Privacy for the Cloud

David Pointcheval

ERC Advanced Grant no 339563

Summary

Many companies have already started the migration to the Cloud and many individuals share their personal informations on social networks. While some of the data are public information, many of them are personal and even quite sensitive. Unfortunately, the current access mode is purely right-based: the provider first authenticates the client, and grants him access, or not, according to his rights in the access-control list. Therefore, the provider itself not only has total access to the data, but also knows which data are accessed, by whom, and how: privacy, which includes secrecy of data (confidentiality), identities (anonymity), and requests (obliviousness), should be enforced. Moreover, while high availability can easily be controlled, and thus any defect can immediately be detected, failures in privacy protection can remain hidden for a long time. The industry of the Cloud introduces a new implicit trust requirement: nobody has any idea at all of where and how his data are stored and manipulated, but everybody should blindly trust the providers. The providers will definitely do their best, but this is not enough. Privacy-compliant procedures cannot be left to the responsibility of the provider: however strong the trustfulness of the provider may be, any system or human vulnerability can be exploited against privacy.

This presents too huge a threat to tolerate.

The distribution of the data and the secrecy of the actions must be given back to the users. It requires promoting privacy as a global security notion.


A new generation of secure multi-party computation protocols is required to protect everybody in an appropriate way, with privacy and efficiency: interactive protocols will be the core approach to provide privacy in practical systems, in contrast with the current trends in cryptography with fully homomorphic encryption and other advanced encryption techniques, that are quite interesting but essentially theoretical. Recent implicit interactive proofs of knowledge will be a starting point. But stronger properties are first expected for improving privacy. They will be integrated into new ad-hoc broadcast systems, in order to distribute the management among several parties, and eventually remove any trust requirements.

Privacy for the Cloud will have a huge societal impact since it will revolutionize the trust model: users will be able to make safe use of outsourced storage, namely for personal, financial and medical data, without having to worry about failures or attacks of the server. It will also have a strong economic impact, conferring a competitive advantage on Cloud providers implementing these tools.

Members

Principal Investigator

  • David Pointcheval

Permanent Members

  • Michel Abdalla*
  • Georg Fuchsbauer*

Post-Docs

  • Julia Hesse

Students

  • Raphael Bost*
  • Florian Bourse
  • Jérémy Chotard
  • Geoffroy Couteau
  • Pierre-Alain Dupont*
  • Chloé Hébant
  • Anca Nitulescu
  • Quentin Santos*

Previous

  • Fabrice Ben Hamouda*
  • Mario Cornejo*
  • Thomas Peters
  • Olivier Sanders*
  • Hoeteck Wee*

* People part-time involved in the project

Publications

2017

  •  Publisher Version
  •  Full Version
  •  Related Material
  •  Presentation Slides
Human Computing for Handling Strong Corruptions in Authenticated Key Exchange by Alexandra Boldyreva, Shan Chen, Pierre-Alain Dupont, David Pointcheval. In Proceedings of the 30th IEEE Computer Security Foundations Symposium (CSF '17), IEEE Computer Society, pp. 159-175, 2017
Cut Down the Tree to Achieve Constant Complexity in Divisible E-Cash by David Pointcheval, Olivier Sanders, Jacques Traoré. In Conference on Practice and Theory in Public-Key Cryptography (PKC '17) -- Part I, Springer, vol. 10174, pp. 61-90, 2017
Removing Erasures with Explainable Hash Proof Systems by Michel Abdalla, Fabrice Benhamouda, David Pointcheval. In Conference on Practice and Theory in Public-Key Cryptography (PKC '17) -- Part I, Springer, vol. 10174, pp. 151-174, 2017
Removing the Strong RSA Assumption from Arguments over the Integers by Geoffroy Couteau, Thomas Peters, David Pointcheval. In Advances in Cryptology - Proceedings of EUROCRYPT '17 -- Part II, Springer, vol. 10211, pp. 321-350, 2017
Homomorphic-Policy Attribute-Based Key Encapsulation Mechanisms by Jérémy Chotard, Duong Hieu Phan, David Pointcheval. In Proceedings of the 20th International Conference on Information Security (ISC '17), Springer, vol. ???, pp. ???-???, 2017
CCA-Secure Inner-Product Functional Encryption from Projective Hash Functions by Florian Bourse, Fabrice Benhamouda, Helger Lipmaa. In Conference on Practice and Theory in Public-Key Cryptography (PKC '17) -- Part II, Springer, vol. 10175, pp. 36-66, 2017
Functional Encryption with Oblivious Helper by Pierre-Alain Dupont, David Pointcheval. In Proceedings of the 12th ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS '17), ACM Press, pp. 205-214, 2017

