The Many Colors of Cryptography
A Workshop in Honor of Ran Canetti
June 28-29, 2023
June 28-29, 2023
When: June 28-29, 2023 (Wednesday-Thursday)
Where: The Boisson Auditorium, The Steinhardt Museum of Natural History, Tel Aviv University
Parking: There's parking (Achuzot Hachof) under the museum. Register here by June 25 if you need a parking sticker (it will be inside your name tag cover).
Registration to the workshop had ended
This workshop is a tribute to Ran Canetti’s diverse and impactful contributions to the field of cryptography, on the occasion of his 60th birthday. Cryptography has been developing into a multi-faceted field, addressing a wide range of challenges from the scientific and technological to the societal. Ran’s work played a major role in each of these, including the introduction of key standards and concepts like HMAC authentication, universal composability, deniability and incoercibility, and secrecy and fairness in law and trial. The workshop will bring together leading researchers in cryptography to discuss these developments. Its program will consist of survey talks as well as recent research contributions.
09:30 - 10:00
Registration & coffee
10:00 - 10:45
Moni Naor
Denying the Undeniable
Abstract: What was that encrypted message you sent? Oh, it was "Ran is the greatest of all times"! Can you prove? Sure, here are the random bits used to generate the ciphertext.
In this talk I will survey Ran Canetti's early work on non-committing encryption and deniable encryption and its implications.
10:45 - 11:15
Vinod Vaikuntanathan
Obfuscating Programs with Ran Canetti
Abstract: I will talk about the probabilistic IO work with a focus on its surprising implications for fully homomorphic encryption.
11:15 - 12:00
Coffee
12:00 - 12:45
Alon Rosen
Nondeterministic Interactive Refutations for Nearest Boolean Vector
Abstract: TBD
12:45 - 13:15
Nir Bitansky
Extractable Functions
and how papa taught me not to fear the bad and ugly
13:15 - 14:45
Lunch
14:45 - 15:30
Yael Kalai
The Evolution of SNARGs
A journey shaped by Canetti's contributions
15:30 - 16:00
Omer Paneth
SNARKs and Knowledge Extraction, The Journey Continues
16:00 - 16:45
Coffee
16:45 - 17:30
Daniel Wichs
Doubly Efficient Private Information Retrieval and Fully Homomorphic RAM Computation from Ring LWE
Abstract: Can we design a private variant of “Google search” that would enable users to search the Internet privately without revealing their queries to Google? Fully homomorphic encryption gives a potential solution to this problem, but would require Google to run a huge computation that is linear in the size of the entire internet to answer each encrypted search query. Can Google to preprocess the internet content into a special data structure that would then allow it to answer each encrypted search query very efficiently by only accessing a small number of locations in the data structure? We give a solution to this problem as a special case of our work.
Concretely, we construct the first schemes for “doubly efficient private information retrieval (DEPIR)” and “fully homomorphic encryption in the RAM model (RAM-FHE)” under standard cryptographic hardness assumptions (Ring Learning with Errors). Previously we only had heuristic candidate constructions that only satisfied relaxed variants of these primitives. Our new solutions combine tools from cryptography together with data structures for fast polynomial evaluation (Kedlaya and Umans ’08).
Joint work with Wei-Kai Lin and Ethan Mook.
17:45
Light Dinner & Evening Session (Erdi Gallery, 1st floor)
Thursday, 29 June
09:30 - 10:00
Registration and Coffee
10:00-10:30
Tal Rabin
Asynchronous BA, Thirty Years in the Making
Abstract: TBD
10:30-11:15
Shai Halevi
You Only Speak Once (YOSO): Secure MPC with Stateless Ephemeral Roles
Abstract: Motivated in part by the desire to run meaningful workflows in large open systems, we consider distributed computations in a setting where parties come and go throughout the protocol execution. In the extreme, we have parties that join the computation for just a single step, to fulfil some ephemeral roles. These parties join without any state, receive the relevant state from the network, perform some computation, send their messages, and then depart.
This survey talk will cover multiple works by many people, I will touch on the motivation for this extreme model, security notions, and useful techniques. The main feasibility result in this line of work states that every efficiently computable function can be securely computed in (the YOSO equivalent of) the honest-majority setting.
11:15 - 12:00
Coffee
12:00-12:45
Alex Lombardi
Correlation Intractability and Fiat-Shamir in the Standard Model
Abstract: We will survey a collection of results over the last 5 years -- due to Ran and many others -- on Correlation Intractability and the Fiat-Shamir heuristic. Correlation intractability was introduced by Canetti-Goldreich-Halevi as a tool for understanding the uninstantiability of random oracles. However, by sufficiently narrowing the scope of the definition, we were able to obtain constructions of CI hash functions from simple, and often even standard, cryptographic assumptions! In turn, we have been able to use these weak forms of CI to instantiate the Fiat-Shamir heuristic in the standard model and build many new and powerful non-interactive argument systems.
12:45-13:15
Rafael Pass
Cryptography and Scientific Discovery
Abstract: TBD
13:15 - 14:45
Lunch
14:45-15:15
Yilei Chen
Imagine, Quantum, Lattice
Abstract: In this talk I will first recall some early interactions with Ran, where Ran's encouragement of "Imagine!" plays an essential role in shaping my development as a PhD student. I will then share some recent thoughts on designing quantum algorithms for solving lattice problems, inspired by many colors of Ran.
15:15-16:00
Hugo Krawczyk
The SIGMA Key Exchange Protocol
Or, What Was Ran Doing in the Afternoon of 9/11/2001
Abstract: You can trust Ran that even if the world were coming to an end, he would still be formulating a new cryptographic model or analyzing some intricate security protocol. How else could you conceive that he would be sitting at Sushi Samba in NYC, the afternoon of September 11, 2001, rigorously working on the analysis of the SIGMA key-exchange protocol (while inhaling a good dose of broken glass)? I designed SIGMA in 1996 for the IPsec Key Exchange (IKE) protocol with very limited understanding of the modeling of key-exchange protocols. Fortunately, I had Ran, with whom I spent countless hours on transatlantic phone calls in subsequent years, working together to try and tame this seemingly docile yet elusive beast known as 'authenticated key exchange.' Eventually, we converged on some useful modeling (including early UC model stuff) with SIGMA as one of the more challenging and significant protocols we analyzed (partly during that fateful afternoon 22 years ago). You may know nothing about SIGMA but you are surely using it. It has been the key-exchange protocol for IKE for 25 years and since 2018 also the cryptographic core of TLS 1.3 handshake. In this presentation, I'll tell you a bit more about SIGMA (and about Ran too, of course).
Oh. And, by the way, this SIGMA protocol has nothing to do with the honest-verifiable ZK SIGMA protocols, or with this other one https://en.wikipedia.org/wiki/The_Sigma_Protocol.
16:00 - 16:30
Coffee
16:30-17:00
Oded Goldreich's grandson
Environmental Security
Abstract: The notion of environmental security (a.k.a UC-security) is one of Ran's most important contributions to cryptography. I will offer my own perspective, which focuses on the pivotal role of efficiently computable oracles in the formulation.
17:00-17:30
Shafi Goldwasser
Deniable, Resettable, Composable: the Relentless Ran Canetti
Abstract: Will tell you about some scientific journeys with Ran or inspired by Ran.
17:30
Conclusion