[Busec] BUsec this week: Shai Halevi (Wed 10am)

Sharon Goldberg goldbe at cs.bu.edu
Tue Jan 28 17:27:47 EST 2014

Shai Halevi will be speaking at seminar this week, usual place and time
(Wed 10am) about two-round secure MPC from indistinguishability
obfuscation. See you there!


 BUsec Calendar:  http://www.bu.edu/cs/busec/
 BUsec Mailing list: http://cs-mailman.bu.edu/mailman/listinfo/busec
 How to get to BU from MIT: The CT2 bus or MIT's "Boston Daytime Shuttle"


Two-round secure MPC from Indistinguishability Obfuscation
Shai Halevi. IBM.
Wed, January 29, 10:00am - 11:30am
MCS137 (map)

One fundamental complexity measure of an MPC protocol is its *round
complexity*. Asharov et al. recently constructed the first three-round
protocol for general MPC in the CRS model. Here, we show how to achieve
this result with only two rounds. We obtain UC security with abort against
static malicious adversaries, and fairness if there is an honest majority.
Additionally the communication in our protocol is only proportional to the
input and output size of the function being evaluated and independent of
its circuit size. Our main tool is indistinguishability obfuscation, for
which a candidate construction was
recently proposed by Garg et al.

The technical tools that we develop in this work also imply virtual black
box obfuscation of a new primitive that we call a *dynamic point function*.
This primitive may be of independent interest.

Joint work with Sanjam Garg, Craig Gentry, and Mariana Raykova


Regularity of Lossy Exponentiation and Applications.
Adam Smith.  Penn State.
Wed, February 5, 10am - 11:30am

We study of how ``lossiness'' of the RSA trapdoor permutation under the
$\Phi$-Hiding Assumption can be used to understand the security of
classical RSA-based cryptographic systems. Under Phi-hiding, several
questions or conjectures about the security of such systems can be reduced
to bounds on the regularity  (the distribution of the primitive e-th roots
of unity mod N) of the ``lossy'' RSA map  (the mape x -> x^e where e
divides phi(N)).

Specifically, this is the case for: (i) showing that large consecutive runs
of the RSA input bits are simultaneously hardcore, (ii) showing the
widely-deployed PKCS #1 v1.5 encryption is semantically secure, (iii)
improving the security bounds of Kiltz et al. (2010) for RSA-OAEP.

We prove several results on the regularity of the lossy RSA map using both
classical techniques and recent estimates on Gauss sums over finite
subgroups, thereby obtaining new results in the above applications. Our
results deepen the connection between ``combinatorial'' properties of
exponentiation in Z_N and the security of RSA-based constructions.

This is based on joint work with Adam O'Neill and Mark Lewko that appeared
at Eurocrypt 2013.

Sharon Goldberg
Computer Science, Boston University
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20140128/dcf4e96f/attachment.html>

More information about the Busec mailing list