Past Cryptography Seminar

The concept of delegated quantum computing is a quantum extension of  
the classical task of computing with encrypted data without decrypting  
them first. Many quantum protocols address this challenge for a  
futuristic quantum client-server setting achieving a wide range of  
security properties. The central challenge of all these protocols to  
be applicable for classical tasks (such as secure multi party  
computation or fully homomorphic encryption) is the requirement of a  
server with a universal quantum computer. By restricting the task to  
classical computation only, we derive a protocol for unconditionally  
secure delegation of classical computation to a remote server that has  
access to basic quantum devices.

STAR-Vote is voting system that results from a collaboration between a number of
academics and the Travis County, Texas elections office, which currently uses a
DRE voting system and previously used an optical scan voting system. STAR-Vote
represents a rare opportunity for a variety of sophisticated technologies, such
as end-to-end cryptography and risk limiting audits, to be designed into a new
voting system, from scratch, with a variety of real world constraints, such as
election-day vote centers that must support thousands of ballot styles and run
all day in the event of a power failure.
We present and motivate the design of the STAR-Vote system, the benefits that we
expect from it, and its current status.

This is based on joint work with Josh Benaloh, Mike Byrne, Philip Kortum,
Neal McBurnett, Ron Rivest, Philip Stark, Dan Wallach
and the Office of the Travis County Clerk

In recent years there has been amazing progress in building
practical protocols for Multi-Party Computation (MPC).
So much progress in fact that there are now a number of
companies producing products utilizing this technology. A major issue with existing solutions is the high round
complexity of protocols involving more than two players. In this talk I will survey the main protocols for MPC
and recent ideas in how to obtain practical low round
complexity protocols.

Due to its use in cryptographic protocols such as the Diffie--Hellman

key exchange, the discrete logarithm problem attracted a considerable

amount of attention in the past 40 years. In this talk, we summarize

the key technical ideas and their evolution for the case of discrete

logarithms in small characteristic finite fields. This road leads from

the original belief that this problem was hard enough for

cryptographic purpose to the current state of the art where the

algorithms are so efficient and practical that the problem can no

longer be considered for cryptographic use.

We present McEliece encryption scheme and some well-known proposals based on various families of error correcting codes. We introduce several methods for cryptanalysis in order to study the security of the presented proposals.

Quantum computers derive their computational power from the ability to manipulate superposition states of quantum registers. The generic quantum attack against a symmetric encryption scheme with key length n using Grover's algorithm has O(2^(n/2)) time complexity. For this kind of attack, an adversary only needs classical access to an encryption oracle. In this talk I discuss adversaries with quantum superposition access to encryption and decryption oracles. First I review and extend work by Kuwakado and Morii showing that a quantum computer with superposition access to an encryption oracle can break the Even-Mansour block cipher with key length n using only O(n) queries. Then, improving on recent work by Boneh and Zhandry, I discuss indistinguishability notions in chosen plaintext and chosen ciphertext attacks by a quantum adversary with superposition oracle access and give constructions that achieve these security notions.

The Learning with Errors (LWE) problem has become a central building block of modern cryptographic constructions. We will discuss hardness results for concrete instances of LWE. In particular, we discuss algorithms proposed in the literature and give the expected resources required to run them. We consider both generic instances of LWE as well as small secret variants. Since for several methods of solving LWE we require a lattice reduction step, we also review lattice reduction algorithms and propose a refined model for estimating their running times. We also give concrete estimates for various families of LWE instances, provide a Sage module for computing these estimates and highlight gaps in the knowledge about algorithms for solving the Learning with Errors problem.

This is an exciting time to study quantum algorithms. As the technological challenges of building a quantum computer continue to be met there is still much to learn about the power of quantum computing. Understanding which problems a quantum computer could solve faster than a classical device and which problems remain hard is particularly relevant to cryptography. We would like to design schemes that are secure against an adversary with a quantum computer. I'll give an overview of the quantum computing that is accessible to a general audience and use a recently declassified project called "soliloquy" as a case study for the development (and breaking) of post-quantum cryptography.

Recently, a series of unprecedented leaks by Edward Snowden had made it possible for the first time to get a glimpse into the actual capabilities and limitations of the techniques used by the NSA and GCHQ to eavesdrop to computers and other communication devices. In this talk, I will survey some of the things we have learned, and discuss possible countermeasures against these capabilities.