Cryptography, theory

Cryptographers have invented many different types of encryption. The PIs' research brings many of these under one umbrella, thereby reconceptualizing the landscape of modern cryptography. In the process, the research puts forward some entirely new kinds of encryption. The work is motivated by the needs of existing security practice. Sample questions include how to save space when storing encrypted copies of the same material in the cloud, and how to encrypt a credit-card number by reimagining the process as the shuffling of a deck of cards.

This project addresses how semiconductor designers can verify the correctness of ICs that they source from possibly untrusted fabricators. Existing solutions to this problem are either based on legal and contractual obligations, or use post-fabrication IC testing, both of which are unsatisfactory or unsound. As a sound alternative, this project designs and fabricates verifiable hardware: ICs that provide proofs of their correctness for every input-output computation they perform in the field.

This project aims to obtain provably optimal cryptographic constructions, using objectively practical techniques, for a wide range of tasks. To achieve this goal, the project makes progress on three technical fronts. First, a general-purpose framework is developed that encompasses and systematizes known practical cryptographic techniques from many domains. Second, the project develops techniques for proving concrete, fine-grained lower bounds about constructions within this framework. Finally, techniques from program synthesis will be applied to the new framework.

A wide range of cloud services and applications operate on sensitive data such as business, personal, and governmental information. This renders security and privacy as the most critical concerns in the cloud era. The objective of this project is to question the separation approach in the design of security and reliability features of storage systems, and to investigate new, coding-based security mechanisms based on a joint-design principle. The proposed program will result in a myriad of outcomes.

This project is developing new techniques for manipulating sensitive data by exploring two related areas, computing on private keys and computing on authenticated data. Currently, a private key is an inert object that gives its holder the ability to perform a cryptographic operation on all messages, as may be the case when generating a signature. The project is exploring a new vision, in which computing on the private key itself creates new restricted private keys that can only perform restricted operations such as, for example, signing only some messages but not others.