BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//project/author//NONSGML v1.0//EN
CALSCALE:GREGORIAN
BEGIN:VEVENT
DTEND:20210922T120000Z
UID:f648670e9a1485985fe0b30228840b9d-199
DTSTAMP:19700101T120008Z
DESCRIPTION:Designing Secure Cryptographic Systems: Journey from Theory to Practice
URL;VALUE=URI:https://www.csa.iisc.ac.in/newweb/event/199/designing-secure-cryptographic-systems-journey-from-theory-to-practice/
SUMMARY:The study of cryptography is aimed at keeping information secure in an increasingly digitized world. Modern cryptography uses theoretical frameworks to prove the security of cryptographic primitives against precisely modeled attacks. However, translating cryptographic primitives from provably secure algorithms into secure deployable systems remains a massive challenge. In particular, existing theoretical models do not account for potential weaknesses inherent to practical cryptographic implementations. Hence, provable security guarantees often collapse in the face of attacks that exploit implementation-level weaknesses to devastating effect.
&lt;br&gt;
In this talk, I will give an overview of my journey so far in attempting to bridge the wonderfully multi-faceted aspects of cryptography, with the aim of designing, analyzing and securely implementing cryptographic solutions to real-world problems while relying on as minimal a set of assumptions as possible. In the process, I will summarize my past research works spanning theoretical cryptographic foundations, applied cryptography and secure cryptographic implementations.
&lt;br&gt;
I will begin with an overview of my foundational research into enabling a variety of functionally rich and provably secure cryptographic applications based on Minicrypt (the world of â€œsymmetric-keyâ€ cryptoprimitives), and some additional algebraic structure. I will then discuss my research efforts towards enabling a specific cryptographic application - searchable symmetric encryption (SSE) - that supports a wide class of Boolean queries over encrypted relational databases at scale while relying on purely symmetric-key primitives. Finally, I will showcase that despite the theoretical security guarantees afforded by standardized symmetric-key cryptographic algorithms such as AES-128, practical implementations of SSE schemes remain vulnerable to &quot;fault-injection attacks â€“ a special class of implementation-level attacks powerful enough to reduce the keyspace for AES-128 from 2^{128} to a single key while relying on a single fault-injection. In particular, I will describe my recent work (appeared at Eurocrypt 2020) on a â€œfault propagationâ€-based key-recovery attack that completely breaks the security of an AES-128 implementation, even when equipped with dedicated protections against standard implementation-level attacks.
&lt;br&gt;
No prior background on cryptography will be needed.
DTSTART:20210922T120000Z
END:VEVENT
END:VCALENDAR