on assumptions and the limits of cryptography

On Assumptions and the Limits of Cryptography Nils Fleischhacker - PowerPoint PPT Presentation

Aug 26, 2023 •282 likes •1.06k views

On Assumptions and the Limits of Cryptography Nils Fleischhacker Bochum, January 23, 2019 The sad truth is: At the moment we cant! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2 The sad

  1. On Assumptions and the Limits of Cryptography Nils Fleischhacker Bochum, January 23, 2019

  2. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  3. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  4. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  5. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  6. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  7. The sad truth is: At the moment we can’t! Not really. So, how do we know all of this is secure? Can we know whether all of this is secure? 2

  8. Can we know whether all of this is secure? So, how do we know all of this is secure? The sad truth is: At the moment we can’t! Not really. 2

  9. iO FHE Well this seems like a terrible idea! 2PC PKE Multi-Linear Multi-Linear LWE DS Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape 3

  10. iO FHE Well this seems like a terrible idea! 2PC Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape PKE DS 3

  11. iO FHE Well this seems like a terrible idea! Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape 2PC PKE DS 3

  12. Well this seems like a terrible idea! Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape iO FHE 2PC PKE DS 3

  13. Well this seems like a terrible idea! Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer The Cryptographic Landscape iO FHE 2PC PKE DS Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  14. Well this seems like a terrible idea! Multi-Linear Multi-Linear Maps Maps The Cryptographic Landscape iO FHE 2PC PKE LWE DS Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  15. Well this seems like a terrible idea! Multi-Linear Maps The Cryptographic Landscape iO FHE 2PC PKE Multi-Linear LWE DS Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  16. Well this seems like a terrible idea! Multi-Linear Maps The Cryptographic Landscape iO FHE 2PC PKE Multi-Linear LWE DS Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  17. iO Well this seems like a terrible idea! Multi-Linear Multi-Linear Maps Maps The Cryptographic Landscape FHE 2PC PKE iO LWE DS Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  18. iO Multi-Linear Multi-Linear Maps Maps The Cryptographic Landscape FHE Well this seems like a terrible idea! 2PC PKE iO LWE DS Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  19. ??? One-Way Functions x f 4

  20. ??? One-Way Functions y x f 4

  21. ??? One-Way Functions y x f 4

  22. One-Way Functions y x f ??? 4

  23. ENC MAC P NP PKE OWF 2PC FHE Why We Need to Make Assumptions 5

  24. MAC P NP PKE 2PC FHE Why We Need to Make Assumptions ENC OWF 5

  25. P NP PKE 2PC FHE Why We Need to Make Assumptions ENC MAC OWF 5

  26. P NP 2PC FHE Why We Need to Make Assumptions ENC MAC PKE OWF 5

  27. P NP FHE Why We Need to Make Assumptions ENC MAC PKE OWF 2PC 5

  28. P NP Why We Need to Make Assumptions ENC MAC PKE OWF 2PC FHE 5

  29. Why We Need to Make Assumptions ENC MAC P ̸ = NP PKE OWF 2PC FHE 5

  30. Why We Need to Make Assumptions ENC MAC P ̸ = NP PKE OWF 2PC FHE 5

  31. Assumption Idea Behind Provable Security ENC 2PC MAC 6

  32. Assumption Idea Behind Provable Security ENC 2PC MAC 6

  33. Idea Behind Provable Security ENC Assumption 2PC MAC 6

  34. Idea Behind Provable Security ENC Assumption 2PC MAC 6

  35. Idea Behind Provable Security ENC Abstract P B Assumption 2PC MAC 6

  36. . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Determining Minimal Assumptions Statistical Security 7

  37. . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations Determining Minimal Assumptions One-Way Functions Statistical Security 7

  38. . . . Fully Homomorphic Encryption . . . Oblivious Transfer Determining Minimal Assumptions Trapdoor Permutations One-Way Functions Statistical Security 7

