single secret leader election
play

Single Secret Leader Election Dan Boneh Saba Eskandarian Lucjan - PowerPoint PPT Presentation

Dec 23, 2022 •401 likes •1.48k views

Single Secret Leader Election Dan Boneh Saba Eskandarian Lucjan Hanzlik Nicola Greco What is Single Secret Leader Election? A group of participants want to randomly choose exactly one leader, such that: 1. Identity of the leader is known only

  1. Three Constructions of SSLE DDH “Compromise” solution -- √N communication per election, 1/(√N-c) unpredictability Should be suitable for practical use cases Obfuscation Ideal solution, but uses theoretical tools tFHE Closer to realistic, only gives a threshold version of security

  2. SSLE from DDH The easiest single non-secret leader election User 1 User 1 User 1 Election User 2 User 2 User 2 R ∈ [N] Registration User 3 User 3 User 3 User 4 User 4 User 4 User 5 User 5

  3. SSLE from DDH The easiest single non-secret leader election User 1 User 1 User 1 Election ✅ Uniqueness User 2 User 2 User 2 R ∈ [N] Registration ✅ Fairness User 3 User 3 User 3 🆈 Unpredictability User 4 User 4 User 4 User 5 User 5 How to hide the leader?

  4. SSLE from DDH 1. Commitments User 1 User 1 User 1 Election ✅ Uniqueness User 2 User 2 User 2 R ∈ [N] Registration ✅ Fairness User 3 User 3 User 3 🆈 Unpredictability User 4 User 4 User 4 User 5 User 5

  5. SSLE from DDH 1. Commitments com(u1) com(u1) com(u1) Election ✅ Uniqueness com(u2) com(u2) com(u2) R ∈ [N] Registration ✅ Fairness com(u3) com(u3) com(u3) 🆈 Unpredictability com(u4) com(u4) com(u4) com(u5) com(u5)

  6. SSLE from DDH 1. Commitments 2. Shuffling com(u1) com(u1) com(u1) Election ✅ Uniqueness com(u2) com(u2) com(u2) R ∈ [N] Registration ✅ Fairness com(u3) com(u3) com(u3) 🆈 Unpredictability com(u4) com(u4) com(u4) com(u5) com(u5)

  7. SSLE from DDH ✅ Uniqueness 1. Commitments ✅ Fairness 2. Shuffling 🆈 Unpredictability Registration com(u1) com(u1) Part 2 com(u2) com(u2) Registration Election Part 1 com(u2) com(u2) com(u5) com(u5) R ∈ [N] com(u3) com(u3) com(u4) com(u4) com(u4) com(u4) com(u1) com(u1) com(u5) com(u3) com(u3)

  8. SSLE from DDH 🆈 Uniqueness 1. Commitments 🆈 Fairness 2. Shuffling 🆈 Unpredictability 3. Rerandomization Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  9. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  10. A Rerandomizable & Reidentifiable Commitment Let g ∈ G , G is a group where DDH is hard Com( k, r ) → (g r , g rk )

  11. A Rerandomizable & Reidentifiable Commitment Let g ∈ G , G is a group where DDH is hard Com( k, r ) → (g r , g rk ) Rerandomization: (g r , g rk ) → (g rr’ , g rr’k ) Reidentification: given (u,v) , check if u k = v

  12. A Rerandomizable & Reidentifiable Commitment Let g ∈ G , G is a group where DDH is hard Com( k, r ) → (g r , g rk ) Rerandomization: (g r , g rk ) → (g rr’ , g rr’k ) Reidentification: given (u,v) , check if u k = v Security follows from DDH: ( g r , g rk , g rr’ , g rr’k ) vs ( g r , g rk , g rr’ , g rz )

  13. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  14. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification 4. Verification of shuffle Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  15. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification 4. Verification of shuffle -- NIZK or other users check Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  16. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification 4. Verification of shuffle -- NIZK or other users check 5. Defend against duplication attacks Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  17. Duplication Attack Registration com(u1) com(u1) com(u2)’ Part 2 Registration Part 1 com(u2) com(u2) com(u4)’’ com(u3) com(u3) com(u4)’ com(u4) com(u4) com(u1)’ com(u4) com(u3)’ Duplication attack makes it possible for 2 different users to register with a commitment to the same value Breaks uniqueness and unpredictability

