ECE Faculty Candidate Talk

We consider achieving security in strong adversarial models that capture complex, realistic computing environments. In particular, we consider two settings that go beyond the scope of traditional cryptography.

In the first setting, we consider adversaries who gain physical control of a device with a secret stored on it (such as a smartcard or an iphone) and continuously tamper with the wires of the device, while observing the outputs. We would like to ensure that the secret state of the circuit is protected even in the face of such an attack.  We present a compiler that converts any circuit into one that remains secure even if a constant fraction of its wires are continuously tampered with. We consider adversaries who may choose an arbitrary set of wires to corrupt, and may set each wire to 0 or to 1, or toggle with the wire. We prove that such adversaries can learn at most logarithmically many bits of secret information.

In the second setting, we continue the study of non-malleable cryptography, initiated by Dolev et al. (SIAM J. Comput., 2000).  Here, we consider active adversaries who control and manipulate network traffic. We study non-malleable encryption schemes, which, in addition to traditional security against eavesdropping adversaries (called semantic security), guarantee that an active adversary cannot maul a ciphertext to create a new ciphertext encrypting a related message.  We present the first black-box construction of a non-malleable encryption scheme from any semantically secure one. We thus resolve a complexity-theoretic question while achieving a more efficient construction that avoids the inherent inefficiencies of non-black-box techniques.