Monash Cybersecurity Reading Group
Welcome to the Monash Cybersecurity Reading Group (MCSRG) web page. We are a research group of
academics and students, based at the Faculty of Information Technology, Monash University.
We share a common interest in all aspects of cyber security and meet to read and discuss recent papers on topics of interest to the group.
More information on the group's activities is available below. Group meetings times and discussion topics are advertised below. Meetings are held at Room G12A, 14 Rainforest Walk, Clayton Campus, Monash University,
unless otherwise advised.
Visitors are welcome. For more information, please contact Ron Steinfeld (firstname.lastname@example.org).
- January 2017: This year, we will have regular bi-weekly reading group seminars.
Usually, each seminar will be presented by a different Monash `Regular Presenting Group Member' (those members are listed below), going by alphabetic order of first name (except for the first seminar, which will be given by Ron S.).
Details of upcoming seminars will be posted about a week before each seminar on this website.
Regular Presenting Group Members (in alphabetic order of first name):
- Tuesday, 16 January 2018, 1pm-2pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Peter Ince (Monash U.)
Talk Title: Smart Contracts: Examining Smart Contracts; the EVM and how research will shape their future
Abstract: The idea of smart contracts was first proposed by Nick Szabo in 1995 (with the publication of his article in
Entropy magazine occurring the next year in 1996), and some of the proposed features were first available for use with the Bitcoin
Scripting Language in 2009. However, it was not until the release of Ethereum in 2015 that the term Smart Contract began to reach
a more mainstream audience.
In this presentation, we explore the most popular smart contract language (Solidity) and see how Solidity code interacts with the
Ethereum Virtual Machine (EVM). We also look at some of the up and coming languages that seek to solve some of the EVM-based
language issues, and dive into areas for future research.
Short biography of presenter: Peter Ince is studying the Master of Data Science at Monash University, focusing on Advanced
Data Analytics and undertaking his Master’s thesis on Adding Private Transactions to the IOTA Platform. He is currently working as
a Research Assistant with the Monash Blockchain Lab, and has previously worked as a Senior Software Engineer in Banking and the
- Tuesday, 12 December 2017, 10:30am-11:15am, Room G29, 20 Research Way (New Horizons building, note unusual venue),
Presenter: Wun-She Yap (Universiti Tunku Adbul Rahman, Malaysia)
Talk Title: Biometric Template Protection Inspired by Winner-Take-All Hashing
Abstract: The increasing advancement of mobile technology explosively popularizes the mobile devices
(e.g. iPhone, iPad). A large number of mobile devices provide great convenience and cost effectiveness for the speaker
recognition based applications. However, the compromise of speech template stored in mobile devices highly likely lead
to the severe security and privacy breaches while the existing proposals for speech template protection do not
completely guarantee the required properties such as unlinkability and non-invertibility. In this talk, template
protection is first introduced. Subsequently, different template protection schemes inspired by Winner-Take-All Hashing
are presented where Winner-Take-All Hashing is a method used for fast similarity search and was implemented by Google
in their image search engine.
Short biography of presenter: Wun-She Yap holds the Chair in Centre for Cyber Security at the Universiti Tunku
Adbul Rahman (UTAR). He is now an assistant professor in Lee Kong Chian Faculty of Engineering and Science, UTAR,
Malaysia. He has been invited to serve as program committees of a number of peer-reviewed security conferences.
His research interests include design and analysis of both asymmetric and symmetric cryptographic primitives,
biometrics security and machine learning.
- Tuesday, 12 December 2017, 11:15am-12pm, Room G29, 20 Research Way (New Horizons building, note unusual venue),
Presenter: Kaitai Liang (University of Surrey, UK)
Talk Title: Privacy preserving (outsourced) data share and search
Abstract: In the cloud/big data era, individuals and industries are encouraged to outsource their data to an "unknown" cloud
so as to get rid of the cost of local data storage and management. The remote data storage and retrieval services supported
by the cloud allow users to gain access to data anytime anywhere. However, they yield security and privacy concerns for users
as the data is out of "physical control". This talk will focus on the study of secure cloud-based data search, share and more
(by leveraging some well-studied cryptographic tools).
