updatable encryption key rotation
play

Updatable Encryption & Key Rotation Anja Lehmann IBM Research - PowerPoint PPT Presentation

Sep 29, 2023 •608 likes •1.08k views

Updatable Encryption & Key Rotation Anja Lehmann IBM Research Zurich (R)CCA Secure Updatable Encryption with Integrity Protection. EUROCRYPT 2019 M Klooss, A Lehmann, A Rupp Updatable Encryption with Post-Compromise Security. EUROCRYPT

  1. Updatable Encryption & Key Rotation Anja Lehmann IBM Research – Zurich (R)CCA Secure Updatable Encryption with Integrity Protection. EUROCRYPT 2019 M Klooss, A Lehmann, A Rupp Updatable Encryption with Post-Compromise Security. EUROCRYPT 2018 A Lehmann, B Tackmann

  2. Motivation | Outsourced Storage ▪ Data owner stores encrypted data at (untrusted) data host symmetric encryption ▪ Proactive security by periodically changing the secret key – Key rotation reduces risk & impact of key or data exposure ▪ Key rotation often mandated in high-security environments and by PCI DSS 2

  3. Motivation | Key Rotation ▪ How to update exiting ciphertexts to the new key? ▪ Standard symmetric encryption → download all ciphertext & re-encrypt from scratch ▪ Inefficient: down&upload of all ciphertexts, symmetric key often protected by hardware 3

  4. Motivation | Updatable Encryption ▪ Proposed by Boneh et al. [BLMR13]: ciphertexts can be updated w/o secret key Key update generates key & update token Update token allows to „blindly“ transforms ciphertexts ▪ Update operation of ciphertexts is shifted to (untrusted) data host w/o harming security 4

  5. Updatable Encryption | State-of-the-Art Ciphertext-Dependent Ciphertext-Independent UE. setup 𝜇 → 𝑙 0 UE. setup 𝜇 → 𝑙 0 UE. enc 𝑙 𝑓 , 𝑛 → 𝐷 𝑓 UE. enc 𝑙 𝑓 , 𝑛 → 𝐷 𝑓 UE. dec 𝑙 𝑓 , 𝐷 𝑓 → 𝑛 UE. dec 𝑙 𝑓 , 𝐷 𝑓 → 𝑛 UE. next 𝑙 𝑓 → (𝑙 𝑓+1 , Δ 𝑓+1 ) UE. next 𝑙 𝑓 → 𝑙 𝑓+1 UE. upd Δ 𝑓+1, 𝐷 𝑓 → 𝐷 𝑓+1 UE. token 𝑙 𝑓 , 𝑙 𝑓+1 , 𝐷 𝑓 → Δ 𝐷,𝑓+1 UE. upd Δ 𝐷,𝑓+1, 𝐷 𝑓 → 𝐷 𝑓+1 ▪ BLMR13: high level idea & scheme, ▪ BLMR15: partial definitions & new scheme no security definitions ▪ EPRS17: comprehensive treatment, ▪ EPRS17: partial definition & scheme improved definitions & schemes ▪ Our works: formal definitions & secure schemes for ciphertext-independent setting 5

  6. Updatable Encryption | State-of-the-Art Ciphertext-Dependent Ciphertext-Independent UE. setup 𝜇 → 𝑙 0 UE. setup 𝜇 → 𝑙 0 UE. enc 𝑙 𝑓 , 𝑛 → 𝐷 𝑓 UE. enc 𝑙 𝑓 , 𝑛 → 𝐷 𝑓 UE. dec 𝑙 𝑓 , 𝐷 𝑓 → 𝑛 UE. dec 𝑙 𝑓 , 𝐷 𝑓 → 𝑛 UE. next 𝑙 𝑓 → (𝑙 𝑓+1 , Δ 𝑓+1 ) UE. next 𝑙 𝑓 → 𝑙 𝑓+1 UE. upd Δ 𝑓+1, 𝐷 𝑓 → 𝐷 𝑓+1 UE. token 𝑙 𝑓 , 𝑙 𝑓+1 , 𝐷 𝑓 → Δ 𝐷,𝑓+1 UE. upd Δ 𝐷,𝑓+1, 𝐷 𝑓 → 𝐷 𝑓+1 ▪ BLMR13: high level idea & scheme, ▪ BLMR15: partial definitions & new scheme no security definitions ▪ EPRS17: comprehensive treatment, ▪ EPRS17: partial definition & scheme improved definitions & schemes ▪ Our works: formal definitions & secure schemes for ciphertext-independent setting 6