  39. . . . Fully Homomorphic Encryption . . . Determining Minimal Assumptions Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  40. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  41. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  42. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  43. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  44. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  45. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  46. Any Assumption [FGJ18] 2-Party 3-Round Obfuscation Computation ZK-Proofs 8

  47. 2-Party 3-Round Obfuscation Computation ZK-Proofs Any Assumption [FGJ18] 8

  48. Sound Zero-Knowledge A ZK-Proof must be Incredibly useful tools in Cryptography Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. 9

  49. Zero-Knowledge Incredibly useful tools in Cryptography Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. ▶ A ZK-Proof must be ▶ Sound 9

  50. Incredibly useful tools in Cryptography Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. ▶ A ZK-Proof must be ▶ Sound ▶ Zero-Knowledge 9

  51. Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. ▶ A ZK-Proof must be ▶ Sound ▶ Zero-Knowledge ▶ Incredibly useful tools in Cryptography 9

  52. [GO94] [GK96] Round-Complexity of ZK-Proofs for NP 10

  53. [GK96] Round-Complexity of ZK-Proofs for NP [GO94] 10

  54. Round-Complexity of ZK-Proofs for NP ✓ [GO94] [GK96] 10

  55. Round-Complexity of ZK-Proofs for NP ✓ [GO94] [GK96] 10

  56. Round-Complexity of ZK-Proofs for NP ✓ [GO94] [GK96] 10

  57. Compressing Proofs 11

  58. Compressing Proofs 11

  59. Compressing Proofs 11

  60. 2-Party 3-Round Obfuscation Computation ZK-Proofs Any Assumption Malicious PUFs [FGJ18] [DFKLS14] 12

  61. Behave like random functions. Cannot be copied. Use Physically Uncloneable Functions Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. 13

  62. Behave like random functions. Cannot be copied. Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. ▶ Use Physically Uncloneable Functions 13

  63. Cannot be copied. Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. ▶ Use Physically Uncloneable Functions ▶ Behave like random functions. 13

  64. Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. ▶ Use Physically Uncloneable Functions ▶ Behave like random functions. ▶ Cannot be copied. 13

  65. Our Paper Our Paper Secure Computation from PUFs Honest Malicious Malicious Stateless Stateful ? ? [BFSK11] Unconditional [OSVW13] 14

  66. ? ? Secure Computation from PUFs Honest Malicious Malicious Stateless Stateful [BFSK11] Our Paper Our Paper Unconditional [OSVW13] 14

Recommend

City Limits Lions Clubs City Limits Lions Clubs City Limits Lions Clubs City Limits Lions

City Limits Lions Clubs City Limits Lions Clubs City Limits Lions Clubs City Limits Lions

City Limits Lions Clubs City Limits Lions Clubs City Limits Lions Clubs City Limits Lions Clubs City Limits Lions Clubs City Limits Lions Clubs City Limits Lions Clubs City Limits Lions Clubs City Limits Lions Clubs City Limits

374 views • 23 slides
Different Types of Limits Besides ordinary, two-sided limits, there are one-sided limits (left-

Different Types of Limits Besides ordinary, two-sided limits, there are one-sided limits (left-

Different Types of Limits Besides ordinary, two-sided limits, there are one-sided limits (left- hand limits and right-hand limits), infinite limits and limits at infinity. One-Sided Limits x 2 4 x 5. Consider lim x 5 One might

222 views • 3 slides
MAT 166 Calculus for Bus/Soc Chapter 3 Notes Limits The Deriviative David J. Gisch Limits

MAT 166 Calculus for Bus/Soc Chapter 3 Notes Limits The Deriviative David J. Gisch Limits

5/29/2013 MAT 166 Calculus for Bus/Soc Chapter 3 Notes Limits The Deriviative David J. Gisch Limits Limits 1 5/29/2013 Limits Limits Why? Dont they always agree? 2 2 Limits Limits