Short biography of presenter: Dr. Kaitai Liang received the Ph.D. degree from the Department of Computer Science, City
University of Hong Kong in 2014. He is currently a lecturer (Assistant professor) in secure system at Department of Computer
Science, University of Surrey, UK. Before joining the University of Surrey, he was a post-doc researcher and lecturer at
Department of Computer Science, Aalto University (Finland) and School of Computing, Mathematics and Digital Technology,
Manchester Metropolitan University, respectively. His research interests are applied cryptography, and security in information
technology, in particular, cryptographic protocols, encryption/signature, RFID, big data security, privacy-enhancing technology,
trusted computing, and security in cloud computing. He has served PC members for many international security and privacy
conferences, such as TrustCom, AsiaCCS, and ACNS, and he is also a member in UK ISO crypto subcommittee.
- Tuesday, 28 November 2017, 1:00pm-2:00pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Dimaz Wijaya (Monash U.)
Talk Title: A Traceability Analysis of Monero’s Blockchain
Abstract: Monero is built based on a protocol called CryptoNote. The focus of Monero is to ensure the unlinkability and
untraceability of transaction data, such that known analyses conducted in Bitcoin will be made void. Several methods have been
employed to achieve the purpose: traceable ring signature and stealth address. The paper describes a new analysis based on
zero-mixin ring signature (a ring signature with only 1 member). It is proven that the zero-mixin transactions have created a
devastating damage towards the anonymity of the system (87% traceable), far higher than expected. The paper discussed in this
reading group seminar (by Amrit Kumar, Shruti Tople, Clément Fischer, Prateek Saxena) is the first peer-reviewed piece conducting
the empirical analysis towards Monero Blockchain, and was presented at ESORICS 2017.
- Tuesday, 14 November 2017, 2:00pm-3:00pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Cong Zuo (Monash U.)
Talk Title: Forward Secure Searchable Encryption
Abstract: Searchable Symmetric Encryption aims at making possible searching over an encrypted database stored on an
untrusted server while keeping the privacy of both the queries and the data, by allowing some small controlled leakage to the
server. Recent work shows that dynamic schemes – in which the data is efficiently updatable – leaking some information on updated
keywords are subject to devastating adaptive attacks breaking the privacy of the queries. The only way to thwart this attack is to
design forward private schemes whose update procedure does not leak if a newly inserted element matches previous search queries.
This seminar reviews the recent paper by Bost (CCS 2016). In this paper the author proposed a forward private SSE scheme with
performance similar to existing less secure schemes, and that is conceptually simpler (and also more efficient) than previous
forward private constructions.
- Friday, 27 Oct 2017, 2:00pm-3:00pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Bin Yu (Monash U.)
Talk Title: Overview of ZK-SNARKs
Abstract: The possibilities of zk-snarks are impressive. You can verify the correctness of computations without having to
execute them and you will not even learn what was executed – just that it was done correctly. In this talk, I would like to go
through the zk-snark protocol to discuss what is zk-snark, how to convert the program into a zk-snark proof, and the security of
zk-snark protocol. At the end, I would like to give a live demo on libsnark library to show how to apply zk-snark in practical
- Tuesday, 10 Oct 2017, 1:00pm-2:00pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Amin Sakzad (Monash U.)
Talk Title: All-But-Many Lossy Trapdoor Functions and Selective Opening Chosen-Ciphertext Security from LWE
Abstract: Selective opening (SO) security refers to adversaries that receive a number of ciphertexts and, after having
corrupted a subset of the senders (thus obtaining the plaintexts and the senders' random coins), aim at breaking the security of
remaining ciphertexts. So far, very few public-key encryption schemes are known to provide simulation-based selective opening
(SIM-SO-CCA2) security under chosen-ciphertext attacks and most of them encrypt messages bit-wise. The only exceptions to date
rely on all-but-many lossy trapdoor functions (as introduced by Hofheinz; Eurocrypt'12) and the Composite Residuosity assumption.
