[Busec] BUsec this week: Ari Juels (Wed 1PM) and BFOC (Friday)

Sharon Goldberg goldbe at cs.bu.edu
Wed Mar 6 09:03:43 EST 2013

Hi all,

Just a reminder for a few events happening this week.

Today Hariri is hosting a talk by Ari Juels at 1PM. (Details below).

On Friday I am hosting BFOC with Nick Feamster; we have settled on a
location -- it will
be the 9th floor photonics building colloquium room at 9 St Mary's St.
Thus far we have over 70 people registered! The program is here:


Finally, next week is March break so there will be no talk, but the
following Monday at our seminar we have a talk by Yevgeniy Dodis from
NYU.  (Abstract below)


---------- Forwarded message ----------
From: Treese, Win <treese at bu.edu>
Date: Fri, Mar 1, 2013 at 4:02 PM
Subject: [RISCS] CCI talk, Wed, March 6: Aggregation and Dispersion in
Cloud Security

The next CCI talk will be on Wednesday, March 6, 1-3 PM at the Hariri Institute.

The guest speaker is Dr. Ari Juels, Chief Scientist of RSA

Title: Aggregation and Dispersion in Cloud Security

Cloud computing and virtualization, a key supporting technology, offer
flexibility and agility in the placement of resources. Certain risks,
however, arise from cloud services’ tendency to aggregate sensitive data
and workloads. I’ll discuss side-channel attacks resulting from the
co-location of disparate tenants’ virtual machines (VMs) on hosts and the
vulnerabilities posed by databases aggregating the authentication secrets,
e.g., password hashes, of numerous users. Conversely, cloud computing
offers new opportunities to distribute data. I’ll describe a new,
research-driven RSA product that splits sensitive data across systems or
organizations, removing the single points of compromise that otherwise
naturally arise in cloud services.

Dr. Ari Juels is Chief Scientist of RSA, The Security Division of
EMC. He joined RSA in 1996.


Overcoming Weak Expectations: Yevgeniy Dodis, New York University
Starts:10:00 am on Monday, March 18, 2013
Location:MCS 137

Recently, there has been renewed interest in basing cryptographic
primitives on weak secrets, where the only information about the
secret is some non-trivial amount of (min-)entropy. From a formal
point of view, such results require to upper bound the expectation of
some function f(X), where X is a weak source in question. We show an
elementary inequality which essentially upper bounds such "weak
expectation" by two terms, the first of which is *independent* of f,
while the second only depends on the variance of f under the *uniform*
distribution. Quite remarkably, as relatively simple corollaries of
this elementary inequality, we obtain some "unexpected" results, in
several cases noticeably simplifying/improving prior techniques for
the same problem. Examples include non-malleable extractors,
leakage-resilient symmetric encryption, seed-dependent condensers,
improved entropy loss for the leftover hash lemma, and alternative to
the dense model theorem.

More information about the Busec mailing list