  7. Updatable Encryption | Sequential Setting … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 … 𝐷 0 𝐷 1 𝐷 2 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Our work: strictly sequential setting ▪ Previous works: adaptions of proxy re-encryption definition – Allows re-encryptions across arbitrary epochs (back & forward) – No notion of time → hard to grasp when key corruptions are allowed 7

  8. Updatable Encryption | Security … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 … 𝐷 0 𝐷 1 𝐷 2 𝐷 3 𝐷 4 𝐷 5 𝐷 6 Post-Compromise Security Forward Security = IND-ENC + Corrupt Challenge 𝑙𝑓𝑧/𝑢𝑝𝑙𝑓𝑜(𝑓) 𝑛 0 , 𝑛 1 Return key 𝑙 𝑓 b ← {0,1} or token Δ 𝑓 𝐹𝑜𝑑 𝑙 𝑓 ∗ , 𝑛 𝑐 𝑙 𝑓 / Δ 𝑓 ෪ 𝐷 𝑓 ∗ 𝑐 ? 8

  9. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ … 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates Corrupt 𝑙 𝑓 / Δ 𝑓 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ 𝑐 ? 9

  10. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ … 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates Corrupt 𝑙 𝑓 / Δ 𝑓 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ 𝑐 ? 10

  11. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ … 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates Corrupt 𝑙 𝑓 / Δ 𝑓 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ 𝑐 ? 11

  12. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ … 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates Corrupt 𝑙 𝑓 / Δ 𝑓 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ 𝑐 ? 12

  13. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ … 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates Corrupt 𝑙 𝑓 / Δ 𝑓 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ 𝑐 ? 13

  14. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ … 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates Corrupt 𝑙 𝑓 / Δ 𝑓 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ 𝑐 ? 14

  15. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ … 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates ▪ Real: bi bidirectional ciphertext-updates Corrupt 𝑙 𝑓 / Δ 𝑓 Δ e+1 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ ෪ ෫ 𝐷 𝑓 𝐷 𝑓+1 𝑐 ? 15

  16. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ ෪ ෪ ෪ … 𝐷 0 𝐷 1 𝐷 2 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates ▪ Real: bi bidirectional ciphertext-updates Corrupt 𝑙 𝑓 / Δ 𝑓 Δ e+1 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ ෪ ෫ 𝐷 𝑓 𝐷 𝑓+1 𝑐 ? 16

  17. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ ෪ ෪ ෪ … 𝐷 0 𝐷 1 𝐷 2 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates ▪ Real: bi bidirectional ciphertext & key-up update dates Corrupt 𝑙 𝑓 / Δ 𝑓 Δ e+1 𝑙 𝑓 𝑙 𝑓+1 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ ෪ ෫ 𝐷 𝑓 𝐷 𝑓+1 Δ e+1 𝑐 ? 17

  18. Updatable Encryption | Capturing Trivial Wins … 0 1 2 3 4 5 6 … 𝑙 0 𝑙 1 𝑙 2 𝑙 3 𝑙 4 𝑙 5 𝑙 6 … Δ 1 Δ 2 Δ 3 Δ 4 Δ 5 Δ 6 Δ 7 ෪ ෪ ෪ ෪ ෪ ෪ ෪ … 𝐷 0 𝐷 1 𝐷 2 𝐷 3 𝐷 4 𝐷 5 𝐷 6 ▪ Trivial win: secret key corruption in a challenge-equal epoch ▪ Capturing inferable information: ▪ Ideal: uni unidirectional ciphertext-updates ▪ Real: bi bidirectional ciphertext & key-up update dates Corrupt 𝑙 𝑓 / Δ 𝑓 Δ e+1 𝑙 𝑓 𝑙 𝑓+1 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ ෪ ෫ 𝐷 𝑓 𝐷 𝑓+1 Δ e+1 𝑐 ? 18

