Biblio

We introduce the notion of an application-based covert channel—or ABCC—which provides a formal syntax for describing covert channels that tunnel messages through existing protocols. Our syntax captures many recent systems, including DeltaShaper (PETS 2017) and Protozoa (CCS 2020). We also define what it means for an ABCC to be secure against a passive eavesdropper, and prove that suitable abstractions of existing censorship circumvention systems satisfy our security notion. In doing so, we define a number of important non-cryptographic security assumptions that are often made implicitly in prior work. We believe our formalisms may be useful to censorship circumvention developers for reasoning about the security of their systems and the associated security assumptions required.

In 2009, Craig Gentry introduced the first "fully" homomorphic encryption scheme allowing arbitrary circuits to be evaluated on encrypted data. Homomorphic encryption is a very powerful cryptographic primitive, though it has often been viewed by practitioners as too inefficient for practical applications. However, the performance of these encryption schemes has come a long way from that of Gentry's original work: there are now several well-maintained libraries implementing homomorphic encryption schemes and protocols demonstrating impressive performance results, alongside an ongoing standardization effort by the community. In this tutorial we survey the existing homomorphic encryption landscape, providing both a general overview of the state of the art, as well as a deeper dive into several of the existing libraries. We aim to provide a thorough introduction to homomorphic encryption accessible by the broader computer security community. Several of the presenters are core developers of well-known publicly available homomorphic encryption libraries, and organizers of the homomorphic encryption standardization effort \textbackslashtextbackslashhrefhttp://homomorphicencryption.org/. This tutorial is targeted at application developers, security researchers, privacy engineers, graduate students, and anyone else interested in learning the basics of modern homomorphic encryption.The tutorial is divided into two parts: Part I is accessible by everyone comfortable with basic college-level math; Part II will cover more advanced topics, including descriptions of some of the different homomorphic encryption schemes and libraries, concrete example applications and code samples, and a deeper discussion on implementation challenges. Part II requires the audience to be familiar with modern C++.

Program obfuscation is a powerful security primitive with many applications. White-box cryptography studies a particular subset of program obfuscation targeting keyed pseudorandom functions (PRFs), a core component of systems such as mobile payment and digital rights management. Although the white-box obfuscators currently used in practice do not come with security proofs and are thus routinely broken, recent years have seen an explosion of cryptographic techniques for obfuscation, with the goal of avoiding this build-and-break cycle. In this work, we explore in detail cryptographic program obfuscation and the related primitive of multi-input functional encryption (MIFE). In particular, we extend the 5Gen framework (CCS 2016) to support circuit-based MIFE and program obfuscation, implementing both existing and new constructions. We then evaluate and compare the efficiency of these constructions in the context of PRF obfuscation. As part of this work we (1) introduce a novel instantiation of MIFE that works directly on functions represented as arithmetic circuits, (2) use a known transformation from MIFE to obfuscation to give us an obfuscator that performs better than all prior constructions, and (3) develop a compiler for generating circuits optimized for our schemes. Finally, we provide detailed experiments, demonstrating, among other things, the ability to obfuscate a PRF with a 64-bit key and 12 bits of input (containing 62k gates) in under 4 hours, with evaluation taking around 1 hour. This is by far the most complex function obfuscated to date.