ATI /
Studies /
MTAT.07.006 Research Seminar in Cryptography
MTAT.07.006 Research Seminar in Cryptography
(3+3 AP = 4.5+4.5 ECTS)
Autumn 2008: Various Topics in Cryptography
[General Information]
[Course description]
[Course Organization]
[Schedule]
[Background]
[OIS]
General Information
Focus for 2009
The next will be discussed during the first seminar. The seminar
series will not have a concrete focus. Instead, various supervisors propose
their topics for interested students. The supervisors mainly choose topics
that are interesting for themselves, which in particular means that they are
in most cases able to continue supervision also after the seminar
to the end of a potential MSc (or BSc/PhD?) thesis. Such continuation is
however not mandatory.
Students can also propose their own topics, but in this case they have
to find a supervisor who is interested in supervision.
Some topics require previous knowledge of cryptography, but other topics
will be accessible to students who take Crypto I in parallel (although, some
independent work is to be expected in this case).
This course is obligatory for our NordSecMob master students.
Everybody else is also more than welcome.
Signing up for the seminar
Fastest way: use OIS. If you
do not manage - don't blame me, OIS was not programmed for human usage. (You
probably have to email Ülle Holm who will then manually register you.)
Registered students:
- Riivo Talviste (supervisor: DB) - 24 April
- Katharina Kahrs (supervisor: SL) - 8 May
- Kaur Kasak (supervisor: HL) - 15 May
- Margus Niitsoo (supervisor: AB) - 22 May
- Dan Bogdanov (supervisor: SL) - 29 May
Proposed Topics (sorted by supervisor)
For most of the topics, browse the corresponding section of Helger's Cryptopointers to
find links to papers, surveys etc.
List of the supervisors follows. Click
on the name of the supervisor for topics proposed by the concrete
supervisor.
Presentation at first seminar
-
Homological Classification of Zero-Knowledge Proofs (MSc topic)
- Requires: Good mathematical background and ability to summarise. The
work should give an overview of basic zerro-knowledge proof techniques and
their properties. The main outcome has pedagogic value --- it will be a
supporting material for Crypto II course.
Similar work: Liina Kamm. Homological Classification of Commitment Schemes.
- Reasonably Efficient Certified Computations (MSc topic)
- Requires: Good mathematical background and ability to summarise. The
work should give an overview of the GMW-compiler technique that allows to
prove that outputs are computed correctly even if there are hidden (private)
committed inputs. In particular, I am interested on the general construction
that uses Pedersen Commitments and disjunctive proofs of knowledge in order
to create zero-knowledge proof. The main outcome has pedagocoic value --- it
will be a supporting material for Crypto II course
-
Efficient Verifiable Protocols for Arithmetic Operations (MSc topic)
- Requires: Good mathematical background and ability to produce new
ideas. The work should review the classical multiparty computation
techniques from 1980-ies and generalise them for the setting where shares
are taken form the ring ZZ_{2**n} (modulo 2**n) The main expected outcome is
a verifiable protocols for multiplication, addition, bit extraction, and
comparison.
-
General Description of Multiplication Protocols for Additively
Homomorphic Secret Sharing Schemes
- Requires: Good understanding of linear algebra and ability to solve
functional equations. The work should describe all (or almost all)
multiplication protocols with shares that are functional and secure. In
particular, it should somehow explain why is the multiplication protocols
harder when shares are taken from rings. The work can be both empirical or
theoretical. In empirical apprach, one should generate all possible
functional protocols for ZZ_{4}, ZZ_{5}....,ZZ_{still small enough modulus}
and then somehow generalise the results. Fort example, conclude some
impossibility results. In theoretical apprach, one should establish a
general description for multiplication protocols (that is large enough to
cover Shamir's scheme and the one used in Sharemind)
- Automatic Generation of Garbled Circuits (Practical implementation
topic).
- Requires: Understanding how to parse algebraic and logical expressions.
The student should implement a compiler that converts expression into
boolean circuit and then converts this circuit into Yao's garbled circuit.
Links
Review form.
Want to know something about subject? Browse the link collection at
http://research.cyber.ee/~lipmaa/crypto/.
Previous years:
[Autumn 2001 @TKK] [Autumn 2002 @TKK] [Autumn 2003 @TKK] [Autumn 2004 @TKK]
[Autumn 2005 @Tartu] [Autumn 2008 @Tartu]
This page: http://research.cyber.ee/~lipmaa/teaching/MTAT.07.006/