## Cryptography on non-trusted machines

**Lecturer:** Prof. Stefan Dziembowski (University of Rome "La Sapienza").

About the lecturer | Course Summary

**About the lecturer:**
Stefan Dziembowski is an assistant professor at the University of
Rome La Sapienza. He is interested in theoretical and applied
cryptography.

Dziembowski received his MSc degree in computer science in 1996 from
the Warsaw University, and his PhD degree in computer science in 2001
from the University of Aarhus, Denmark. Then, he spent 18 months as a
post-doctoral fellow at the Swiss Federal Institute of Technology
(ETH), Zurich. Afterwards, for 3 years he was an assistant professor
at the Warsaw University. Later he spent 9 months as a post-doc at CNR
Pisa, and 18 months as a post-doc at the University of Rome La
Sapienza.

His papers appeared at leading scientific conferences (FOCS, STOC,
CRYPTO, EUROCRYPT, TCC, LICS), and journals (Journal of Cryptology and
IEEE Transactions on Information Theory). He also served as a PC
member of several international conferences, including EUROCRYPT,
ASIACRYPT, Theoretical Cryptography Conference (TCC), and the
International Colloquium on Automata, Languages and Programming
(ICALP).

He is a winner of the ERC Starting Independent Researcher Grant
competition (in 2008) and a recipient of the Marie-Curie
Intra-European Fellowship (2006-2007). He was also awarded the
scholarship for young researchers from Foundation for Polish Science
(2003-2004).

**Course summary:**

We will give an introduction to a new area of cryptography, called
"cryptography on non-trusted machines". The goal of this area is to design
cryptographic schemes that are secure even if implemented on not-secure
devices. This is motivated by an observation that most of the real-life
attacks on cryptographic devices do not break their mathematical
foundations, but exploit vulnerabilities of their implementations. This
concerns both the cryptographic software executed on PCs, that can be
attacked by viruses, and the implementations on hardware that can be subject
to the side-channel attacks (such attacks are based, e.g., on measuring the
power consumption, electromagnetic radiation, or time needed to perform a
given operation).

We will not assume any prior knowledge of cryptography. Hence, the first part of the course (that will take place in December) will be devoted entirely to the introduction to cryptography, with an emphasis on provable security (to save time we will discuss only private key cryptography).

In the second part (that will take place in January) we will discuss the main topic of the course ("cryptography on non-trusted machines"). This part will be based on the following papers:

- S. Dziembowski

**Intrusion-Resilience via the Bounded-Storage Model**

Theory of Cryptography Conference (TCC) 2006 - S. Dziembowski and K. Pietrzak

**Intrusion-Resilient Secret Sharing**

FOCS 2007 - S. Dziembowski and K. Pietrzak

**Leakage-Resilient Cryptography**

FOCS 2008 - D. Cash, Y. Z. Ding, Y. Dodis, W. Lee, R. J. Lipton, and S. Walfish.

**Intrusion-Resilient Key Exchange in the Bounded Retrieval Model.**

Theory of Cryptography Conference (TCC 2007), - Y. Ishai, A. Sahai, and D. Wagner.

**Private Circuits: Securing Hardware against Probing Attacks.**

CRYPTO 2003