  18. Preventing Duplication Attacks How to ensure that users never commit to the same value? Idea: Derive a secret commitment value and a tag from a master secret Sample random k H(k) →k L , k R Post com( k L ) and k R Registrations to the same secret detected by duplicate k R (H modeled as random oracle)

  19. Saving Communication Protocol thus far has required linear communication for each registration Registration com( k 1L ) com( k 1L ) com( k 1L )’ com( k 1L )’ Part 2 Registration Election Part 1 com( k 2L ) com( k 2L ) com( k 2L )’ com( k 2L )’ R ∈ [N] com( k 3L ) com( k 3L ) com( k 3L )’ com( k 3L )’ com( k 4L ) com( k 4L ) com( k 4L )’ com( k 4L )’ com( k 5L ) com( k 5L )’ com( k 5L )’

  20. Saving Communication Protocol thus far has required linear communication for each registration Registration com( k 1L ) com( k 1L ) com( k 1L )’ com( k 1L )’ Part 2 Registration Election Part 1 com( k 2L ) com( k 2L ) com( k 2L )’ com( k 2L )’ R ∈ [N] com( k 3L ) com( k 3L ) com( k 3L )’ com( k 3L )’ com( k 4L ) com( k 4L ) com( k 4L )’ com( k 4L )’ com( k 5L ) com( k 5L )’ com( k 5L )’ Communicating all this is expensive

  21. Saving Communication Communication/Security tradeoff: instead of shuffling new entry into the whole list, split the list into a number of buckets and only shuffle into one bucket.

  22. Saving Communication Communication/Security tradeoff: instead of shuffling new entry into the whole list, split the list into a number of buckets and only shuffle into one bucket. com( k 1L ) com( k 1L ) com( k √N+1,L ) com( k N-√N+1,L ) com( k 2L ) ... ... ... ... com( k 3L ) com( k √N,L ) com( k 2√N,L ) com( k N,L ) ... com( k NL )

  23. Saving Communication Communication/Security tradeoff: instead of shuffling new entry into the whole list, split the list into a number of buckets and only shuffle into one bucket. com( k 1L ) com( k 1L ) com( k √N+1,L ) com( k N-√N+1,L ) com( k 2L ) ... ... ... ... com( k 3L ) com( k √N,L ) com( k 2√N,L ) com( k N,L ) ... com( k NL ) Larger buckets mean more unpredictability but also more communication √N sized buckets seems like a good tradeoff

  24. Security With a deterministic choice of buckets, we get the following theorem:

  25. Security With a deterministic choice of buckets, we get the following theorem: We can do better by randomizing the choice of buckets, so an adversary needs to corrupt O(N) users to guess winner with constant probability

  26. Security With a deterministic choice of buckets, we get the following theorem: We can do better by randomizing the choice of buckets, so an adversary needs to corrupt O(N) users to guess winner with constant probability

  27. Security With a deterministic choice of buckets, we get the following theorem: We can do better by randomizing the choice of buckets, so an adversary needs to corrupt O(N) users to guess winner with constant probability Open problem: we believe we can do better with a more clever shuffling/bucketing algorithm, e.g. by using something like a square shuffle [Hastad06]

  28. Security With a deterministic choice of buckets, we get the following theorem: We can do better by randomizing the choice of buckets, so an adversary needs to corrupt O(N) users to guess winner with constant probability Open problem: we believe we can do better with a more clever shuffling/bucketing algorithm, e.g. by using something like a square shuffle [Hastad06] Open problem: constant communication per election (in a practical scheme)

  29. SSLE from Obfuscation Obfuscation [BGI+01, GGH+13] Obfuscator iO(C) produces a new circuit C’ such that: 1. C and C’ have the exact same behavior. 2. For any two circuits C 0 , C 1 that have the exact same behavior, no adversary can distinguish between iO(C 0 ) and iO(C 1 ) .

  30. SSLE from Obfuscation Obfuscation [BGI+01, GGH+13] Obfuscator iO(C) produces a new circuit C’ such that: 1. C and C’ have the exact same behavior 2. For any two circuits C 0 , C 1 that have the exact same behavior, no adversary can distinguish between iO(C 0 ) and iO(C 1 ) Puncturable PRF [BW13, BGI14, KPTZ13] PRF where you can generate a punctured key that allows you to evaluate the PRF everywhere except at that point. Given the punctured key, the value of the PRF at the punctured point is still pseudorandom.

