On Assumptions and the Limits of Cryptography Nils Fleischhacker Bochum, January 23, 2019
The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2
The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2
The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2
The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2
The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2
The sad truth is: At the moment we can’t! Not really. So, how do we know all of this is secure? Can we know whether all of this is secure? 2
Can we know whether all of this is secure? So, how do we know all of this is secure? The sad truth is: At the moment we can’t! Not really. 2
iO FHE Well this seems like a terrible idea! 2PC PKE Multi-Linear Multi-Linear LWE DS Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape 3
iO FHE Well this seems like a terrible idea! 2PC Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape PKE DS 3
iO FHE Well this seems like a terrible idea! Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape 2PC PKE DS 3
Well this seems like a terrible idea! Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape iO FHE 2PC PKE DS 3
Well this seems like a terrible idea! Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer The Cryptographic Landscape iO FHE 2PC PKE DS Trapdoor Permutations Trapdoor Permutations One-way Functions 3
Well this seems like a terrible idea! Multi-Linear Multi-Linear Maps Maps The Cryptographic Landscape iO FHE 2PC PKE LWE DS Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3
Well this seems like a terrible idea! Multi-Linear Maps The Cryptographic Landscape iO FHE 2PC PKE Multi-Linear LWE DS Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3
Well this seems like a terrible idea! Multi-Linear Maps The Cryptographic Landscape iO FHE 2PC PKE Multi-Linear LWE DS Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3
iO Well this seems like a terrible idea! Multi-Linear Multi-Linear Maps Maps The Cryptographic Landscape FHE 2PC PKE iO LWE DS Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3
iO Multi-Linear Multi-Linear Maps Maps The Cryptographic Landscape FHE Well this seems like a terrible idea! 2PC PKE iO LWE DS Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3
??? One-Way Functions x f 4
??? One-Way Functions y x f 4
??? One-Way Functions y x f 4
One-Way Functions y x f ??? 4
ENC MAC P NP PKE OWF 2PC FHE Why We Need to Make Assumptions 5
MAC P NP PKE 2PC FHE Why We Need to Make Assumptions ENC OWF 5
P NP PKE 2PC FHE Why We Need to Make Assumptions ENC MAC OWF 5
P NP 2PC FHE Why We Need to Make Assumptions ENC MAC PKE OWF 5
P NP FHE Why We Need to Make Assumptions ENC MAC PKE OWF 2PC 5
P NP Why We Need to Make Assumptions ENC MAC PKE OWF 2PC FHE 5
Why We Need to Make Assumptions ENC MAC P ̸ = NP PKE OWF 2PC FHE 5
Why We Need to Make Assumptions ENC MAC P ̸ = NP PKE OWF 2PC FHE 5
Assumption Idea Behind Provable Security ENC 2PC MAC 6
Assumption Idea Behind Provable Security ENC 2PC MAC 6
Idea Behind Provable Security ENC Assumption 2PC MAC 6
Idea Behind Provable Security ENC Assumption 2PC MAC 6
Idea Behind Provable Security ENC Abstract P B Assumption 2PC MAC 6
. . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Determining Minimal Assumptions Statistical Security 7
. . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations Determining Minimal Assumptions One-Way Functions Statistical Security 7
. . . Fully Homomorphic Encryption . . . Oblivious Transfer Determining Minimal Assumptions Trapdoor Permutations One-Way Functions Statistical Security 7
. . . Fully Homomorphic Encryption . . . Determining Minimal Assumptions Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7
Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7
Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7
Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7
Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7
Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7
Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7
Any Assumption [FGJ18] 2-Party 3-Round Obfuscation Computation ZK-Proofs 8
2-Party 3-Round Obfuscation Computation ZK-Proofs Any Assumption [FGJ18] 8
Sound Zero-Knowledge A ZK-Proof must be Incredibly useful tools in Cryptography Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. 9
Zero-Knowledge Incredibly useful tools in Cryptography Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. ▶ A ZK-Proof must be ▶ Sound 9
Incredibly useful tools in Cryptography Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. ▶ A ZK-Proof must be ▶ Sound ▶ Zero-Knowledge 9
Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. ▶ A ZK-Proof must be ▶ Sound ▶ Zero-Knowledge ▶ Incredibly useful tools in Cryptography 9
[GO94] [GK96] Round-Complexity of ZK-Proofs for NP 10
[GK96] Round-Complexity of ZK-Proofs for NP [GO94] 10
Round-Complexity of ZK-Proofs for NP ✓ [GO94] [GK96] 10
Round-Complexity of ZK-Proofs for NP ✓ [GO94] [GK96] 10
Round-Complexity of ZK-Proofs for NP ✓ [GO94] [GK96] 10
Compressing Proofs 11
Compressing Proofs 11
Compressing Proofs 11
2-Party 3-Round Obfuscation Computation ZK-Proofs Any Assumption Malicious PUFs [FGJ18] [DFKLS14] 12
Behave like random functions. Cannot be copied. Use Physically Uncloneable Functions Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. 13
Behave like random functions. Cannot be copied. Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. ▶ Use Physically Uncloneable Functions 13
Cannot be copied. Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. ▶ Use Physically Uncloneable Functions ▶ Behave like random functions. 13
Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. ▶ Use Physically Uncloneable Functions ▶ Behave like random functions. ▶ Cannot be copied. 13
Our Paper Our Paper Secure Computation from PUFs Honest Malicious Malicious Stateless Stateful ? ? [BFSK11] Unconditional [OSVW13] 14
? ? Secure Computation from PUFs Honest Malicious Malicious Stateless Stateful [BFSK11] Our Paper Our Paper Unconditional [OSVW13] 14
Recommend
More recommend