Talks

Summer School Talks

Here are the currently confirmed summer school talks!

Authenticated encryption: state-of-the-art and beyond
Speaker: Joan Daemen
Abstract: Nowadays the core functionality of symmetric cryptography is authenticated encryption (AE), that combines encryption to protect the confidentiality of data with its authentication. In this presentation we define the security goal of AE and show how AE schemes can be built and proven secure assuming an ideal primitive. In what many consider the state-of-the-art, the primitive is a block cipher (in practice AES), and it is assumed to behave like a random permutation.

A relatively new approach is to build AE schemes on top of so-called deck functions, primitives supporting arbitrary input and output length that are assumed to behave like a random oracle. In the presentation we will also give some intuition of how we built AES and are now building secure deck functions.

Private Information Retrieval: are we close to make it practical?
Speaker: Sofía Celi
Abstract: Private Information Retrieval (PIR) schemes provide the ability to make private queries on databases that are hosted by a(n) untrusted (semi-honest) server(s). In the the single-server setting (where there are no trust assumptions over non-colluding servers), the majority of approaches with tolerable costs are limited to querying indices (single items) over flat arrays. However, this abstraction differs greatly from real-world instantiations of both structured and unstructured databases.

In this talk, we will take a look at LWE-based single-server PIR schemes and what limitations they have to overcome in order to be practical: querying for multiple items, querying to databases indexed with anything but indices, trust-assumptions, underlying mathematical security, and complex approxiate problems. We aim to give preliminary results and points on how to overcome these limitations, and why said limitations matter for real-world applications.

Empirical Security Research in the Android Ecosystem
Speaker: Juan Tapiador
Abstract: Android dominates the mobile operating system landscape worldwide, with over 3 billion active users and nearly 9 million mobile apps. The open-source nature of the Android Open Source Project (AOSP) has been instrumental in this success. However, it has also facilitated a complex supply chain across the software stack, involving Original Equipment Manufacturers (OEMs), Mobile Network Operators (MNOs), application markets, and a diverse ecosystem of third-party developers, advertising, and tracking services.

This presentation introduces empirical methods used to conduct security and privacy research within this ecosystem. These methods have been designed to carry out studies in areas such as preinstalled software, over-the-air system updates, customization of the permission system, software attribution, and sensitive data leakages. Finally, we will explore the practical challenges associated with conducting measurement studies in this field.

Federated Learning Security: From Advantages to Adversaries
Speaker: Alexandra Dmitrienko
Abstract: The rise of machine learning (ML) as a disruptive technology has ushered in a new era of intelligent applications. Among these advancements, distributed learning, particularly federated learning (FL), stands out as a significant evolution in collaborative intelligence. FL's unique capacity to utilize decentralized data sources enables privacy-preserving collaborative training, particularly beneficial in application domains where accessing public data is challenging or unfeasible, such as healthcare, finance, and beyond.

However, despite its potential benefits, FL has shown to be vulnerable to various threats. In this lecture, we will thoroughly evaluate the security and privacy risks associated with FL and then delve deeper into targeted and untargeted poisoning attacks and countermeasures. We will pay special attention to open challenges, that include distinguishing poisoned and benign but unusual models, for instance models trained on datasets with different data distributions, and adaptive attackers, who, once they know the detection method, can add an additional training loss to minimize any changes in the detection metric, and, hence, evade detection. To facilitate further discussions, we will outline open research directions.

Anamorphic Encryption: Private Communication against a Dictator.
Speaker: Giuseppe Persiano
Abstract: Cryptosystems have been developed over the years under the typical prevalent setting which assumes that the receiver’s key is kept secure from the adversary, and that the choice of the message to be sent is freely performed by the sender and is kept secure from the adversary as well. Under these fundamental and basic operational assumptions, modern Cryptography has flourished over the last half a century or so, with amazing achievements: New systems (including public-key Cryptography), beautiful and useful models (including security definitions such as semantic security), and new primitives (such as zero-knowledge proofs) have been developed. Furthermore, these fundamental achievements have been translated into actual working systems, and span many of the daily human activities over the Internet. However, in recent years, there is an overgrowing pressure from many governments to allow the government itself access to keys and messages of encryption systems (under various names: escrow encryption, emergency access, communication decency acts, etc.).

Numerous non-direct arguments against such policies have been raised, such as "the bad guys can utilize other encryption system" so all other cryptosystems have to be declared illegal, or that "allowing the government access is an ill-advised policy since it creates a natural weak systems security point, which may attract others (to masquerade as the government)." It has remained a fundamental open issue, though, to show directly that the above mentioned efforts by a government (called here “a dictator” for brevity) which mandate breaking of the basic operational assumption (and disallowing other cryptosystems), is, in fact, a futile exercise. This is a direct technical point which needs to be made and has not been made to date. In this lecture, as a technical demonstration of the futility of the dictator’s demands, I present the notion of “Anamorphic Encryption” which shows that even if the dictator gets the keys and the messages used in the system (before anything is sent) and no other system is allowed, there is a covert way within the context of well established public-key cryptosystems for an entity to immediately (with no latency) send piggybacked secure messages which are, in spite of the stringent dictator conditions, hidden from the dictator itself! We feel that this may be an important direct technical argument against the nature of governments’ attempts to police the use of strong cryptographic systems, and we hope to stimulate further works in this direction.

Foundations of Layer-2 Blockchain Protocols
Speaker: Matteo Maffei
Abstract: Permissionless blockchains enable secure payments, and more generally computations, in a decentralized, trustless environment. Transactions are verified through a consensus mechanism and all valid transactions are recorded in a public, distributed ledger. While grounbreaking in nature and, despite their tender age, already rich of societal impact, existing blockchain technologies suffer from a few inherent limitations. First, storing each transaction on the ledger presents obvious scalability issues and fails to meet the growing user demands: For instance, in Bitcoin, the transaction throughput is technically limited to tens of transactions per second, a throughput three orders of magnitude lower than credit card networks. Secondly, consensus protocols operate on individual blockchains, whereas rich DeFi applications require to synchronize operations and transfer coins from a blockchain to the other, which typically requires trusted parties.

In this lecture, we will overview the state-of-the-art in decentralized, trustless Layer-2 protocols for scalability (e.g., payment channel networks and roll-ups) and interoperability (e.g., atomic swaps and bridges), highlighting recent breakthroughs and open challenges. The overall goal is to provide a comprehensive background on a theoretically fascinating and practically impactful interdisciplinary research field at the intersection between cryptography, game theory, and distributed systems.