International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Haya Shulman

Publications

Year
Venue
Title
2016
CRYPTO
2010
EPRINT
Robust Combiner for Obfuscators
Amir Herzberg Haya Shulman
Practical software hardening schemes are heuristic and are not proven to be secure. One technique to enhance security is {\em robust combiners}. An algorithm $C$ is a robust combiner for specification $S$, e.g., privacy, if for any two implementations $X$ and $Y$, of a cryptographic scheme, the combined scheme $C(X,Y)$ satisfies $S$ provided {\em either} $X$ {\em or} $Y$ satisfy $S$. We present the first robust combiner for software hardening, specifically for obfuscation \cite{barak:obfuscation}. Obfuscators are software hardening techniques that are employed to protect execution of programs in remote, hostile environment. Obfuscators protect the code (and secret data) of the program that is sent to the remote host for execution. Robust combiners are particularly important for software hardening, where there is no standard whose security is established. In addition, robust combiners for software hardening are interesting from software engineering perspective since they introduce new techniques of software only fault tolerance.
2010
EPRINT
Secure Guaranteed Computation
Amir Herzberg Haya Shulman
We introduce secure committed computation, where n parties commit in advance to compute a function over their private inputs; we focus on two party computations (n = 2). In committed computation, parties initially commit to the computation by providing some (validated) compensation, such that if a party fails to provide an appropriate input during protocol execution, then the peer receives the compensation. Enforcement of the commitments requires a trusted enforcement authority (TEA); however, the protocol protects confidentiality even from the TEA. Secure committed computation has direct practical applications, such as sensitive trading of financial products, and could also be used as a building block to motivate parties to complete protocols, e.g., ensuring unbiased coin tossing. The commitment can be either symmetric (both parties commit) or asymmetric (e.g., only a server commits to a client). Symmetric commitment should also be fair, i.e., one party cannot obtain commitment by the other party without committing as well. Our secure committed computation protocols are optimistic, i.e., the TEA is involved only if and when a party fails to participate (correctly). The protocols we present use two new building blocks, which may be of independent interest. The first is a protocol for optimistic fair secure computation, which is simpler and more efficient than previously known. The second is a protocol for two party computation secure against malicious participants, which is simple and efficient, and relies on a weakly-trusted third party. This protocol can be useful where a trusted third party is unavoidable, e.g., in secure committed or fair computation protocols.
2008
EPRINT
Towards a Theory of White-Box Security
Program hardening for secure execution in remote untrusted environment is an important yet elusive goal of security, with numerous attempts and efforts of the research community to produce secure solutions. Obfuscation is the prevailing practical technique employed to tackle this issue. Unfortunately, no provably secure obfuscation techniques currently exist. Moreover, Barak et al., showed that not all programs can be obfuscated. We present a rigorous approach to {\em program hardening}, based on a new white box primitive, the {\em White Box Remote Program Execution (WBRPE)}, whose security specifications include confidentiality and integrity of both the local and the remote hosts. We then show how the {\em WBRPE} can be used to address the needs of a wide range of applications, e.g. grid computing and mobile agents. Next, we construct a specific program and show that if there exists a secure {\em WBRPE} for that program, then there is a secure {\em WBRPE} for {\em any} program, reducing its security to the underlying {\em WBRPE} primitive. This reduction among two white box primitives introduces new techniques that employ program manipulation.
2008
EPRINT
Robust Combiners for White-Box Security
Amir Herzberg Haya Shulman
{\em White-box} security techniques are employed to protect programs so that they can be executed securely in untrusted environments, e.g. for copyright protection. We present the first robust combiner for white-box primitive, specifically for {\em White-Box Remote Program Execution (WBRPE)} schemes. The {\em WBRPE} combiner takes two input candidate {\em WBRPE} schemes, $W'$ and $W''$, and outputs a third candidate $W=W'\circ W''$. The combiner is $(1,2)$-{\em robust}, namely, $W$ is secure as long as either $W'$ or $W''$ is secure. The security of the combined scheme is established by presenting a reduction to the security of the white-box candidates. %The combiner employs new techniques of code manipulation, which can be used by other {\em white-box} constructions. The {\em WBRPE} combiner is interesting since it presents new techniques of code manipulation, and in addition it provides both properties of confidentiality and authentication, even though it is a $(1,2)$-robust combiner. Robust combiners are particularly important for {\em white-box} security, since no secure candidates are known to exist. Furthermore, robust combiners for white-box primitives, are interesting since they introduce new techniques of reductions.