Security levels in cryptography

Abstract: The phrase "security level of a system" is common in cryptography, but it is rarely defined in the literature. The talk will present a precise definition of security level which I suspect is folklore and is probably well-known to the experts. I will then explore some consequences of this definition, especially in the context of discrete logarithm-based crypto. Finally, I will make some speculative conclusions about key sizes and tightness that will hopefully be surprising and controversial.

Biography: Professor Steven Galbraith has a Bachelor of Computing and Mathematical Sciences from the University of Waikato (NZ), a Master of Science from Georgia Institute of Technology (USA) and a doctorate from Oxford University (UK). He held research positions at Royal Holloway University of London (UK), University of Waterloo (Canada), the Institute for Experimental Mathematics, Essen (Germany) and the University of Bristol (UK).

He was a lecturer from 2001 to 2009 in the Mathematics Department of Royal Holloway University of London (UK), and was made full professor there in 2008. He moved to the University of Auckland in 2009 and is currently the Head of the Mathematics Department.

His research is in computational number theory, computational algebraic geometry and applications in public key cryptography. Currently his main research focus is post-quantum cryptography. He is an international leader in the mathematics of public key cryptography and wrote a large book with this title that was published in 2012 by Cambridge University Press. He has supervised around 12 PhD theses and 20 Masters theses.

He serves on the Editorial board of the journal "Designs, Codes and Cryptography" and was the program co-chair of ASIACRYPT in 2018 and 2019 and the program chair of the Algorithmic Number Theory Symposium in 2020.

The Internet Computer: Evolution of Cryptography

Abstract: For centuries, cryptography has been the art of encrypting message. But, in the late 20th century, the invention of public key cryptography gave rise to a new science. In the decades following this breakthrough, cryptography grew to become an immensely powerful tool — for both misuse and societal benefit. For instance, it has shown how a set of mistrusting and potentially malicious parties can jointly compute a function in a secure way using distributed cryptography. Or the discovery that cryptography allows one to protect the privacy of billions of users in a digital world.

Despite these ground-breaking discoveries, cryptography was still primarily used to encrypt messages. Then, in 2008, cyberpunks altered the trajectory of technology with the Bitcoin protocol — a piece of distributed cryptography implementing a decentralised system with an enormous social impact. As a result, this sparked a new wave of innovation in cryptography and gave rise to the Internet Computer Protocol.

The Internet Computer extends the functionality of the internet from connecting billions of people to also providing millions of developers and entrepreneurs with a public compute platform — creating a revolutionary new way to build websites, enterprise systems, DeFi, and open internet services. In this talk, we briefly review this evolution of cryptography and explain the basics of the Internet Computer Protocol.

Biography: Jan Camenisch is VP of Research & Crypto at DFINITY and Director of the DFINITY Zurich Research Lab. He also serves on Sovrin‘s Technical Governance Board. Before joining DFINITY, Jan was a Principal Research Staff Member at IBM Research – Zurich, where he was leading the Privacy & Cryptography research team and was a member of the IBM Academy of Technology.

He is a leading scientist in the area of privacy and cryptography and a Fellow of the IACR, IEEE, and ACM. Jan has published over 140 widely cited papers, was granted about 140 patents worldwide, and has received a number of awards for his work, including the 2010 ACM SIGSAC outstanding innovation award, the 2013 IEEE computer society technical achievement award, and the 2018 IFIP Kristian Beckman award.

His research interests include cryptographic protocols and their building blocks. zero-knowledge proofs, composable security frameworks, distributed computing, blockchain computing, and cryptography for privacy.

Chosen Ciphertext Security from Trapdoor Functions

Abstract: Public key encryption is one of the fundamental pillars of cryptography and secure communication. Any encryption system that we would consider deploying or standardizing should be secure against "chosen ciphertext attacks". This gives security against an active attacker that interacts with a private key holder.

While the community has been successful in developing chosen ciphertext secure systems from specific number theoretic assumptions. Relatively, little is known about constructing these systems from more general and less structured assumptions. In this talk, I'll present a construction of chosen ciphertext secure public-key encryption from (injective) trapdoor functions. Our construction is black box and assumes no special properties (e.g. "lossy", "correlated product secure") of the trapdoor function solving a long standing open problem. The work was given the best paper award at the CRYPTO 2020 conference.

Biography: Dr. Brent Waters received his Ph.D. in Computer Science from Princeton University in 2004. From 2004-2005, he was a post-doctoral at Stanford University then worked at SRI as a Computer Scientist. In 2008 he joined the faculty at The University of Texas at Austin. Dr. Waters' research interests are in the areas of cryptography computer security. His work has focused on Identity-Based Cryptography, Functional Encryption, and code obfuscation. He has award and invited papers including a recent best paper at CRYPTO 2020. He is noted as a founder of Functional Encryption and Attribute-Based Encryption.

