[HGI-News-de] SPECIAL HGI Kolloquium Mi(!), 28.4., 15:00 Uhr, IC4/39: Permutations among the HFE Polynomials von Enrico Thomae

[Newsletter des Horst Görtz Instituts]

Hallo,

im Rahmen des HGI Kolloquiums "Aktuelle Themen der IT-Sicherheit" wird außerplanmäßig am kommenden *Mittwoch* der folgende zusätzliche Vortrag angeboten:

Juan Garay (AT&T Labs -- Research):
*A Framework for the Sound Specification of Cryptographic Tasks*

Termin:
Mittwoch(!), den 28. April um  15.00 Uhr (*s.t.*)
Raum: IC 4/39

Abstract:
Nowadays it is widely accepted to formulate the security of a protocol carrying out a given task via the "trusted-party paradigm," where the protocol execution is compared with an ideal process where the outputs are computed by a trusted party that sees all the inputs. A protocol is said to securely carry out a given task if running the protocol with a realistic adversary amounts to "emulating'' the ideal process with the appropriate trusted party. In the Universal Composability (UC) framework the program run by the trusted party is called an /ideal functionality/. While this simulation-based security formulation provides strong security guarantees, its usefulness is contingent on the properties and correct specification of the ideal functionality, which, as demonstrated in recent years by the coexistence of complex, multiple functionalities for the same task as well as by their "unstable" nature, does not seem to be an easy task.

In this work we address this problem, by introducing a general methodology for  the sound specification of  ideal functionalities. First, we introduce the class of /canonical/ ideal functionalities for a cryptographic task, which unifies the syntactic specification of a large class of cryptographic tasks under the same basic template functionality. Furthermore, this representation enables the isolation of the individual properties of a cryptographic task as separate members of the corresponding class.  By endowing the class of canonical functionalities with an algebraic structure we are able to combine basic functionalities to a single final canonical functionality for a given task. Effectively, this puts forth a bottom-up approach for the specification of ideal functionalities: first one defines a set of basic constituent functionalities for the task at hand, and then combines them into a single ideal functionality taking advantage of the algebraic structure.

We showcase our methodology by applying it to a variety of basic cryptographic tasks, including commitments, digital signatures, zero-knowledge proofs, and oblivious transfer. While in some cases our derived canonical functionalities are equivalent to existing formulations, thus attesting to the validity of our approach, in others they differ, enabling us to "debug" previous definitions and pinpoint their shortcomings.

This is joint work with Aggelos Kiayias (Univ. of Athens and Univ. of Connecticut) and Hong-Sheng Zhou (Univ. of Connecticut).



Interessierte sind herzlich eingeladen!



Vorankündigung: 
29. April 2010: Thorsten Holz (Embedded Malware), Honeypots, Botnets, Malware Analysis, and More-Introducing the Embedded Malware Group - 6. Mai 2010: Albrecht Petzold (Darmstadt), A Multivariate Signature Scheme with a Partially Cyclic Public Key - 20. Mai 2010: Roberto Avanzi (RUB), Arithmetic of Supersingular Koblitz Curves in Characteristic Three - 27. Mai 2010: Orr Dunkelman (The Weizmann Institute of Science), Title TBA - 10. Juni 2010 Markus Kasper (EMSEC) Title TBA

Informationen über die nächsten geplanten Vorträge im Rahmen des HGI Kolloquiums sind auch im Web zu finden:
http://www.hgi.rub.de/hgi/hgi-seminar/aktuelles


Viele Grüße
Timo Kasper