Alessandra Scafuro Practical UC security Black-box protocols

Slides:

Advertisements

Similar presentations

On Black-Box Separations in Cryptography Omer Reingold Closed captioning and other considerations provided by Tal Malkin, Luca Trevisan, and Salil Vadhan.

Advertisements

On the Complexity of Parallel Hardness Amplification for One-Way Functions Chi-Jen Lu Academia Sinica, Taiwan.

Perfect Non-interactive Zero-Knowledge for NP

On the (Im)Possibility of Arthur-Merlin Witness Hiding Protocols Iftach Haitner, Alon Rosen and Ronen Shaltiel 1.

Lower Bounds for Non-Black-Box Zero Knowledge Boaz Barak (IAS*) Yehuda Lindell (IBM) Salil Vadhan (Harvard) *Work done while in Weizmann Institute. Short.

Coin Tossing With A Man In The Middle Boaz Barak.

Are PCPs Inherent in Efficient Arguments? Guy Rothblum, MIT ) MSR-SVC ) IAS Salil Vadhan, Harvard University.

Strict Polynomial-Time in Simulation and Extraction Boaz Barak & Yehuda Lindell.

Efficiency vs. Assumptions in Secure Computation Yuval Ishai Technion & UCLA.

Its Not The Assumption, Its The Reduction GMfest13c Assumptions Panel Presentation Ran Canetti.

Statistical Zero-Knowledge Arguments for NP from Any One-Way Function Salil Vadhan Minh Nguyen Shien Jin Ong Harvard University.

Inaccessible Entropy Iftach Haitner Microsoft Research Omer Reingold Weizmann Institute Hoeteck Wee Queens College, CUNY Salil Vadhan Harvard University.

Rafael Pass Cornell University Concurrency and Non-malleability.

Yan Huang, David Evans, Jonathan Katz

1 Reducing Complexity Assumptions for Statistically-Hiding Commitment Iftach Haitner Omer Horviz Jonathan Katz Chiu-Yuen Koo Ruggero Morselli Ronen Shaltiel.

Efficient Two-party and Multiparty Computation against Covert Adversaries Vipul Goyal Payman Mohassel Adam Smith Penn Sate UCLAUC Davis.

Semi-Honest to Malicious Oblivious-Transfer The Black-box Way Iftach Haitner Weizmann Institute of Science.

1 Vipul Goyal Abhishek Jain UCLA On the Round Complexity of Covert Computation.

1 Vipul Goyal Microsoft Research India Non-Black-Box Simulation in the Fully Concurrent Setting.

Simple, Black-Box Constructions of Adaptively Secure Protocols joint work with Dana Dachman-Soled (Columbia University), Tal Malkin (Columbia University),

Isolated PoK and Isolated ZK Ivan Damgård, Jesper Buus Nielsen and Daniel Wichs.

Amortizing Garbled Circuits Yan Huang, Jonathan Katz, Alex Malozemoff (UMD) Vlad Kolesnikov (Bell Labs) Ranjit Kumaresan (Technion) Cut-and-Choose Yao-Based.

1 Vipul Goyal Abhishek Jain Rafail Ostrovsky Silas Richelson Ivan Visconti Microsoft Research India MIT and BU UCLA University of Salerno, Italy Constant.

On the Composition of Public- Coin Zero-Knowledge Protocols Rafael Pass (Cornell) Wei-Lung Dustin Tseng (Cornell) Douglas Wiktröm (KTH) 1.

GARBLED CIRCUITS & SECURE TWO-PARTY COMPUTATION

Nir Bitansky and Omer Paneth. Interactive Proofs.

Impossibility Results for Concurrent Two-Party Computation Yehuda Lindell IBM T.J.Watson.

Oblivious Transfer based on the McEliece Assumptions

1/48 Round-Optimal Secure Two-Party Computation Jonathan Katz U. Maryland Rafail Ostrovsky U.C.L.A.

Non-interactive and Reusable Non-malleable Commitments Ivan Damgård, BRICS, Aarhus University Jens Groth, Cryptomathic A/S.

