Publicly Auditable Privacy Revocation

This seminar presents research on anonymous credentials with Publicly Auditable Privacy Revocation (PAPR). PAPR credentials simultaneously provide conditional user privacy and auditable privacy revocation for credential systems.

Applying Cryptography’s Real/Ideal Paradigm to PL Security

Alley will argue in favor of using the real/ideal paradigm for defining security in a programming languages context, even when systems are entirely non-probabilistic.

LogPicker: Strengthening Certificate Transparency Against Covert Adversaries

HTTPS is a cornerstone of privacy in the modern Web. The public key infrastructure underlying HTTPS, however, is a frequent target of attacks. We introduce LogPicker, a novel protocol for strengthening the public key infrastructure of HTTPS. LogPicker enables a pool of Certificate Transparency (CT) logs to collaborate, where a randomly selected log includes the certificate while the rest witness and testify the certificate issuance process. As a result, CT logs become capable of auditing the log in charge independently without the need for a trusted third party.

On Progressive and Efficient Verification of Digital Signatures

Common verification procedures for digital signatures return a decision (accept/reject) only at the very end of the execution. If interrupted prematurely, however, the verification process cannot infer any meaningful information about the validity of the given signature. This limitation is due to the algorithm design solely, and it is not inherit to signature verification. In this talk, I will present a formal framework to handle interruptions during signature verification and a generic way to devise alternative verification procedures that progressively build confidence on the final decision. Our transformation applies to a wide range of post-quantum secure schemes including the NIST finalist Rainbow.

High-Assurance Cryptography Software in the Spectre Era

High-assurance cryptography leverages methods from program verification and cryptography engineering to deliver efficient cryptographic software with machine-checked proofs of memory safety, functional correctness, provable security, and absence of …