[Busec] busec this week: Merrielle Spain (Wed 10am)

Sharon Goldberg goldbe at cs.bu.edu
Tue Oct 14 18:54:14 EDT 2014

At this week's seminar, we have Merrielle Spain from Lincoln Labs talking
about physically unclonable functions (PUFs); this continues our miniseries
of talks on finding good sources of randomness for crypto keys.   The
following week, we host Omkant Pandey from UIUC, who give a talk about
obfuscation.  Lunch provided as usual, and abstracts below.

See you there!

BUsec Calendar:  http://www.bu.edu/cs/busec/
BUsec Mailing list: http://cs-mailman.bu.edu/mailman/listinfo/busec

The busec seminar gratefully acknowledges the support of BU's Center for
Reliable Information Systems and Cyber Security (RISCS).


Deriving Robust Keys from Physical Unclonable Functions
Merrielle Spain. Lincoln Labs.
October 15, 2014, 10-11.30am
Hariri Seminar Room, MCS180, 111 Cummington St

Weak physical unclonable functions (PUFs) can instantiate read-proof
hardware tokens (Tuyls et al. 2006, CHES) where benign variation, such as
changing temperature, yields a consistent key, but invasive attempts to
learn the key destroy it. Previous approaches evaluate security by
measuring how much an invasive attack changes the derived key (Pappu et al.
2002, Science). If some attack insufficiently changes the derived key, an
expert must redesign the hardware.

An unexplored alternative uses software to enhance token response to known
physical attacks. Our approach draws on machine learning. We propose a
variant of linear discriminant analysis (LDA), called PUF LDA, which
reduces noise levels in PUF instances while enhancing changes from known

We compare PUF LDA with standard techniques using an optical coating PUF
and the following feature types: raw pixels, fast Fourier transform,
short-time Fourier transform, and wavelets. We measure the true positive
rate for valid detection at a 0% false positive rate (no mistakes on
samples taken after an attack). PUF LDA improves the true positive rate
from 50% on average (with a large variance across PUFs) to near 100%.

While a well-designed physical process is irreplaceable, PUF LDA enables
system designers to improve the PUF reliability-security tradeoff by
incorporating attacks without redesigning the hardware token.

Public-Coin Differing-Inputs Obfuscation and Its Applications
Omkant Pandey. UIUC.
October 22, 2014, 10-11.30am
Hariri Seminar Room, MCS180, 111 Cummington St

Differing inputs obfuscation (diO) is a strengthening of
indistinguishability obfuscation (iO) that has recently found applications
to improving the efficiency and generality of obfuscation, functional
encryption, non-black-box simulation, and several other related primitives.
These applications require the “security” of diO to hold even in the
presence of an auxiliary input that is generated together with the
programs. However, recent negative results cast serious doubt on the
plausibility of general-purpose diO with respect to general auxiliary
inputs. This leaves open the existence of a variant of diO that is
plausible, simple, and useful for applications.

We suggest such a diO variant that we call *public-coin* diO. A public-coin
diO restricts the original definition of diO by requiring the auxiliary
input to be a public, trapdoor-free, random string which is given as input
to all relevant algorithms. In contrast to standard diO, it remains very
plausible that current candidate constructions of iO for circuits satisfy
the public-coin diO requirement.

We demonstrate the usefulness of the new notion by showing that several
applications of diO can be obtained by relying on the public-coin variant
instead. These include constructions of succinct obfuscation and functional
encryption schemes for Turing Machines as well as obfuscation-based
non-black-box simulation for (concurrent) zero-knowledge.

1st New England Networking and Systems Day
Boston University, Hariri Seminar Room, MCS180, 111 Cummington St
Oct 24, 2014, 9-4.30pm

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20141014/6fd91989/attachment.html>

More information about the Busec mailing list