NYU Cryptography Group at Courant Institute Students Faculty

  • Slides: 23
Download presentation
NYU Cryptography Group at Courant Institute • Students: • Faculty: – Yevgeniy Dodis dodis@cs.

NYU Cryptography Group at Courant Institute • Students: • Faculty: – Yevgeniy Dodis dodis@cs. nyu. edu – Victor Shoup shoup@cs. nyu. edu – Nelly Fazio – Michael Freedman – Anca Ivan – Antonio Nicolosi – Roberto Oliveira – Shabsi Walfish

Cryptography Reading Group • Meet every week – This semester Friday, 1 pm, room

Cryptography Reading Group • Meet every week – This semester Friday, 1 pm, room 101 • Drop by! – Contact me to be put on the mailing list http: //www. scs. nyu. edu/crypto

Our Main Goals • Improving the security and/or efficiency of cryptographic applications • Designing

Our Main Goals • Improving the security and/or efficiency of cryptographic applications • Designing new, provably secure cryptographic primitives • Formalization and rigorous analysis of common cryptographic practices • Protecting against key exposure • Secure distributed/multiparty computation

Our Style: Provable Security • Formal definition for the cryptographic task at hand •

Our Style: Provable Security • Formal definition for the cryptographic task at hand • A concrete scheme which provably satisfies the above definition, assuming some commonly believed and well studied mathematical problem is “hard” • Ensures that the only way to break the cryptographic scheme is to break a well studied mathematical problem, which is very unlikely (e. g. , factoring) • Gives much higher guarantee/assurance than commonly utilized “heuristic” approaches

Crypto Skills • Creativity: open mind, love for puzzles • Formalism (proofs!) and elementary

Crypto Skills • Creativity: open mind, love for puzzles • Formalism (proofs!) and elementary math (number theory, probability) • Ability to ask interesting questions • Ability to think as a devil…

Some of Our Projects • • Signature and Encryption Schemes Authenticated Encryption Resilience to

Some of Our Projects • • Signature and Encryption Schemes Authenticated Encryption Resilience to Key Exposure Distributed and Multi-party Cryptography – Two-party computation • • • Digital Right Management Cryptography with Imperfect Randomness Ideal Hash Function Methodology Fault-tolerant Authentication Privacy and Anonymity …

Some projects I have been involved in @ NYU… Warnings: • Not meant to…

Some projects I have been involved in @ NYU… Warnings: • Not meant to… – give formal introduction to cryptography – be crystal clear if you see it for the first time • Instead… – give vague summary of the “kind” of things I like – emphasize joint works with students and faculty • Talk to me if interested in details!

Partial Key Exposure • "Exposure-Resilient Functions and All-Or. Nothing Transforms" , Eurocrypt, 2000. •

Partial Key Exposure • "Exposure-Resilient Functions and All-Or. Nothing Transforms" , Eurocrypt, 2000. • "On Perfect and Adaptive Security in Exposure-Resilient Cryptography", Eurocrypt, 2001. • "Exposure-Resilience for Free: the Case of Hierarchical ID-based Encryption", IEEE International Security In Storage Workshop (SISW), 2002.

Key Evolving Schemes v Designed new model of key-insulated security, led to intrusion-resilient security

Key Evolving Schemes v Designed new model of key-insulated security, led to intrusion-resilient security • "Key-Insulated Public Key Cryptosystems", Eurocrypt, 2002. • "Strong Key-Insulated Signature Schemes", Workshop on Public Key Cryptography (PKC), 2003. • "Intrusion-Resilient Public-Key Encryption", RSA Conference, Cryptography Track (CTRSA), 2003.

Two-Party Schemes • Max Krohn, David Mazieres and Antonio Nicolosi, "Proactive Two-Party Signatures for

Two-Party Schemes • Max Krohn, David Mazieres and Antonio Nicolosi, "Proactive Two-Party Signatures for User Authentication", Network and Distributed System Security Symposium (NDSS), 2003. • Anca Ivan, "Proxy Cryptography Revisited", Network and Distributed System Security Symposium (NDSS), 2003. • "Generic Two-party CCA-secure Encryption Scheme and its Applications", manuscript

Authenticated Encryption • "On the Security of Joint Signature and Encryption", Eurocrypt, 2002. •

Authenticated Encryption • "On the Security of Joint Signature and Encryption", Eurocrypt, 2002. • "Concealment and Its Applications to Authenticated Encryption", Eurocrypt, 2003. • Michael Freedman and Shabsi Walfish, "Parallel Signcryption with OAEP, PSS-R and other Feistel Paddings", submitted to Crypto 2003. • Michael Freedman and Shabsi Walfish, "Universal Padding Schemes", manuscript. • "Parallel Authenticated Encryption", manuscript.

