## RISCS Hosts 5/12 Charles River Crypto Day

**Friday, May 12, 2017**

**9:30 am – 5:00 pm**

**Hariri Institute for Computing, Seminar Room
111 Cummington Mall, Boston, MA**

Sponsored and hosted by the Hariri Institute and the BU Center for Reliable Information Systems and Cyber Security (RISCS), the Charles River Crypto Day brings together academics and research scientists from local universities and research labs to discuss recent advances in cryptography. The Charles River Crypto Day series, which is open to the public, is a recurring networking opportunity for faculty, postdocs, graduate students, and research scientists pursuing basic cryptography research in the Greater Boston Area. The event is free, but registration is required.

#### Program & Abstracts

##### 9:30 – 10:00 Breakfast

##### 10:00 - 10:50 Raluca Ada Popa: An Oblivious and Encrypted Distributed Analytics Platform

Many systems run rich data analytics on sensitive data in the cloud, but are prone to data breaches. A recent hardware enclave architecture promises data confidentiality and isolated execution of arbitrary computations, yet still suffers from leakage due to memory and network accesses patterns. In this talk, I will describe Opaque, a distributed data analytics platform supporting a wide range of queries while protecting the data. Even a compromised operating system sees only encrypted data. Opaque also protects against leakage from memory and network accesses outside of the enclave (a property called obliviousness). To accomplish this goal, Opaque introduces new distributed oblivious relational operators, as well as new query planning techniques to optimize these new operators. Opaque is implemented on Spark SQL with few changes to the underlying system. Opaque provides data encryption, authentication, and computation verification with a performance ranging from 52% faster to 3.3x slower than vanilla Spark SQL; obliviousness comes with a 1.6–46x overhead. At the same time, Opaque provides an improvement of three orders of magnitude over state-of-the-art oblivious protocols.

Joint work with W. Zheng, A. Dave, J. G. Beekman, J. E. Gonzalez, and I. Stoica.

[Video Recording – Raluca Ada Popa]

##### 11:00 - 11:50 Justin Holmgren: Delegation with Nearly Minimal Time-Space Overhead

Consider a scenario in which a client wants to utilize a powerful, but untrusted, server to perform computations which are beyond the client’s ability. Since the client does not trust the server, we would like the server to certify the correctness of the result. We would like the verification procedure to be extremely efficient, whereas the complexity of proving shouldn’t be much larger than that of computing.

Assuming LWE, we construct a one-round argument-system for proving the correctness of any time T and space S computation, in which both the verifier and prover are extremely efficient. In particular, the prover runs in time T * poly(k) and space S + poly(k), where k is a security parameter.

Our result builds on a line of work initiated by Kalai et al. (STOC, 2014). The prover in all of these works runs in time T^c for a large constant c (where c is at least 3). As an additional contribution we significantly simplify a central construct that appears in all of these works.

Joint work with Ron Rothblum.

[Video Recording – Justin Holmgren]

##### 12:00 – 13:30 Lunch

##### 13:30 - 14:20 Fabrice Ben Hamouda: On the Robustness of Non-Interactive Multi-Party Computation

Non-Interactive Multiparty Computation (Beimel et al., Crypto 2014) is a very powerful notion equivalent (under some corruption model) to garbled circuits, Private Simultaneous Messages protocols, and obfuscation. We present robust solutions to the problem of Non-Interactive Multiparty Computation in the computational and information-theoretic models. Our results include the first efficient and robust protocols to compute any function in NC1 for constant-size collusions, in the information-theoretic setting and in the computational setting, to compute any function in P for constant-size collusions, assuming the existence of one-way functions. Our constructions start from a Private Simultaneous Messages construction (Feige, Killian Naor, STOC 1994 and Ishai, Kushilevitz, ISTCS 1997) and transform it into a Non-Interactive Multiparty Computation for constant-size collusions.

We also present a new Non-Interactive Multiparty Computation protocol for symmetric functions with significantly better communication complexity compared to the only known one of Beimel et al.

This is a joint work with Hugo Krawczyk and Tal Rabin.

[Video Recording – Fabrice Ben Hamouda]

##### 14:30 - 15:20 Abhi Shelat: Full Accounting for Verifiable Outsourcing

Non-Interactive Multiparty Computation (Beimel et al., Crypto 2014) is a very powerful notion equivalent (under some corruption model) to garbled circuits, Private Simultaneous Messages protocols, and obfuscation. We present robust solutions to the problem of Non-Interactive Multiparty Computation in the computational and information-theoretic models. Our results include the first efficient and robust protocols to compute any function in NC1 for constant-size collusions, in the information-theoretic setting and in the computational setting, to compute any function in P for constant-size collusions, assuming the existence of one-way functions. Our constructions start from a Private Simultaneous Messages construction (Feige, Killian Naor, STOC 1994 and Ishai, Kushilevitz, ISTCS 1997) and transform it into a Non-Interactive Multiparty Computation for constant-size collusions.

We also present a new Non-Interactive Multiparty Computation protocol for symmetric functions with significantly better communication complexity compared to the only known one of Beimel et al.

Joint work with Riad Wahby, Ye Ji, Andrew J Blumberg, Justin Thaler, Michael Walfish and Thomas Wies.

[Video Recording – Abhi Shelat]

##### 15:20 – 15:50 Break

##### 15:50 - 16:40 Eran Tromer: PhotoProof: Cryptographic Image Authentication for Any Set of Permissible Transformations

Non-Interactive Multiparty Computation (Beimel et al., Crypto 2014) is a very powerful notion equivalent (under some corruption model) to garbled circuits, Private Simultaneous Messages protocols, and obfuscation. We present robust solutions to the problem of Non-Interactive Multiparty Computation in the computational and information-theoretic models. Our results include the first efficient and robust protocols to compute any function in NC1 for constant-size collusions, in the information-theoretic setting and in the computational setting, to compute any function in P for constant-size collusions, assuming the existence of one-way functions. Our constructions start from a Private Simultaneous Messages construction (Feige, Killian Naor, STOC 1994 and Ishai, Kushilevitz, ISTCS 1997) and transform it into a Non-Interactive Multiparty Computation for constant-size collusions.

We also present a new Non-Interactive Multiparty Computation protocol for symmetric functions with significantly better communication complexity compared to the only known one of Beimel et al.

This is a joint work with Hugo Krawczyk and Tal Rabin.

[Video Recording – Eran Tromer]

##### 16:50 Ushering in of Summer

*Thank you to the Modular Approach to Cloud Security (MACS) project for support of Charles River Crypto Day.*