• Publications
  • Influence
Rational Protocol Design: Cryptography against Incentive-Driven Adversaries
This work considers a two-party game between an protocol designer and an external attacker to modeling a protocol under attack from an external entity, and demonstrates how knowledge of the attacker's incentives can be used to circumvent known impossibility results in this setting.
Causal Boxes: Quantum Information-Processing Systems Closed Under Composition
By instantiating the abstract cryptography framework with causal boxes, this work obtains the first composable security framework that can handle arbitrary quantum protocols and relativistic protocols.
Universally Composable Synchronous Computation
It is shown that the expected guarantees of synchronous computation can be achieved given functionalities exactly meant to model, respectively, bounded-delay networks and loosely synchronized clocks, and that previous similar models can all be expressed within this new framework.
The Multi-user Security of Authenticated Encryption: AES-GCM in TLS 1.3
We initiate the study of multi-user mu security of authenticated encryption AE schemes as a way to rigorously formulate, and answer, questions about the "randomized nonce" mechanism proposed for the
On the soundness of authenticate-then-encrypt: formalizing the malleability of symmetric encryption
This work proposes the first systematic analysis of malleability for symmetric encryption, which allows for a generic condition on encryption schemes to be sufficient for AtE, and shows that the schemes used in TLS satisfy the condition.
Updatable Encryption with Post-Compromise Security
An updatable encryption scheme allows to periodically rotate the encryption key and move already existing ciphertexts from the old to the new key, particularly useful in settings where encrypted data is outsourced, e.g., stored on a cloud server.
Asymmetric Distributed Trust
Asymmetric Byzantine quorum systems that model subjective trust are introduced and protocols that implement abstractions of shared memory and broadcast primitives with processes prone to Byzantine faults and asymmetric trust are presented.
From Single-Bit to Multi-bit Public-Key Encryption via Non-malleable Codes
One approach towards basing public-key encryption (PKE) schemes on weak and credible assumptions is to build “stronger” or more general schemes generically from “weaker” or more restricted ones. One
Nonce-Based Cryptography: Retaining Security When Randomness Fails
We take nonce-based cryptography beyond symmetric encryption, developing it as a broad and practical way to mitigate damage caused by failures in randomness, whether inadvertent bugs or malicious
(De-)Constructing TLS 1.3
This work exemplifies a novel approach towards proving the security of complex protocols by a modular, step-by-step decomposition, in which smaller sub-steps are proved in isolation and then theSecurity of the protocol follows by the composition theorem.