In blockchain space, we should only solve the consensus/state-machine-replication problem if we really have to! It is expensive w.r.t. communication & makes strong network/adversary assumptions for crypto-economic security. (See recent awesome work ) [1/n]
got promoted to be an Associate Prof. Truly an important milestone in my career.
Thanks to my family, students, advisor (Ian Goldberg), co-authors, colleagues
@PurdueCS
, and many supporters in the infosec community.
Our paper 'More is Merrier: Relax the Non-Collusion Assumption in Multi-Server PIR' () led by
@esnie17
got accepted to IEEE S&P 2024 recently.
(w/ Ryan Hnery, n Alex Psomas) The journey of this paper has been long and is indeed worth sharing. [1/n]
Byzantine/malicious failures are rare in distributed environments; however, as a result, I find many inaccurate models have emerged especially for multi-service organizations and it is worth (re-)thinking about security here. [1/4]
While distributed computing & applied crypto researchers are making waves in the thriving blockchain industry, the CS academia (the US and a few other countries) still doesn't particularly look for candidates who claim blockchain as their area of research.
What can we do?
Even the best possible (in the practical sense) application-level anonymity using ZK proofs cannot overcome network-level issues. We need network-level anonymity in tandem.
If your privacy model has a medium anonymity set, it really has a small anonymity set. If your privacy model has a small anonymity set, it has an anonymity set of 1. Only global anonymity sets (eg. as done with ZK-SNARKs) are truly robustly secure.
Hey
@decredproject
just saw that you used employed Dicemix/coinshuffle++. Always happy to hear when our tech gets used. You should also read our latest work on scaling Dicemix.
We have passed 500 registrations for
#realworldcrypto
2021. Don't forget to check out the growing list of affiliated events: (some require advance registration).
Congratulations to Dr
@Easwar_Vivek
on a successful Ph.D. defense. Title: Realizing Information Escrows and Efficient Key Management using Threshold Cryptography
Some thinking on (blockchain) Oracles:
#BlockchainOracles
primarily offer data (such as exchange rates) from the outside world (Web2) to blockchain smart contracts (Web3). [1/n]
Introducing Reparo ()
a publicly verifiable layer on top of any blockchain to perform repairs, ranging from fixing buggy contracts to removing illicit contents
While that happens, the faculty candidate in the blockchain area should be ready to demonstrate that
"Even if blockchain disappears tomorrow (not going to happen), your research in distributed computing, cryptography, & game theory is still valuable to computing in general."
An observation about the constant-size polynomial commitments [Asiacrypt'10] (aka KZG) that is relevant for threshold crypto at least: a committer/dealer can precompute commitment C (except 1 exponentiation & 1 multiplication) and all witnesses without knowing the secret s [1/n]
My talk () on building MPC or privacy-preserving computation securely over blockchain from
@d_InfraSummit
#ETHDenver2024
Thanks to
@d_InfraSummit
for great organization and content generation.
Class groups (i.e., ideal class groups of imaginary quadratic fields) have found a few interesting applications in threshold crypto, MPC, & fairness.
While it is a problem with a long history, we still do not want good implementation. And, we need them. [1/2]
I ran my computer security (cs426) undergrad course completely online this semester. It was a mixture of synchronous/asynchronous teaching. Here, is what I learned. [1/n]
Formally verified blockchain consensus!
@80Raghavendra
will be presenting formal verification of
@Supra
#Moonshot
at Workshop on Formal Methods for Blockchains ()
@buywinrar
@SUPRA_Labs
For randomness: The underlying distributed VRF ensures that an observer (without knowing the VRF secret key) cannot distinguish dVRF output from randoms.
Unlike VRF services, for Supra dVRF, no single party knows the secret key; thus, the output is unbiased & unpredictable.
Congratulations to Mohsen for successfully defending his PhD thesis. Special recognition for his perseverance while working on the challenging problem of deletion privacy. Cheers!!
#ProudAdvisor
(Online) Workshop on Blockchains + Trusted Execution Environments () on coming Monday & Tuesday (April 3rd and 4th). Check out an awesome program at
w/
@kartik1507
@ittaia
great to hear
@helium
() &
@poanetwork
() are building (dealer-less) distributed key generation (DKG) based on my thesis work
Code works & I am happy to clarify doubts. Just avoid the Synchrony Assumption!
Program for the Workshop on Decentralized Credit Networks (DCN) is ready.
looking forward to welcoming and listening to exciting speakers from the industry and academia.
Co-organized w/
@socrates1024
Announcing "Decentralized Credit Networks" a new workshop October 26th at AFT in New Jersey this year:
Co-organized with Aniket Kate
@aniketpkate
See our call for contributed talks
@Easwar_Vivek
4. [ICDCS 2023] In two weeks,
@sbjoshi
will present DORA ().
