Visa Tech Talk

Visa Tech Talk<br>Speakers:<b>Rohit Sinha and Shashank Agrawal </b><br>Date: November 8, 2017<br>Time: 6:30pm - 7:30pm<br>Location: Gates Building, room 104<br>Curry Up Now will be served! <br><br>This event is for the Stanford community and invited guests only, please bring your Stanford ID card. <br><br>Please RSVP via handshake: <a href="https://www.google.com/url?q=https%3A%2F%2Fapp.joinhandshake.com%2Fevent... target="_blank">https://app.joinhandshake.com/events/103288</a><br><br><p><b>Speaker: Rohit Sinha</b></p><p>Title: Secure Cloud Services Using Trusted Hardware and Certified Software</p><p><b>Chosen as best paper at ACM CCS 2017</b> </p><p>CCS is a flagship conference in the area of security organized by ACM SIGSAC. They accept papers in all aspects of computer and communications security and privacy, including both theoretical and practical contributions. This year there were 836 submissions out of which 151 were accepted. Five papers were awarded the best paper award.</p><p></p><p>Here is a link to Rohit’ s paper: <a href="https://www.google.com/url?q=https%3A%2F%2Feprint.iacr.org%2F2017%2F565.... target="_blank">https://eprint.iacr.org/2017/565.pdf</a></p><p>Abstract:</p><p>Security-... applications constantly face threats from exploits in lower computing layers such as the OS and Hypervisor, or even attacks from malicious datacenter insiders. In order to protect sensitive data from such privileged adversaries, there is increasing development of secure hardware primitives, such as Intel SGX and Sanctum RISC-V enclaves. These enclave platforms enable applications to place trusted code and data into memory regions that are isolated from all other software on the machine, and also implement cryptographic primitives for attested remote execution.</p><p>While developers are starting to adopt enclave platforms to build entire cloud services, it is an open research question as to how to write safe programs using these platforms. Our research explores building enclave programs with provable security guarantees, including only these hardware primitives (i.e. nearly zero software) in the trusted computing base (TCB). In this talk, I will demonstrate compiler and verification techniques to develop applications that can be certified (at the level of machine code) to not leak secrets. Furthermore, I will discuss how we can specify and verify security properties of the enclave platform, thus further reducing the TCB.</p><p><b>Speaker: Shashank Agrawal</b></p><p>Title: Threshold Symmetric Encryption</p><p>Abstract: </p><p>Threshold cryptography provides a mechanism for protecting secret keys by sharing them among multiple parties, who then jointly perform cryptographic operations. An attacker who corrupts up to a threshold number of parties, however, cannot recover the secrets or violate security. Prior works in this space have focused on definitions and constructions for public-key cryptography and digital signatures, and fails to capture the security concerns and efficiency challenges of symmetric-key based applications</p><p>We put forth the first formal treatment for threshold symmetric-key encryption, proposing new notions of correctness, privacy and authenticity, in presence of passive and active attackers. Our primary goal is to propose strong and intuitive game-based definitions that are easy to understand and yield efficient constructions.We design and implement several efficient constructions meeting our definitions. Our most efficient instantiation only uses symmetric-key primitives and achieves a throughput of up to 1 million encryptions/decryptions per seconds, or alternatively a sub-millisecond latency with up to 18 participating parties.</p>

Date: 
Wednesday, November 8, 2017 - 6:30pm to 7:30pm
location: 
353 Serra Mall, Stanford, CA 94305, USA