Dagstuhl Seminar Proceedings, Volume 8491



Publication Details

  • published at: 2009-02-27
  • Publisher: Schloss Dagstuhl – Leibniz-Zentrum für Informatik

Access Numbers

Documents

No documents found matching your filter selection.
Document
08491 Abstracts Collection – Theoretical Foundations of Practical Information Security

Authors: Ran Canetti, Shafi Goldwasser, Günter Müller, and Rainer Steinwandt


Abstract
From 30.11. to 05.12.2008, the Dagstuhl Seminar 08491 ``Theoretical Foundations of Practical Information Security '' was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available.

Cite as

Ran Canetti, Shafi Goldwasser, Günter Müller, and Rainer Steinwandt. 08491 Abstracts Collection – Theoretical Foundations of Practical Information Security. In Theoretical Foundations of Practical Information Security. Dagstuhl Seminar Proceedings, Volume 8491, pp. 1-16, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2009)


Copy BibTex To Clipboard

@InProceedings{canetti_et_al:DagSemProc.08491.1,
  author =	{Canetti, Ran and Goldwasser, Shafi and M\"{u}ller, G\"{u}nter and Steinwandt, Rainer},
  title =	{{08491 Abstracts Collection – Theoretical Foundations of Practical Information Security}},
  booktitle =	{Theoretical Foundations of Practical Information Security},
  pages =	{1--16},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2009},
  volume =	{8491},
  editor =	{Ran Canetti and Shafi Goldwasser and G\"{u}nter M\"{u}ller and Rainer Steinwandt},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08491.1},
  URN =		{urn:nbn:de:0030-drops-18945},
  doi =		{10.4230/DagSemProc.08491.1},
  annote =	{Keywords: Organic computing, self-organisation, design, adaptivity}
}
Document
08491 Executive Summary – Theoretical Foundations of Practical Information Security

Authors: Ran Canetti, Shafi Goldwasser, Günter Müller, and Rainer Steinwandt


Abstract
Designing, building, and operating secure information processing systems is a complex task, and the only scientific way to address the diverse challenges arising throughout the life-cycle of security criticial systems is to consolidate and increase the knowledge of the theoretical foundations of practical security problems. To this aim, the mutual exchange of ideas across individual security research communities can be extraordinary beneficial. Accordingly, the motivation of this Dagstuhl seminar was the integration of different research areas with the common goal of providing an integral theoretical basis that is needed for the design of secure information processing systems.

Cite as

Ran Canetti, Shafi Goldwasser, Günter Müller, and Rainer Steinwandt. 08491 Executive Summary – Theoretical Foundations of Practical Information Security. In Theoretical Foundations of Practical Information Security. Dagstuhl Seminar Proceedings, Volume 8491, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2009)


Copy BibTex To Clipboard

@InProceedings{canetti_et_al:DagSemProc.08491.2,
  author =	{Canetti, Ran and Goldwasser, Shafi and M\"{u}ller, G\"{u}nter and Steinwandt, Rainer},
  title =	{{08491 Executive Summary – Theoretical Foundations of Practical Information Security }},
  booktitle =	{Theoretical Foundations of Practical Information Security},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2009},
  volume =	{8491},
  editor =	{Ran Canetti and Shafi Goldwasser and G\"{u}nter M\"{u}ller and Rainer Steinwandt},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08491.2},
  URN =		{urn:nbn:de:0030-drops-18938},
  doi =		{10.4230/DagSemProc.08491.2},
  annote =	{Keywords: Organic computing, self-organisation, design, adaptivity}
}
Document
Modeling Computational Security in Long-Lived Systems

Authors: Ran Canetti, Ling Cheung, Dilsun Kaynar, Nancy Lynch, and Olivier Pereira


Abstract
For many cryptographic protocols, security relies on the assumption that adversarial entities have limited computational power. This type of security degrades progressively over the lifetime of a protocol. However, some cryptographic services, such as timestamping services or digital archives, are emph{long-lived} in nature; they are expected to be secure and operational for a very long time (ie super-polynomial). In such cases, security cannot be guaranteed in the traditional sense: a computationally secure protocol may become insecure if the attacker has a super-polynomial number of interactions with the protocol. This paper proposes a new paradigm for the analysis of long-lived security protocols. We allow entities to be active for a potentially unbounded amount of real time, provided they perform only a polynomial amount of work emph{per unit of real time}. Moreover, the space used by these entities is allocated dynamically and must be polynomially bounded. We propose a new notion of emph{long-term implementation}, which is an adaptation of computational indistinguishability to the long-lived setting. We show that long-term implementation is preserved under polynomial parallel composition and exponential sequential composition. We illustrate the use of this new paradigm by analyzing some security properties of the long-lived timestamping protocol of Haber and Kamat.

