1 / 45

Nishanth Chandran Vipul Goyal Ryan Moriarty Rafail Ostrovsky

ezra
Download Presentation

Nishanth Chandran Vipul Goyal Ryan Moriarty Rafail Ostrovsky

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    2. What constitutes an identity in cryptography?

    3. Trust Physical Security… and the right circumstances

    4. How about geographical position as an identity? [C–Goyal–Moriarty–Ostrovsky (CRYPTO’09)]

    5. Geographical Position as an Identity

    6. Other Position Based Cryptographic Tasks

    7. Other Position Based Cryptographic Tasks Position based access control: allow access to resource only if user is at particular geographical position Many more….

    8. The Setting A set of verifiers V1,….,Vk present at various geographical positions in space A prover present at some geographical position The prover claims to be at P …… but may be lying!

    9. Previous Technique for Secure Positioning [SSW03, B04, SP05, CH05, CCS06]

    10. Triangulation [CH05]

    12. Can we protect against multiple colluding provers? (if none of them are at the claimed position)

    13. Talk Outline Plain Model for Position based tasks Secure Positioning - I’ll show: - Impossible in plain model ? - Positive results in the “Bounded Retrieval Model” (BRM) ?

    14. Plain Model

    15. Impossibility Result

    16. Impossibility: Proof strategy

    17. Impossibility: Proof sketch

    18. Impossibility: Proof sketch

    19. Implications of our impossibility result Secure positioning and hence position-based cryptography is impossible in the plain model

    20. A First Natural Question… Do computational hardness assumptions help? For example, hardness of factoring?

    21. Any other way to meaningfully restrict adversary?

    22. Any other way to meaningfully restrict adversary? How about bounding space of parties?

    23. Constructions & Proofs in BRM

    24. Reminder: Bounded Retrieval Model (BRM) [M’92, D’06, CLW’06]

    25. BRM in the context of Position-based Cryptography

    26. An assumption for this talk Computation is instantaneous – modern GPS perform computation while using speed of light assumption (relaxation ? error in position)

    27. SO FAR: Introduced Bounded Retrieval Model for position based crypto tasks COMING UP NEXT: Actual Protocol for Secure Positioning

    28. Warm up: 1-Dim. Secure positioning

    29. A starting point: [Vadhan04] Locally computable Pseudorandom Generator (PRG)

    30. 1-Dim. Space: Protocol

    31. 1-Dim. Space: Correctness

    32. 1-Dim. Space: Security

    33. SO FAR: 1-Dim. Secure Positioning Protocol & Proof COMING UP NEXT: 3-Dim. Secure Positioning Protocol & Proof idea

    34. For this talk, I’ll present only a flavor of the protocol & proof: CHEAT FOR THE TALK: Verifiers alone have large storage (can store X in its entirety!) Can completely remove cheat with certain secret sharing technique as additional step Complicates both proof and constructions; will not cover in this talk 3-Dim. Secure Positioning

    35. 3-Dim. Space: Protocol

    36. 3-Dim. Space: Correctness & Security

    37. Proof Ideas

    38. Subtleties in proof

    39. The bottom line Bad News: secure positioning is impossible without assumptions Good news: Can do secure positioning in 3D in the bounded retrieval model More good news: Can extend the protocol even if there is a small variance in delivery time when small positioning error is allowed

    40. Position based Key Exchange Can we obtain key exchange (KE)?

    41. 1-Dim. Space: Position-based KE

    42. 1-Dim. Space KE: Protocol & Security

    43. 3-Dim. Space KE: Protocol

    44. Take away Position based cryptography is impossible in the plain model Secure Positioning and Position-based key exchange possible in the BRM Leads to Position-based encryption Position-based authentication Secure position-based services ...

    45. Other Directions

    46. Questions?

More Related