ATHENS CRYPTOGRAPHY DAY


& RECUP Workshop funded by
Marie Curie Action IRG


Tuesday, January 7, 2014,   Athens
National Technical University of Athens
Room: Multimedia Amphitheater of the Central Library of N.T.U.A.




Abstract Index

Code-Based Public-Key Cryptosystems: Constructions and Attacks
A New Constant Round ID-based Group Key Agreement Protocol
Cryptographic properties of Boolean functions: recent developments and open problems
A Survey of Group-based Cryptography
Efficient Verifiable Set Operations over Outsourced Databases
Oblivious RAM: state of the art and new constructions
Coin Flipping of Any Constant Bias Implies One-Way Functions
Delegatable Pseudorandom Functions and Applications
Non-interactive zero-knowledge shuffle arguments
Rational Protocol Design: Cryptography Against Incentive-driven Adversaries




Code-Based Public-Key Cryptosystems: Constructions and Attacks


Nicholas Kolokotronis


Code-based public-key cryptosystems are constructed via error correcting codes that allow for efficient decoding algorithms. Their security relies on the intractability of the Computational Syndrome Decoding (CSD) problem for random linear codes. As there is strong evidence that such constructions resist quantum attacks, they constitute a promising research field in post-quantum cryptography. In this talk, an overview of constructions and important cryptanalytic attacks will be presented.





A New Constant Round ID-based Group Key Agreement Protocol


Elisavet Konstantinou


We will present an authenticated ID-based Group Key Agreement (GKA) protocol which requires only one round for its execution. The protocol is contributory, energy-balanced and does not require an online TTP. All these properties and in particular the minimum round requirement, makes the protocol especially suited for ad hoc networks. We will demonstrate the security properties of the new GKA protocol and present its communication/computation efficiency. Finally, we will compare the new protocol with all the one-round GKA protocols proposed so far in the literature and show that it outperforms all the ID-based protocols of this category.





Cryptographic properties of Boolean functions: recent developments and open problems


Konstantinos Limniotis


The security of symmetric encryption algorithms is strongly contingent on the properties of the underlying Boolean functions, since specific properties are required to withstand known types of cryptanalytic attacks. However, constructing Boolean functions satisfying all main cryptographic criteria is still an open problem, whilst the relationships between several cryptographic criteria are still unknown. The aim of this talk is to provide an overview of the recent results in this field.





A Survey of Group-based Cryptography


Dimitris Panagopoulos


In this talk we present a brief survey of group-based cryptographic methods. We review applications to public key cryptography, secret sharing and hash functions. We also discuss group-theoretic analogs of classical problems like the Subset Sum and the Knapsack problems.





Efficient Verifiable Set Operations over Outsourced Databases


Dimitris Papadopoulos


The problem of verifiable computation has been studied extensively in the literature with motivation from applications related to cloud computing. One extension to the problem is verifiable computation over outsourced data, whereby a powerful worker not only performs computations for a weak client but also stores and maintains a large data structure for him. In this talk, we present two schemes for verifiable evaluation of hierarchical set operations (unions, intersections and set-differences) applied to a collection of dynamically changing sets of elements from a given domain. That is, we consider two types of queries issued by the client: updates (insertions and deletions) and data queries, which consist of "circuits" of unions, intersections, and set-differences on the current collection of sets. This type of queries comes up in database queries, keyword search and numerous other applications, and indeed our scheme can be effectively used in such scenarios. The computational cost incurred is proportional only to the size of the final outcome set and to the size of the query, and is independent of the cardinalities of the involved sets. The cost of updates is optimal (O(1) modular operations per update) both for client and server, for element insertion and deletion.





Oblivious RAM: state of the art and new constructions


Panagiotis Rizomiliotis


Oblivious RAM is a powerful primitive that allows a client to hide access patterns in storage outsourcing applications from the server that hosts its data. We present the state of art on O-RAM constructions and we propose directives for further research.





Coin Flipping of Any Constant Bias Implies One-Way Functions


Aris Tentes


We show that the existence of a coin-flipping protocol safe against any non-trivial constant bias, implies the existence of one way functions. This improves upon a recent result of Haitner and Omri [FOCS ’11], who proved this implication for protocols with bias o(1). Unlike the result of Haitner and Omri, our result also holds for weak coin-flipping protocols.





Delegatable Pseudorandom Functions and Applications


Thomas Zacharias


In this talk, we present a novel cryptographic primitive called delegatable pseudorandom functions, or DPRFs for short: in a DPRF scheme, a client enables a proxy to evaluate a pseudorandom function on a strict subset (policy predicate) of its domain, by sending a trapdoor. The main challenge in constructing DPRFs is to achieve bandwidth efficiency, while maintaining the pseudorandomness of unknown values against a malicious proxy. A DPRF may be equipped with an additional property called policy privacy, where the trapdoors hide the respective policy predicates. For the policy of (1-dimensional) ranges, we devise two DPRF constructions. Built upon the tree-based GGM PRF family, our constructions feature delegation size that is only logarithmic in the respective range size. At only a constant-factor efficiency reduction, our second construction is also policy private. Finally, we describe the potential application of our DPRFs in RFID, symmetric searchable encryption, and broadcast encryption.





Non-interactive zero-knowledge shuffle arguments


Bingsheng Zhang


In this talk, we will present a new non-interactive perfect zero-knowledge (NIZK) shuffle argument that, when compared with the only previously known efficient NIZK shuffle argument by Groth and Lu, has a constant factor times smaller computation and communication, and is based on more standard computational assumptions. Differently from Groth and Lu who only prove the co-soundness of their argument under purely computational assumptions, we prove computational soundness under a necessary knowledge assumption. We will also show a general transformation that results in a shuffle argument that has a quadratically smaller common reference string (CRS) and a small constant factor times longer argument than the original shuffle. This can be interpreted as a general technique of decreasing the offline cost of an arbitrary shuffle argument.





Rational Protocol Design: Cryptography Against Incentive-driven Adversaries


Vassilis Zikas


Existing work on "rational cryptographic protocols" treats each party (or coalition of parties) running the protocol as a selfish agent trying to maximize its utility. In this work we propose a fundamentally different approach that is better suited to modeling a protocol under attack from an external entity. Specifically, we consider a two-party game between an protocol designer and an external attacker. The goal of the attacker is to break security properties such as correctness or privacy, possibly by corrupting protocol participants; the goal of the protocol designer is to prevent the attacker from succeeding. We lay the theoretical groundwork for a study of cryptographic protocol design in this setting by providing a methodology for defining the problem within the traditional simulation paradigm. Our framework provides ways of reasoning about important cryptographic concepts (e.g., adaptive corruptions or attacks on communication resources) not handled by previous game-theoretic treatments of cryptography. We also prove composition theorems that---for the first time---provide a sound way to design rational protocols assuming "ideal communication resources" (e.g., broadcast or authenticated channels) and then instantiate these resources using standard cryptographic tools. Finally, we investigate the problem of secure function evaluation in our framework, where the attacker has to pay for each party it corrupts. Our results demonstrate how knowledge of the attacker's incentives can be used to circumvent known impossibility results in this setting. This is joint work with Jaun Garay, Jonathan Katz, Ueli Maurer, and Bjoern Tackmann which was presented at FOCS 2013.



Back to Top