ATI /
Studies /
MTAT.07.006 Research Seminar in Cryptography
MTAT.07.006 Research Seminar in Cryptography
(3+3 AP = 4.5+4.5 ECTS)
Autumn 2008: Various Topics in Cryptography
[General Information]
[Course description]
[Course Organization]
[Schedule]
[Background]
[OIS]
General Information
- Seminars lead by Helger Lipmaa. Office 334. Office hours: by appointment.
- Time and room: Wednesday 12:15-13:45, room 315
. The first
seminar is on 03.09.2008
- Course material: papers and surveys on the subjects (see schedule). More information follows later.
- To pass the course: see Course Organization
(http://research.cyber.ee/~lipmaa/teaching/MTAT.07.006/organization.php)
- Mailing list: teadus dot crypto at lists dot ut dot ee. No
brochure in Estonian. No exams.
Focus for 2008
The seminar series will not have a concrete focus. Instead, various
supervisors propose their topics for interested students. The supervisors
mainly choose topics that are interesting for themselves, which in
particular means that they are in most cases able to continue
supervision also after the seminar to the end of a potential MSc (or
BSc/PhD?) thesis. Such continuation is however not mandatory.
Students can also propose their own topics, but in this case they have
to find a supervisor who is interested in supervision.
Some topics require previous knowledge of cryptography, but other topics
will be accessible to students who take Crypto I in parallel (although, some
independent work is to be expected in this case).
This course is obligatory for our NordSecMob master students.
Everybody else is also more than welcome.
Signing up for the seminar
Fastest way: use OIS. If you
do not manage - don't blame me, OIS was not programmed for human usage. (You
probably have to email Ülle Holm who will then manually register you.)
Students with topics (email me when you are not here or this information is incorrect):
- Sadek Ferdous, supervised by Dan Bogdanov/Sven Laur - Implementing e-Auctions with Sharemind
- Sachin Gaur, supervised by Dan Bogdanov - Practical security analysis and business applications of Sharemind
- Aleksei Gornői, supervised by Dan Bogdanov - Extending Sharemind to n participants
- Silver Holmar, supervised by Peeter Laud - An overview of secure real-time transport protocol: SRTP & ZRTP
- Gerardo Iglesias, supervised by Dan Bogdanov/Sven Laur - e-voting in Sharemind
- Katharina Kahrs, supervised by Sven Laur - Secret Sharing
- Mihkel Kree, supervised by Helger Lipmaa - Quantum hacking: attacking practical quantum key distribution systems
- Ilja Livenson, supervised by Dan Bogdanov - A suite of protocols for a peer-to-peer virtual world
- Hoang Anh Nguyen, supervised by Peeter Laud - Cryptographic Protocol Analysis - e-Auction
- Richard Sassoon, supervised by Dan Bogdanov - privacy preserving with sharemind
- Ivo Seeba, supervised by Peeter Laud - Game-Playing Proofs
Proposed Topics (sorted by supervisor)
For most of the topics, browse the corresponding section of Helger's Cryptopointers to
find links to papers, surveys etc.
List of the supervisors follows. Click
on the name of the supervisor for topics proposed by the concrete
supervisor.
Presentation at first seminar
-
Homological Classification of Zero-Knowledge Proofs (MSc topic)
- Requires: Good mathematical background and ability to summarise. The
work should give an overview of basic zerro-knowledge proof techniques and
their properties. The main outcome has pedagogic value --- it will be a
supporting material for Crypto II course.
Similar work: Liina Kamm. Homological Classification of Commitment Schemes.
- Reasonably Efficient Certified Computations (MSc topic)
- Requires: Good mathematical background and ability to summarise. The
work should give an overview of the GMW-compiler technique that allows to
prove that outputs are computed correctly even if there are hidden (private)
committed inputs. In particular, I am interested on the general construction
that uses Pedersen Commitments and disjunctive proofs of knowledge in order
to create zero-knowledge proof. The main outcome has pedagocoic value --- it
will be a supporting material for Crypto II course
-
Efficient Verifiable Protocols for Arithmetic Operations (MSc topic)
- Requires: Good mathematical background and ability to produce new
ideas. The work should review the classical multiparty computation
techniques from 1980-ies and generalise them for the setting where shares
are taken form the ring ZZ_{2**n} (modulo 2**n) The main expected outcome is
a verifiable protocols for multiplication, addition, bit extraction, and
comparison.
-
General Description of Multiplication Protocols for Additively
Homomorphic Secret Sharing Schemes
- Requires: Good understanding of linear algebra and ability to solve
functional equations. The work should describe all (or almost all)
multiplication protocols with shares that are functional and secure. In
particular, it should somehow explain why is the multiplication protocols
harder when shares are taken from rings. The work can be both empirical or
theoretical. In empirical apprach, one should generate all possible
functional protocols for ZZ_{4}, ZZ_{5}....,ZZ_{still small enough modulus}
and then somehow generalise the results. Fort example, conclude some
impossibility results. In theoretical apprach, one should establish a
general description for multiplication protocols (that is large enough to
cover Shamir's scheme and the one used in Sharemind)
- Automatic Generation of Garbled Circuits (Practical implementation
topic).
- Requires: Understanding how to parse algebraic and logical expressions.
The student should implement a compiler that converts expression into
boolean circuit and then converts this circuit into Yao's garbled circuit.
Links
Review form.
Want to know something about subject? Browse the link collection at
http://research.cyber.ee/~lipmaa/crypto/.
Previous years:
[Autumn 2001 @TKK] [Autumn 2002 @TKK] [Autumn 2003 @TKK] [Autumn 2004 @TKK]
[Autumn 2005 @Tartu]
This page: http://research.cyber.ee/~lipmaa/teaching/MTAT.07.006/