2021

19.10.2021

On 18 October 2021 Prof. Kenny Paterson held his inaugural lecture at ETH Zurich. Watch the video and follow his 23 minute whistle-stop tour of a different perspective on cryptography.

4.10.2021

Inaugural Lecture by Prof. Kenny Paterson

Kenny Paterson will hold his inaugural lecture on 18 October 2021 at ETH Zurich. It's at 17:15 at the AudiMax, HG F 30. This is a public event, no registration is required. The lecture is followed by an apéro at the Dozentenfoyer.

Covid certificate and ID mandatory. Face masks during the lecture.

20.9.2021

Welcome Back Lukas and Varun!

Happy to have Lukas Burkhalter and Varun Maram rejoin our group following the completion of their internships at Brave and Visa Research respectively.

3.9.2021

Together with TU Darmstadt researchers Jean Paul Degabriele and Jérôme Govinden, Felix Günther and Kenny Paterson from the Applied Cryptography group studied one of the most widely used encryption schemes today, ChaCha20-Poly1305. Their work explores how to choose secure parameters in scenarios where a powerful network attacker has access to many Internet connections, capturing real-world concerns in protocols such as TLS, DTLS, or QUIC. The resulting research paper "The Security of ChaCha20-​Poly1305 in the Multi-​User Setting" has been accepted to external pageACM CCS 2021call_made, taking place virtually in November.

16.7.2021

Working with Martin Albrecht and Lenka Mareková from Royal Holloway, University of London, Kenny Paterson and Igors Stepanovs from the Applied Cryptography group have taken a “deep dive” on how symmetric cryptography is used in Telegram. Their paper “Four Attacks and a Proof for Telegram” has been accepted to IEEE Security & Privacy 2022. It describes a number of practical and theoretical attacks on Telegram's MT Proto protocol, as well as providing a security proof for a repaired version of Telegram. Read more at external pagehttps://mtpsym.github.io/call_made

23.6.2021

Alexander Viand gave invited talks about "FHE Development Ecosystem: Tools, Compilers & Challenges" at the external pageStanford Security Seminarcall_made, UC Berkeley, Intel, and external pageFHE.orgcall_made. You can watch a recording of the FHE.org talk below.

21.06.2021

Two new academic guests - Welcome Francesca and Hannah!

We look forward to hosting two guests for a research stay at ETH Zurich. Francesca Falzon has won a ThinkSwiss Research Scholarship and will visit our group from 28 June - 24 September 2021. Francesca is a third-year PhD student at the Computer Science Department at the University of Chicago. Hannah Davis will join the group for a research stay from 12 July - 12 November 2021. She is a third-year PhD student at the University of California, San Diego, supervised by Prof. Mihir Bellare.

11.6.2021

Talk by Prof. abhi shelat  

On Wednesday, June 16th at 3pm we will have a talk by Prof. abhi shelat from Northeastern University (external pagehttps://shelat.khoury.neu.edu/call_made) at the weekly meeting of the Applied Cryptography group, happening at external pagehttps://ethz.zoom.us/j/98290684842call_made. Everyone is welcome to join. See the talk's title and abstract below.

Title: Threshold RSA

Abstract: I will present a recent line of work that constructs secure multiparty protocols for the generation of biprime RSA moduli, with security against any subset of maliciously colluding parties.

The first protocol, which only relies on oblivious transfer and the hardness of factoring, is a modular blueprint that generalizes the structure of prior works and leads to a simpler security proof.  The main new innovation is a combined sampling-and-sieving technique that eliminates both the inherent leakage in the approach of Frederiksen et al. (Crypto'18), and the dependence upon additively homomorphic encryption in the approach of Hazay et al. (JCrypt'19). We combine this technique with an efficient, privacy-free check to detect malicious behavior retroactively when a sampled candidate is not a biprime, and thereby overcome covert rejection-sampling attacks and achieve both asymptotic and concrete efficiency improvements over the previous state of the art.

The second protocol, which relies on additive homomorphic encryption (RLWE-based) and a special “aggregator” model of communication, pushes the limits of scalability with experiments that show the performance for 2-4000 parties. This is the first such implementation of any MPC protocol that can scale to more than 1,000 parties. For generating a 2048-bit modulus among 1,000 parties, our passive protocol executed in under 4 minutes and the active variant ran in 22 minutes on AWS.

