[Pearg] Fwd: [Busec] Virtual BUsec seminar Wed 9/30 at 9:45 am: Sarah Scheffler, "Protecting Cryptography from Self-Incrimination"

"David R. Oran" <daveoran@orandom.net> Sat, 26 September 2020 14:11 UTC

Return-Path: <daveoran@orandom.net>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5576F3A09DB for <pearg@ietfa.amsl.com>; Sat, 26 Sep 2020 07:11:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id Ts3xf7ZD8V5B for <pearg@ietfa.amsl.com>; Sat, 26 Sep 2020 07:11:36 -0700 (PDT)
Received: from spark.crystalorb.net (spark.crystalorb.net [IPv6:2607:fca8:1530::c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C23E63A09D9 for <Pearg@irtf.org>; Sat, 26 Sep 2020 07:11:36 -0700 (PDT)
Received: from [] ([IPv6:2601:184:407f:80ce:6537:41ab:2cda:a991]) (authenticated bits=0) by spark.crystalorb.net (8.14.4/8.14.4/Debian-4+deb7u1) with ESMTP id 08QEBWN0005029 (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256 verify=NO) for <Pearg@irtf.org>; Sat, 26 Sep 2020 07:11:34 -0700
From: "David R. Oran" <daveoran@orandom.net>
To: Pearg@irtf.org
Date: Sat, 26 Sep 2020 10:11:26 -0400
X-Mailer: MailMate (1.13.2r5721)
Message-ID: <6362EFFB-0BA4-48C6-B97B-8737A1321F79@orandom.net>
References: <CAH_gZeGkab3No2VrJMb9rK6xM7JU=TGBoCDA_ooXkEPZ2Q3i1g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_MailMate_4BF210F7-CAED-4A0B-AA9B-AD373C6F6FF0_="
Embedded-HTML: [{"plain":[325, 2318], "uuid":"9084605A-6D4E-43EC-B9A9-FC32CAF1372A"}]
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/lKiz5jQbmxgC33c6Iciuki0ssIg>
Subject: [Pearg] Fwd: [Busec] Virtual BUsec seminar Wed 9/30 at 9:45 am: Sarah Scheffler, "Protecting Cryptography from Self-Incrimination"
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Sep 2020 14:11:38 -0000

This work might be of interest to the PEARG community.


Forwarded message:

> From: Sarah Scheffler <sscheff@bu.edu>
> To: busec <busec@cs.bu.edu>
> Subject: [Busec] Virtual BUsec seminar Wed 9/30 at 9:45 am: Sarah 
> Scheffler, "Protecting Cryptography from Self-Incrimination"
> Date: Fri, 25 Sep 2020 10:26:53 -0600
> *Date/time: *Wed 9/30 at 9:45am ET
> *Zoom link: *
> https://bostonu.zoom.us/j/222968851?pwd=RTBhSnVnbDhqbnFrMWRSeVU1alYyUT09
> *Meeting ID: *222 968 851
> *Password: *115101
> -
> *Speaker: *Sarah Scheffler
> *Title: *"Protecting Cryptography from Self-Incrimination"
> *Abstract: *
> The information security community has devoted substantial effort to 
> the
> design, development, and universal deployment of strong encryption 
> schemes
> that withstand search and seizure by computationally-powerful 
> nation-state
> adversaries. In response, governments are increasingly turning to a
> different tactic: issuing subpoenas that compel people to decrypt 
> devices
> themselves, under the penalty of contempt of court if they do not 
> comply.
> Compelled decryption subpoenas sidestep questions around government 
> search
> powers that have dominated the Crypto Wars and instead touch upon a
> different (and still unsettled) area of the law: how encryption 
> relates to
> a person's right to silence and against self-incrimination.
> In this work, we provide a rigorous, composable definition of a 
> critical
> piece of the law that determines whether cryptosystems are vulnerable 
> to
> government compelled disclosure in the United States. We justify our
> definition by showing that it is consistent with prior court cases. We
> prove that decryption is often not compellable by the government under 
> our
> definition. Conversely, we show that many techniques that bolster 
> security
> overall can leave one more vulnerable to compelled disclosure.
> As a result, we initiate the study of protecting cryptographic 
> protocols
> against the threat of future compelled disclosure. We find that secure
> multi-party computation is particularly vulnerable to this threat, and 
> we
> design and implement new schemes that are provably resilient in the 
> face of
> government compelled disclosure. We believe this work should influence 
> the
> design of future cryptographic primitives and contribute toward the 
> legal
> debates over the constitutionality of compelled decryption.
> *Bio:*
> Sarah is a fifth-year PhD student in the crypto/security group at 
> Boston
> University, advised by Prof. Mayank Varia. Her research examines 
> topics in
> the intersection of law and cryptography, as well as zero-knowledge 
> and
> secure messaging.

> _______________________________________________
> Busec mailing list
> Busec@cs-mailman.bu.edu
> https://cs-mailman.bu.edu/mailman/listinfo/busec