633 views • 18 slides
Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Cryptography Concepts and Terminology Security Concepts Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and Terminology Cryptography School of Engineering and Technology CQUniversity

454 views • 11 slides
Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Cryptography Concepts and Terminology Security Concepts Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and Terminology Cryptography School of Engineering and Technology CQUniversity

322 views • 11 slides
Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve

Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography Cryptography in OpenSSL School of Engineering and

857 views • 17 slides
Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 El

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 El

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 El Gamal Encryption Public-Key Cryptography Lecture 9 El Gamal Encryption Public-Key Encryption from Trapdoor OWP Public-Key Cryptography Lecture

2.11k views • 163 slides
Limits (the size of the pie) allocation limits minimum reliability flow of supply Limits

Limits (the size of the pie) allocation limits minimum reliability flow of supply Limits

Limits (the size of the pie) allocation limits minimum reliability flow of supply Limits Implement climate minimum change flows multiple bands/ blocks Multiple bands/block How and where to set the limits? Reliability of supply

816 views • 26 slides
Medical Programs Overview Table 1. Caption Medical SNAP TANF Programs Income Limits Income

Medical Programs Overview Table 1. Caption Medical SNAP TANF Programs Income Limits Income

SNAP , TANF and Medical Programs Overview Table 1. Caption Medical SNAP TANF Programs Income Limits Income Limits Income limits Resource Resource Resource Limits Limits Limits Deductions Deductions Deductions 10/25/2017 2 SNAP

433 views • 14 slides
Scope & Limits of Scope & Limits of Scope & Limits of Legal Authority Legal

Scope & Limits of Scope & Limits of Scope & Limits of Legal Authority Legal

Lesson 4. Scope & Limits of Authority January 20, 2004 Scope & Limits of Scope & Limits of Scope & Limits of Legal Authority Legal Authority Legal Authority Lesson No. 4 ENV H 471 Environmental Health Regulation Winter

669 views • 7 slides
Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Cryptography Public Key Cryptography Concepts of Public Key Cryptography Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia Prepared by Steven Gordon on 20 Feb 2020, public.tex, r1803 1

422 views • 7 slides
Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography Symmetric cryptography DES 3DES AES Asymmetric cryptography Diffie-Hellman key exchange 2 Modern cryptography Moving into

338 views • 16 slides
Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Cryptography Lecture 8

Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Cryptography Lecture 8

Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Cryptography Lecture 8 Public-Key Encryption from Trapdoor OWP Public-Key Cryptography Lecture 8 Public-Key Encryption from Trapdoor OWP CCA Security El Gamal Encryption

1.78k views • 162 slides
Limits of sub semigroups of C and Siegel enrichments Ismael Bachy 22 novembre 2010 Limits of

Limits of sub semigroups of C and Siegel enrichments Ismael Bachy 22 novembre 2010 Limits of

Limits of closed sub semigroups of C Conformal Enrichments Limits of sub semigroups of C and Siegel enrichments Ismael Bachy 22 novembre 2010 Limits of sub semigroups of C and Siegel enrichments Ismael Bachy Limits of closed sub

575 views • 23 slides
d Limits at infinity and infinite limits i E 2 Lectures a l l u d b Dr. Abdulla Eid A

d Limits at infinity and infinite limits i E 2 Lectures a l l u d b Dr. Abdulla Eid A

Section 2.6 d Limits at infinity and infinite limits i E 2 Lectures a l l u d b Dr. Abdulla Eid A . College of Science r D MATHS 101: Calculus I Dr. Abdulla Eid (University of Bahrain) Infinite Limits 1 / 29 d 1 Finite limits

608 views • 29 slides
Modeling Limits Jaroslav Neetil Patrice Ossona de Mendez Charles University CAMS, CNRS/EHESS

Modeling Limits Jaroslav Neetil Patrice Ossona de Mendez Charles University CAMS, CNRS/EHESS

Structural Limits FO-limits? Going further Modeling Limits Jaroslav Neetil Patrice Ossona de Mendez Charles University CAMS, CNRS/EHESS LIA STRUCO Praha, Czech Republic Paris, France IHP 2018 Structural Limits FO-limits?