Digital Right Management • Nelly Fazio, "Public Key Broadcast Encryption for Stateless Receivers", ACM

Digital Right Management • Nelly Fazio, "Public Key Broadcast Encryption for Stateless Receivers", ACM Workshop on Digital Rights Management, 2002. • Nelly Fazio, "Public Key Broadcast Encryption Secure Against Adaptive Chosen Ciphertext Attack", Workshop on Public Key Cryptography (PKC), 2003. • Nelly Fazio, "Fully Scalable Public-Key Traitor Tracing", submitted, 2003. • Nelly Fazio, "Forward-Secure Broadcast Encryption", manuscript.

Imperfect Randomness • "New Imperfect Random Source with Applications to Coin-Flipping", International Colloquium on

Imperfect Randomness • "New Imperfect Random Source with Applications to Coin-Flipping", International Colloquium on Automata, Languages and Programming (ICALP), 2001. • Joel Spencer, "On the (non-)Universality of the One-Time Pad", Foundations of Computer Science (FOCS), 2002. • Roberto Oliveira, "On Extracting Private Randomness over a Public Channel", manuscript.

Distributed Cryptography • "Parallel Reducibility for Information. Theoretically Secure Computation", Crypto, 2000. • "Efficient

Distributed Cryptography • "Parallel Reducibility for Information. Theoretically Secure Computation", Crypto, 2000. • "Efficient Construction of (Distributed) Verifiable Random Functions", Workshop on Public Key Cryptography (PKC), 2003 • “Distributed Block Ciphers", manuscript

Cryptography: Other… • "Lower Bounds for Oblivious Transfer Reductions", Eurocrypt, 1999. • "A Cryptographic

Cryptography: Other… • "Lower Bounds for Oblivious Transfer Reductions", Eurocrypt, 1999. • "A Cryptographic Solution to a Game Theoretic Problem", Crypto, 2000. • "On the Power of Claw-Free Permutations", Conference on Security in Communication Networks (SCN), 2002

Algorithmic Game Theory v Can moderate taxes force selfish users minimize global traffic and

Algorithmic Game Theory v Can moderate taxes force selfish users minimize global traffic and congestion? • Richard Cole, "Pricing Network Edges for Heterogeneous Selfish Users", Symposium on Theory of Computing (STOC), 2003. • Richard Cole, "The Cost of Taxes for Selfish Routing", ACM Conference on Electronic Commerce (EC), 2003.

My Other Interests • Algorithms: randomized and approx. algorithms, network design… • Coding Theory:

My Other Interests • Algorithms: randomized and approx. algorithms, network design… • Coding Theory: relates to crypto too • Complexity Theory: derandomization… • Combinatorics and Graph Theory • Anything else that has proofs and requires problem solving…

Recap of some recent group activities

Recap of some recent group activities

Signature & Encryption • First provably secure and yet efficient signature and encryption schemes

Signature & Encryption • First provably secure and yet efficient signature and encryption schemes [CS 98, CS 99, CS 02] – lead to new standards for PKI • Efficient schemes utilizing ideal hash functions [Sho 00, Sho 01, DR 02, DFW 03, DFJW 03] • Signature / encryption schemes with extended functionalities [CS 03, DF 03, NKDM 03]

Authenticated Encryption • First formal modeling of public-key authenticated encryption (signcryption) [ADR 02] •

Authenticated Encryption • First formal modeling of public-key authenticated encryption (signcryption) [ADR 02] • Parallel authenticated encryption [ADR 02, DFW 03, DFJW 03, Dod 03 a] • Designing authenticated encryption for long messages [DA 03]

Key Exposure Protection • Exposure-resilient functions and All-ornothing transforms [CDH 00, DSS 01] •