Black-Box Garbled RAM Sanjam Garg UC Berkeley Based on join works with

1 Cross-Domain Secure Computation Chongwon Cho (HRL Laboratories) Sanjam Garg (IBM T.J. Watson) Rafail Ostrovsky (UCLA)

Efficient and Robust Private Set Intersection and multiparty multivariate polynomials Dana Dachman-Soled 1, Tal Malkin 1, Mariana Raykova 1, Moti Yung.

Impossibility and Feasibility Results for Zero Knowledge with Public Keys Joël Alwen Tech. Univ. Vienna AUSTRIA Giuseppe Persiano Univ. Salerno ITALY Ivan.

Collusion-Free Multiparty Computation in the Mediated Model

Completeness in Two-Party Secure Computation Revisited Danny Harnik Moni Naor Omer Reingold Alon Rosen Weizmann Institute of Science AT&T IAS.

A Linear Lower Bound on the Communication Complexity of Single-Server PIR Weizmann Institute of Science Israel Iftach HaitnerJonathan HochGil Segev.

Improved Non-Committing Encryption with Application to Adaptively Secure Protocols joint work with Dana Dachman-Soled (Columbia Univ.), Tal Malkin (Columbia.

Introduction to Modern Cryptography Sharif University Spring 2015 Data and Network Security Lab Sharif University of Technology Department of Computer.

Client-Server Concurrent Zero Knowledge with Constant Rounds and Guaranteed Complexity Ran Canetti, Abhishek Jain and Omer Paneth 1.

New Techniques for NIZK Jens Groth Rafail Ostrovsky Amit Sahai University of California Los Angeles.

Secure Multiparty Computation and its Applications

Secure Computation Lecture Arpita Patra. Recap > Shamir Secret-sharing > BGW Protocol based on secret-sharing > Offline/Online phase > Creating.

Feasibility and Completeness of Cryptographic Tasks in the Quantum World Hong-Sheng Zhou (U. Maryland) Joint work with Jonathan Katz (U. Maryland) Fang.

Non-interactive quantum zero-knowledge proofs

1 Information Security – Theory vs. Reality , Winter Lecture 9: Leakage resilience (continued) Lecturer: Eran Tromer.

The Exact Round Complexity of Secure Computation

The Exact Round Complexity of Secure Computation

Lower Bounds on Assumptions behind Indistinguishability Obfuscation

Carmit Hazay (Bar-Ilan University, Israel)

TCC 2016-B Composable Security in the Tamper-Proof Hardware Model under Minimal Complexity Carmit Hazay Bar-Ilan University, Israel Antigoni Ourania.

Committed MPC Multiparty Computation from Homomorphic Commitments

Laconic Oblivious Transfer and its Applications

Online/Offline OR Composition of ∑-Protocols

Our Current Knowledge of Knowledge Assumptions

Perfect Non-interactive Zero-Knowledge for NP

A Generic Approach for Constructing Verifiable Random Functions

Secure Multiparty RAM Computation in Constant Rounds

Four-Round Secure Computation without Setup

Unconditional One Time Programs and Beyond

Cryptography for Quantum Computers

Masayuki Fukumitsu Hokkaido Information University, Japan

Fiat-Shamir for Highly Sound Protocols is Instantiable

Post-Quantum Security of Fiat-Shamir

Fast Secure Computation for Small Population over the Internet

Limits of Practical Sublinear Secure Computation

Two-Round Adaptively Secure Protocols from Standard Assumptions

Impossibility of SNARGs

Identity Based Encryption from the Diffie-Hellman Assumption

Oded Goldreich Weizmann Institute of Science

Presentation transcript:

Alessandra Scafuro Practical UC security Black-box protocols fellow talk

intro Practical UC security Practical UC security Black-box protocols University of Salerno Ivan Visconti PhD 2013-2014 UCLA Rafail Ostrovsky Jan 2015 BU & NEU Canetti & Wichs Practical UC security Practical UC security Black-box protocols

Black-box protocols

Black-box protocols semi-honest P1 P2

Black-box protocols malicious P1 P2

Black-box protocols malicious P1 P2 Specific Assumption proof correctness proof correctness proof correctness proof correctness

Black-box protocols P1 P2 Specific Assumption proof proof correctness

Black-box protocols General Assumption P1 P2 Specific Assumption proof correctness proof correctness proof correctness proof correctness

instantiate with several hardness assumptions General Assumptions instantiate with several hardness assumptions minimal assumptions? rounds [Katz Ostrovsky 04] minimal round complexity?

Black-box protocols General Assumption P1 P2 P1 P2 Specific Assumption General Assumption NP-reduction Theoretical insights Inherently inefficient P1 P2 P1 P2 proof correctness proof correctness proof correctness proof correctness proof correctness

Black-box protocols Black-box General Assumption P1 P2 P1 P2 Specific Assumption General Assumption General Assumption f NP-reduction P1 P2 P1 P2 proof correctness proof correctness proof correctness proof correctness proof correctness

? Black-box General Assumptions more no need of circuit, NP reduction instantiate with several hardness assumptions no need of circuit, NP reduction primitives can be instantiated with hardware/oracles more General Assumption Black-box ?

Black-box protocols cut & choose Black-box General Assumption P1 P2 P1 Specific Assumption General Assumption General Assumption f NP-reduction proof? P1 P2 P1 P2 [Ishai-Kushilevitz-Lindell-Petrank06, IK Ostrovsky-Sahai07, IKOPS11 Haitner08, Pass-Wee09, Choi-Dachman-Soled-Malkin-Wee09] cut & choose proof correctness proof correctness proof correctness proof correctness proof correctness

Black-box protocols π1 π2 π3 π4 π5 Black-box General Assumption P1 P2 Specific Assumption General Assumption General Assumption f P1 P2 P1 P2 P1 P2 π1 π2 π3 π4 π5 proof correctness proof correctness proof correctness check P1 proof correctness proof correctness

Black-box protocols π1 π2 π3 π4 π5 π5 Black-box General Assumption P1 Specific Assumption General Assumption General Assumption f P1 P2 P1 P2 P1 P2 π1 π2 π3 π4 π5 π5 proof correctness proof correctness proof correctness check P1 proof correctness check P2 proof correctness recombine compute

General Assumption Yes 4 rounds? rounds Black-box General Assumption cut & choose techniques Black-box General Assumption General Assumption Yes [Kil88, IPS08, IKLP11,IKOS07, PW09,CDMW09,..] minimal assumptions (feasibility of MPC) minimal rounds 4 rounds? rounds [Katz Ostrovsky 04] succinctness

4 rounds?? P1 P2 P1 P2 π1 π2 π3 π4 π5 Black-box General Assumption recombine compute 4. 5. 1. Com P1 2. Com P2 3. Checks P1 P2 π1 π2 π3 π4 π5 check P1 check P2 recombine compute

General Assumption Yes Yes Black-box General Assumption cut & choose techniques Black-box General Assumption General Assumption minimal assumptions (feasibility of MPC) Yes [IKLP11,IKOS07, PW09,CDMW09] CRYPTO 2015 Ostrovsky, Scafuro, Richelson minimal rounds Yes STOC 2014 Goyal, Ostrovsky, Scafuro, Visconti Succinctness

Goyal, Ostrovsky, Scafuro, Visconti more ? Black-box General Assumption General Assumption WI Universal Arguments and public coin ZK from black-box Hash Function STOC 2014 Goyal, Ostrovsky, Scafuro, Visconti RO Information theoretically secure public coin ZK in NPRO

? Black-box Open problem protocols Closing the gap General Assumption Black-box ? Application of developed techniques Physical Zero-Knowledge PUFs Oracle Oracle

Practical UC-security Other topics Practical UC-security CCS 2014 Canetti, Jain, Scafuro We introduce the Global Random Oracle Model Garbled RAM Analog of garbled circuits for RAM programs STOC 2015 Garg, Lu, Ostrovsky, Scafuro We show how to construct garbled RAM from OWFs UC security with PUFs/ stateless tokens [OSVW13, SD13] Concurrency/ [SV12] Simultaneous Resettability [COSV12] SOA-security [ORSV13]

thanks.