  19. Updatable Encryption | IND-ENC 𝑛 Encrypt 𝐷 𝑓 ▪ IND-ENC ENC definiti tion 𝐷 𝑓′ with e ′ < e ReEnc* – Adaptive and retroactive key & token corruptions 𝐷 𝑓 – Formalizes inferable information of keys & challenge * “honest” ciphertexts only ciphertexts → exclude trivial wins Next – Covers CPA, post-compromise and forward security for fresh h encrypt ptions ons & update ted ciphertexts ts Corrupt 𝑙 𝑓 / Δ 𝑓 ▪ Wrong claim in EC’18 paper: 𝑛 0 , 𝑛 1 Challenge ෪ 𝐷 𝑓 ∗ IND-ENC is not sufficient. 𝑐 ? No guarantees about updated ciphertexts! 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Improving Speed and Security in Updatable Encryption Schemes Dan Boneh Saba Eskandarian

Improving Speed and Security in Updatable Encryption Schemes Dan Boneh Saba Eskandarian

Improving Speed and Security in Updatable Encryption Schemes Dan Boneh Saba Eskandarian Sam Kim Maurice Shih Stanford University Stanford University Stanford University Cisco Systems Key Rotation Key Rotation Good Reasons to

1.2k views • 109 slides
Improving Speed and Security in Updatable Encryption Systems Dan Boneh Saba Eskandarian

Improving Speed and Security in Updatable Encryption Systems Dan Boneh Saba Eskandarian

Improving Speed and Security in Updatable Encryption Systems Dan Boneh Saba Eskandarian Sam Kim Maurice Shih Stanford University Stanford University Stanford University Cisco Systems Key Rotation Key Rotation Good Reasons to

1.5k views • 97 slides
Updatable Encryption with Post-Compromise Security Anja Lehmann &amp; Bjrn Tackmann IBM

Updatable Encryption with Post-Compromise Security Anja Lehmann &amp; Bjrn Tackmann IBM

Updatable Encryption with Post-Compromise Security Anja Lehmann &amp; Bjrn Tackmann IBM Research Zurich Motivation | Outsourced Storage Data owner stores encrypted data at (untrusted) data host symmetric encryption Proactive

763 views • 24 slides
Fast and Secure Updatable Encryption August 10, 2020 1 Norwegian University of Science and

Fast and Secure Updatable Encryption August 10, 2020 1 Norwegian University of Science and

Fast and Secure Updatable Encryption August 10, 2020 1 Norwegian University of Science and Technology (NTNU), Norway 2 Bergische Universitt Wuppertal, Germany 1 Colin Boyd 1 Gareth T. Davies 2 Kristian Gjsteen 1 Yao Jiang 1 Table of contents

578 views • 46 slides
Self-Updatable Encryption: Time Constrained Access Control with Hidden Attributes and Better

Self-Updatable Encryption: Time Constrained Access Control with Hidden Attributes and Better

Self-Updatable Encryption: Time Constrained Access Control with Hidden Attributes and Better Efficiency ASIACRYPT 2013 Kwangsu Lee, Seung Geol Choi, Dong Hoon Lee, Jong Hwan Park and Moti Yung Korea University, US Naval Academy, Korea

993 views • 26 slides
Rotation and Orientation: Fundamentals Perelyaev Sergei VARNA, 2011 What is Rotation ? Not

Rotation and Orientation: Fundamentals Perelyaev Sergei VARNA, 2011 What is Rotation ? Not

Rotation and Orientation: Fundamentals Perelyaev Sergei VARNA, 2011 What is Rotation ? Not intuitive Formal definitions are also confusing Many different ways to describe Rotation (direction cosine) matrix Euler angles

