License: Creative Commons Attribution 4.0 International license (CC BY 4.0)
When quoting this document, please refer to the following
DOI: 10.4230/LIPIcs.AFT.2023.12
URN: urn:nbn:de:0030-drops-192019
URL: http://dagstuhl.sunsite.rwth-aachen.de/volltexte/2023/19201/
Go to the corresponding LIPIcs Volume Portal


Baum, Carsten ; Chiang, James Hsin-yu ; David, Bernardo ; Frederiksen, Tore Kasper

SoK: Privacy-Enhancing Technologies in Finance

pdf-format:
LIPIcs-AFT-2023-12.pdf (0.9 MB)


Abstract

Recent years have seen the emergence of practical advanced cryptographic tools that not only protect data privacy and authenticity, but also allow for jointly processing data from different institutions without sacrificing privacy. The ability to do so has enabled implementations of a number of traditional and decentralized financial applications that would have required sacrificing privacy or trusting a third party. The main catalyst of this revolution was the advent of decentralized cryptocurrencies that use public ledgers to register financial transactions, which must be verifiable by any third party, while keeping sensitive data private. Zero Knowledge (ZK) proofs rose to prominence as a solution to this challenge, allowing for the owner of sensitive data (e.g. the identities of users involved in an operation) to convince a third party verifier that a certain operation has been correctly executed without revealing said data. It quickly became clear that performing arbitrary computation on private data from multiple sources by means of secure Multiparty Computation (MPC) and related techniques allows for more powerful financial applications, also in traditional finance.
In this SoK, we categorize the main traditional and decentralized financial applications that can benefit from state-of-the-art Privacy-Enhancing Technologies (PETs) and identify design patterns commonly used when applying PETs in the context of these applications. In particular, we consider the following classes of applications: 1. Identity Management, KYC & AML; 2. Markets & Settlement; 3. Legal; and 4. Digital Asset Custody. We examine how ZK proofs, MPC and related PETs have been used to tackle the main security challenges in each of these applications. Moreover, we provide an assessment of the technological readiness of each PET in the context of different financial applications according to the availability of: theoretical feasibility results, preliminary benchmarks (in scientific papers) or benchmarks achieving real-world performance (in commercially deployed solutions). Finally, we propose future applications of PETs as Fintech solutions to currently unsolved issues. While we systematize financial applications of PETs at large, we focus mainly on those applications that require privacy preserving computation on data from multiple parties.

BibTeX - Entry

@InProceedings{baum_et_al:LIPIcs.AFT.2023.12,
  author =	{Baum, Carsten and Chiang, James Hsin-yu and David, Bernardo and Frederiksen, Tore Kasper},
  title =	{{SoK: Privacy-Enhancing Technologies in Finance}},
  booktitle =	{5th Conference on Advances in Financial Technologies (AFT 2023)},
  pages =	{12:1--12:30},
  series =	{Leibniz International Proceedings in Informatics (LIPIcs)},
  ISBN =	{978-3-95977-303-4},
  ISSN =	{1868-8969},
  year =	{2023},
  volume =	{282},
  editor =	{Bonneau, Joseph and Weinberg, S. Matthew},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2023/19201},
  URN =		{urn:nbn:de:0030-drops-192019},
  doi =		{10.4230/LIPIcs.AFT.2023.12},
  annote =	{Keywords: DeFi, Anti-money laundering, MPC, FHE, identity management, PETs}
}

Keywords: DeFi, Anti-money laundering, MPC, FHE, identity management, PETs
Collection: 5th Conference on Advances in Financial Technologies (AFT 2023)
Issue Date: 2023
Date of publication: 18.10.2023


DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI