Series
Institute for Information Security & Privacy Cybersecurity Lecture Series

Permanent Link
https://hdl.handle.net/1853/70914
Series Type
Event Series
Description
Associated Organization(s)
Associated Organization(s)
Organizational Unit
Organizational Unit

Filters
2019 - 2019 1 2020 - 2021 1
2
2
2
Reset filters

Settings
Item Type: Publication × Author: Heath, David ×

Publication Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Zero Knowledge for Everything and Everyone
    (Georgia Institute of Technology, 2021-02-05) Heath, David
    Zero-Knowledge (ZK) Proofs are important cryptographic objects that allow an untrusted prover to demonstrate to an untrusted verifier the truth of some statement while revealing nothing additional. ZK can potentially be used for complex applications, such as allowing a company to securely conduct an external audit of its records or allowing a code bounty hunter to prove the existence of a software bug without directly showing the vulnerability. Unfortunately, complex ZK applications are difficult to build in practice; existing ZK protocols require statements to be encoded as circuits, and it is difficult to express complex statements as simple circuits. To bring complex ZK applications to practice, developers need a more expressive design language. Rather than providing a new design language, we provide an infrastructure that allows existing languages to run in ZK. In this talk, David will present a ‘ZK machine’, a low-level simulated processor that executes arbitrary assembly code in ZK. David will describe the machine, focusing on the inherent challenges and our corresponding solutions. We will explain how we can take off-the-shelf ANSI C programs, compile them to our custom assembly language, and efficiently run this assembly in a ZK protocol. Our system is practical and efficient; for example, it can prove the existence of a CVE-reported bug in gzip in 6.3 seconds. The talk will be suitable even for those without cryptographic background. This research was done in collaboration with David’s advisor, Professor Vlad Kolesnikov, as well as Professor David Devecsery and his student Yibin Yang.
  • No Thumbnail Available
    Item
    Efficiently Computing with Private Data
    (Georgia Institute of Technology, 2019-08-30) Heath, David
    Today, individual users and organizations often wish to contribute their private data to compute functions of interest. Unfortunately, when data is deemed too valuable or is legally protected, such computation cannot be performed. Secure Multiparty Computation (MPC) is a subfield of Cryptography that allows mutually untrusting parties to work together to run programs over their private data without revealing any information except the program output. In this way, MPC allows users to share private data while guaranteeing its privacy. One fundamental and efficient MPC technique, Yao’s garbled circuit, represents the computed function as a Boolean circuit, and evaluates it gate-by-gate under encryption. While achieving excellent cost per gate, this approach requires evaluation of the entire circuit. In particular, all inactive conditional branches must be sent over the network and evaluated: While inactive conditional branches are not needed to correctly compute functions, omitting them leaks information about the players’ private inputs. After 35 years of active research, it is generally believed that this cost cannot be avoided without using relatively inefficient tools, such as universal circuits. In this talk, I will discuss a new technique for garbled circuit MPC, which challenges this widely-held belief. I will show how to avoid sending inactive circuit branches at very modest increase of computation. Because of this optimization, communication costs are proportional to the longest execution path, rather than to the entire circuit. The talk will be kept at a high level, and no cryptographic background is required. The presented work is in collaboration with my advisor Vlad Kolesnikov.