Texas Crypto Day

The 3rd Texas Crypto Day was held at UT Dallas on December 8, 2023.

Program

9:45-10:15 Coffee and Tea
10:15-10:45 Murat Kantarcioglu (University of Texas at Dallas & UC Berkeley)
Invited Talk: HOLMES: Efficient Distribution Testing for Secure Collaborative LearningPDFVideoSlides
10:45-11:15 Coffee and Tea
11:15-12:15 Yiorgos Makris (University of Texas at Dallas)
Invited Talk: Applications of Machine Learning in Hardware SecurityPDFVideoSlides
12:15-1:45 Lunch (provided for the first 25 registered non-UTD participants)
1:45-2:15 Kirill Morozov (University of North Texas)
Using Untrusted and Unreliable Cloud Providers to Obtain Private EmailPDFVideoSlides
2:15-2:45 Rachit Garg (UT Austin)
Time-Lock Puzzles with Efficient Batch SolvingPDFVideoSlides
2:45-3:15 Coffee and Tea
3:15-4:00 Juan Garay (Texas A&M University)
Parallel BlockchainsPDFVideoSlides

Abstracts

HOLMES: Efficient Distribution Testing for Secure Collaborative LearningPDFVideoSlides

Murat Kantarcioglu (University of Texas at Dallas & UC Berkeley)

Using secure multiparty computation (MPC), organizations which own sensitive data (e.g., in healthcare, finance or law enforcement) can train machine learning models over their joint dataset without revealing their data to each other. At the same time, secure computation restricts operations on the joint dataset, which impedes computation to assess its quality. Without such an assessment, deploying a jointly trained model is potentially illegal. Regulations, such as the European Union's General Data Protection Regulation (GDPR), require organizations to be legally responsible for the errors, bias, or discrimination caused by their machine learning models. Hence, testing data quality emerges as an indispensable step in secure collaborative learning. However, performing distribution testing is prohibitively expensive using current techniques, as shown in our experiments.

We present HOLMES, a protocol for performing distribution testing efficiently. In our experiments, compared with three non-trivial baselines, HOLMES achieves a speedup of more than 10× for classical distribution tests and up to 104× for multidimensional tests. The core of HOLMES is a hybrid protocol that integrates MPC with zero-knowledge proofs and a new ZK-friendly and naturally oblivious sketching algorithm for multidimensional tests, both with significantly lower computational complexity and concrete execution costs.

Joint work with: Ian Chang and Katerina Sotiraki (UC Berkeley), Weikeng Chen (UC Berkeley & DZK Labs), Raluca Popa (UC Berkeley)


Applications of Machine Learning in Hardware SecurityPDFVideoSlides

Yiorgos Makris (University of Texas at Dallas)

Over the last twenty years, hardware security and trust has evolved into a major new area of research at the intersection of semiconductor manufacturing, VLSI design and test, computer-aided design, architecture and system security. During the same period, machine learning has experienced a major revival in interest and has flourished from a nearly forgotten area to the talk of the town. In this presentation, we will first briefly review various machine learning-based solutions which have been developed to address a number of concerns in hardware security and trust, including hardware Trojan detection, counterfeit IC identification, provenance attestation, hardware-based malware detection, side-channel attacks, PUF modeling, etc. Then, we will examine the key attributes of these problems which make them amenable to machine learning-based solutions and we will discuss the potential and the fundamental limitations of such approaches. Lastly, we will ponder the role of and necessity for advanced contemporary machine learning methods in the context of hardware security and we will conclude with suggestions for avoiding common pitfalls when employing such methods.


Using Untrusted and Unreliable Cloud Providers to Obtain Private EmailPDFVideoSlides

Kirill Morozov (University of North Texas)

A recent trend for organizations is to shift to cloud services which typically include email. As a result, the natural privacy concerns for users stem not only from outside attackers, but from insiders as well. Our solution does not rely on unproven assumptions and does not need a PKI. To achieve this, we partially rely on concepts from Private and Secure Message Transmission protocols, which are built on top of secret sharing. This technology allows us to distribute trust over email providers. Hence, the system remains secure as long as hackers are unable to penetrate a threshold number of providers, or this set of providers does not form a coalition to attack their users. The prototype of our proposed system has been implemented as an add-on for the Thunderbird email client, using Mozilla’s Web Crypto API and Rempe’s secret.js library. It currently supports the following secret sharing schemes: the 2-out-2 additive scheme (set as a default), the k-out-n threshold Shamir scheme, and the Rabin and Ben-Or robust scheme.

Joint work with: Nicolas Chiapputo (University of North Texas), Yvo Desmedt (University of Texas at Dallas)


Time-Lock Puzzles with Efficient Batch SolvingPDFVideoSlides

Rachit Garg (UT Austin)

Time-Lock Puzzles (TLPs) are a powerful tool for concealing messages until a predetermined point in time. When solving multiple puzzles, it becomes crucial to have the ability to batch-solve puzzles, i.e., simultaneously open multiple puzzles while working to solve a single one. Unfortunately, all previously known TLP constructions that support batch solving rely on super-polynomially secure indistinguishability obfuscation, making them impractical.

In light of this challenge, we present novel TLP constructions that offer batch-solving capabilities without using heavy cryptographic hammers. Our proposed schemes are simple and concretely efficient, and they can be constructed based on well-established cryptographic assumptions based on pairings or learning with errors (LWE). Along the way, we introduce new constructions of puncturable key- homomorphic PRFs both in the lattice and in the pairing setting, which may be of independent interest. Our analysis leverages an interesting connection to Hall’s marriage theorem and incorporates an optimized combinatorial approach, enhancing the practicality and feasibility of our TLP schemes. Furthermore, we introduce the concept of “rogue-puzzle attacks”, where maliciously crafted puzzle instances may disrupt the batch-solving process of honest puzzles. We then propose constructions of concrete and efficient TLPs designed to prevent such attacks.

Joint work with: Jesko Dujmovic and Giulio Malavolta


Parallel BlockchainsPDFVideoSlides

Juan Garay (Texas A&M University)

At Eurocrypt ’15, Garay, Kiayias and Leonardos introduced the notion of 2x1 (pronounced “2-for-1”) Proofs of Work (PoWs), which allows miners to work on two independent instances using the same computational power needed for just one PoW. In that paper, 2x1 PoWs were used to achieve consensus (aka Byzantine agreement) on the blockchain assuming an honest majority of miners (which is optimal) in O(polylog(kappa)) rounds of communication, where kappa is the security parameter. In this talk we present a novel “mx1 PoW” generalization of the tool which effectively enables mining on m blockchains in parallel, and show two applications. First, the first consensus protocol in the PoW-based setting of Bitcoin that runs in expected-constant number of rounds, and second, a permissionless clock synchronization protocol with optimal skew.

Joint work with: Aggelos Kiayias (the University of Edinburgh and IOHK) and Yu Shen (the University of Edinburgh)