International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Thomas Ristenpart

Publications

Year
Venue
Title
2022
EUROCRYPT
A Fast and Simple Partially Oblivious PRF, with Applications 📺
We build the first construction of a partially oblivious pseudorandom function (POPRF) that does not rely on bilinear pairings. Our construction can be viewed as combining elements of the 2HashDH OPRF of Jarecki, Kiayias, and Krawczyk with the Dodis-Yampolskiy PRF. We analyze our POPRF’s security in the random oracle model via reduction to a new one-more gap strong Diffie-Hellman inversion assumption. The most significant technical challenge is establishing confidence in the new assumption, which requires new proof techniques that enable us to show that its hardness is implied by the q-DL assumption in the algebraic group model. Our new construction is as fast as the current, standards-track OPRF 2HashDH protocol, yet provides a new degree of flexibility useful in a variety of applications. We show how POPRFs can be used to prevent token hoarding attacks against Privacy Pass, reduce key management complexity in the OPAQUE password authenticated key exchange protocol, and ensure stronger security for password breach alerting services.
2019
CRYPTO
Asymmetric Message Franking: Content Moderation for Metadata-Private End-to-End Encryption 📺
Content moderation is crucial for stopping abusive and harassing messages in online platforms. Existing moderation mechanisms, such as message franking, require platform providers to be able to associate user identifiers to encrypted messages. These mechanisms fail in metadata-private messaging systems, such as Signal, where users can hide their identities from platform providers. The key technical challenge preventing moderation is achieving cryptographic accountability while preserving deniability.In this work, we resolve this tension with a new cryptographic primitive: asymmetric message franking (AMF) schemes. We define strong security notions for AMF schemes, including the first formal treatment of deniability in moderation settings. We then construct, analyze, and implement an AMF scheme that is fast enough to use for content moderation of metadata-private messaging.
2018
CRYPTO
Fast Message Franking: From Invisible Salamanders to Encryptment 📺
Message franking enables cryptographically verifiable reporting of abusive messages in end-to-end encrypted messaging. Grubbs, Lu, and Ristenpart recently formalized the needed underlying primitive, what they call compactly committing authenticated encryption (AE), and analyze security of a number of approaches. But all known secure schemes are still slow compared to the fastest standard AE schemes. For this reason Facebook Messenger uses AES-GCM for franking of attachments such as images or videos.We show how to break Facebook’s attachment franking scheme: a malicious user can send an objectionable image to a recipient but that recipient cannot report it as abuse. The core problem stems from use of fast but non-committing AE, and so we build the fastest compactly committing AE schemes to date. To do so we introduce a new primitive, called encryptment, which captures the essential properties needed. We prove that, unfortunately, schemes with performance profile similar to AES-GCM won’t work. Instead, we show how to efficiently transform Merkle-Damgärd-style hash functions into secure encryptments, and how to efficiently build compactly committing AE from encryptment. Ultimately our main construction allows franking using just a single computation of SHA-256 or SHA-3. Encryptment proves useful for a variety of other applications, such as remotely keyed AE and concealments, and our results imply the first single-pass schemes in these settings as well.
2017
EUROCRYPT
2017
CRYPTO
2017
CRYPTO
2017
CRYPTO
2016
EUROCRYPT
2015
EUROCRYPT
2014
EUROCRYPT
2014
FSE
2013
CRYPTO
2013
EUROCRYPT
2012
TCC
2012
CRYPTO
2012
CRYPTO
2011
EUROCRYPT
2011
ASIACRYPT
2010
ASIACRYPT
2009
ASIACRYPT
2009
EUROCRYPT
2009
EUROCRYPT
2008
CRYPTO
2007
ASIACRYPT
2007
EUROCRYPT
2007
FSE
2006
ASIACRYPT

Program Committees

Crypto 2020 (Program chair)
Eurocrypt 2018
Eurocrypt 2016
Eurocrypt 2014
Crypto 2013
Eurocrypt 2012
FSE 2010
FSE 2009