This talk is part of the 1-day conference CRYPTO DAY:

http://www.math.uci.edu/~asilverb/CryptoDayNovember2016.html

This talk is part of the 1-day conference CRYPTO DAY:

http://www.math.uci.edu/~asilverb/CryptoDayNovember2016.html

In this talk I will survey some of the cryptosystems based on group theoretic problems and their computational complexity such as Conjugacy, Membership, Endomorphism, Word, Twisted Conjugacy, and Geodesic Length Problems. I will speak about some non-abelian groups that have been proposed as platforms for such cryptosystems: Braid, Polycyclic, Metabelian, Grigorchuk, Thompson, Matrix, Hyperbolic, Small Cancellation, right angled Artin Groups and free nilpotent p-groups. The focus of the talk will be on infinite polycyclic group-based cryptosystems as well as a cryptosystem based on semidirect product of (semi)-groups. The latter is a joint work with V. Shpilrain. There will be open problems related to both computational complexity of group theoretic problems and cryptographic problems that I will mention at the end of the talk. The talk will be accessible to graduate students in computer science and mathematics.

 Schedule:

 9:00-10:00    Stanislaw Jarecki (UCI), Secure Computation and Oblivious Random Memory

Abstract: We will give an overview of the central cryptographic concept of secure multi-party computation, i.e., of protocols that allow participating parties to perform any computation on their joint data in a way which outputs only the final computation result and hides everything else about the input data.  We will explain the role of Oblivious Random Memory protocols in enabling secure computation on large data, and we will show some recent work and research problems in this area.

10:00-10:30   Refreshments

10:30-11:30   Stanislaw Jarecki (UCI), Covert Computation

Abstract: A notion of covert computation is a variant of secure computation whose goal is to assure that the participants in the computation not only do not learn anything about each other's data except for the final output, but also, unless this final computation output is "favorable" in some way, protocol participants cannot distinguish each other from random noise beacons. In this way no party can even tell if anyone else participates in the computation, except when the final computation output reveals it to them.  For example, covert authentication allows participants to authenticate each other without letting anyone else know that an authentication has taken place.  We will explain the challenges covert computation poses and show some recent work in this area.

 1:00-2:00     Amit Sahai (UCLA), Tutorial on Indistinguishability Obfuscation, Part 1

 2:00-3:00     Refreshments

 3:00-4:00    Amit Sahai (UCLA), Tutorial on Indistinguishability Obfuscation, Part 2