Wednesday, October 15, 2003, Volen 101, 2-3pm. (Refreshments at 2pm)
Rigorously capturing the security requirements of cryptographic tasks is a notoriously subtle and tricky business. One major stumbling point is coming up with a notion of security that is robust enough so as to guarantee security even when the protocol is run as a component of an unknown larger system. So far, no such notions were known. We describe a new paradigm for defining security of cryptographic protocols, called Universally Composable Security. The salient property of universally composable notions of security is that they guarantee security even when a protocol is used as a component within an arbitrary system. Such properties are crucial for arguing the security of cryptographic protocols in complex and unpredictable environments such as the Internet. The talk will provide high-level motivation and introduction to universally composable security. We will also survey some recent related results, with both foundational and practical implications. No prior knowledge in cryptography will be assumed.
Host: Liuba Shrira