This project focuses on protecting the identities of the recipients in content distribution scenarios. A common cryptographic tool for secure multi-recipient data distribution is broadcast encryption. In the standard setting of broadcast encryption, information about the recipients is transmitted as part of the ciphertext, and is thus readily obtained even by a passive eavesdropper. This project investigates techniques tailored for scenarios where the identities of the users authorized to access the content may be as sensitive as the content itself.
Is it possible to delegate the processing of your data to a party you don't completely trust? What if you do not want to give full access to your data to such party? Or what if the computation you delegate is so sensitive that you must make sure the result is correct, but must do so using only very limited computational resources (which is the reason you delegated the computation in the first place)? These questions are acquiring a particularly urgent importance today as we move towards widespread acceptance of cloud computing, a paradigm where businesses buy computing time from a service, rather than maintain their own resources. These issues also arise from the proliferation of mobile devices, which might outsource computationally intensive operation they are not able to perform on their own. Group members are pursuing a research program to explore cryptographic techniques, algorithms and protocols needed in the design of secure outsourced computation mechanisms, focusing in particular on the following crucial questions: Can one efficiently verify the result of the computation performed by a provider; and, can one efficiently verify the integrity of data stored by a provider?
How can you authenticate to a third party in a way that protects your privacy, i.e. prevents the other person to disclose you are communicating with him/her? How can you create "off-the-record" secure communication over the Internet? Group members have been active in designing and implementing protocols for anonymous and deniable electronic communication.
The goal of this project is to establish a framework to formulate computational problems from combinatorial group-theory that are suitable for cryptographic applications. An essential aspect of this framework is its amenability to the provable security approach. This trait differentiates our work from other proposals of group-theoretic platforms for cryptographic applications. For instance, whereas earlier approaches employed infinite groups without putting forth the necessary protocols for efficient sampling of the underlying distributions, our framework has a solid probabilistic modelling component. A further aim of this project is the investigation of efficient cryptographic primitives and protocols based on the conjectured hardness of the group-theoretic computational problems that arise from our framework.