Explore the intricacies of modern cryptography and security proofs in this 59-minute conference talk from the 35th Chaos Communication Congress. Delve into the world of provable security, examining its benefits and limitations. Learn how secure primitives like AES or RSA don't always guarantee end-to-end security, and understand why recent attacks like KRACK and ROBOT continue to emerge. Investigate the challenges of proving protocol security, including the need for assumptions, formal definitions of security, and the potential necessity of backdoors. Analyze the concept of semantic security, IND-CPA, and proofs by reduction. Examine the problems with random oracle models and explore alternatives like the Universal Composability framework and the Common Reference String Model. Gain insights into commitment schemes and their security proofs. By the end of this talk, develop a deeper understanding of the complexities involved in cryptographic security and the ongoing challenges faced by researchers and practitioners in the field.
Overview
Syllabus
Intro
Motivation: Meaning of security
Motivation: Security depends on the context
Motivation: Use primitives right
Why unconditional proofs are implausible
Semantic Security and IND-CPA
Proofs by reduction
What did we gain?
Problem: Random oracles are no valid abstraction
Avoiding the Random Oracle Model
A commitment scheme
UC - Universal composability
The Common Reference String Model
A secure Commitment Scheme
Proof sketch
Backdoors to the Rescue!
Too long. didn't watch
Bonus-Slide: Security-Levels
Taught by
media.ccc.de