DORA is an async (decentralized) blockchain oracle tolerating up to 50% Byzantine oracle nodes! The protocol is simple in the SMR-based model and is already in production at
@SupraOracles
[5/5]
One of the key thing I miss during this pandemic is visiting my students/lab, especially after a brutal rejection. I find that to be a very good way to stop thinking about it
and recharge.
had so much difficulty in publishing my verifiable secret sharing, threshold crypto papers at top venues that I gave it up after my post-doc days. It is becoming hot now in the blockchain context, and prominent groups are writing papers on those. It's time to revisit my old notes
Looking forward to the exciting next three days in Denver
#ETHDenver
. I will speak at the following events and hope to meet and interact with blockchain researchers and developers...
at time feel a bit envy of blockchain academics with US/EU passports, who can just pack their bags and go anywhere to talk about their work. I had to say 'No' for a few invitations this year as I just can't find those 2-3 spares days required to get on those visas
#cryptotourism
leaving
@IEEESSP
after exciting 3 days: Nice to meet old friends & made many new connections.
@zhtluo
presented attacking & improving Tor Directory Authority
@esnie17
presented mitigating Non-Collusion Assumption with game theory
Our work "Flexible Signatures" is accepted to appear at ESORICS'19
#esorics19
w/ Duc V. Le
We ask why the cryptographic primitives can't have confidence level similar ML.
1. [Euro S&P 2023] Albert Yu presented SIM () an efficient MPC for Secure Comparison operation.
We reduce the online computation to a simple table lookup by making Ishai et al [TCC'13] practical. [2/5]
💫 We're thrilled to announce
@aniketpkate
,
@PurdueCS
Professor and
@SupraOracles
Chief Research Officer, joins us to discuss building threshold cryptosystems & MPC applications.
Event Details here:
Tokens like
#XRP
are not necessary for IOU credit networks. We will continue to work towards demonstrating that at However, I do remember Keynes: "The market can remain irrational longer than you can remain solvent."
Jeremiah Blocki, Christina Garman
@CryptoGPS
, Hemanta K. Maji and I are looking for postdocs/visitors working on applied cryptography, MPC, or/and secure distributed systems at
@PurdueCS
. Check out our posting at
No need to execute blockchains transactions in order () In an early draft
@esnie17
offers a market design towards mitigating general order manipulations. Comments/suggestions?
Beyond grants that only help established faculty members, the blockchain industry should start creating endowed positions in the universities. Once there is money, the universities will happily hire people to train the next generation of blockchain developers.
Call: IEEE Computer Security Foundations (CSF) has a blockchain track ()
If you couldn't manage to get somebody ready for CCS, CSF can be interested in those submissions. Check out the call.
When I talk to people trying to build blockchain-based distributed solution, I find a general lack understanding of privacy implications with an open ledger.
#blockchain
#privacymatters
3. [CSF 2023] Again, next week,
@Easwar_Vivek
will present collusion-deterrent escrow (). In gist, combining oblivious transfer, robust bit watermarking, & MPC, we ensure that rational agents will collude to decrypt the escrowed data prematurely. [4/5]
I will be in the Bay Area on Sunday, May 19 before attending IEEE S&P'24 from Monday. I will have several free hours on Sunday and will be happy to meet. Please ping to connect.
2. [PETS 2023] Next week, Donghang Lu will present RPM (). He observed that anonymous broadcast can be much simple by generating a random permutation matrix in an MPC fashion.
Check out how we make it scale for >100K using Hastad's square networks. [3/5]
⚡ Want to get some of the industry's best insider alpha-- and learn about the shifts that could revolutionize blockchain forever? 📈🔥
Our exclusive webinar starts in just 2 days 😎
Sign up now: ⬇️
Towards a Tokenless IOU Credit Network Realization in Ethereum
Comments/suggestions most welcome (check out details)
#ETHEREUM
#Ripple
#IOU
w/
@pedrorechez
, Adithya Bhat
Chandrayaan-3 Mission:
'India🇮🇳,
I reached my destination
and you too!'
: Chandrayaan-3
Chandrayaan-3 has successfully
soft-landed on the moon 🌖!.
Congratulations, India🇮🇳!
#Chandrayaan_3
#Ch3
"Efficient Non-Interactive Zero-Knowledge Proofs in Cross-Domains without Trusted Setup" (offering a different trade-off between the proof size and the running time) by Ivan Pryvalov and other of us
#PKC2019
A revised, extended version of our Anonnymity Trilemma paper from
@IEEESSP
2018:
w/
@tutaidas
@SebastianMeiser
& Esfandiar Mohammadi. Comments, thought for future work most welcomed.