In this paper, we describe the .first all-but-many lossy trapdoor function with security relying on the presumed hardness of the
Learning-With-Errors problem (LWE) with standard parameters. Our construction exploits homomorphic computations on lattice
trapdoors for lossy LWE matrices. By carefully embedding a lattice trapdoor in lossy public keys, we are able to prove SIM-SO-CCA2
security under the LWE assumption. As a result of independent interest, we describe a variant of our scheme whose multi-challenge
CCA2 security tightly relates to the hardness of LWE and the security of a pseudo-random function.
- Tuesday, 19 Sep 2017, 1:00pm-2:00pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Xingliang Yuan (Monash U.)
Talk Title: Search on Distributed Encrypted Databases
Abstract: In this talk, I will briefly summarize our two recent studies. In the first part, I will introduce EncKV, an
encrypted key-value store with secure rich query support. First, EncKV stores encrypted data records with multiple secondary
attributes in the form of encrypted key-value pairs. Second, EncKV leverages the latest practical primitives for search over
encrypted data, i.e., searchable symmetric encryption and order-revealing encryption, and provides encrypted indexes with
guaranteed security respectively to enable exact-match and range-match queries via secondary attributes of data records. Third,
EncKV carefully integrates the above indexes into a distributed index framework to facilitate secure query processing in parallel.
In the second part, I will introduce our effort to enable encrypted search in dicentralized storage platforms. To preserve the
functionality, we observe that a protocol of integration with searchable encryption and keyword search via distributed hash table
allows the nodes in a network to search over encrypted and distributed data. However, this protocol does not address a practical
threat in a fully distributed scenario. Malicious nodes would sabotage search results, and easily infiltrate the system as the
network grows. Using primitives such as MAC and verifiable data structure may empower the users to verify the search result, but
the robustness of the overall system can hardly be ensured. To address this issue, we propose a protocol that is seamlessly
incorporated to encrypted search in distributed network to attest and monitor nodes. From the moment a node joins the system, it
will be attested and continuously monitored through verifiable search queries. The result of each attestation is determined via a
standard quorum-based voting protocol, and then recorded on the blockchain as a consensus view of trusted nodes. Based on the
proposed protocols, malicious nodes can be detected and removed by a majority of nodes in a self-determining manner.
- Tuesday, 5 Sep 2017, 1:00pm-2:00pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Hagen Lauer (Monash U.)
Talk Title: Deciding Trust in Distributed Systems
Abstract: It has long been established that computations without any indications about their correctness are not worthwhile
for a party that can not possibly verify the result. This fundamental problem was first discovered when more capable computers and
programming languages emerged bringing with them obscure faults, human error, and malicious intents. Since then, it has been asked
"Why should we trust a computers result?”. While this question remains a constant, the scenario of the time it was first posed has
rapidly evolved in complexity and factors that have to be considered when an answer is formulated. Today, distributed computing
models are omni-present and trusting a result no longer depends on a single computer or program, instead, it often depends on
multiple computers and programs scattered both logically and physically. This paper classifies approaches towards trustworthy
computations and utilises them in a novel computing model and calculus. The clarity resulting from such a model and calculus yields
considerable feats. Systems that previously carried the predicate trustworthy become comparable making trust as a decision
reasonable. Specifications, systems, and ultimately programmers benefit from being able to distribute computations with
trustworthiness as a parameter suggesting that, while certainty remains theory, compositions of computations can be used to obtain
results with justifiable trust.
- Tuesday, 15 August 2017, 1:15pm-2:00pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Man Ho Allen Au (Hong Kong Polytechnic University, Hong Kong)
Talk Title: RingCT 2.0: A Compact Protocol for Blockchain Cryptocurrency Monero
Abstract: Ring signatures, introduced in 2001, provide anonymity for the signers. Recently, many cryptocurrencies adopted
ring signatures to protect privacy of their users. In this talk, we are going to review how ring signatures are used in Monero,
one of the top 10 cryptocurrencies. Specifically, we will introduce a variant of ring signatures called linkable ring signatures
and how it is used in Ring Confidential Transaction Protocol (RingCT), the protocol in which Monero users transact in a
privacy-preserving manner. Based on our observations on the underlying linkable ring signature and cryptographic commitment schemes,
we put forward a new efficient RingCT protocol (RingCT 2.0. RingCT 2.0 is built upon the well-known Pedersen commitment, accumulator
with one-way domain and signature of knowledge. In comparison with the original RingCT protocol, our RingCT 2.0 protocol presents a
significant space saving, namely, the transaction size is independent of the number of groups of input accounts included in the
generalized ring while the original RingCT’s size grows linearly in the number of groups. Due to space saving, RingCT 2.0 would
allow each block to process more transactions.
