-
Notifications
You must be signed in to change notification settings - Fork 23
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Adding participation in RWC symposium. * Rename Georghegan2022.md to Geoghegan2022.md --------- Co-authored-by: armfazh <[email protected]>
- Loading branch information
Showing
6 changed files
with
63 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| --- | ||
| title: Post-quantum TLS without handshake signatures | ||
| year: 2021 | ||
| location: Real World Crypto Symposium 2021. Virtual. January 2021. | ||
| authors: | ||
| - Sofía Celi | ||
| - armando-faz | ||
| - Peter Schwabe | ||
| - Douglas Stebila | ||
| - Thom Wiggers | ||
| url: https://iacr.org/submit/files/slides/2021/rwc/rwc2021/68/slides.pdf | ||
| related_interests: | ||
| - cryptography | ||
| --- | ||
|
|
||
| We present KEMTLS, an alternative to the TLS 1.3 handshake that uses key-encapsulation mechanisms (KEMs) instead of signatures for server authentication. Among existing post-quantum candidates, signature schemes generally have larger public key/signature sizes compared to the public key/ciphertext sizes of KEMs: by using an IND-CCA-secure KEM for server authentication in post-quantum TLS, we obtain multiple benefits. A size-optimized post-quantum instantiation of KEMTLS requires less than half the bandwidth of a size-optimized post-quantum instantiation of TLS 1.3. In a speed-optimized instantiation, KEMTLS reduces the amount of server CPU cycles by almost 90% compared to TLS 1.3, while at the same time reducing communication size, reducing the time until the client can start sending encrypted application data, and eliminating code for signatures from the server's trusted code base. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| --- | ||
| title: "Standardizing MPC for Privacy Preserving Measurement" | ||
| year: 2022 | ||
| location: Real World Crypto Symposium 2022. Amsterdam, Netherlands. April 2022. | ||
| authors: | ||
| - Tim Geoghegan | ||
| - christopher-patton | ||
| - Eric Rescorla | ||
| - christopher-wood | ||
| url: https://iacr.org/submit/files/slides/2022/rwc/rwc2022/78/slides.pdf | ||
| related_interests: | ||
| - privacy | ||
| - cryptography | ||
| --- | ||
|
|
||
| Operating a large, complex, Internet-based application usually requires measuring the behavior of the application's users. Often the purpose of these measurements is not to build profiles about individual users, but to shed light on overall trends that might point to performance bottlenecks, user-experience issues, bugs, or attack vectors. Recent advances in cryptography, e.g., Prio (NSDI 2017), have made it possible to compute these aggregates without revealing individual measurements to the service provider. This talk will describe the IETF's initial effort to standardize some of these techniques. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| --- | ||
| title: "Portunus: Re-imagining access control in distributed systems using attribute-based encryption" | ||
| year: 2023 | ||
| location: Real World Crypto Symposium 2023. Tokyo, Japan. March 2023. | ||
| authors: | ||
| - Watson Ladd | ||
| - Marloes Venema | ||
| - tanya-verma | ||
| url: https://iacr.org/submit/files/slides/2023/rwc/rwc2023/83/slides.pptx | ||
| related_interests: | ||
| - distributed_systems | ||
| - cryptography | ||
| --- | ||
|
|
||
| This talk presents Portunus, a global system used by Cloudflare to restrict where in the world a customer's TLS private keys can be accessed based on some policy. It is an RBAC system built using ciphertext-policy attribute-based encryption, a variant of public-key cryptography introduced in 2005, that enables access control to be enforced with minimal dependence on a central authority. Using Portunus as an example, we discuss the benefits of employing attribute-based encryption (ABE) to construct access control systems for distributed settings. Portunus evolved from an earlier system, Geo Key Manager, previously presented at RWC 2018. Prompted by a question from the audience, we attacked the inflexible policies and vulnerability to collusion by replacing a home-grown simulation of an ABE-like scheme using Identity Based Encryption and Broadcast Encryption, with an established ABE scheme by TKN. This shortcoming was validated when customers demanded richer data restriction policies to reflect the increasing balkanization of the Internet in response to regulations such as GDPR. However, it is not enough to drop in a new scheme: real-world systems have to deal with attribute changes, key rotation, performance needs, and high loads. It also needs to address the needs of real users. This talk will discuss the translation of a ciphertext-policy ABE scheme from theory to practice and the hurdles along the way, as well as show how successful application of an imperfect cryptographic solution paved the way for adoption of a theoretically more satisfying and more capable solution. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| --- | ||
| title: "Geo Key Manager" | ||
| location: Real World Crypto Symposium 2018. Zurich, Switzerland. January 2018. | ||
| year: 2018 | ||
| authors: | ||
| - nick-sullivan | ||
| - Brendan McMillion | ||
| url: https://rwc.iacr.org/2018/Slides/Sullivan.pdf | ||
| related_interests: | ||
| - cryptography | ||
| - protocols | ||
| --- | ||
|
|
||
| Geo Key Manager is a feature that gives customers unprecedented control over where their private keys are stored when uploaded to Cloudflare, limiting the exposure of their private keys to certain locations. |