Title: Threshold Public-Key Cryptography
Speaker: David Pointcheval Ecole Normale Supérieure, Paris, France
Time: 2008-10-29 14:00-2008-10-29 15:00
Venue: FIT Building 4-603, Tsinghua University
Download: Click!


PT/hreshold public-key cryptography/ allows to distribute the power to execute a private operation (decryption or signature) among a pool of players: if a given threshold of authorized players cooperate the operation is possible. In this talk, I will review this setting and especially for encryption, and extend it to the dynamic case, where any user can /dynamically /join the system, as a possible recipient; the sender can /dynamically /choose the authorized set of recipients, for each ciphertext; and the sender can /dynamically/ set the threshold /t/ for decryption capability among the authorized set. I will first present a formal security model, which includes strong robustness notions, and then propose a candidate achieving all the above dynamic properties, that is semantically secure in the standard model, under a new non-interactive assumption, that fits into the general Diffie-Hellman exponent framework on groups with a bilinear map. It furthermore compares favorably with previous proposals, /a.k.a./ threshold broadcast encryption, since this is the first threshold public-key encryption, with dynamic authorized set of recipients and dynamic threshold that provides constant-size ciphertexts. This is a joint work with Cécile Delerablée.


Short Bio:

David Pointcheval obtained his PhD in Computer Science from ENS in 1996. Since 1998, he has been a CNRS researcher, in the Computer Science Department at Ecole Normale Supérieure, Paris, France, in the Cryptography Team, that he leads since 2005. His research focuses on provable security of cryptographic primitives and protocols. He is an author of more than 100 international conference papers, and an inventor of 11 patents. He has served on the program committees of several international conferences, including Crypto, Eurocrypt, Asiacrypt and PKC, and was program chair for the Cryptographers' Track at the RSA Conference 2006 and for the 5th International Conference Cryptology and Network Security(CANS 2007). He will chair the program committee of the next International Conference on Applied Cryptography and Network Security (ACNS 2009) in Paris.