  31. SSLE from Obfuscation Plan: 1. Write a program that picks leader using secret key embedded in the program 2. Obfuscate program during trusted setup and distribute to everyone 3. Any participant just needs to post a public key to register for elections 4. Obfuscated program output should allow leader to prove she won

  32. SSLE from Obfuscation Program to obfuscate, first attempt P((pk 0 , …, pk N-1 ), i, N, R):

  33. SSLE from Obfuscation Program to obfuscate, first attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. w←F(k,s)

  34. SSLE from Obfuscation Program to obfuscate, first attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. w←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4. Output b

  35. SSLE from Obfuscation Program to obfuscate, first attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. w←F(k,s) 🆈 Anyone can learn the leader by 3. b←1 if i = w mod n, b←0 otherwise trying each value of i 4. Output b

  36. SSLE from Obfuscation Program to obfuscate, second attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. w←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4.

  37. SSLE from Obfuscation Program to obfuscate, second attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w, r)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4.

  38. SSLE from Obfuscation Program to obfuscate, second attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w, r)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4. ct←Encrypt(pk i , b; r) 5. Output ct

  39. SSLE from Obfuscation Program to obfuscate, second attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w, r)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. ct←Encrypt(pk i , b; r) 🆈 Not clear how winner can prove 5. Output ct that she won the election

  40. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w, r)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4.

  41. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4.

  42. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r)

  43. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct

  44. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) ✅ Prove leadership by revealing r 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct

  45. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) ✅ Prove leadership by revealing r 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct Why not encrypt?

  46. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) ✅ Prove leadership by revealing r 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct Why not encrypt? If the encryption does not commit, adversary could potentially find bad randomness that allows a non-winning ciphertext to decrypt to 1

  47. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) ✅ Prove leadership by revealing r 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct See paper for proofs of uniqueness, selective fairness, selective unpredictability

  48. SSLE from tFHE Reminder: why can’t we use a generic MPC protocol for SSLE? Easy DoS opportunity if everyone has to come back for a second round

  49. SSLE from tFHE Reminder: why can’t we use a generic MPC protocol for SSLE? Easy DoS opportunity if everyone has to come back for a second round What if only a few people have to come back and it doesn’t matter which ones?

  50. SSLE from tFHE Reminder: why can’t we use a generic MPC protocol for SSLE? Easy DoS opportunity if everyone has to come back for a second round What if only a few people have to come back and it doesn’t matter which ones? Tools from threshold crypto can enable this!

  51. SSLE from tFHE Threshold Encryption: Standard public-key encryption, but instead of one secret key, many users have shares of a secret key that produce partial decryptions , with t partial decryptions needed to produce a plaintext.

  52. SSLE from tFHE Threshold Encryption: Standard public-key encryption, but instead of one secret key, many users have shares of a secret key that produce partial decryptions , with t partial decryptions needed to produce a plaintext. Fully Homomorphic Encryption (FHE): Standard public-key encryption, but ciphertexts can be added together and multiplied. Expensive operation is multiplication, high multiplicative depth is especially costly.

  53. SSLE from tFHE Threshold Encryption: Standard public-key encryption, but instead of one secret key, many users have shares of a secret key that produce partial decryptions , with t partial decryptions needed to produce a plaintext. Fully Homomorphic Encryption (FHE): Standard public-key encryption, but ciphertexts can be added together and multiplied. Expensive operation is multiplication, high multiplicative depth is especially costly. Threshold FHE (tFHE): Combine the two tools above.

  54. SSLE from tFHE Threshold Encryption: Standard public-key encryption, but instead of one secret key, many users have shares of a secret key that produce partial decryptions , with t partial decryptions needed to produce a plaintext. Fully Homomorphic Encryption (FHE): Standard public-key encryption, but ciphertexts can be added together and multiplied. Expensive operation is multiplication, high multiplicative depth is especially costly. Using these tools, we can only really hope for Threshold FHE (tFHE): threshold unpredictability and fairness Combine the two tools above.