Short biography of presenter: Dr. Man Ho Allen Au is currently an assistant professor at the Department of Computing, the
Hong Kong Polytechnic University. Before that, he has been a lecturer at the School of Computer Science and Software Engineering,
University of Wollongong, Australia. Dr. Au’s research interests include Information Security and Privacy, Applied Cryptography,
Accountable Anonymity and blockchain-based cryptocurrencies. He has published over 100 refereed papers in well-respected venues,
including the ACM Conference on Computer and Communications Security (CCS) and the Network and Distributed System Security
Symposium (NDSS). His work has been cited over 2500 times, with an h-index of 26. He received the 2009 PET runner-up award for
outstanding research in privacy enhancing technologies and the best paper award at ACISP 2016. Being an active member in the
community, Dr. Au has served as a program committee member of around 40 international conferences. He is an associate editor of the
Journal of Information Security and Applications, Elsevier. Recently, he has been appointed as a committee member for the Hong Kong
blockchain society R&D division.
- Tuesday, 15 August 2017, 12:30pm-1:15pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Shengli Liu (Shanghai Jiaotong University, China)
Talk Title: Tightly-Secure Signatures from the Decisional Assumptions
Abstract: We construct a tightly secure signature scheme against adaptive chosen message attacks (CMA) from Decisional
Assumptions. We design a one-time secure signature scheme, then we follow a Merkle-tree structure to obtain a signature scheme
that is secure against non-adaptive chosen message attacks (NCMA). By combining the one-time scheme and NCMA-secure scheme, we
obtain the CMA-secure signature scheme. We characterize the properties of the one-time signature that should be satisfied for the
final signature scheme to be tightly secure. The instantiations includes the DDH and DCR assumptions.
Short biography of presenter: Shengli Liu got her Bachelor's degree, Master's degree and Ph.D. degree from Xidian University
in 1995, 1998 and 2000 respectively. From 2000 till 2002, she continued her research on cryptography and got another Ph.D degree at
Technische Universiteit Eindhoven, the Netherlands. Since 2002, she has been working in the Department of Computer Science and
Engineering, Shanghai Jiaotong University. She is now a professor at Shanghai Jiaotong University and her research interest focuses
on public key cryptosystems.
- Friday, 28 July 2017, 2pm-3pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Yevhen Zolotavkin (Monash U.)
Talk Title: Incentive compatibility of pay per last N shares in Bitcoin mining pools
Abstract: Pay per last N shares (PPLNS) is a popular pool mining reward mechanism on a number of cryptocurrencies,
including Bitcoin. In PPLSN pools, miners may stand to benefit by delaying reports of found shares. This attack may entail
unfair or inefficient outcomes. We propose a simple but general game theoretical model of delays in PPLNS. We derive conditions
for incentive compatible rewards, showing that the power of the most powerful miner determines whether incentives are compatible
or not. An efficient algorithm to find Nash equilibria is put forward, and used to show how fairness and efficiency deteriorate
with inside-pool inequality. In pools where all players have comparable computational power incentives to deviate from protocol
are minor, but gains may be considerable in pools where miner's resources are unequal. We explore how our findings can be
applied to ameliorate delay attacks by fitting real-world parameters to our model.
- Friday, 30 June 2017, 2pm-3pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Trung Dinh (Monash U.)
Talk Title: Practical Packing Method in Somewhat Homomorphic Encryption
Abstract: This reading group seminar will present the following paper:
The paper abstract follows:
Yasuda M., Shimoyama T., Kogure J., Yokoyama K., Koshiba T. (2014) Practical Packing Method in Somewhat Homomorphic Encryption. In: Garcia-Alfaro J., Lioudakis G., Cuppens-Boulahia N., Foley S., Fitzgerald W. (eds) Data Privacy Management and Autonomous Spontaneous Security. Lecture Notes in Computer Science, vol 8247. Springer, Berlin, Heidelberg.
