2:30-3:30 pm

Room 3305, CUNY Graduate Center

365 Fifth Avenue at 34th Street

**September 12, Graduate Center**: Kurt Rohloff (New Jersey Institute
of Technology), *Towards Practical Implementations of Fully Homomorphic Encryption*

**Abstract: ** One of the first major breakthroughs of computer science in the 21st century is the
demonstration of public-key Fully Homomorphic Encryption (FHE). Unfortunately, FHE was not practical when it
was discovered - it was several orders of magnitude too inefficient to be economically feasible. In this talk
we will discuss how we have been accelerating the development of practical implementations of Fully
Homomorphic Encryption (FHE). For the past three years, our team has succeeded in accelerating various aspects
of the FHE implementation resulting in implementations of FHE schemes that have achieved multiple orders of
magnitude improvement in computation. Further means of parallel software and hardware acceleration, such as
for multicore and FPGA hardware, can improve the speed of computation even further by several additional
orders of magnitude. This talk will review our advances in FHE, from theory, implementation and application
perspectives. We discuss our design and implementations of cryptographic primitives and that can make
efficient use of multi/many-core and parallel computing capabilities in both software and hardware. We also
discuss ours plan to continue this research that will enable practical secure out-sourced computation for
specific application domains, such as to support homomorphic encryption in resource-limited environments such
as on smartphones.

**October 10, Graduate Center**: Bren Cavallo (CUNY Graduate Center),
* Decoy-Based Secure Delegation of Computation, With Application to RSA. *

**Abstract: ** In this talk, I will introduce a method of secure delegation of computation where the
security is not based on any computational assumptions, but rather on numerous "decoys". As an application,
this method can be used by a computationally weak party to delegate the exponentiation that takes place in the
RSA protocol. This is joint work with Delaram Kahrobaei and Vladimir Shpilrain.

**October 17, Graduate Center**: Artem Shevlyakov (Omsk University),
*Semigroups with inversion: equations and algebraic sets*

**Abstract: ** I consider equations over inverse, completely simple and completely regular
semigroups. The disjunction of two solution sets of an equation is not necessarily equal to a solution set of
an appropriate system of equations. We describe the semigroups from the classes above, where ANY disjunction
of the solution sets is algebraic (i.e., is a solution set of some system of equations).

**October 24, Graduate Center**: Andrey Nikolaev (Stevens Institute of
Technology), * Knapsack problems in products of groups *

**Abstract: ** The classic knapsack and related problems have natural generalizations to arbitrary
(non-commutative) groups, collectively called knapsack-type problems in groups. We study the effect of free
and direct products on their time complexity. We show that free products in certain sense preserve time
complexity of knapsack-type problems, while direct products may amplify it. This is joint work with Elizaveta
Frenkel and Alexander Ushakov.

**October 31, Graduate Center**: Prasad Rao (Hewlett Packard),
* Multicore tree hashing with functional programming *

**Abstract: ** We report on our progress in implementing general-purpose tree-hashing on multicore
computing devices: We implemented several tree-hashing modes (i.e. tree shapes), using the Sakura encoding1
and writing the implementation in the functional languages Clojure and Haskell, using the languages'
mechanisms for specifying parallel computation. We argue that functional languages are appropriate mechanisms
for implementing algorithms across multiple cores. We have designed a tree-hash description language, enabling
the concise description of a large class of useful tree shapes.

As one part of the general process of establishing a new standard for cryptographic hashing, NIST plans
to standardize methods for tree hashing, generalizing the Merkle hash tree to a broader class of sound tree
shapes. They plan to make use of the same authors' Sakura encoding to unambiguously describe these shapes. The
choice of shape itself was left outside the scope of Sakura, and must be communicated separately between users
and verifiers of a tree hashing mode. In order to do this flexibly and concisely we have designed a tree-hash
description language, which can specify a superset of the classes of modes illustrated in the Sakura
document.

For parallel programming, protecting data structures from stray updates or accesses is hard. In order to
do so, traditional imperative programming languages use exclusion mechanisms such as locks; however, using
these mechanisms is difficult to understand and therefore error-prone. Immutable data structures eliminate
these errors, although at a performance cost (which we plan to quantify in this work). Functional programming
languages such as Clojure and Haskell and their libraries use immutable data structures natively.
Additionally, they have parallel-programming constructs, which enable us to operate at a higher level of
abstraction. The simplicity of the implementation and the immutability of the data structures considerably
simplify reasoning about their correctness.

We implemented our tree-hash description language using two different functional programming languages,
namely Clojure, which is untyped, and Haskell, which is strongly typed. In each of these languages we
implemented tree hashing, parametrized over a standard hash function (e.g. SHA-256 and Keccak). Our
preliminary performance measurements have revealed some promising scale-up with respect to the number of cores
in use.

Joint work with Stuart Haber.

**November 14, Graduate Center:** Sven Dietrich (John Jay College),
* AdLeaks: Enabling secure whistleblowing using online ads *

**Abstract: ** Whistleblower laws protect individuals who inform the public or an
authority about governmental or corporate misconduct. Despite these
laws, whistleblowers frequently risk reprisals and sites such as
WikiLeaks emerged to provide a level of anonymity to these individuals.
However, as countries increase their level of network surveillance and
Internet protocol data retention, the mere act of using anonymizing
software such as Tor, or accessing a whistleblowing website through an
SSL channel might be incriminating enough to lead to investigations and
repercussions. As an alternative submission system we propose an online
advertising network called AdLeaks. AdLeaks leverages the ubiquity of
unsolicited online advertising to provide complete sender
unobservability when submitting disclosures. AdLeaks ads compute a
random function in a browser and submit the outcome to the AdLeaks
infrastructure. Such a whistleblower's browser replaces the output with
encrypted information so that the transmission is indistinguishable from
that of a regular browser. Its back-end design assures that AdLeaks must
process only a fraction of the resulting traffic in order to receive
disclosures with high probability. We describe the design of AdLeaks and
evaluate its performance through analysis and experimentation.

Joint work with Volker Roth et al.

**November 21, Graduate Center:** Bren Cavallo (CUNY Graduate Center),
*Algorithmic properties of poly-Z groups and secret sharing using non-commutative groups*
**Abstract: ** Computational aspects of polycyclic groups have been used to study cryptography since
2004 when Eick and Kahrobaei proposed polycyclic groups as a platform for conjugacy based cryptographic
protocols.

In the talk I describe the conjugacy problem in polycyclic groups and construct a family of torsion-free
polycyclic groups where the uniform conjugacy problem over the entire family is at least as hard as the subset
sum problem. We further show that the conjugacy problem in these groups is in NP, implying that the uniform
conjugacy prpblem is NP-complete over these groups. We also present an algorithm for the conjugacy problem in
groups of the form Z_n semidirect Z.

I then talk about the automorphisms of poly-Z groups and successive cyclic extensions of arbitrary
groups. I discuss a certain kind of extension that we call “deranged”, and show that the automorphisms of the
resulting group have a strict form. We also prove a version of the Tits Alternative for their automorphism
groups.

In the final part of the talk I describe secret sharing schemes and variations. We begin with classical
secret sharing schemes and present variations that allow them to be more practical. We then present a secret
sharing scheme due to Habeeb, Kahrobaei, and Shpilrain. Finally, we present an original adjustment to their
scheme that involves the shortlex order on a group and allows less information to be transmitted each time a
secret is shared. Additionally, we propose additional steps that allow participants to update their
information independently so that the scheme remains secure over multiple rounds.

**December 5, Graduate Center**: Manhattan Algebra Day

To subscribe to the seminar mailing list, click here