Reminder: Crypto day 9/13 at 9:15am at MIT
8 views
Skip to first unread message
Henry Corrigan-Gibbs
Sep 11, 2024, 8:59:12 AM9/11/24
to charles-rive...@googlegroups.com
Hi everyone,
Just a reminder: the next Crypto Day is this Friday 9/13 at MIT
in 32-D463. Coffee starts at 9:15am and the talks (abstracts
below) start at 9:30am.
See you there!
Daniel, Eran, Henry, Vinod, Yael
======================
When: Friday, Sep. 13.
Where: MIT, Room 32-D463 (Star).
Organizers: Henry Corrigan-Gibbs, Yael Kalai, Eran Tromer, Vinod Vaikuntanathan and Daniel Wichs
PROGRAM
9:15–9:30 Coffee/Welcome
9:30–10:30 David Wu (UT Austin)
Adaptively-Sound Succinct Arguments for NP from Indistinguishability Obfuscation
10:45–11:45 Ran Canetti (BU)
Towards general-purpose program obfuscation via local mixing
11:45–12:45 Lunch (provided)
12:45–1:45 Brent Waters (NTT Research & UT Austin)
A New Approach for Non-Interactive Zero-Knowledge from Learning with Errors
2:00–3:00 Julia Len (MIT)
Recent Developments in Authenticated Encryption
======================
-------
Speaker: David Wu (UT Austin)
Title: Adaptively-Sound Succinct Arguments for NP from Indistinguishability Obfuscation
Abstract: A succinct non-interactive argument (SNARG) for NP allows a prover to convince a verifier that an NP statement x is true with a proof whose size scales sublinearly with the size of the associated NP witness. A SNARG satisfies adaptive soundness if the malicious prover can choose the statement to prove after seeing the scheme parameters. In this talk, I will show how to construct an adaptively-sound SNARG for NP in the plain model assuming sub-exponentially-hard indistinguishability obfuscation and sub-exponentially-hard one-way functions. This gives the first adaptively-sound SNARG for NP from falsifiable assumptions. All previous constructions of SNARGs for NP either relied on non-falsifiable assumptions or achieved the weaker notion of non-adaptive soundness where the adversary has to declare its statement up front (before seeing the scheme parameters).
Based on joint works with Brent Waters.
-------
Speaker: Ran Canetti (BU)
Title: Towards general-purpose program obfuscation via local mixing
Abstract: We explore the possibility of obtaining general-purpose obfuscation for all circuits by way of making only simple, local, functionality preserving random perturbations in the circuit structure. Towards this goal, we use the additional structure provided by reversible circuits, but no additional algebraic structure. Our approach is rooted in statistical mechanics and can be thought of as locally “thermalizing” a circuit while preserving its functionality.
We analyze the security of this approach in two steps. First, we provide arguments towards its security for a relatively simple task: obfuscating random circuits of bounded length. Next we show how to construct indistinguishability obfuscators for all (unbounded length) circuits given an obfuscator for random reversible circuits of bounded length. Here security is proven under a new assumption regarding the pseudorandomness of sufficiently-long random reversible circuits.
Our specific candidate obfuscators are very simple and relatively efficient: the obfuscated version of an n-wire, m-gate (reversible) circuit with security parameter κ has n wires and poly(n, κ)m gates. We hope that our initial exploration will motivate further study of this alternative path to program obfuscation (and, hence, cryptography in general).
This is joint work with Claudio Chamon, Eduardo R. Mucciolo, and Andrei E. Ruckenstein.
-------
Speaker: Brent Waters (NTT Research & UT Austin)
Title: A New Approach for Non-Interactive Zero-Knowledge from Learning with Errors
Abstract: I will put forward a new approach for achieving non-interactive zero-knowledge proofs (NIKZs) from the learning with errors (LWE) assumption. I will describe a LWE-based construction of a hidden bits generator that gives rise to a NIZK via the celebrated hidden bits paradigm. A notable feature of the construction is its simplicity. Our construction employs lattice trapdoors, but beyond that uses only simple operations. Unlike prior solutions, it does not rely on a correlation intractability argument nor does it utilize fully homomorphic encryption techniques.
-------
Speaker: Julia Len (MIT)
Title: The Next Generation of Authenticated Encryption
Abstract: This talk will focus on the need for a new approach for designing authenticated encryption with associated data (AEAD). In the last few years, researchers and practitioners have discovered that widely deployed AEAD schemes, designed almost two decades ago, have many limitations. These range from uncomfortably small security margins to outright security vulnerabilities.
First, this talk will focus on the importance of context commitment security, which asks that AEAD schemes will not decrypt the same adversarially-chosen ciphertext under two different, adversarially-chosen contexts (secret key, associated data, and nonce). A spate of recent attacks have shown that many popular schemes, including AES-GCM and ChaCha20/Poly1305, are not context committing. We resolve open questions
around the commitment security of other important schemes such as CCM, EAX, and SIV. Finally, this talk will discuss our ongoing work to design new schemes that resolve the above limitations, laying the foundation for a new generation of AEAD schemes. Our approach is what we refer to as flexible AEAD.
