Ruben De Smet (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), Tom Godden (Department of Engineering Technology (INDI), Vrije Universiteit Brussel), Kris Steenhaut (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), An Braeken (Department of Engineering Technology (INDI), Vrije Universiteit Brussel)
The principle of privacy-by-design more often than not requires the implementation of privacy-enhancing technologies (PETs). In turn, the implementation of PETs requires indepth knowledge of cryptography engineering, which hinders a.o. rapid prototyping, modularity, and readability. This article proposes research on loose coupling of cryptographic primitives to business logic. As a running example, we look at the permission management of Signal’s private groups, and propose an alternative design, keeping in mind extensibility, modularity, and improved transparency and auditability.