  55. SSLE from tFHE Plan: 1. All participants get a tFHE decryption key 2. Define a computation that picks the leader 3. Evaluate computation under tFHE 4. Some subset of t users post partial decryptions 5. Output of computation somehow secretly determines winner

  56. SSLE from tFHE Plan: 1. All participants get a tFHE decryption key 2. Define a computation that picks the leader 3. Evaluate computation under tFHE 4. Some subset of t users post partial decryptions 5. Output of computation somehow secretly determines winner Unlike the obfuscation case, everyone gets the same output.

  57. SSLE from tFHE Idea: Each participant registers with a secret k Output of computation is the secret of a randomly chosen participant The participant knows her secret, but nobody else knows who owns it

  58. SSLE from tFHE Idea: Each participant registers with a secret k Output of computation is the secret of a randomly chosen participant The participant knows her secret, but nobody else knows who owns it Main remaining problems to solve: 1. Efficiently generating randomness inside the tFHE 2. Efficiently using the randomness to pick someone’s secret

  59. SSLE from tFHE Idea: Each participant registers with a secret k Output of computation is the secret of a randomly chosen participant The participant knows her secret, but nobody else knows who owns it Main remaining problems to solve: 1. Efficiently generating randomness inside the tFHE 2. Efficiently using the randomness to pick someone’s secret See paper for other details

  60. SSLE from tFHE k 1 k 2 k 3 k 4 k 5

  61. SSLE from tFHE k 1 0 k 2 0 = k 4 k 3 0 k 4 1 k 5 0 Random weight-1 vector

  62. SSLE from tFHE k 1 0 How can we efficiently generate a k 2 0 random weight-1 vector given some = k 4 k 3 0 random bits inside the tFHE? k 4 1 “efficiently” = low multiplicative depth k 5 0 Random weight-1 vector

  63. SSLE from tFHE 1. Start with logN random bits 0 1 1 0

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Leader Election Chapter 3 Observations Election in the Ring Election in the Mesh Election in

Leader Election Chapter 3 Observations Election in the Ring Election in the Mesh Election in

Leader Election Chapter 3 Observations Election in the Ring Election in the Mesh Election in the Hypercube Election in an arbitrary graph - Leader Election = Breaking Symmetry Getting into the restricted world with Unique Initiator so

512 views • 35 slides
UC UC b Overview Leader Election Protocol Dynamic Voltage Scaling Optimal

UC UC b Overview Leader Election Protocol Dynamic Voltage Scaling Optimal

APPLICATIONS UC UC b Overview Leader Election Protocol Dynamic Voltage Scaling Optimal Reconfiguration of FPGA Memory Interface UC UCb Leader Election Protocol UC UC b Leader Election 2 1 0 3 Protocol by Leslie

917 views • 62 slides
Leader Election Stefan Schmid @ T-Labs, 2011 Motivation Leader Election Nodes in network agree

Leader Election Stefan Schmid @ T-Labs, 2011 Motivation Leader Election Nodes in network agree

Foundations of Distributed Systems: Leader Election Stefan Schmid @ T-Labs, 2011 Motivation Leader Election Nodes in network agree on exactly one leader. All other nodes are followers. Reasons for electing a leader? Reasons for not electing a

334 views • 29 slides
Leader Election in a Synchronous Ring Paulo S ergio Almeida Distributed Systems Group

Leader Election in a Synchronous Ring Paulo S ergio Almeida Distributed Systems Group

Leader Election in a Synchronous Ring Paulo S ergio Almeida Distributed Systems Group Departamento de Inform atica Universidade do Minho 20072010 Paulo S c ergio Almeida Leader Election in a Synchronous Ring 1 Leader election

384 views • 35 slides
Advanced Network Security 2. Distributed Algorithms: Leader Election Jaap-Henk Hoepman Digital

Advanced Network Security 2. Distributed Algorithms: Leader Election Jaap-Henk Hoepman Digital

Advanced Network Security 2. Distributed Algorithms: Leader Election Jaap-Henk Hoepman Digital Security (DS) Radboud University Nijmegen, the Netherlands @xotoxot // * jhh@cs.ru.nl // 8 www.cs.ru.nl/~jhh Leader election: motivation n IBM token

