on assumptions and the limits of cryptography

On Assumptions and the Limits of Cryptography Nils Fleischhacker - PowerPoint PPT Presentation

On Assumptions and the Limits of Cryptography Nils Fleischhacker Bochum, January 23, 2019 The sad truth is: At the moment we cant! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2 The sad


  1. On Assumptions and the Limits of Cryptography Nils Fleischhacker Bochum, January 23, 2019

  2. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  3. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  4. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  5. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  6. The sad truth is: At the moment we can’t! Not really. Can we know whether all of this is secure? So, how do we know all of this is secure? 2

  7. The sad truth is: At the moment we can’t! Not really. So, how do we know all of this is secure? Can we know whether all of this is secure? 2

  8. Can we know whether all of this is secure? So, how do we know all of this is secure? The sad truth is: At the moment we can’t! Not really. 2

  9. iO FHE Well this seems like a terrible idea! 2PC PKE Multi-Linear Multi-Linear LWE DS Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape 3

  10. iO FHE Well this seems like a terrible idea! 2PC Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape PKE DS 3

  11. iO FHE Well this seems like a terrible idea! Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape 2PC PKE DS 3

  12. Well this seems like a terrible idea! Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions The Cryptographic Landscape iO FHE 2PC PKE DS 3

  13. Well this seems like a terrible idea! Multi-Linear Multi-Linear LWE Maps Maps Oblivious Transfer The Cryptographic Landscape iO FHE 2PC PKE DS Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  14. Well this seems like a terrible idea! Multi-Linear Multi-Linear Maps Maps The Cryptographic Landscape iO FHE 2PC PKE LWE DS Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  15. Well this seems like a terrible idea! Multi-Linear Maps The Cryptographic Landscape iO FHE 2PC PKE Multi-Linear LWE DS Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  16. Well this seems like a terrible idea! Multi-Linear Maps The Cryptographic Landscape iO FHE 2PC PKE Multi-Linear LWE DS Maps Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  17. iO Well this seems like a terrible idea! Multi-Linear Multi-Linear Maps Maps The Cryptographic Landscape FHE 2PC PKE iO LWE DS Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  18. iO Multi-Linear Multi-Linear Maps Maps The Cryptographic Landscape FHE Well this seems like a terrible idea! 2PC PKE iO LWE DS Oblivious Transfer Trapdoor Permutations Trapdoor Permutations One-way Functions 3

  19. ??? One-Way Functions x f 4

  20. ??? One-Way Functions y x f 4

  21. ??? One-Way Functions y x f 4

  22. One-Way Functions y x f ??? 4

  23. ENC MAC P NP PKE OWF 2PC FHE Why We Need to Make Assumptions 5

  24. MAC P NP PKE 2PC FHE Why We Need to Make Assumptions ENC OWF 5

  25. P NP PKE 2PC FHE Why We Need to Make Assumptions ENC MAC OWF 5

  26. P NP 2PC FHE Why We Need to Make Assumptions ENC MAC PKE OWF 5

  27. P NP FHE Why We Need to Make Assumptions ENC MAC PKE OWF 2PC 5

  28. P NP Why We Need to Make Assumptions ENC MAC PKE OWF 2PC FHE 5

  29. Why We Need to Make Assumptions ENC MAC P ̸ = NP PKE OWF 2PC FHE 5

  30. Why We Need to Make Assumptions ENC MAC P ̸ = NP PKE OWF 2PC FHE 5

  31. Assumption Idea Behind Provable Security ENC 2PC MAC 6

  32. Assumption Idea Behind Provable Security ENC 2PC MAC 6

  33. Idea Behind Provable Security ENC Assumption 2PC MAC 6

  34. Idea Behind Provable Security ENC Assumption 2PC MAC 6

  35. Idea Behind Provable Security ENC Abstract P B Assumption 2PC MAC 6

  36. . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Determining Minimal Assumptions Statistical Security 7

  37. . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations Determining Minimal Assumptions One-Way Functions Statistical Security 7

  38. . . . Fully Homomorphic Encryption . . . Oblivious Transfer Determining Minimal Assumptions Trapdoor Permutations One-Way Functions Statistical Security 7

  39. . . . Fully Homomorphic Encryption . . . Determining Minimal Assumptions Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  40. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  41. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  42. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  43. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  44. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  45. Determining Minimal Assumptions . . . Fully Homomorphic Encryption . . . Oblivious Transfer Trapdoor Permutations One-Way Functions Statistical Security 7

  46. Any Assumption [FGJ18] 2-Party 3-Round Obfuscation Computation ZK-Proofs 8

  47. 2-Party 3-Round Obfuscation Computation ZK-Proofs Any Assumption [FGJ18] 8

  48. Sound Zero-Knowledge A ZK-Proof must be Incredibly useful tools in Cryptography Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. 9

  49. Zero-Knowledge Incredibly useful tools in Cryptography Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. ▶ A ZK-Proof must be ▶ Sound 9

  50. Incredibly useful tools in Cryptography Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. ▶ A ZK-Proof must be ▶ Sound ▶ Zero-Knowledge 9

  51. Zero-Knowledge Proof Protocols ▶ A Zero-Knowledge Proof allows me to to prove that a statement is true without revealing the reason why. ▶ A ZK-Proof must be ▶ Sound ▶ Zero-Knowledge ▶ Incredibly useful tools in Cryptography 9

  52. [GO94] [GK96] Round-Complexity of ZK-Proofs for NP 10

  53. [GK96] Round-Complexity of ZK-Proofs for NP [GO94] 10

  54. Round-Complexity of ZK-Proofs for NP ✓ [GO94] [GK96] 10

  55. Round-Complexity of ZK-Proofs for NP ✓ [GO94] [GK96] 10

  56. Round-Complexity of ZK-Proofs for NP ✓ [GO94] [GK96] 10

  57. Compressing Proofs 11

  58. Compressing Proofs 11

  59. Compressing Proofs 11

  60. 2-Party 3-Round Obfuscation Computation ZK-Proofs Any Assumption Malicious PUFs [FGJ18] [DFKLS14] 12

  61. Behave like random functions. Cannot be copied. Use Physically Uncloneable Functions Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. 13

  62. Behave like random functions. Cannot be copied. Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. ▶ Use Physically Uncloneable Functions 13

  63. Cannot be copied. Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. ▶ Use Physically Uncloneable Functions ▶ Behave like random functions. 13

  64. Secure Two-Party Computation from PUFs ▶ The idea: Use secure hardware to overcome impossibility of information theoretically secure 2-PC. ▶ Use Physically Uncloneable Functions ▶ Behave like random functions. ▶ Cannot be copied. 13

  65. Our Paper Our Paper Secure Computation from PUFs Honest Malicious Malicious Stateless Stateful ? ? [BFSK11] Unconditional [OSVW13] 14

  66. ? ? Secure Computation from PUFs Honest Malicious Malicious Stateless Stateful [BFSK11] Our Paper Our Paper Unconditional [OSVW13] 14

Recommend


More recommend