The main innovations are the design and use of a new protocol for secure distributed multiplication, and the use of a ZK proof system based on the Ligero sub-linear zero-knowledge proof system (Ames et al., CCS 2017) and Sigma-protocols to achieve security against malicious adversaries.

I still have (and will highlight) many open questions about this line of work; I know that we haven’t yet found the “book protocol” for this problem.  

This is joint work with Megan Chen, Ran Cohen, Jack Doerner, Carmit Hazay, Yuval Ishai, Yuriy Kashnikov, Yashvanth Kondi, Eysa Lee, Daniele Micciancio, Tarik Riviere, Schuyler Rosefield, Muthu Venkitasubramaniam and Ruihan Wang!

8.6.2021

Varun Maram presents his work on Post-Quantum Public Key Encryption at NIST

Varun Maram will present his "Anonymous, Robust Post-Quantum Public Key Encryption" paper, coauthored with Paul Grubbs and Kenny Paterson, at the external page3rd NIST PQC Standardization Conferencecall_made. This work analyzes the finalist PKE schemes in NIST's PQC standardization process with respect to important security properties of (receiver-)anonymity and robustness. It also identifies technical gaps in the IND-CCA security claims of certain finalists and suggests modifications to the respective schemes.

27.5.2021

Watch the recording of Prof. Kenny Paterson's talk at the ETH Risk Center

Prof. Kenny Paterson gave a external pagetalk at the ETH Risk Centercall_made on 11.05.2021 addressing the risks and opportunities that will arise in the coming transition to post-quantum cryptography. Cryptography faces a major threat today: if large-scale quantum computers could be built, then they would break all of today’s currently deployed public key cryptographic systems. The threat is well-understood and remedial action is underway in the cryptographic community to develop, standardise and deploy what is known as “post-quantum cryptography” in an effort to counter the threat. But there are unquantified risks in undertaking this endeavour. In his talk, Kenny provided background on the threat and discussed the challenges and opportunities that may arise in tackling it.  

17.05.2021

Lukas Burkhalter's paper on Zeph, a system that enforces users' privacy preferences in applications, has been accepted at external pageUSENIX OSDI 2021call_made.

10.5.2021

Lara Bruseghini wins ETH medal

Lara Bruseghini has been awarded an ETH medal for her Master’s thesis “Analysis of the OpenPGP Specifications and Usage” which was done under the joint supervision of Professor Kenny Paterson from the Applied Cryptography Group and Daniel Huigens from ProtonMail. Her thesis provides a detailed evaluation of the security of the OpenPGP standard in modern deployment scenarios (e.g. cloud-based email providers and proxy remailers). Lara found multiple cryptographic vulnerabilities in the standard itself and in implementations of it. The work has been presented at the IETF and several vendors have updated their software in response to Lara’s findings.

16.3.2021

Lara Bruseghini presents her Master’s thesis research to the IETF

Former Applied Cryptography Group Master’s thesis student Lara Bruseghini presented her thesis results analysing the OpenPGP specification to the OpenPGP Working Group of the Internet Engineering Task Force (IETF) on Thursday 11th March 2021. Lara’s work shows how key over-writing attacks against OpenPGP implementations become possible in modern deployment scenarios. This class of attack is very powerful, since it results in recovery of users’ private keys. Several OpenPGP libraries and applications have already patched against the attacks. Lara did her Master’s thesis “in industry” with ProtonMail and recently joined them as a security engineer. For external pagemore details of the workcall_made.

16.3.2021

Felix Günther will present some of his recent work on cryptographic parameter selection in Internet security protocols like TLS 1.3 and QUIC in the external pageMIT CSAIL security seminarcall_made this Thursday, March 18, 2021.

15.3.2021

Alexander Viand's SoK paper on Fully Homomorphic Encryption Compilers, i.e. tools that help lower barriers of entry in FHE for non-expert developers, has been accepted at external pageIEEE Security & Privacy (Oakland)call_made. You can watch the teaser video below and check out the external pagepreprintcall_made.
 

8.3.2021

We are excited to announce that our doctoral student, Varun Maram, will be joining external pageVisa Researchcall_made this summer as a PhD intern.