2017/2018 Edition

Cryptography on non-trusted machines

Lecturer: Prof. Stefan Dziembowski (University of Rome "La Sapienza").

About the lecturer | Course Summary

About the lecturer: Stefan Dziembowski is an assistant professor at the University of Rome La Sapienza. He is interested in theoretical and applied cryptography.
Dziembowski received his MSc degree in computer science in 1996 from the Warsaw University, and his PhD degree in computer science in 2001 from the University of Aarhus, Denmark. Then, he spent 18 months as a post-doctoral fellow at the Swiss Federal Institute of Technology (ETH), Zurich. Afterwards, for 3 years he was an assistant professor at the Warsaw University. Later he spent 9 months as a post-doc at CNR Pisa, and 18 months as a post-doc at the University of Rome La Sapienza.
His papers appeared at leading scientific conferences (FOCS, STOC, CRYPTO, EUROCRYPT, TCC, LICS), and journals (Journal of Cryptology and IEEE Transactions on Information Theory). He also served as a PC member of several international conferences, including EUROCRYPT, ASIACRYPT, Theoretical Cryptography Conference (TCC), and the International Colloquium on Automata, Languages and Programming (ICALP).
He is a winner of the ERC Starting Independent Researcher Grant competition (in 2008) and a recipient of the Marie-Curie Intra-European Fellowship (2006-2007). He was also awarded the scholarship for young researchers from Foundation for Polish Science (2003-2004).

Course summary:
We will give an introduction to a new area of cryptography, called "cryptography on non-trusted machines". The goal of this area is to design cryptographic schemes that are secure even if implemented on not-secure devices. This is motivated by an observation that most of the real-life attacks on cryptographic devices do not break their mathematical foundations, but exploit vulnerabilities of their implementations. This concerns both the cryptographic software executed on PCs, that can be attacked by viruses, and the implementations on hardware that can be subject to the side-channel attacks (such attacks are based, e.g., on measuring the power consumption, electromagnetic radiation, or time needed to perform a given operation).

We will not assume any prior knowledge of cryptography. Hence, the first part of the course (that will take place in December) will be devoted entirely to the introduction to cryptography, with an emphasis on provable security (to save time we will discuss only private key cryptography).

In the second part (that will take place in January) we will discuss the main topic of the course ("cryptography on non-trusted machines"). This part will be based on the following papers:

  1. S. Dziembowski
    Intrusion-Resilience via the Bounded-Storage Model
    Theory of Cryptography Conference (TCC) 2006
  2. S. Dziembowski and K. Pietrzak
    Intrusion-Resilient Secret Sharing
    FOCS 2007
  3. S. Dziembowski and K. Pietrzak
    Leakage-Resilient Cryptography
    FOCS 2008
  4. D. Cash, Y. Z. Ding, Y. Dodis, W. Lee, R. J. Lipton, and S. Walfish.
    Intrusion-Resilient Key Exchange in the Bounded Retrieval Model.
    Theory of Cryptography Conference (TCC 2007),
  5. Y. Ishai, A. Sahai, and D. Wagner.
    Private Circuits: Securing Hardware against Probing Attacks.
    CRYPTO 2003
Course material will appear on the web-page [link].