572 views • 35 slides
Defining, Transforming, and Exchanging High-Level Schemas My answer: Any schema above the

Defining, Transforming, and Exchanging High-Level Schemas My answer: Any schema above the

What is a High-Level Schema? Defining, Transforming, and Exchanging High-Level Schemas My answer: Any schema above the statement level A guided journey through the outback I see two distinct levels of abstraction: Presented by Michael W.

430 views • 7 slides
GENI Ideas: Instrumentation, Experiments and Security Richard Ford (rford@fit.edu) Ronda Henning

GENI Ideas: Instrumentation, Experiments and Security Richard Ford (rford@fit.edu) Ronda Henning

GENI Ideas: Instrumentation, Experiments and Security Richard Ford (rford@fit.edu) Ronda Henning (rhenning@harris.com) 1 The Harris Institute for Assured 1/29/09 Information Three ideas, One slide GENI Ideas: Instrumentation, Experiments

393 views • 6 slides
Agenda Announcements Snarf code CompSci101Recursion 1/14/2013 CompSci101 Peter

Agenda Announcements Snarf code CompSci101Recursion 1/14/2013 CompSci101 Peter

Agenda Announcements Snarf code CompSci101Recursion 1/14/2013 CompSci101 Peter Lorensen 1 Recusion Recusion: Se recusion. 1/14/2013 CompSci101 Peter Lorensen 2 Recursion Functions can call other functions, but they

515 views • 12 slides
Bringsel: A Tool for Measuring Storage System Reliability, Uniformity, Performance and Scalability

Bringsel: A Tool for Measuring Storage System Reliability, Uniformity, Performance and Scalability

Bringsel: A Tool for Measuring Storage System Reliability, Uniformity, Performance and Scalability John Kaitschuck Cray Federal CUG2007 jkaitsch@cray.com 5/2007 Overview - Challenges in File Systems Testing and Technology - Points for

823 views • 24 slides
Architectural Styles Reid Holmes [TAILOR ET AL.] Lunar lander example REID HOLMES - SE2:

Architectural Styles Reid Holmes [TAILOR ET AL.] Lunar lander example REID HOLMES - SE2:

Material and some slide content from: - Emerson Murphy-Hill - Software Architecture: Foundations, Theory, and Practice - Essential Software Architecture Architectural Styles Reid Holmes [TAILOR ET AL.] Lunar lander example REID HOLMES - SE2:

636 views • 41 slides
Network Security: Continued CS 236 On-Line MS Program Networks and Systems Security Peter

Network Security: Continued CS 236 On-Line MS Program Networks and Systems Security Peter

Network Security: Continued CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 10 Page 1 CS 236 Online Firewall Configuration and Administration Again, the firewall is the point of attack for intruders

375 views • 16 slides
Anima IETF 93 Charter Discussion Design Team Update bootstrap design team

Anima IETF 93 Charter Discussion Design Team Update bootstrap design team

Anima IETF 93 Charter Discussion Design Team Update bootstrap design team http://trac.tools.ietf.org/wg/anima/trac/wiki/ WikiStart Click on: Bootstrap Design Team (There is also the Signaling Design Team) Bootstrap DT Charter

245 views • 6 slides
Collaboration, Interoperability, and Secure Systems Mr. Richard Lee ADUSD (Information

Collaboration, Interoperability, and Secure Systems Mr. Richard Lee ADUSD (Information

Collaboration, Interoperability, and Secure Systems Mr. Richard Lee ADUSD (Information Integration & Operations) ODUSD (Advanced Systems & Concepts Defense Research & Engineering 703-695-7938 Richard.lee@osd.mil May 21, 2008

484 views • 9 slides

More recommend