nyu cryptography group at courant institute
DESCRIPTION
NYU Cryptography Group at Courant Institute. Faculty: Yevgeniy Dodis [email protected] Victor Shoup [email protected]. Students: Nelly Fazio Michael Freedman Anca Ivan Antonio Nicolosi Roberto Oliveira Shabsi Walfish. Cryptography Reading Group. Meet every week - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/1.jpg)
• Faculty:– Yevgeniy Dodis
[email protected]– Victor Shoup
NYU Cryptography Group at Courant
Institute• Students:
– Nelly Fazio– Michael
Freedman– Anca Ivan– Antonio Nicolosi– Roberto Oliveira– Shabsi Walfish
![Page 2: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/2.jpg)
• Meet every week– This semester Friday, 1pm, room 101
• Drop by!– Contact me to be put on the mailing list
http://www.scs.cs.nyu.edu/crypto
Cryptography Reading Group
![Page 3: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/3.jpg)
Our Main Goals
• Improving the security and/or efficiency of cryptographic applications
• Designing new, provably secure cryptographic primitives
• Formalization and rigorous analysis of common cryptographic practices
• Protecting against key exposure
• Secure distributed/multiparty computation
![Page 4: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/4.jpg)
Our Style: Provable Security
• Formal definition for the cryptographic task at hand
• A concrete scheme which provably satisfies the above definition, assuming some commonly believed and well studied mathematical problem is “hard”
• Ensures that the only way to break the cryptographic scheme is to break a well studied mathematical problem, which is very unlikely (e.g., factoring)
• Gives much higher guarantee/assurance than commonly utilized “heuristic” approaches
![Page 5: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/5.jpg)
Crypto Skills
• Creativity: open mind, love for puzzles
• Formalism (proofs!) and elementary math (number theory, probability)
• Ability to ask interesting questions
• Ability to thinkas a devil…
![Page 6: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/6.jpg)
Some of Our Projects• Signature and Encryption Schemes• Authenticated Encryption• Resilience to Key Exposure• Distributed and Multi-party Cryptography
– Two-party computation
• Digital Right Management• Cryptography with Imperfect Randomness• Ideal Hash Function Methodology• Fault-tolerant Authentication• Privacy and Anonymity …
![Page 7: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/7.jpg)
Some projects I have been involved in @
NYU…Warnings:• Not meant to…
– give formal introduction to cryptography– be crystal clear if you see it for the first time
• Instead…– give vague summary of the “kind” of things I like– emphasize joint works with students and faculty
• Talk to me if interested in details!
![Page 8: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/8.jpg)
• "Exposure-Resilient Functions and All-Or-Nothing Transforms" , Eurocrypt, 2000.
• "On Perfect and Adaptive Security in Exposure-Resilient Cryptography", Eurocrypt, 2001.
• "Exposure-Resilience for Free: the Case of Hierarchical ID-based Encryption", IEEE International Security In Storage Workshop (SISW), 2002.
Partial Key Exposure
![Page 9: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/9.jpg)
Designed new model of key-insulated security, led to intrusion-resilient security
• "Key-Insulated Public Key Cryptosystems", Eurocrypt, 2002.
• "Strong Key-Insulated Signature Schemes", Workshop on Public Key Cryptography (PKC), 2003.
• "Intrusion-Resilient Public-Key Encryption", RSA Conference, Cryptography Track (CT-RSA), 2003.
Key Evolving Schemes
![Page 10: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/10.jpg)
• Max Krohn, David Mazieres and Antonio Nicolosi, "Proactive Two-Party Signatures for User Authentication", Network and Distributed System Security Symposium (NDSS), 2003.
• Anca Ivan, "Proxy Cryptography Revisited", Network and Distributed System Security Symposium (NDSS), 2003.
• "Generic Two-party CCA-secure Encryption Scheme and its Applications", manuscript
Two-Party Schemes
![Page 11: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/11.jpg)
• "On the Security of Joint Signature and Encryption", Eurocrypt, 2002.
• "Concealment and Its Applications to Authenticated Encryption", Eurocrypt, 2003.
• Michael Freedman and Shabsi Walfish, "Parallel Signcryption with OAEP, PSS-R and other Feistel Paddings", submitted to Crypto 2003.
• Michael Freedman and Shabsi Walfish, "Universal Padding Schemes", manuscript.
• "Parallel Authenticated Encryption", manuscript.
