[Busec] busec tomorrow: Pratyay Mukherjee and Aanchal Malhotra; monday: Ethan Heilman

Leonid Reyzin reyzin at cs.bu.edu
Thu Jul 17 15:27:56 EDT 2014

Tomorrow Pratyay Mukherjee from Aarhus will be talking about non-malleable
codes.  His talk will be followed by lunch and our own Aanchal Malhotra's
presentation of her SIGCOMM'14 poster "RPKI vs ROVER: Comparing the Risks
of BGP Security Solutions."

On Monday our own Ethan Heilman will be giving a practice talk for his
SIGCOMM'14 presentation. Please come by and ask him hard questions; you'll
be rewarded by lunch.

Talk abstracts below.


 BUsec Calendar:  http://www.bu.edu/cs/busec/
 BUsec Mailing list: http://cs-mailman.bu.edu/mailman/listinfo/busec
 How to get to BU from MIT: The CT2 bus or MIT's "Boston Daytime Shuttle"

Title: Efficient Non-Malleable Codes and Key-derivations for poly-size
tampering circuit.
Speaker: Pratyay Mukherjee. Aarhus.
Fri, July 18, 10:30am – 12:00pm

Abstract: Non-malleable codes, defined by Dziembowski, Pietrzak and Wichs
(ICS ’10), provide roughly the following guarantee: if a codeword c
encoding some message x is tampered to c’ = f(c) such that c’ is different
from c, then the tampered message x’ contained in c’ reveals no information
about x. Non-malleable codes have applications to immunizing cryptosystems
against tampering attacks and related-key attacks.One cannot have an
efficient non-malleable code that protects against all efficient tampering
functions f as there exists a function which can decode the codeword, maul
the message and re-encode. However, in this work we show “the next best
thing”: for any fixed polynomial P, there exists a non-malleable code for
all tampering function of size < P. The rate of our codes, defined as the
ratio of message to codeword size, approaches 1. Our results are
information-theoretic and our main proof technique relies on a careful
probabilistic method argument using limited independence. As a result, we
get an efficiently samplable family of efficient codes, such that a random
member of the family is non-malleable with overwhelming probability.
Alternatively, we can view the result as providing an efficient
non-malleable code in the “common reference string” (CRS) model.

Moreover, we also introduce a new notion of non-malleable key derivation,
which uses randomness x to derive a secret key y = h(x) in such a way that,
even if x is tampered to a different value x’ = f(x), the derived key y’ =
h(x’) does not reveal any information about y. Our results for
non-malleable key derivation are analogous to those for non-malleable
codes.As a useful tool in our analysis, we rely on the notion of
“leakage-resilient storage” of Davi, Dziembowski and Venturi (SCN ’10) and,
as a result of independent interest, we also significantly improve on the
parameters of such schemes.

This is a joint work with Sebastian Faust, Daniele Venturi and Daniel Wichs.


>From the Consent of the Routed: Improving the Transparency of the RPKI
Speaker: Ethan Heilman. BU
Mon, July 21, 10:00am – 11:30am

The Resource Public Key Infrastructure (RPKI) is a new infrastructure that
prevents some of the most devastating attacks on interdomain routing.
However, the security benefits provided by the RPKI are accomplished via an
architecture that  empowers centralized authorities to \emph{unilaterally}
revoke any IP addresses under their control, potentially taking these IP
addresses offline.

We propose mechanisms to improve the transparency of the RPKI, in order to
mitigate the risk that it will be used for IP address takedowns. We propose
modifying the RPKI's architecture so that (1) any revocation of IP address
space requires the \emph{consent} from all impacted parties, and (2) there
are mechanisms that detect when misbehaving authorities fail to obtain
consent.  We present a security analysis of our architecture, estimate its
overhead using data-driven analysis, and argue why the current status of
the RPKI provides us with unique window of opportunity to implementing our

Joint work with Danny Cooper, Sharon Goldberg and Leonid Reyzin.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20140717/21d452e3/attachment.html>

More information about the Busec mailing list