CIDEC    
ÜIK
Estonian Winter Schools in Computer Science    
Eesti arvutiteaduse talvekoolid
EWSCS 2001
EATTK 2001

Prof. Phillip Rogaway

University of California at Davis (USA)
Chiang Mai University (Thailand)

Using Provable Security to Design Practical Cryptographic Protocols

Abstract

The provable-security approach to cryptography began in the early 1980s, largely with the work of Goldwasser and Micali. Under this approach you rigorously define your cryptographic goal, give a protocol which aims to achieve it, and then prove that your protocol works. The proof takes the form of a reduction. A reduction shows that your protocol meets its goal as long as some OTHER protocol meets its (also well-defined) goal.

The provable-security approach has had a profound impact on cryptographic theory, but its impact on cryptographic practice has, until recently, been disappointing. This has now changed. In this series of lectures I'll talk about how provable-security has become a powerful tool for the design of efficient protocols. We'll look at encryption, message authentication, and key distribution, seeing how provable-security has given rise to protocols which are often simpler, faster, and have better security guarantees than what ad. hoc. practice had been able to deliver.


Materials


About the Speaker

Phillip Rogaway completed his Ph.D. in 1991 at MIT. There he was the student of Silvio Micali. Phil's undergraduate degree is from UC Berkeley, where Manuel Blum interested him to computer science. Phil is an Associate Professor in the Department of Computer Science at the University of California, Davis. He also has an appointment at Chiang Mai University, in the Department of Computer Science, Faculty of Science. Phil's main interest is in cryptography. After studying quite theoretical matters as a graduate student, Phil worked for three years at IBM as a security architect. There he began a research program aimed at transforming the provable-security paradigm into a useful tool for the design of practical, high-assurance cryptographic protocols.

E-mail: rogaway@cs.ucdavis.edu
URL: www.cs.ucdavis.edu/~rogaway

01/03/2001 monika@cs.ioc.ee