Cite as

Ran Canetti, Ling Cheung, Dilsun Kaynar, Nancy Lynch, and Olivier Pereira. Modeling Computational Security in Long-Lived Systems. In Theoretical Foundations of Practical Information Security. Dagstuhl Seminar Proceedings, Volume 8491, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2009)


Copy BibTex To Clipboard

@InProceedings{canetti_et_al:DagSemProc.08491.3,
  author =	{Canetti, Ran and Cheung, Ling and Kaynar, Dilsun and Lynch, Nancy and Pereira, Olivier},
  title =	{{Modeling Computational Security in Long-Lived Systems}},
  booktitle =	{Theoretical Foundations of Practical Information Security},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2009},
  volume =	{8491},
  editor =	{Ran Canetti and Shafi Goldwasser and G\"{u}nter M\"{u}ller and Rainer Steinwandt},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08491.3},
  URN =		{urn:nbn:de:0030-drops-18908},
  doi =		{10.4230/DagSemProc.08491.3},
  annote =	{Keywords: Long lived security; universally composable security;}
}
Document
Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem

Authors: Chris Peikert


Abstract
We construct public-key cryptosystems that are secure assuming the *worst-case* hardness of approximating the shortest vector problem on lattices. Prior cryptosystems with worst-case connections (e.g., the Ajtai-Dwork system) were based either on a *special case* of the shortest vector problem, or on the conjectured hardness of lattice problems for *quantum* algorithms. Our main technical innovation is a reduction from certain variants of the shortest vector problem to corresponding versions of the "learning with errors" (LWE) problem; previously, only a quantum reduction of this kind was known. In addition, we construct new cryptosystems based on LWE, including a very natural chosen ciphertext-secure system that has a much simpler description and tighter underlying worst-case approximation factor than prior constructions. (Duration: 30 minutes, on or before Wednesday.)

Cite as

Chris Peikert. Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem. In Theoretical Foundations of Practical Information Security. Dagstuhl Seminar Proceedings, Volume 8491, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2009)


Copy BibTex To Clipboard

@InProceedings{peikert:DagSemProc.08491.4,
  author =	{Peikert, Chris},
  title =	{{Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem}},
  booktitle =	{Theoretical Foundations of Practical Information Security},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2009},
  volume =	{8491},
  editor =	{Ran Canetti and Shafi Goldwasser and G\"{u}nter M\"{u}ller and Rainer Steinwandt},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08491.4},
  URN =		{urn:nbn:de:0030-drops-18922},
  doi =		{10.4230/DagSemProc.08491.4},
  annote =	{Keywords: Lattice-based cryptography, learning with errors, quantum computation}
}
Document
Sound and Fine-grain Specification of Ideal Functionalities

Authors: Juan Garay, Aggelos Kiayias, and Hong-Sheng Zhou


Abstract
Nowadays it is widely accepted to formulate the security of a protocol carrying out a given task via the "trusted-party paradigm," where the protocol execution is compared with an ideal process where the outputs are computed by a trusted party that sees all the inputs. A protocol is said to securely carry out a given task if running the protocol with a realistic adversary amounts to "emulating" the ideal process with the appropriate trusted party. In the Universal Composability (UC) framework the program run by the trusted party is called an ideal functionality. While this simulation-based security formulation provides strong security guarantees, its usefulness is contingent on the properties and correct specification of the ideal functionality, which, as demonstrated in recent years by the coexistence of complex, multiple functionalities for the same task as well as by their "unstable" nature, does not seem to be an easy task. In this paper we address this problem, by introducing a general methodology for the sound specification of ideal functionalities. First, we introduce the class of canonical ideal functionalities for a cryptographic task, which unifies the syntactic specification of a large class of cryptographic tasks under the same basic template functionality. Furthermore, this representation enables the isolation of the individual properties of a cryptographic task as separate members of the corresponding class. By endowing the class of canonical functionalities with an algebraic structure we are able to combine basic functionalities to a single final canonical functionality for a given task. Effectively, this puts forth a bottom-up approach for the specification of ideal functionalities: first one defines a set of basic constituent functionalities for the task at hand, and then combines them into a single ideal functionality taking advantage of the algebraic structure. In our framework, the constituent functionalities of a task can be derived either directly or, following a translation strategy we introduce, from existing game-based definitions; such definitions have in many cases captured desired individual properties of cryptographic tasks, albeit in less adversarial settings than universal composition. Our translation methodology entails a sequence of steps that derive a corresponding canonical functionality given a game-based definition. In this way, we obtain a well-defined mapping of game-based security properties to their corresponding UC counterparts. Finally, we demonstrate the power of our approach by applying our methodology to a variety of basic cryptographic tasks, including commitments, digital signatures, zero-knowledge proofs, and oblivious transfer. While in some cases our derived canonical functionalities are equivalent to existing formulations, thus attesting to the validity of our approach, in others they differ, enabling us to "debug" previous definitions and pinpoint their shortcomings.

Cite as

Juan Garay, Aggelos Kiayias, and Hong-Sheng Zhou. Sound and Fine-grain Specification of Ideal Functionalities. In Theoretical Foundations of Practical Information Security. Dagstuhl Seminar Proceedings, Volume 8491, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2009)


Copy BibTex To Clipboard

@InProceedings{garay_et_al:DagSemProc.08491.5,
  author =	{Garay, Juan and Kiayias, Aggelos and Zhou, Hong-Sheng},
  title =	{{Sound and Fine-grain Specification of Ideal Functionalities}},
  booktitle =	{Theoretical Foundations of Practical Information Security},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2009},
  volume =	{8491},
  editor =	{Ran Canetti and Shafi Goldwasser and G\"{u}nter M\"{u}ller and Rainer Steinwandt},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08491.5},
  URN =		{urn:nbn:de:0030-drops-18911},
  doi =		{10.4230/DagSemProc.08491.5},
  annote =	{Keywords: Security definitions, universal composability, cryptographic protocols, lattices and partial orders.}
}

Filters


Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail