CRYPTOGRAPHY

Enc Dec

Privacy

pk sk

Authenticity

Sign proof

Integrity

f(x)

Store Data in the Cloud

3

Server

data

data

Cloud Computing

4

Server

data

data

Untrusted Cloud Provider

5

Server

data

data

Security Properties

6

Server

data

data

Computation Integrity

Confidentiality

Confidentiality

7

data

Confidentiality

data

Server

data✘ User creates an encryption key

✘ Encrypts her data using this key

✘ Stores her encrypted data in the Cloud

8

Where to Store the Key?

? Key Management

Protect the secret key

✘ Users can remember just low entropy passwords (and not too many)

✘ User has to store her secret key on some device

✘ The storage device can also get corrupted

9

. . .

Password Protected Secret Sharing

✘ stores the secret into N servers using a password

✘ retrieves her secret even under corruptions

10

. . .

✘ Only needs to remember username & password

✘ Needs at least t+1 honest servers to retrieve key

Retrieve the Stored Secret Key

11

. . .

✘ If at most t servers are corrupted, they do not learn anything about the secret

✘ Retrieval with all bad servers does not leak password

Secure Recovery even under Corruptions

12

. . .

Password Protected Secret Sharing

[ACNP16]: Robust Password-Protected Secret Sharing joint work with M. Abdalla, M. Cornejo, D. Pointcheval

Delegated Computation

13

? ? ?

Task

Server

data

Algorithm f(x)

User requires data processing(eg: a personalised diet)

14

Server

f(x)=y

data

Answer y’

Trust the server or ask for a proof

Delegated Computation

15

Server

Integrity- verify computation result

- proof π that shows knowledge of the process

- Server should know all the computation steps

π

data

Verify the Solution: SNARK

16

Server

Integrity- verify computation result

- proof π that shows knowledge of the process

- Server should know all the computation steps

π

data

Verify the Solution: SNARK

Existing Solutions:

[BCC+14] The hunting of the SNARK. N. Bitansky, R. Canetti, A. Chiesa, S. Goldwasser, H. Lin, A. Rubinstein, E. Tromer.

[GGPR13] Quadratic span programs and succinct NIZKs without PCPs. R. Gennaro, C. Gentry, B. Parno, M. Raykova

17

Server

Integrity

what if Server receives part of

the knowledge from outside?

π

data

OSNARK: Prove with Black-box Access

18

Server

Integrity

what if Server receives part of

the knowledge from outside?

π

data

OSNARK: Prove with Black-box Access

[FN16] On the (In)security of SNARKs in the Presence of OraclesDario Fiore, Anca Nitulescu.

Quantum Adversaries

19

Server

Post-Quantum Integrity

Proofs resistant to quantum attacks

π

data

Quantum Adversaries

20

Server

Post-Quantum Integrity

Proofs resistant to quantum attacks

π

data

[GMNO18] Lattice-Based zk-SNARKs from Square Span ProgramsJoint work with Rosario Gennaro, Michele Minelli, Michele Orrù

Verifiable Computation with Privacy of Inputs

21

Confidentiality

data

Server

Verifiable Computation on Encrypted Data

22

Server

Apply FHE Eval

Computation Integrity

π

Verifiable Computation on Encrypted Data

23

Server

Apply FHE Eval

Computation Integrity

π

Verifiable Computation on Encrypted Data

24

Server

Apply FHE Eval

Computation Integrity

π

Anonymous Submission: Dedicated SNARK: Better efficiency than applying existing solutions