421 views • 27 slides
Problem Silent Self-stabilizing Leader Election Model: Locally shared memory model

Problem Silent Self-stabilizing Leader Election Model: Locally shared memory model

Self-Stabilizing Leader Election in Polynomial Steps 1 Karine Altisen Alain Cournier Stphane Devismes Anas Durand Franck Petit September 29, 2014 1This work has been partially supported by the LabEx PERSYVAL-Lab (ANR-11-LABX-0025-01) and

1.83k views • 181 slides
Election in Trees and Rings T-79.4001 Seminar on Theoretical Computer Science Ilari Nieminen

Election in Trees and Rings T-79.4001 Seminar on Theoretical Computer Science Ilari Nieminen

Leader Election Election in Trees Election in Rings Election in Trees and Rings T-79.4001 Seminar on Theoretical Computer Science Ilari Nieminen 21.02.2007 Ilari Nieminen Election in Trees and Rings Leader Election Election in Trees

655 views • 30 slides
Diffusing Computation Using Spanning Tree Construction for Solving Leader Election Root is

Diffusing Computation Using Spanning Tree Construction for Solving Leader Election Root is

Diffusing Computation Using Spanning Tree Construction for Solving Leader Election Root is the leader In the presence of faults, There may be multiple trees Multiple leaders After recovery There is a unique tree

551 views • 22 slides
T he Asymmetric leader election algorithm: number of survivors near the end of the game Guy

T he Asymmetric leader election algorithm: number of survivors near the end of the game Guy

Introduction Model and Notations Asymptotic analysis of L := number of survivors at position J ( n ) Asymptotics for p T he Asymmetric leader election algorithm: number of survivors near the end of the game Guy Louchard March 14, 2014

1.16k views • 72 slides
The secret deal to destroy paradise The story behind the single biggest threat to the rainforests

The secret deal to destroy paradise The story behind the single biggest threat to the rainforests

The secret deal to destroy paradise The story behind the single biggest threat to the rainforests of Indonesia Presentation to WRI Forest Legality Week, October 2019 The Tanah Merah palm project Primary Forest It is huge Twice size of London

292 views • 12 slides
Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing Constructions Moir Cryptography Issues Secret Sharing Secret Sharing Threshold Secret Sharing (Shamir, Blakely 1979) Motivation

1.32k views • 62 slides
Content Curation: The Secret to becoming a Thought Leader Pawan Deshpande Chris Brogan CEO,

Content Curation: The Secret to becoming a Thought Leader Pawan Deshpande Chris Brogan CEO,

Content Curation: The Secret to becoming a Thought Leader Pawan Deshpande Chris Brogan CEO, HiveFire President, New Marketing Labs www.getcurata.com www.chrisbrogan.com @tweetsfrompawan @chrisbrogan @hivefire Hash Tag: #AMACurata Agenda

908 views • 35 slides
Loosely-stabilizing Leader Election with Polylogarithmic Convergence Time Yuichi Sudo 1 , Fukuhito

Loosely-stabilizing Leader Election with Polylogarithmic Convergence Time Yuichi Sudo 1 , Fukuhito

OPODIS 2018 Loosely-stabilizing Leader Election with Polylogarithmic Convergence Time Yuichi Sudo 1 , Fukuhito Ooshita 2 , Hirotsugu Kakugawa 1 , Toshimitsu Masuzawa 1 , Ajoy K. Datta 3 , Lawrence L. Larmore 3 1. Osaka University, Japan 2.

758 views • 41 slides
VICTORIA'S SECRET THE WORLD'S BEST BRAS OVERVIEW Victoria's Secret Victoria's PINK Secret

VICTORIA'S SECRET THE WORLD'S BEST BRAS OVERVIEW Victoria's Secret Victoria's PINK Secret

NEW YORK LONDON SHANGHAI VICTORIA'S SECRET THE WORLD'S BEST BRAS OVERVIEW Victoria's Secret Victoria's PINK Secret Sport WE ARE MISSION VISION VALUES 8.1% GROWTH BY 2022 3BN DOMESTIC VALUE STATS WE OFFER LINGERIE PANTIES

340 views • 30 slides
Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is it? Any one of you knows nothing! Any two of you can figure it out! Example Applications: Nuclear launch: need at least 3 out of 5 people to