Somewhat homomorphic encryption is public key encryp-
tion supporting a limited number of both additions and multiplications
on encrypted data, which is useful for performing fundamental compu-
tations with protecting the data confidentiality. In this paper, we focus
on the scheme proposed by Lauter, Naehrig and Vaikuntanathan (ACM
CCSW 2011), and present two types of packed ciphertexts based on their
packing technique. Combinations of two types of our packing method give
practical size and performance for wider computations such as statistical
analysis and distances. To demonstrate its efficiency, we implemented the
scheme with our packing method for secure Hamming distance, which is
often used in privacy-preserving biometrics. For secure Hamming dis-
tance between two binary vectors of 2048-bit, it takes 5.31ms on an Intel Xeon X3480 at 3.07GHz. This gives
the best performance in the state-of-the-art work using homomorphic
- Friday, 16 June 2017, 2pm-3pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Shangqi Lai (Monash U.)
Talk Title: Introduction to the Spark distributed computing framework
Abstract: This seminar will review Spark, a recent distributed computing framework based upon Hadoop. It enables high
performance computation on RAM. The talk aims to provide a basic picture of this system.
- Friday, 2 June 2017, 2pm-4pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
We will have two presentations at this meeting as follows.
Presenter 1: Cong Zuo (Monash U.)
Talk 1 Title: Dynamic Searchable Symmetric Encryption
Abstract 1: A Searchable Symmetric Encryption (SSE) scheme allows a server to search a user’s data without having to decrypt the data. This provides the user with a high degree
of privacy and is particularly useful when data is stored on Cloud. Numerous SSE schemes have already been proposed and while most have excellent security properties, few meet the dynamic update of the encrypted data. Unfortunately, these efficient, dynamic searchable encryption
schemes suffer from various drawbacks. In this presentation, we would mainly introduce the Cash et al.'s dynamic searchable encryption scheme which has been published in NDSS14.
Short biography (presenter 1): Cong Zuo received his bachelor degree from the School of Computer Engineering
at Nanjing Institute of Technology, and his master degree from the School of Computer Science and Information
Engineering at Zhejiang Gongshang University, China. He is currently a PhD Student at Monash University under
the supervision of Dr Joseph K. Liu. His main research interest is the applied cryptography.
Presenter 2: Lei Xu (Nanjing University of Science & Technology, China)
Talk 2 Title: Dynamic Searchable Symmetric Encryption with Physical Deletion and Small Leakage
Abstract 2: Dynamic Searchable Symmetric Encryption (DSSE) allows a client not only to search over ciphertexts
as the traditional searchable symmetric encryption does, but also to update these ciphertexts according to requirements,
e.g., adding or deleting some ciphertexts. It has been recognized as a fundamental and promising method to build secure
cloud storage. This paper mainly proposes a new DSSE scheme to overcome the drawbacks of previous schemes in the
state-of-art. The biggest challenge is to realize the physical deletion of ciphertexts with small leakage.
It employ both logical and physical deletions, and run physical deletion in due course to avoid extra information
leakage. Their instantiation achieves noticeable improvements throughout all following aspects: search performance,
storage cost, functionality, and information leakage when operating its functions. It also demonstrate its provable
security under adaptive attacks and practical performance according to experimental results.
(paper to appear at ACISP 2017).
Short biography (presenter 2): Lei Xu is a joint training Ph.D. student at Nanjing University of Science & Technology.
He is currently visiting the Faculty of Information Technology, Monash University. His main research interests focus
on public key cryptography and information security, especially searchable encryption mechanism and identity-based
encryption system. And his future work will be engaged to study how to use better algebra tools to construct secure
and efficient dynamic symmetric searchable encryption schemes.
- Friday, 28 April 2017, 11am-1pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Shabnam Kasra (Monash U.)
