Bilkent University
Department of Computer Engineering
S E M I N A R

 

Efficient Cryptography for the Next Generation Secure Cloud

 

Asst. Prof. Dr. Alptekin Küpçü

Koç University

Peer-to-peer (P2P) systems, and client-server type storage and computation outsourcing constitute some of the major applications that the next generation cloud schemes will address. Since these applications are just emerging, it is the perfect time to design them with security and privacy in mind. Furthermore, considering the high-churn characteristics of such systems, the cryptographic protocols employed must be efficient and scalable.

In this talk, I will focus on an efficient and scalable fair exchange protocol that can be used for exchanging files between participants of a P2P file sharing system. It has been shown that fair exchange cannot be done without a trusted third party (called the Arbiter). Yet, even with a trusted Arbiter, it is still non-trivial to come up with an efficient solution, especially one that can be used in a P2P file sharing system with a high volume of data exchanged. Our protocol is optimistic, removing the need for the Arbiter's involvement unless a dispute occurs. While the previous solutions employ costly cryptographic primitives for every file or block exchanged, our protocol employs them only once per peer, therefore achieving O(n) efficiency improvement when n blocks are exchanged between two peers. In practice, this corresponds to one-two orders of magnitude improvement in terms of both computation and communication (42 minutes vs. 40 seconds, 225 MB vs. 1.8 MB). Thus, for the first time, a provably secure (and privacy respecting when payments are made using e-cash) fair exchange protocol is being used in real bartering applications (e.g., BitTorrent) without sacrificing performance.

Finally, if time permits, I will briefly mention some of our other results on cloud security including ways to securely outsource computation and storage to untrusted entities, official arbitration in the cloud, impossibility results on distributing the Arbiter, keeping the user passwords safe, and the Brownie Cashlib cryptographic library including ZKPDL zero-knowledge proof description language we have developed. I will also be available to talk on these other projects after the presentation.

Bio: Alptekin Küpçü has received his B.S. degree from Bilkent University in 2004, and his Ph.D. degree from Brown University Computer Science Department in 2010. Since then, he has been working as an assistant professor at Koç University College of Engineering, and leading the Cryptography, Security & Privacy Research Group he has founded. His research mainly focuses on applied cryptography, and its intersection with cloud security, privacy, peer-to-peer networks, and mechanism design. He has also led the development of the Brownie Cashlib cryptographic library, which is available as open source online. Dr. Küpçü has various accomplishments including 2 patents pending, and has been part of 6 funded research projects up to now, for 4 of which he was the principal investigator. For more information, visit http://crypto.ku.edu.tr

 

DATE: 11 October, 2012, Thursday @ 11:40
PLACE: EA-202