140 likes | 170 Vues
Yael Tauman Kalai. Area: Cryptography PhD: MIT, with Shafi Goldwasser IBM PhD Fellowship MIT Presidential Graduate Fellowship Masters: Weizmann, with Adi Shamir Outstanding Master’s Thesis Prize. Yael Tauman Kalai. Main results: Ring signatures Fiat-Shamir heuristic Code obfuscation.
E N D
Yael Tauman Kalai Area: Cryptography • PhD: MIT, with Shafi Goldwasser • IBM PhD Fellowship • MIT Presidential Graduate Fellowship • Masters: Weizmann, with Adi Shamir • Outstanding Master’s Thesis Prize
Yael Tauman Kalai Main results: • Ring signatures • Fiat-Shamir heuristic • Code obfuscation
Fiat-Shamir Heuristic (1986) Transforms identification protocol into signature • Efficient: used in practice. [with Goldwasser]: Heuristic is insecure. • First example of ID protocol where Fiat-Shamir transform yields insecure signature.
Letters Letters emphasize originality and creativity • Letter writers: • Goldwasser • Rivest • Shamir • Ran Raz • “top 5 in 7 years from Weizmann” • “top 3-5 in 11 years from Weizmann”
Goldwasser: “one of 2 or 3 most original and unconventional graduate students” “brilliant, original, technically superb” Compare to Boaz Barak, Joe Kilian
Rivest: “one of the very top students graduating from our group this year” “works on some of the most interesting, cutting edge and fundamental problems in the field today” “shows real mastery of the field” “very strong in the fundamentals and in terms of raw theoretical power”
How to Leak a Secret[with Rivest and Shamir] • Goals: • Anonymity. • Proof that info from high-ranking official. • Ring Signatures: • Pick set S of people with public keys, including self. • Members of S don’t have to cooperate. • Others can verify that someone in S signed. • Nobody knows which person in S. • Very efficient, even for many people.
How to Leak a Secret[with Rivest and Shamir] • Goals: • Anonymity. • Proof that info from high-ranking official. • Ring Signatures: • Pick set S of people with public keys, including self. • Members of S don’t have to cooperate. • Others can verify that someone in S signed. • Nobody knows which person in S. • Very efficient, even for many people. • Other Applications • Prevent phishing attacks. • Many follow-up papers.
Code Obfuscation • Code “unintelligible” code, same functionality. • Prevent hackers from learning anything when they examine code. • Very important in practice. • Vitaly’s example: phone book.
Code Obfuscation • Code “unintelligible” code, same functionality. • Prevent hackers from learning anything when they examine code. • Very important in practice. • Vitaly’s example: phone book. • Obfuscate any private key crypto public key crypto.
Code Obfuscation • Code “unintelligible” code, same functionality. • Prevent hackers from learning anything when they examine code. • Very important in practice. • Vitaly’s example: phone book. • Obfuscate any private key crypto public key crypto. • [BGIRSVY]: Impossible for artificial functions. • [Canetti, Wee]: Obfuscate certain functions. • Possible for all natural functions?
Code Obfuscation • Code “unintelligible” code, same functionality. • Prevent hackers from learning anything when they examine code. • Very important in practice. • Vitaly’s example: phone book. • Obfuscate any private key crypto public key crypto. • [BGIRSVY]: Impossible for artificial functions. • [Canetti, Wee]: Obfuscate certain functions. • Possible for all natural functions? • [with Goldwasser]: Impossible for certain natural functions. • Also give positive result.
Fiat-Shamir Heuristic (1986) • Transforms identification protocol into signature • Efficient: used in practice. • Provably secure under “random oracle model.”
Fiat-Shamir Heuristic (1986) • Transforms identification protocol into signature • Efficient: used in practice. • Provably secure under “random oracle model.” • [with Goldwasser]: Heuristic is insecure. • First example of ID protocol where Fiat-Shamir transform yields insecure signature.