Seminars & Colloquia
Portland State University
"Minding the gap, mining the gap: Two stories about practice-driven cryptography"
Monday March 23, 2015 09:30 AM
Location: 3211, EBII NCSU Centennial Campus
(Visitor parking instructions)
Story #1) Protecting credit-card databases and protecting communication from nation-state censorship are two, very different problems that traditional encryption fails to solve for a common reason. Namely, traditional encryption is designed to be agnostic to any formatting of the plaintext, and to produce random bit-strings as ciphertexts. To address this gap, we introduce format-transforming encryption (FTE), a new cryptographic primitive that supports in-place encryption of databases, censorship-circumvention, and other applications where the format of ciphertexts must be constrained. FTE is now fully integrated into Tor, Google's uProxy, the Lantern project, and prompted a significant monetary gift from Eric Schmidt (executive chairman of Google) in recognition of its potential.
[Story #2) Authenticated encryption is a workhorse cryptographic primitive of the modern internet. It provides the 'S' in HTTPS, powers SSH and IPSec, and protects data (both in-flight and at-rest) in numerous applications. It also makes an excellent case study of how well-intentioned theory can unwittingly lead practice astray because, despite appearances to the contrary, the theory actually says nothing about what practice is doing. We'll see how this gap resulted in the standardization of bad encryption, and how we rebuild the theory to catch-up with practice.
Tom Shrimpton is an associate professor in the department of computer science at Portland State University. His research is in cryptography, both its theory and application. He holds the firm belief that good theory should reflect real-world practice, and should strive to make life easier for those who implement, deploy and standardize cryptographic primitives. With the help of excellent collaborators, Tom's work has resulted in new RFCs, changes to international standards, and cryptographic technologies that impact a wide range of areas (e.g. the payment-processing industry, and censorship-circumvention systems.) Tom earned his PhD under Phillip Rogaway at UC-Davis in 2004, an NSF CAREER award in 2009, and a surprise gift from Eric Schmidt in 2014. He is an organizer of the annual Real World Cryptography event.
Host: Dr. William Enck, CSC