{"id":595,"date":"2017-05-13T22:47:35","date_gmt":"2017-05-14T02:47:35","guid":{"rendered":"https:\/\/www.bu.edu\/macs\/?page_id=595"},"modified":"2018-01-22T22:03:26","modified_gmt":"2018-01-23T03:03:26","slug":"meeting-may-2017","status":"publish","type":"page","link":"https:\/\/www.bu.edu\/macs\/workshops\/meeting-may-2017\/","title":{"rendered":"MACS Project Meeting, May 2017"},"content":{"rendered":"<p><strong>Date:<\/strong><br \/>\nFriday, May 19,\u00a02017<\/p>\n<p><strong>Location:<br \/>\n<\/strong>Northeastern University,\u00a0<a href=\"https:\/\/www.northeastern.edu\/campusmap\/map\/qad4.html\">West Village H,<\/a>\u00a0room 366.<\/p>\n<p><strong>Schedule:<\/strong><\/p>\n<table valign=\"top\" style=\"direction: ltr; border-collapse: collapse; border: 1pt solid #A3A3A3;\" cellspacing=\"0\" cellpadding=\"0\" border=\"1\">\n<tbody>\n<tr>\n<td>9:00\u00a0&#8211; 9:20<\/td>\n<td>Breakfast (provided)<\/td>\n<\/tr>\n<tr>\n<td>9:20 &#8211; 10:20<\/td>\n<td>\n<ul>\n<li><span>Aanchal Malhotra,\u00a0<em>Securing the Network Time Protocol<\/em><br \/>\n<\/span><\/li>\n<li>Yossi Gilad<em>, Algorand:\u00a0Scaling Byzantine Agreements for Cryptocurrencies<\/em><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>10:20 &#8211; 10:40<\/td>\n<td>Break<\/td>\n<\/tr>\n<tr>\n<td>10:40 &#8211; 12<\/td>\n<td>\n<ul>\n<li>Frank Wang, <em>Splinter:\u00a0Practical Private Queries on Public Data<\/em> (<a href=\"https:\/\/www.bu.edu\/macs\/files\/2017\/05\/wang-splinter.pdf\">slides<\/a>)<\/li>\n<li>Srini Devadas,\u00a0<em>Towards a formally verified Sanctum processor<\/em><\/li>\n<li>Haibin Zhang,\u00a0<em>Secure causal atomic broadcast, revisited<\/em> (<a href=\"https:\/\/www.bu.edu\/macs\/files\/2017\/05\/zhang-causal-atomic.pptx\">slides<\/a>)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>12 &#8211; 1:30<\/td>\n<td>Lunch (provided), and faculty-only meeting in WVH 362<\/td>\n<\/tr>\n<tr>\n<td>1:30 &#8211; 2:30<\/td>\n<td>\n<ul>\n<li>Kyle Hogan,\u00a0<em>Enhancing the Privacy Offered by Monero<\/em> (<a href=\"https:\/\/docs.google.com\/presentation\/d\/19a1vhwISZ7l2P1W661qcE5mcxvTSnR4oMw1IYf2Pc7Y\/edit?usp=sharing\">slides<\/a>)<\/li>\n<li>Mor Weiss,<em> How to Construct a Leakage-Resilient Trusted Party<\/em><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>2:30 &#8211; 3<\/td>\n<td>Break<\/td>\n<\/tr>\n<tr>\n<td>3 &#8211; 4<\/td>\n<td>\n<ul>\n<li>Oxana Poburinnaya, <em>Better Two-Round Adaptive Multi-Party Computation<\/em> (<a href=\"https:\/\/www.bu.edu\/macs\/files\/2017\/05\/poburinnaya-two-round-mpc.pdf\">slides<\/a>)<\/li>\n<li>Jason Hennessey, <em>Bolted: Securing Bare Metal Clouds<\/em><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>4 &#8211; 4:30<\/td>\n<td>Discussion<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>Selected abstracts:<\/strong><\/p>\n<p><strong>Yossi Gilad<\/strong><em>, Algorand:\u00a0Scaling Byzantine Agreements for Cryptocurrencies<\/em><\/p>\n<p>Algorand is a new cryptocurrency system that can confirm transactions with latency on the order of a minute while scaling to many users. Algorand ensures that users never have divergent views of confirmed transactions, even if some of the users are malicious and the network is partitioned.\u00a0 In contrast, existing cryptocurrencies allow for temporary forks and therefore require a long time, on the order of an hour, to confirm transactions with high confidence.<\/p>\n<p>Algorand uses a new Byzantine Agreement (BA) protocol to reach consensus among users on the next set of transactions. To scale the consensus to many users, Algorand uses a novel mechanism based on Verifiable Random Functions that allows users to privately check whether they are selected to participate in the BA to agree on the next set of transactions, and to include a proof of their selection in their network messages. In Algorand&#8217;s BA protocol, users do not keep any private state except for their private keys, which allows Algorand to replace participants immediately after they send a message.\u00a0 This mitigates targeted attacks on chosen participants after their identity is revealed. We implement Algorand and evaluate its performance on 1,000 EC2 virtual machines, simulating up to 500,000 users.\u00a0 Experimental results show that Algorand confirms transactions in under a minute, achieves 30x Bitcoin&#8217;s throughput, and incurs almost no penalty for scaling to more users.<\/p>\n<p><strong><\/strong><\/p>\n<p>&nbsp;<\/p>\n<p><strong><\/strong><strong>Mor Weiss<\/strong>,\u00a0<em>How to Construct a Leakage-Resilient Trusted Party<br \/>\n<\/em><\/p>\n<p>Trusted parties and devices are commonly used in the real world to securely perform computations on secret inputs. However, their security can often be compromised by side-channel attacks in which the adversary obtains partial leakage on intermediate computation values. This gives rise to the following natural question: to what extent can one protect the trusted party against leakage?