Key Exposure Protection • Exposure-resilient functions and All-ornothing transforms [CDH 00, DSS 01] • Key-insulated signature and encryption scheme [DKXY 02, DKXY 03] • Intrusion-Resilient Encryption [DKY 03] • Remotely-Keyed Encryption [DA 03] • Server-Aided/Proxy/Proactive Cryptography [NKDN 03, ID 03, DY 02]

Distributed Computation • Byzantine Agreement [CKS 00, CKPS 01, KS 01] • Threshold Cryptosystems

Distributed Computation • Byzantine Agreement [CKS 00, CKPS 01, KS 01] • Threshold Cryptosystems [SG 98, Sho 00] • Distributed verifiable random functions and block ciphers [Dod 03 b, DY 03] • Joint generation of special RSA keys [ACS 02] • Two-party computation [NKDN 03, ID 03] • Concurrent protocols composition [DM 00]

Some Other Projects • Digital right management [DF 02, DF 03, DFKY 03] •

Some Other Projects • Digital right management [DF 02, DF 03, DFKY 03] • Ideal Hash Function Methodology [Dod 03 b, DS 03] • Basing Cryptography on Imperfect Randomness [DS 02, DO 03] • Cryptography and Game Theory [DHR 00] • …

LE COURANT CONTINU Le courant continu Un courantLE COURANT CONTINU Le courant continu Un courant
Online conflictfree coloring Shakhar Smorodinsky Courant Institute NYUOnline conflictfree coloring Shakhar Smorodinsky Courant Institute NYU
MACHINES COURANT CONTINU MACHINES COURANT CONTINU OBJECTIFS DterminerMACHINES COURANT CONTINU MACHINES COURANT CONTINU OBJECTIFS Dterminer
Le Moteur courant continu Moteur courant continu 1Le Moteur courant continu Moteur courant continu 1
Dfinitions Forme dun courant cest limage dun courantDfinitions Forme dun courant cest limage dun courant
LE COURANT ALTERNATIF Force lectromotrice ALTERNATIVE Dfinitions CourantLE COURANT ALTERNATIF Force lectromotrice ALTERNATIVE Dfinitions Courant
Le courant lectrique 8 2 Llectricit courant PendantLe courant lectrique 8 2 Llectricit courant Pendant
NYU Natural Language Processing at NYU the ProteusNYU Natural Language Processing at NYU the Proteus
Care Devices for Epilepsy NYU Epilepsy Center NYUCare Devices for Epilepsy NYU Epilepsy Center NYU
NYU Accra Fall 2013 Predeparture Orientation NYU AccraNYU Accra Fall 2013 Predeparture Orientation NYU Accra
Cryptography www wiley comgogollmann Cryptography Cryptography is theCryptography www wiley comgogollmann Cryptography Cryptography is the
UNIT5 Cryptography 1 Principles Of Cryptography 2 CryptographyUNIT5 Cryptography 1 Principles Of Cryptography 2 Cryptography
Introduction to Cryptography 1 What is Cryptography CryptographyIntroduction to Cryptography 1 What is Cryptography Cryptography
Basic Cryptography 1 What is cryptography Cryptography isBasic Cryptography 1 What is cryptography Cryptography is
Introduction to Cryptography 1 Cryptography Cryptography Original meaningIntroduction to Cryptography 1 Cryptography Cryptography Original meaning
2 12 Cryptography Javascript Cryptography Backend Cryptography Frontend2 12 Cryptography Javascript Cryptography Backend Cryptography Frontend
BASIC CRYPTOGRAPHY Classical Cryptography Public Key Cryptography OVERVIEWBASIC CRYPTOGRAPHY Classical Cryptography Public Key Cryptography OVERVIEW
CRYPTOGRAPHY CRYPTOGRAPHY Krypts grphein secret writing CRYPTOGRAPHY KryptsCRYPTOGRAPHY CRYPTOGRAPHY Krypts grphein secret writing CRYPTOGRAPHY Krypts
CISSP Cryptography 1 Cryptography Cryptographic Life Cycle CryptographyCISSP Cryptography 1 Cryptography Cryptographic Life Cycle Cryptography
Cryptography Cryptography the basics cryptography deals with techniquesCryptography Cryptography the basics cryptography deals with techniques
NYU Faculty Research Descriptions e DNA October 16NYU Faculty Research Descriptions e DNA October 16
Biocomputational Puzzles Dennis Shasha Courant Institute New YorkBiocomputational Puzzles Dennis Shasha Courant Institute New York