513 views • 23 slides
Leader Election in Asymmetric Labeled Unidirectional Rings Karine Altisen 1 Ajoy K. Datta 2

Leader Election in Asymmetric Labeled Unidirectional Rings Karine Altisen 1 Ajoy K. Datta 2

Leader Election in Asymmetric Labeled Unidirectional Rings Karine Altisen 1 Ajoy K. Datta 2 Stphane Devismes 1 Anas Durand 1 Lawrence L. Larmore 2 1 Univ. Grenoble Alpes, CNRS, Grenoble INP, VERIMAG, 38000 Grenoble, France 2 University of

913 views • 76 slides
Outline Motivation 8271 discussion of: Zerocoin: Anonymous Crypto background Distributed

Outline Motivation 8271 discussion of: Zerocoin: Anonymous Crypto background Distributed

Outline Motivation 8271 discussion of: Zerocoin: Anonymous Crypto background Distributed E-Cash from Bitcoin Zerocoin crypto Stephen McCamant (Original paper: Ian Miers, Christina Garman, Matthew Green, and Aviel D. Rubin)

311 views • 6 slides
Foundations of Lattice Cryptography Daniele Micciancio Department of Computer Science and

Foundations of Lattice Cryptography Daniele Micciancio Department of Computer Science and

Foundations of Lattice Cryptography Daniele Micciancio Department of Computer Science and Engineering University of California, San Diego August 12-16, 2013, (UCI) Daniele Micciancio Foundations of Lattice Cryptography This Talk Introduction

799 views • 32 slides
QUIC and TLS Adam Langley History The initial ideas for SPDY involved it being a UDP

QUIC and TLS Adam Langley History The initial ideas for SPDY involved it being a UDP

QUIC and TLS Adam Langley History The initial ideas for SPDY involved it being a UDP protocol. That was dropped to limit the scope. SPDY worked out OK and QUIC continues it by replacing TCP and TLS under SPDY/HTTP 2. History (2)

336 views • 10 slides
Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Cryptocurrency Technologies Mechanics of Bitcoin Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin Scripts Bitcoin Blocks The Bitcoin Network Limitations and Improvements Mechanics of

695 views • 33 slides
Cry rypto: What Does His istory ry Tell ll Us? Discussion by Randall Morck University of

Cry rypto: What Does His istory ry Tell ll Us? Discussion by Randall Morck University of

Commodity Money to Fia iat Money and Now to Cry rypto: What Does His istory ry Tell ll Us? Discussion by Randall Morck University of Alberta ABFER, NBER, ECGI The University of Alberta --- For the uplifting of the whole people Commodity,

316 views • 19 slides
Lattice Cryptography for the Internet Chris Peikert Georgia Institute of Technology Post-Quantum

Lattice Cryptography for the Internet Chris Peikert Georgia Institute of Technology Post-Quantum

Lattice Cryptography for the Internet Chris Peikert Georgia Institute of Technology Post-Quantum Cryptography 2 October 2014 1 / 12 Lattice-Based Cryptography p d o m x g = y N = = p m e mod N q e ( g a , g b ) (Images

873 views • 70 slides
ZKPDL: A Language-Based System for Zero- Knowledge Proofs and Electronic Cash Sarah Meiklejohn

ZKPDL: A Language-Based System for Zero- Knowledge Proofs and Electronic Cash Sarah Meiklejohn

ZKPDL: A Language-Based System for Zero- Knowledge Proofs and Electronic Cash Sarah Meiklejohn (UC San Diego) C. Chris Erway (Brown University) Alptekin Kpc (Brown University) Theodora Hinkle (UW Madison) Anna Lysyanskaya (Brown

1.05k views • 101 slides
Cryptography during the two world wars, and wrap-up of classical ciphers. Math 4440/5440. First

Cryptography during the two world wars, and wrap-up of classical ciphers. Math 4440/5440. First

Cryptography during the two world wars, and wrap-up of classical ciphers. Math 4440/5440. First World War German Cipher: ADFGVX Cipher A D F G V X 3 4 2 1 A c o 8 x f 4 D G X G D m k 3 a z 9 X G D G F n w 1 0

740 views • 55 slides

More recommend