Dr. Waters is a recipient of the NSF CAREER award, a Microsoft Faculty Fellow, a Sloan Research Fellowship, Packard Science and Engineering Fellowship, and Presidential Early Career Award for Scientists and Engineers (PECASE) recipient, winner of the 2015 ACM Grace Murray Hopper award and has a Simons Investigator award.

A sound story — Analog security of Embedded Systems

Abstract: Much security research focuses on protecting the digitalized information, e.g., securing communication via cryptographic methods. Nevertheless, hardware implementation and its internal signal conditioning path could undermine the otherwise secure mechanisms, e.g., attackers can extract secret keys via side channels. As the emerging IoT technology depends on sensors to make automated decisions, it is critical to examine analog cybersecurity, i.e., analyzing the integrity and dependability of information prior to its digitalization. Such a problem is especially important in cyber-physical systems because they depend on sensors to make automated decisions. In this talk, we illustrate a few analog signal injection attacks that utilize the build-in hardware vulnerabilities of various commodity sensing systems as well as proposing the defense strategies. This talk calls into questioning the wisdom of allowing microprocessors and embedded systems to blindly trust hardware abstractions and into ensuring the integrity of sensor outputs.

Biography: Wenyuan Xu is a professor in the College of Electrical Engineering at Zhejiang University. She received her B.S. degree in Electrical Engineering from Zhejiang University in 1998, an M.S. degree in Computer Science from Zhejiang University in 2001, and the Ph.D. degree in Electrical and Computer Engineering from Rutgers University in 2007. Her research interests include embedded systems security, smart systems security, and IoT security. She was granted tenure (an associate professor) in the Department of Computer Science and Engineering at the University of South Carolina in the U.S. She is the associated editors for ACM TOSN，ACM TIoT，IEEE TIoT, and IEEE TMC, and has served on the technical program committees for several IEEE/ACM conferences on wireless networking and security. She has published over 90 papers and her papers have been cited over 6400 times (Google Scholar). She received “best paper award” in ACM CCS 2017, “best paper award” in ACM AsiaCCS 2018.

On Feasibility and Limitations of Detecting False Data Injection Attacks on Smart Grids Using D-FACTS Devices

Abstract: Recent studies have investigated the possibilities of proactively detecting the high-profile false data injection (FDI) attacks on smart grids by using the distributed flexible AC transmission system (D-FACTS) devices, termed as proactive false data detection (PFDD) approach. However, the feasibility and limitations of such an approach have not been systematically studied in the existing literature. In this regard, we explore the feasibility and limitations of adopting the PFDD approach to thwart FDI attacks on smart grids. Specifically, we thoroughly study the feasibility of using PFDD to detect FDI attacks by considering single-bus, uncoordinated multiple-bus, and coordinated multiple-bus FDI attacks, respectively. We prove that PFDD can detect all these three types of FDI attacks targeted on buses or super-buses with degrees larger than 1, if and only if the deployment of D-FACTS devices covers branches at least containing a spanning tree of the grid graph. The minimum efforts required for activating D-FACTS devices to detect each type of FDI attacks are respectively evaluated. In addition, we also discuss the limitations of this approach; it is strictly proved that PFDD is not able to detect FDI attacks targeted on buses or super-buses with degrees equaling 1.

Biography: Rongxing Lu is an associate professor at the Faculty of Computer Science (FCS), University of New Brunswick (UNB), Canada. Before joining UNB in August 2016, he also worked as an assistant professor at the School of Electrical and Electronic Engineering, Nanyang Technological University (NTU), Singapore from April 2013 to August 2016. Rongxing Lu worked as a Postdoctoral Fellow at the University of Waterloo from May 2012 to April 2013. He was awarded the most prestigious “Governor General’s Gold Medal”, when he received his PhD degree from the Department of Electrical & Computer Engineering, University of Waterloo, Canada, in 2012; and won the 8th IEEE Communications Society (ComSoc) Asia Pacific (AP) Outstanding Young Researcher Award, in 2013. He is presently a senior member of IEEE Communications Society. His research interests include applied cryptography, privacy enhancing technologies, and IoT-Big Data security and privacy. He has published extensively in his areas of expertise (with H-index 69 from Google Scholar as of August 2020), and was the recipient of 9 best (student) paper awards from some reputable journals and conferences. Currently, Dr. Lu currently serves as the Vice-Chair (Conferences) of IEEE ComSoc CIS-TC (Communications and Information Security Technical Committee). Dr. Lu is the Winner of 2016-17 Excellence in Teaching Award, FCS, UNB.