Talk Title: Multi-user Cloud-based Secure Keyword Search
Abstract: At this seminar, I will discuss our recent paper on a multi-user Symmetric Searchable Encryption (SSE)
scheme. Our multi-user scheme is an extension of the single-user Oblivious Cross Tags (OXT) protocol in the following paper:
In our multi-user scheme, multiple clients can search the encrypted data on the database without needing to contact
data owner for online assistance. More precisely, a user can perform a search query by interacting with the server
and any t-1 ‘helping’ users (for a threshold parameter t).
- D. Cash, S. Jarecki, C. S. Jutla, H. Krawczyk, M. Rosu, and M. Steiner. Highly scalable searchable symmetric encryption with support
for boolean queries. In CRYPTO 2013. Available here.
- Friday, 7 April 2017, 2pm-4pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Muhammed Esgin (Monash U.)
Talk Title: Multi-Key Fully Homomorphic Encryption based on Learning With Errors Problem
Abstract: The traditional Fully Homomorphic Encryption (FHE) schemes, which enables one to do arbitrary
computations over encrypted data without having any knowledge about the secret key, only allow ciphertexts to
be encrypted under the same key. Thus, when considering a Multi-Party Computation (MPC) scenario where the
function to be computed is decided after the data is encrypted and the data owners outsource the computation
to a third party (say, the cloud) so that they can go offline when the actual computation takes place, it is
quite useful to have an FHE scheme (or more precisely, a Multi-Key FHE scheme) which allows to do computations
over data encrypted under different keys. In this talk, we will look at a Multi-Key Fully Homomorphic Encryption
(MK-FHE) scheme proposed by Pratyay Mukherjee and Daniel Wichs at EUROCRYPT 2016. The scheme is based on the
so-called GSW FHE scheme and Learning With Errors (LWE) problem.
The talk is based on the following paper (Our focus is on Section 5 of the paper and the sections before that for preliminaries):
- Pratyay Mukherjee and Daniel Wichs. "Two Round Multiparty Computation via Multi-Key FHE", In Proceedings of EUROCRYPT 2016. Available here.
- Friday, 24 March 2017, 2pm-4pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Joseph Liu (Monash U.)
Talk Title: (Linkable) Ring Signature and its Applications (Related to Blockchain)
Abstract: Ring signature is a kind of anonymous signature.
Verifier only knows that the signer is a user within a group, yet does not know the identity of this signer.
In this talk, I will cover the basics of ring signature and linkable ring signature, including the concept,
applications, technical constructions and variants. I will further relate linkable ring signature to
Monero, the current third largest blockchain-based cryptocurrency in the world, which is considered to be the
most commercial deployment of linkable ring signature nowadays.
- Friday, 10 March 2017, 2pm-4pm, Room G12A, 14 Rainforest Walk, Clayton Campus.
Presenter: Bin Yu (Monash U.)
Talk Title: Enigma: A blockchain based decentralized computation platform
Abstract: We will discuss how the Blockchain technology is applied to build an
autonomous decentralized multiparty-computation platform which is free of a trusted third party and is publicly verifiable.
- Peters, G. W., & Panayi, E. (2016). `Understanding Modern Banking Ledgers through Blockchain Technologies: Future of
Transaction Processing and Smart Contracts on the Internet of Money.' In `Banking Beyond Banks and Money', Springer International
Publishing, pp. 239-278. Available here.
- The Enigma website is here.
- The Enigma paper is available here.
- Tuesday, 21 February 2017, 11:00am-12:00pm, Room 115, 25 Exhibition Walk, Clayton Campus.
Presenter: Huaxiong Wang (Nanyang Technological University, Singapore)
Talk Title: On Efficient Communication of Secret Reconstruction in Secret Sharing Schemes
Abstract: A secret sharing scheme typically requires secure communications in each of two distribution phases: (1)
a dealer distributes shares to participants (share distribution phase); and later (2) the participants in some authorised subset
send their share information to a combiner (secret reconstruction phase). While problems on storage required for participants,
for example, the size of shares, have been well studied, problems regarding the communication complexity of the two distribution
phases seem to have been mostly neglected in the literature. In this talk, we deal with several communication related problems
in the secret reconstruction phase, and show that there is a tradeoff between the communication costs and the number of participants
involved in the secret reconstruction. We also give an overview on some recent development in the topic. The talk is based (in part)
on the following paper:
- Huaxiong Wang and Duncan S. Wong, "On Secret Reconstruction in Secret Sharing Schemes", IEEE Transactions on Information Theory,
Vol. 54, No. 1, pp. 473-480, 2008.