Authenticated Encryption
![Page 12: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/12.jpg)
• Nelly Fazio, "Public Key Broadcast Encryption for Stateless Receivers", ACM Workshop on Digital Rights Management, 2002.
• Nelly Fazio, "Public Key Broadcast Encryption Secure Against Adaptive Chosen Ciphertext Attack", Workshop on Public Key Cryptography (PKC), 2003.
• Nelly Fazio, "Fully Scalable Public-Key Traitor Tracing", submitted, 2003.
• Nelly Fazio, "Forward-Secure Broadcast Encryption", manuscript.
Digital Right Management
![Page 13: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/13.jpg)
• "New Imperfect Random Source with Applications to Coin-Flipping", International Colloquium on Automata, Languages and Programming (ICALP), 2001.
• Joel Spencer, "On the (non-)Universality of the One-Time Pad", Foundations of Computer Science (FOCS), 2002.
• Roberto Oliveira, "On Extracting Private Randomness over a Public Channel", manuscript.
Imperfect Randomness
![Page 14: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/14.jpg)
• "Parallel Reducibility for Information-Theoretically Secure Computation", Crypto, 2000.
• "Efficient Construction of (Distributed) Verifiable Random Functions", Workshop on Public Key Cryptography (PKC), 2003
• “Distributed Block Ciphers", manuscript
Distributed Cryptography
![Page 15: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/15.jpg)
• "Lower Bounds for Oblivious Transfer Reductions", Eurocrypt, 1999.
• "A Cryptographic Solution to a Game Theoretic Problem", Crypto, 2000.
• "On the Power of Claw-Free Permutations", Conference on Security in Communication Networks (SCN), 2002
Cryptography: Other…
![Page 16: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/16.jpg)
Can moderate taxes force selfish users minimize global traffic and congestion?
• Richard Cole, "Pricing Network Edges for Heterogeneous Selfish Users", Symposium on Theory of Computing (STOC), 2003.
• Richard Cole, "The Cost of Taxes for Selfish Routing", ACM Conference on Electronic Commerce (EC), 2003.
Algorithmic Game Theory
![Page 17: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/17.jpg)
My Other Interests
• Algorithms: randomized and approx. algorithms, network design…
• Coding Theory: relates to crypto too• Complexity Theory:
derandomization…• Combinatorics and Graph Theory• Anything else that has proofs and
requires problem solving…
![Page 18: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/18.jpg)
Recap of some recent group activities
![Page 19: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/19.jpg)
Signature & Encryption• First provably secure and yet efficient
signature and encryption schemes [CS98, CS99, CS02]– lead to new standards for PKI
• Efficient schemes utilizing ideal hash functions [Sho00, Sho01, DR02, DFW03, DFJW03]
• Signature / encryption schemes with extended functionalities [CS03, DF03, NKDM03]
![Page 20: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/20.jpg)
Authenticated Encryption
• First formal modeling of public-key authenticated encryption (signcryption) [ADR02]
• Parallel authenticated encryption [ADR02, DFW03, DFJW03, Dod03a]
• Designing authenticated encryption for long messages [DA03]
![Page 21: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/21.jpg)
Key Exposure Protection
• Exposure-resilient functions and All-or-nothing transforms [CDH00, DSS01]
• Key-insulated signature and encryption scheme [DKXY02, DKXY03]
• Intrusion-Resilient Encryption [DKY03]• Remotely-Keyed Encryption [DA03]• Server-Aided/Proxy/Proactive
Cryptography [NKDN03, ID03, DY02]
![Page 22: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/22.jpg)
Distributed Computation
• Byzantine Agreement [CKS00, CKPS01, KS01]
• Threshold Cryptosystems [SG98,Sho00]• Distributed verifiable random functions
and block ciphers [Dod03b, DY03]• Joint generation of special RSA keys
[ACS02]• Two-party computation [NKDN03, ID03]• Concurrent protocols composition
[DM00]
![Page 23: NYU Cryptography Group at Courant Institute](https://reader036.vdocument.in/reader036/viewer/2022081603/568145a2550346895db295f3/html5/thumbnails/23.jpg)
Some Other Projects• Digital right management [DF02,
DF03, DFKY03]• Ideal Hash Function Methodology
[Dod03b, DS03]• Basing Cryptography on Imperfect
Randomness [DS02, DO03]• Cryptography and Game Theory
[DHR00]• …