Thesis Defense, Sergey Gorbunov: Cryptographic Tools for the Cloud

Tue, 05/12/2015

Date: Tuesday, May 12, 2015

Time: 10:15 AM to 11:30 AM

Refreshments: 10:00 AM

Location: G449 Patil/Kiva


Classical cryptography is playing a major role in securing the Internet. Banking transactions, medical records, personal and military messages are transmitted securely through the Internet using classical encryption and signature algorithms designed and developed over the last decades. However, today we face new security challenges that arise in cloud settings that cannot be solved by these classical algorithms. In this thesis, we address three major challenges that arise in cloud settings and present new cryptographic algorithms to solve them.

Privacy of data. How can a user efficiently and securely share data with multiple authorized receivers through the cloud?
To address this challenge, we present attribute-based and predicate encryption schemes for circuits of any arbitrary polynomial size. Our constructions are secure under the standard learning with errors (LWE) assumption. Previous constructions were limited to Boolean formulas, captured by the complexity class NC1.

Privacy of programs. How can a user share a program, which may include some secrets, preserving its functionality and without leaking any information about the secrets? Program obfuscation is a mechanism that allows to scramble a program preserving its input/output functionality while preventing reverse engineering. We describe a new graph-induced multilinear maps from lattices and show how it can be used to construct a candidate general purpose program obfuscator. Our construction uses standard (random) integer lattices. Previous constructions of multilinear maps relied on hardness of problems in either principal ideal lattices or integers and were subjected to many algebraic attacks.

Integrity of computations. How can a user outsource computations over a large database to the cloud and allow anyone efficiently authenticate the results? To address this, we present a fully homomorphic signature scheme for arbitrary circuits. The scheme allows the cloud server to run arbitrary computation, represented by circuit C, on the signed data x to get y=C(x) and produce a short ``proof'' P that can be used by anyone to authenticate the output y. Our scheme is secure under the short integer solution (SIS) problem in standard lattices. Previous constructions of homomorphic signatures were limited to evaluating polynomials of constant degree.

Committee: Shafi Goldwasser, Ronald Rivest and Vinod Vaikuntanathan