- Tuesday, 14 February 2017, 11:00am-1:00pm, Room 115, 25 Exhibition Walk, Clayton Campus.
Presenter: Amin Sakzad (Monash U.)
Talk Title: Function Secret Sharing (FSS) and Splinter
Abstract: The new cryptographic tool, function secret sharing (FSS), will be introduced based on the following paper:
One of its applications, the `Splinter' protocol for practical private queries, will be discussed too:
- Elette Boyle, Niv Gilboa, and Yuval Ishai, "Function Secret Sharing", In Proceedings of EUROCRYPT 2015. Available at the following link.
- Frank Wang, Catherine Yun, Shafi Goldwasser, Vinod Vaikuntanathan, and Matei Zaharia, "Splinter: Practical Private Queries on Public Data", In Proceedings of 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI'17). Available at the following link.
- Tuesday, 31 January 2017, 11:00am-1:00pm, Room 115, 25 Exhibition Walk, Clayton Campus.
Presenter: Ron Steinfeld (Monash U.)
Abstract: We'll discuss the `Blind Seer' protocol for search on encrypted databases:
- Vasilis Pappas, Fernando Krell, Binh Vo, Vladimir Kolesnikov, Tal Malkin, Seung Geol Choi, Wesley George, Angelos D. Keromytis, and Steven M. Bellovin, "Blind Seer: A Scalable Private DBMS" In Proceedings of the 35th IEEE Symposium on Security & Privacy (S&P), May 2014, San Jose, CA. Available at the following link.
- Friday, 12 September 2014, 2:00pm-3:30pm, Room G12A, Building 26. At this meeting, we'll discuss a recent paper on privacy-preserving cloud-based search:
- B. Yao, F. Li, X. Xiao. Secure Nearest Neighbor Revisited. Available here.
- Thursday, 24 July 2014, 4:30pm-5:30pm, Room 115, Building 63. At this meeting, we'll look at a nice application of
cryptographic multilinear maps (discussed last time) to construct efficient broadcast encryption schemes.
The constructions are described in the following paper (to be presented at Crypto 2014):
- D. Boneh, B. Waters and M. Zhandry. Low Overhead Broadcast Encryption from Multilinear Maps. Available here.
- Friday, 27 June 2014, 1:30pm-3:00pm, Room 12A, Building 26 (note unusual venue). At this meeting, we'll look at the GGH construction of cryptographic multilinear maps from ideal lattices, and some of their applications.
The GGH construction is described in the following paper (presented at Eurocrypt 2013):
- S. Garg, C. Gentry, S. Halevi. Candidate Multilinear Maps from Ideal Lattices. Available here.
- Friday, 8 Nov. 2013, 2pm-3:30pm. At this meeting (and subsequent ones), I propose we continue along the theme we began in
the previous meeting, namely looking at cryptosystems with extra functionality and their applications. For the coming meeting, we'll discuss the
following paper presented at STOC 2013. The paper gives a new technique (based on the LWE problem we discussed last time) for
building "Attribute-Based Encryption" (ABE), a powerful generalization of "Identity-Based Encryption" (IBE) that allows an encryptor
to specify a set of parameters for controlling access to decryption of ciphertexts.
- S. Gorbunov, V. Vaikuntanathan, H. Wee. Attribute-Based Encryption for Circuits. Available here.
- Friday, 27 Sep. 2013, 2pm-3:30pm. At this meeting, we'll discuss the following paper presented at the Crypto 2013 conference, which reports on progress in the design of Fully Homomorphic Encryption (FHE) schemes based on lattice problems.
- C. Gentry, A. Sahai, B. Waters. Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically Faster, Attribute-Based. Available here.
Shabnam Kasra Kermanshahi
Wilson Alberto Torres