Nir Bitansky: Leakage-Tolerant Protocols & Obfuscation with Leaky Hardware

Primary tabs

Leakage-Tolerant Protocols & Obfuscation with Leaky Hardware

Nir Bitansky, TAU

The talk will be divided into two parts. (I might deviate from this plan according to time constraints).

First, we put forth a framework for expressing security requirements from interactive protocols in the presence of arbitrary leakage. This allows capturing different levels of leakage tolerance of protocols, namely the preservation (or degradation) of security, under coordinated attacks that include various forms of leakage from the secret states of participating parties. The framework extends the universally composable (UC) security framework. We also prove a variant of the UC theorem, that enables modular design and analysis of protocols even in face of general, non-modular leakage. We then construct leakage-tolerant protocols for basic tasks, such as, secure-communication, message-authentication, commitment, oblivious-transfer and zero-knowledge. A central component in several of our constructions is the observation that resilience to adaptive party corruptions (in some strong sense) implies leakage-tolerance in an essentially optimal way.

Second, we consider program obfuscation mechanisms that involve reliance on trusted hardware. We concentrate on minimizing the amount of usage of the hardware components, their complexity, and the security requirements from them. Specifically, our solution has the following properties:
(1) The number of hardware devices used in an obfuscation, and the amount of work done by these devices, is polynomial in the security parameter, independent of the complexity of the function being obfuscated.
(2) The obfuscation remains secure even if all the hardware devices in use are leaky.
(3) A universal set of hardware components, owned by the user, is initialized only once and from that point on can be used with multiple ``software-based" obfuscations sent by different vendors.
A vital componant in our construction is the leakage-tolerant secure-communication protocol presented in the first part.

The first part is based on joint work with Ran Canetti and Shai Halevi.
The second is based on joint work with Ran Canetti, Shafi Goldwasser, Shai Halevi, Yael Tauman-Kalai and Guy N. Rothblum.

Date and Time: 
Sunday, July 3, 2011 - 14:00 to Monday, July 4, 2011 - 14:45
Speaker: 
Nir Bitansky: Leakage-Tolerant Protocols & Obfuscation with Leaky Hardware
Location: 
Schreiber 309