1 / 14

Yael Tauman Kalai

Yael Tauman Kalai. Area: Cryptography PhD: MIT, with Shafi Goldwasser IBM PhD Fellowship MIT Presidential Graduate Fellowship Masters: Weizmann, with Adi Shamir Outstanding Master’s Thesis Prize. Yael Tauman Kalai. Main results: Ring signatures Fiat-Shamir heuristic Code obfuscation.

kchris
Download Presentation

Yael Tauman Kalai

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Yael Tauman Kalai Area: Cryptography • PhD: MIT, with Shafi Goldwasser • IBM PhD Fellowship • MIT Presidential Graduate Fellowship • Masters: Weizmann, with Adi Shamir • Outstanding Master’s Thesis Prize

  2. Yael Tauman Kalai Main results: • Ring signatures • Fiat-Shamir heuristic • Code obfuscation

  3. Fiat-Shamir Heuristic (1986) Transforms identification protocol into signature • Efficient: used in practice. [with Goldwasser]: Heuristic is insecure. • First example of ID protocol where Fiat-Shamir transform yields insecure signature.

  4. Letters Letters emphasize originality and creativity • Letter writers: • Goldwasser • Rivest • Shamir • Ran Raz • “top 5 in 7 years from Weizmann” • “top 3-5 in 11 years from Weizmann”

  5. Goldwasser: “one of 2 or 3 most original and unconventional graduate students” “brilliant, original, technically superb” Compare to Boaz Barak, Joe Kilian

  6. Rivest: “one of the very top students graduating from our group this year” “works on some of the most interesting, cutting edge and fundamental problems in the field today” “shows real mastery of the field” “very strong in the fundamentals and in terms of raw theoretical power”

  7. How to Leak a Secret[with Rivest and Shamir] • Goals: • Anonymity. • Proof that info from high-ranking official. • Ring Signatures: • Pick set S of people with public keys, including self. • Members of S don’t have to cooperate. • Others can verify that someone in S signed. • Nobody knows which person in S. • Very efficient, even for many people.

  8. How to Leak a Secret[with Rivest and Shamir] • Goals: • Anonymity. • Proof that info from high-ranking official. • Ring Signatures: • Pick set S of people with public keys, including self. • Members of S don’t have to cooperate. • Others can verify that someone in S signed. • Nobody knows which person in S. • Very efficient, even for many people. • Other Applications • Prevent phishing attacks. • Many follow-up papers.

  9. Code Obfuscation • Code  “unintelligible” code, same functionality. • Prevent hackers from learning anything when they examine code. • Very important in practice. • Vitaly’s example: phone book.

  10. Code Obfuscation • Code  “unintelligible” code, same functionality. • Prevent hackers from learning anything when they examine code. • Very important in practice. • Vitaly’s example: phone book. • Obfuscate any private key crypto  public key crypto.

  11. Code Obfuscation • Code  “unintelligible” code, same functionality. • Prevent hackers from learning anything when they examine code. • Very important in practice. • Vitaly’s example: phone book. • Obfuscate any private key crypto  public key crypto. • [BGIRSVY]: Impossible for artificial functions. • [Canetti, Wee]: Obfuscate certain functions. • Possible for all natural functions?

  12. Code Obfuscation • Code  “unintelligible” code, same functionality. • Prevent hackers from learning anything when they examine code. • Very important in practice. • Vitaly’s example: phone book. • Obfuscate any private key crypto  public key crypto. • [BGIRSVY]: Impossible for artificial functions. • [Canetti, Wee]: Obfuscate certain functions. • Possible for all natural functions? • [with Goldwasser]: Impossible for certain natural functions. • Also give positive result.

  13. Fiat-Shamir Heuristic (1986) • Transforms identification protocol into signature • Efficient: used in practice. • Provably secure under “random oracle model.”

  14. Fiat-Shamir Heuristic (1986) • Transforms identification protocol into signature • Efficient: used in practice. • Provably secure under “random oracle model.” • [with Goldwasser]: Heuristic is insecure. • First example of ID protocol where Fiat-Shamir transform yields insecure signature.

More Related