This is joint work with Mihir Bellare, John Chan, Paul Grubbs, Shay Gueron, Viet Tung Hoang, Sanketh Menda, Thomas Ristenpart, and Phillip Rogaway.
Just a reminder: the next Crypto Day is this Friday 9/13 at MIT
in 32-D463. Coffee starts at 9:15am and the talks (abstracts
below) start at 9:30am.
See you there!
Daniel, Eran, Henry, Vinod, Yael
======================
When: Friday, Sep. 13.
Where: MIT, Room 32-D463 (Star).
Organizers: Henry Corrigan-Gibbs, Yael Kalai, Eran Tromer, Vinod Vaikuntanathan and Daniel Wichs
PROGRAM
9:15–9:30 Coffee/Welcome
9:30–10:30 David Wu (UT Austin)
Adaptively-Sound Succinct Arguments for NP from Indistinguishability Obfuscation
10:45–11:45 Ran Canetti (BU)
Towards general-purpose program obfuscation via local mixing
11:45–12:45 Lunch (provided)
12:45–1:45 Brent Waters (NTT Research & UT Austin)
A New Approach for Non-Interactive Zero-Knowledge from Learning with Errors
2:00–3:00 Julia Len (MIT)
Recent Developments in Authenticated Encryption
======================
-------
Speaker: David Wu (UT Austin)
Title: Adaptively-Sound Succinct Arguments for NP from Indistinguishability Obfuscation
Abstract: A succinct non-interactive argument (SNARG) for NP allows a prover to convince a verifier that an NP statement x is true with a proof whose size scales sublinearly with the size of the associated NP witness. A SNARG satisfies adaptive soundness if the malicious prover can choose the statement to prove after seeing the scheme parameters. In this talk, I will show how to construct an adaptively-sound SNARG for NP in the plain model assuming sub-exponentially-hard indistinguishability obfuscation and sub-exponentially-hard one-way functions. This gives the first adaptively-sound SNARG for NP from falsifiable assumptions. All previous constructions of SNARGs for NP either relied on non-falsifiable assumptions or achieved the weaker notion of non-adaptive soundness where the adversary has to declare its statement up front (before seeing the scheme parameters).
Based on joint works with Brent Waters.
-------
Speaker: Ran Canetti (BU)
Title: Towards general-purpose program obfuscation via local mixing
Abstract: We explore the possibility of obtaining general-purpose obfuscation for all circuits by way of making only simple, local, functionality preserving random perturbations in the circuit structure. Towards this goal, we use the additional structure provided by reversible circuits, but no additional algebraic structure. Our approach is rooted in statistical mechanics and can be thought of as locally “thermalizing” a circuit while preserving its functionality.
We analyze the security of this approach in two steps. First, we provide arguments towards its security for a relatively simple task: obfuscating random circuits of bounded length. Next we show how to construct indistinguishability obfuscators for all (unbounded length) circuits given an obfuscator for random reversible circuits of bounded length. Here security is proven under a new assumption regarding the pseudorandomness of sufficiently-long random reversible circuits.
Our specific candidate obfuscators are very simple and relatively efficient: the obfuscated version of an n-wire, m-gate (reversible) circuit with security parameter κ has n wires and poly(n, κ)m gates. We hope that our initial exploration will motivate further study of this alternative path to program obfuscation (and, hence, cryptography in general).
This is joint work with Claudio Chamon, Eduardo R. Mucciolo, and Andrei E. Ruckenstein.
-------
Speaker: Brent Waters (NTT Research & UT Austin)
Title: A New Approach for Non-Interactive Zero-Knowledge from Learning with Errors
Abstract: I will put forward a new approach for achieving non-interactive zero-knowledge proofs (NIKZs) from the learning with errors (LWE) assumption. I will describe a LWE-based construction of a hidden bits generator that gives rise to a NIZK via the celebrated hidden bits paradigm. A notable feature of the construction is its simplicity. Our construction employs lattice trapdoors, but beyond that uses only simple operations. Unlike prior solutions, it does not rely on a correlation intractability argument nor does it utilize fully homomorphic encryption techniques.
-------
Speaker: Julia Len (MIT)
Title: The Next Generation of Authenticated Encryption
Abstract: This talk will focus on the need for a new approach for designing authenticated encryption with associated data (AEAD). In the last few years, researchers and practitioners have discovered that widely deployed AEAD schemes, designed almost two decades ago, have many limitations. These range from uncomfortably small security margins to outright security vulnerabilities.
First, this talk will focus on the importance of context commitment security, which asks that AEAD schemes will not decrypt the same adversarially-chosen ciphertext under two different, adversarially-chosen contexts (secret key, associated data, and nonce). A spate of recent attacks have shown that many popular schemes, including AES-GCM and ChaCha20/Poly1305, are not context committing. We resolve open questions
around the commitment security of other important schemes such as CCM, EAX, and SIV. Finally, this talk will discuss our ongoing work to design new schemes that resolve the above limitations, laying the foundation for a new generation of AEAD schemes. Our approach is what we refer to as flexible AEAD.
This is joint work with Mihir Bellare, John Chan, Paul Grubbs, Shay Gueron, Viet Tung Hoang, Sanketh Menda, Thomas Ristenpart, and Phillip Rogaway.
Reply all
Reply to author
Forward
0 new messages