Seminars

View all Seminars  |  Download ICal for this event

Designing Secure Cryptographic Systems: Journey from Theory to Practice

Series: Department Seminar

Speaker: Dr. Sikhar Patranabis, Visa Research

Date/Time: Sep 22 08:00:00

Location: Microsoft Teams - ONLINE

Faculty Advisor:

Abstract:
The study of cryptography is aimed at keeping information secure in an increasingly digitized world. Modern cryptography uses theoretical frameworks to prove the security of cryptographic primitives against precisely modeled attacks. However, translating cryptographic primitives from provably secure algorithms into secure deployable systems remains a massive challenge. In particular, existing theoretical models do not account for potential weaknesses inherent to practical cryptographic implementations. Hence, provable security guarantees often collapse in the face of attacks that exploit implementation-level weaknesses to devastating effect.
In this talk, I will give an overview of my journey so far in attempting to bridge the wonderfully multi-faceted aspects of cryptography, with the aim of designing, analyzing and securely implementing cryptographic solutions to real-world problems while relying on as minimal a set of assumptions as possible. In the process, I will summarize my past research works spanning theoretical cryptographic foundations, applied cryptography and secure cryptographic implementations.
I will begin with an overview of my foundational research into enabling a variety of functionally rich and provably secure cryptographic applications based on Minicrypt (the world of “symmetric-key” cryptoprimitives), and some additional algebraic structure. I will then discuss my research efforts towards enabling a specific cryptographic application - searchable symmetric encryption (SSE) - that supports a wide class of Boolean queries over encrypted relational databases at scale while relying on purely symmetric-key primitives. Finally, I will showcase that despite the theoretical security guarantees afforded by standardized symmetric-key cryptographic algorithms such as AES-128, practical implementations of SSE schemes remain vulnerable to "fault-injection attacks – a special class of implementation-level attacks powerful enough to reduce the keyspace for AES-128 from 2^{128} to a single key while relying on a single fault-injection. In particular, I will describe my recent work (appeared at Eurocrypt 2020) on a “fault propagation”-based key-recovery attack that completely breaks the security of an AES-128 implementation, even when equipped with dedicated protections against standard implementation-level attacks.
No prior background on cryptography will be needed.

Speaker Bio:
Sikhar Patranabis is a staff research scientist at Visa Research USA. His research focuses on cryptographic foundations, post-quantum cryptography, database encryption, and cryptographic hardware security. Prior to joining Visa Research, he was a postdoctoral researcher at ETH Zurich, Switzerland. He received his PhD and B.Tech in Computer Science and Engineering from IIT Kharagpur. His research has appeared in reputed international conferences and journals, including IACR Crypto, IACR Eurocrypt, IACR Asiacrypt, ACM CCS, NDSS, IEEE TC and IEEE TIFS. He has delivered invited talks at many prestigious international forums, including an invited tutorial at IACR CHES 2015. He is the recipient of an IBM PhD fellowship, a Qualcomm Innovation Fellowship and the President of India gold medal from IIT Kharagpur.
This seminar will be given via Teams Meeting: https://teams.microsoft.com/l/meetup-join/19%3ameeting_MzlkOTZhMmMtYmJjOC00MTJiLTg4OGYtZjg4ZjNkZTVmNTVj%40thread.v2/0?context=%7b%22Tid%22%3a%226f15cd97-f6a7-41e3-b2c5-ad4193976476%22%2c%22Oid%22%3a%224bcd3d56-e405-4b06-99fb-27742262f261%22%7d

Host Faculty: R. Govindarajan