570 views • 42 slides
Ro Rotation Im Impact on on W. W.Wheat Ro Rotation Im Impact on on W. W.Wheat Dak Dakota Lak

Ro Rotation Im Impact on on W. W.Wheat Ro Rotation Im Impact on on W. W.Wheat Dak Dakota Lak

6/12/2018 Ro Rotation Im Impact on on W. W.Wheat Ro Rotation Im Impact on on W. W.Wheat Dak Dakota Lak Lakes Re Research Fa Farm Yields in Yi in 2002 2002 Rotation Yield Precip* Corn Pea WW 2006 60 7.9 Rotation WW Yield SB

520 views • 6 slides
Experiment 3 Optical Rotation Optical rotation or optical activity The rotation of the plane

Experiment 3 Optical Rotation Optical rotation or optical activity The rotation of the plane

Experiment 3 Optical Rotation Optical rotation or optical activity The rotation of the plane of polarization of linearly polarized light as it travels through certain material-Chiral Materials. Optical activity occurs only in chiral

641 views • 10 slides
Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about

Ruby Monstas Session 17: Interlude: Encryption Encryption What comes to mind if you think about encryption? Encryption Certificates Crypto Currencies Public Key AES Encryption Privacy SSH VPN HTTPS TLS Quantum Digital Signatures

837 views • 46 slides
Co-rotation, co-rotation-annihilation, and involutive ordinal sum constructions of residuated

Co-rotation, co-rotation-annihilation, and involutive ordinal sum constructions of residuated

Sndor Jenei University of Pcs, Hungary Co-rotation, co-rotation-annihilation, and involutive ordinal sum constructions of residuated semigroups Supported by the SROP-4.2.2.C-11/1/ KONV-2012-0005 grant. 13. december 14., szombat

509 views • 40 slides
Rotation of a Rigid Body Topics: Rotational Motion Rotation About the Center of Mass

Rotation of a Rigid Body Topics: Rotational Motion Rotation About the Center of Mass

Rotation of a Rigid Body Topics: Rotational Motion Rotation About the Center of Mass Rotational Energy Calculating Moment of Inertia Torque Rotational Dynamics Rotation About a Fixed Axis Static Equilibrium

160 views • 3 slides
Usable Encryption Class Presentation for CMSC 818D Wei Bai S Application S Hardware

Usable Encryption Class Presentation for CMSC 818D Wei Bai S Application S Hardware

Usable Encryption Class Presentation for CMSC 818D Wei Bai S Application S Hardware Encryption S Web Encryption S Email Encryption OpenPGP S S/MIME S S Online Social Network Public Key Encryption S Encryption/Decryption

842 views • 26 slides
Moment r F r d F Translation Translation + Rotation r This rotation tendency is known

Moment r F r d F Translation Translation + Rotation r This rotation tendency is known

Moment r F r d F Translation Translation + Rotation r This rotation tendency is known as moment M of force ( torque ) Axis of rotation may be any line which neither intersects nor parallel to the line of action of force r

964 views • 20 slides
SOLVING SCHRODINGER EQUATION FOR ROTATION IN TWO DIMENSIONS Full description of the motion of a

SOLVING SCHRODINGER EQUATION FOR ROTATION IN TWO DIMENSIONS Full description of the motion of a

SOLVING SCHRODINGER EQUATION FOR ROTATION IN TWO DIMENSIONS Full description of the motion of a molecule: translation, vibration, rotation Boundary Condition: For rotation in the x-y plane, the angular momentum vector lies on the z-axis

720 views • 21 slides
Updatable and Universal Common Reference Strings with Applications to zk-SNARKs Jens Groth,

Updatable and Universal Common Reference Strings with Applications to zk-SNARKs Jens Groth,

Updatable and Universal Common Reference Strings with Applications to zk-SNARKs Jens Groth, Markulf Kohlweiss, Mary Maller, Sarah Meiklejohn, Ian Miers. Crypto - 23/08/2018 Our Goal Find a better method than trusted setups for generating the

