theory called Differential Privacy. Finally, we will build privacy-preserving services using cryptographic methods before finishing by analysing privacy policies using formal methods.

Learning outcomes

Upon successful completion of this module you will be able to:

  • anonymise and re-identify small and big data datasets
  • use and extend algorithms to attack query-based/ question-and-answers systems
  • use and develop differentially
  • private functions and evaluate the use of differential privacy on personal data sets
  • build privacy-preserving services using cryptographic methods
  • develop and analyse policies for privacy-preserving services using formal methods

Module syllabus

This module covers the following topics:

  • Pseudonymisation and anonymisation
  • Big data anonymisation
  • Query-based systems
  • Differential privacy
  • Secure multi-party computation
  • Shared and searchable encrypted data
  • Anonymous communication
  • Privacy policies and data protection compliance   

Teaching methods

The module is motivated by real-world privacy concerns and aims to introduce the fundamental concepts and techniques for developing solutions that are privacy-preserving. In addition to material prepared by the lecturers you will also be expected to read and discuss selected research papers for each major topic. The objective is to prepare you to pursue research into privacy as well as apply and develop privacy-preserving solutions to industry problems.

Classroom sessions will include traditional lectures and some supervised problem solving, which are designed to reinforce understanding. Many of the latter will be lab sessions using JupyterLab. These problems are not assessed, although specimen solutions will be provided. Past exam paper questions will also be included in the problem sets in order to help prepare you for the final exam. 

The Piazza Q&A web service will be used as an open online discussion forum for the module.   


There will be two coursework exercises designed to reinforce the material covered in lectures and give you hands-on experience of solving real privacy problems. You can either work on your own or as a pair. These courseworks together count for 20% of the marks for the module. There will be a final written exam, which will test both theoretical and practical aspects of the subject. This exam counts for the remaining 80% of the marks.  

There will be detailed feedback on the coursework exercises which will include written feedback on your submissions and class-wide feedback explaining common pitfalls and suggestions for improvement.   

Reading list

Core reading

  • Cryptography Made Simple

    Smart, Nigel. author.

    1st ed. 2016., Cham : Springer International Publishing : Imprint: Springer

  • A Pragmatic Introduction to Secure Multi-Party Computation

    Evans, David ; Kolesnikov, Vladimir ; Rosulek, Mike

Module leaders

Dr Naranker Dulay
Dr Yves-Alexandre de Montjoye