<\/p>\n<p>Our goal is to design a hardware device T that allows m \u2265 1 parties to securely evaluate a function f(x1,&#8230;,xm) of their inputs, by feeding T with encoded inputs that are obtained using local secret randomness. Security should hold in the presence of an active adversary that can corrupt a subset of parties, and obtain restricted leakage on the internal computations in T. We design hardware devices T in this setting both for zero-knowledge proofs and for general multi-party computations. Our constructions can unconditionally resist either AC0 leakage, or a strong form of \u201conly computation leaks\u201d (OCL) leakage that captures realistic side-channel attacks, providing di\ufb00erent tradeo\ufb00s between e\ufb03ciency and security.<\/p>\n<p>Joint work with Daniel Genkin and Yuval Ishai.<\/p>\n<p>&nbsp;<\/p>\n<p><span><strong>Oxana Poburinnaya<\/strong>, <\/span><em>Better Two-Round Adaptive Multi-Party Computation<\/em><\/p>\n<p>The only known two-round multi-party computation protocol that withstands adaptive corruption of all parties is the ingenious protocol of Garg and Polychroniadou [TCC 15]. We present protocols that improve on the GP protocol in a number of ways. First, concentrating on the semi-honest case and taking a different approach than GP, we show a two-round, adaptively secure protocol where: Only a global (i.e., non-programmable) reference string is needed. In contrast, in GP the reference string is programmable, even in the semi-honest case.<\/p>\n<p>Only polynomially-secure indistinguishability obfuscation for circuits and injective one way functions are assumed. In GP, sub-exponentially secure IO is assumed.<\/p>\n<p>Second, we show how to make the GP protocol have only RAM complexity, even for Byzantine corruptions. For this we construct the first statistically-sound non-interactive Zero-Knowledge scheme with RAM complexity.<\/p>\n<p>Joint work with Ran Canetti and Muthuramakrishnan Venkitasubramaniam.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Jason Hennessey<\/strong><em>, Bolted: Securing Bare Metal Clouds<\/em><\/p>\n<p>This work introduces Bolted, an architecture for increasing a tenant&#8217;s trust of the firmware and software installed on a leased bare metal server. In general, when executing in a cloud environment, the tenant must trust all the software on top of which it executes. When tenants make use of bare metal nodes, there is less software to trust, but more opportunities for previous tenants to compromise the privileged software and firmware, introducing persistent malware to a machine.<\/p>\n<p>To increase a tenant&#8217;s trust in the bare metal node, we propose that the boot process consist of open and simple components, each of which is measured prior to being executed with remote attestation on a machine trusted by the tenant. Bolted makes use of Coreboot and Heads (a hardened, minimal Linux) as the main firmware infrastructure; Keylime, a distributed, tenant-operated attestation infrastructure that leverages a node&#8217;s TPM; HIL, a network isolation and maximal tenant control; and BMI, for very fast imagine provisioning under tenant&#8217;s control. In this way, tenants can have a level of confidence in the components based on two mechanisms: they can be inspected for correct functionality; and attestations can be provided based on their measurements to show that no modifications had been made between boots.<\/p>\n<p>A collaboration between BU, Northeastern, Two Sigma and MIT Lincoln Lab.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Date: Friday, May 19,\u00a02017 Location: Northeastern University,\u00a0West Village H,\u00a0room 366. Schedule: 9:00\u00a0&#8211; 9:20 Breakfast (provided) 9:20 &#8211; 10:20 Aanchal Malhotra,\u00a0Securing the Network Time Protocol Yossi Gilad, Algorand:\u00a0Scaling Byzantine Agreements for Cryptocurrencies 10:20 &#8211; 10:40 Break 10:40 &#8211; 12 Frank Wang, Splinter:\u00a0Practical Private Queries on Public Data (slides) Srini Devadas,\u00a0Towards a formally verified Sanctum processor Haibin [&hellip;]<\/p>\n","protected":false},"author":10377,"featured_media":0,"parent":69,"menu_order":7,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"_links":{"self":[{"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/pages\/595"}],"collection":[{"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/users\/10377"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/comments?post=595"}],"version-history":[{"count":23,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/pages\/595\/revisions"}],"predecessor-version":[{"id":628,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/pages\/595\/revisions\/628"}],"up":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/pages\/69"}],"wp:attachment":[{"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/media?parent=595"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}