889 views • 59 slides
RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of

RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of

RSA Encryption 10 February 2012 RSA Encryption 10 February 2012 1/35 We saw some methods of encryption Wednesday, but none of these is good enough to be used in actual situations. Today well talk about one method, RSA Encryption, which is

1.01k views • 59 slides
Spectral Methods for Natural Language Processing Karl Stratos Thesis Defense Committee David

Spectral Methods for Natural Language Processing Karl Stratos Thesis Defense Committee David

Spectral Methods for Natural Language Processing Karl Stratos Thesis Defense Committee David Blei, Michael Collins, Daniel Hsu, Slav Petrov, and Owen Rambow 1 / 53 Latent-Variable Models in NLP Models with latent/hidden variables are widely

1.08k views • 82 slides
Phase Lengths in the Cylic Cellular Automaton Kiran Tomlinson Department of Computer Science,

Phase Lengths in the Cylic Cellular Automaton Kiran Tomlinson Department of Computer Science,

Introduction Methods Results Discussion Phase Lengths in the Cylic Cellular Automaton Kiran Tomlinson Department of Computer Science, Carleton College CSC 2019 Introduction Methods Results Discussion Outline 1 Cyclic cellular automaton

940 views • 48 slides
Public-Key Cryptography Lecture 12 CCA Secure PKE Hybrid Encryption CCA Secure PKE In SKE, to get

Public-Key Cryptography Lecture 12 CCA Secure PKE Hybrid Encryption CCA Secure PKE In SKE, to get

Public-Key Cryptography Lecture 12 CCA Secure PKE Hybrid Encryption CCA Secure PKE In SKE, to get CCA security, we used a MAC Bob would accept only messages from Alice But in PKE, Bob wants to receive messages from Eve as well! But only if it is

336 views • 14 slides
MACHINE LEARNING Kernel Canonical Correlation Analysis 1 ADVANCED MACHINE LEARNING ADVANCED

MACHINE LEARNING Kernel Canonical Correlation Analysis 1 ADVANCED MACHINE LEARNING ADVANCED

ADVANCED MACHINE LEARNING ADVANCED MACHINE LEARNING MACHINE LEARNING Kernel Canonical Correlation Analysis 1 ADVANCED MACHINE LEARNING ADVANCED MACHINE LEARNING Structure of todays and next weeks class 1) Briefly go through one

613 views • 28 slides
Beyond Provable Security: Verifiable IND-CCA Security of OAEP Gilles Barthe 1 Benjamin Grgoire 2

Beyond Provable Security: Verifiable IND-CCA Security of OAEP Gilles Barthe 1 Benjamin Grgoire 2

Beyond Provable Security: Verifiable IND-CCA Security of OAEP Gilles Barthe 1 Benjamin Grgoire 2 Yassine Lakhnech 3 Santiago Zanella Beguelin 1 1 IMDEA Software, Madrid, Spain 2 INRIA Sophia Antipolis - Mditerrane, France 2 VERIMAG, CNRS

675 views • 14 slides
The Theory and Practice of Causal Commutative Arrows Hai (Paul) Liu Advisor: Paul Hudak

The Theory and Practice of Causal Commutative Arrows Hai (Paul) Liu Advisor: Paul Hudak

The Theory and Practice of Causal Commutative Arrows Hai (Paul) Liu Advisor: Paul Hudak Computer Science Department Yale University October 2010 1 Contributions 1. Formalization of Causal Commutative Arrows (CCA): Definition of CCA and

1.02k views • 77 slides
rrt sts

rrt sts

rrt sts st Prr rt t

509 views • 38 slides
CAPWAP System Security T. Charles Clancy clancy@cs.umd.edu Department of Computer Science

CAPWAP System Security T. Charles Clancy clancy@cs.umd.edu Department of Computer Science

UMD D EPARTMENT OF D O D L ABORATORY FOR C OMPUTER S CIENCE T ELECOMMUNICATION S CIENCES CAPWAP System Security T. Charles Clancy clancy@cs.umd.edu Department of Computer Science University of Maryland, College Park Laboratory for

359 views • 13 slides

More recommend