[Busec] Seminar: two speakers next week

Yilei Chen chenyl at bu.edu
Thu Oct 5 22:06:11 EDT 2017

Next week we will have two great speakers. On Wednesday Oct 11 Sam Kim from
Stanford will tell us about how to build threshold cryptosystems from
standard lattices assumptions. On Thursday Oct 12 Ilan Komargodski from
Cornell Tech will talk about multi-collision resistant hash functions.
Lunches are provided at BUsec lounge after both talks.

Title: Threshold Cryptosystems From Threshold Fully Homomorphic Encryption
Speaker: Sam Kim (Stanford)
Wednesday Oct 11, 2017, 10 am - 11 am.
BU Hariri Institute Seminar room. 111 Cummington St, Boston MA 02215.

Abstract: We develop a general approach to adding a threshold functionality
to a large class of (non-threshold) cryptographic schemes. A threshold
functionality enables a secret key to be split into a number of shares, so
that only a threshold of parties can use the key, without reconstructing
the key. We begin by constructing a threshold fully-homomorphic encryption
scheme (TFHE) from the learning with errors (LWE) problem. We next
introduce a new concept, called a universal thresholdizer, from which many
threshold systems are possible. We show how to construct a universal
thresholdizer from our TFHE. A universal thresholdizer can be used to add
threshold functionality to many systems, such as CCA-secure public key
encryption (PKE), signature schemes, pseudorandom functions, and others
primitives. In particular, by applying this paradigm to a (non-threshold)
lattice signature system, we obtain the first single-round threshold
signature scheme from LWE.

Joint work with Dan Boneh, Rosario Gennaro, Steven Goldfeder, Aayush Jain,
Peter M. R. Rasmussen and Amit Sahai

Title: Collision Resistant Hashing for Paranoids: Dealing with Multiple
Speaker: Ilan Komargodski (Cornell Tech)
Thursday Oct 12, 2017, 11 am - 12 pm.
BU Hariri Institute Seminar room. 111 Cummington St, Boston MA 02215.

A collision resistant hash (CRH) function is one that compresses its input
yet it is hard to find a collision, i.e. a x_1 != x_2 s.t. h(x_1) = h(x_2).
Collision resistant hash functions are one of the more useful cryptographic
primitives both in theory and in practice and two prominent applications
are in signature schemes and succinct zero-knowledge arguments. We consider
a relaxation of the above requirement that we call Multi-CRH, a function
where it is hard to find x_1, x_2,...,x_k which are all distinct, yet
h(x_1) = h(x_2) =  ... = h(x_k). We show that in major applications of CRH
functions it is possible to replace them by the weaker notion of an MCRH,
albeit at some price. On the other hand we show black-box separation
results from standard CRH and a hierarchy of such Multi-CRHs.

Based on joint work with Moni Naor and Eylon Yogev.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20171005/37498dae/attachment.html>

More information about the Busec mailing list