2016

  •  Publisher Version
  •  Full Version
  •  Related Material
  •  Presentation Slides
NIZKs with an Untrusted CRS: Security in the Face of Parameter Subversion by Mihir Bellare, Georg Fuchsbauer, Alessandra Scafuro. In Advances in Cryptology -- Proceedings of ASIACRYPT '16 -- Part II, Springer, vol. 10032, pp. 777-804, 2016
Sophos -- Forward Secure Searchable Encryption by Raphael Bost. In Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS '16), ACM Press, pp. 1143-1154, 2016
On the (In)security of SNARKs in the Presence of Oracles by Dario Fiore, Anca Nitulescu. In 14th International Conference on Theory of Cryptography -- Proceedings of TCC 2016-B -- Part I, Springer, vol. 9985, pp. 108-138, 2016
FHE Circuit Privacy Almost for Free by Florian Bourse, Rafaël Del Pino, Michele Minelli, Hoeteck Wee. In Advances in Cryptology -- Proceedings of CRYPTO '16 -- Part II, Springer, vol. 9815, pp. 62-89, 2016
Encryption Switching Protocols by Geoffroy Couteau, Thomas Peters, David Pointcheval. In Advances in Cryptology -- Proceedings of CRYPTO '16 -- Part I, Springer, vol. 9814, pp. 308-338, 2016
Divisible E-Cash Made Practical by Sébastien Canard, David Pointcheval, Olivier Sanders, Jacques Traoré. In IET Information Security, The Institution of Engineering and Technology, vol. 10, no. 6, pp. 332-347, 2016
Robust Password-Protected Secret Sharing by Michel Abdalla, Mario Cornejo, Anca Nitulescu, David Pointcheval. In The 21st European Symposium on Research in Computer Security (ESORICS '16), Springer, vol. 9879, pp. 61-79, 2016
Public-Key Encryption Indistinguishable Under Plaintext-Checkable Attacks by Michel Abdalla, Fabrice Benhamouda, David Pointcheval. In IET Information Security, The Institution of Engineering and Technology, vol. 10, no. 6, pp. 288-303, 2016
Short Randomizable Signatures by David Pointcheval, Olivier Sanders. In The Cryptographers' Track at RSA Conference '16 (CT-RSA '16), Springer, vol. 9610, pp. 111-126, 2016
Security for the Cloud by Mario Cornejo-Ramirez. PhD Thesis, 2016 - PhD Thesis
Diverse modules and zero-knowledge by Fabrice Benhamouda. PhD Thesis, 2016 - PhD Thesis
Practical "Signatures with Efficient Protocols" from Simple Assumptions by Benoît Libert, Fabrice Mouhartem, Thomas Peters, Moti Yung. In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ACM, pp. 511-522, 2016

2015

  •  Publisher Version
  •  Full Version
  •  Related Material
  •  Presentation Slides
Secure Distributed Computation on Private Inputs by Geoffroy Couteau, Thomas Peters, David Pointcheval. In Foundations and Practice of Security (FPS '15), Springer, vol. 9482, pp. 14-26, 2015
Compactly Hiding Linear Spans: Tightly Secure Constant-Size Simulation-Sound QA-NIZK Proofs and Applications by Benoît Libert, Thomas Peters, Marc Joye, Moti Yung. In Advances in Cryptology -- Proceedings of ASIACRYPT '15 -- Part I, Springer, vol. 9452, pp. 681-707, 2015
Multilinear and Aggregate Pseudorandom Functions: New Constructions and Improved Security by Michel Abdalla, Fabrice Benhamouda, Alain Passelègue. In Advances in Cryptology -- Proceedings of ASIACRYPT '15 -- Part I, Springer, vol. 9452, pp. 103-120, 2015
Implicit Zero-Knowledge Arguments and Applications to the Malicious Setting by Fabrice Benhamouda, Geoffroy Couteau, David Pointcheval, Hoeteck Wee. In Advances in Cryptology -- Proceedings of CRYPTO '15 -- Part II, Springer, vol. 9216, pp. 107-129, 2015
An Algebraic Framework for Pseudorandom Functions and Applications to Related-Key Security by Michel Abdalla, Fabrice Benhamouda, Alain Passelègue. In Advances in Cryptology -- Proceedings of CRYPTO '15 -- Part I, Springer, vol. 9215, pp. 388-409, 2015
Short Group Signatures via Structure-Preserving Signatures: Standard Model Security from Simple Assumptions by Benoît Libert, Thomas Peters, Moti Yung. In Advances in Cryptology -- Proceedings of CRYPTO '15 -- Part II, Springer, vol. 9216, pp. 296-316, 2015
Scalable Divisible E-Cash by Sébastien Canard, David Pointcheval, Olivier Sanders, Jacques Traoré. In Conference on Applied Cryptography and Network Security (ACNS '15), Springer, vol. 9092, pp. 287-306, 2015
Security of the J-PAKE Password-Authenticated Key Exchange Protocol by Michel Abdalla, Fabrice Benhamouda, Philip MacKenzie. In IEEE Symposium on Security and Privacy (S&P '15), IEEE Computer Society, pp. 571-587, 2015
Quasi-Adaptive NIZK for Linear Subspaces Revisited by Eike Kiltz, Hoeteck Wee. In Advances in Cryptology -- Proceedings of EUROCRYPT '15 -- Part II, Springer, vol. 9057, pp. 101-128, 2015
Disjunctions for Hash Proof Systems: New Constructions and Applications by Michel Abdalla, Fabrice Benhamouda, David Pointcheval. In Advances in Cryptology -- Proceedings of EUROCRYPT '15 -- Part II, Springer, vol. 9057, pp. 69-100, 2015
Divisible E-Cash Made Practical by S'ebastien Canard, David Pointcheval, Olivier Sanders, Jacques Traoré. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 77-100, 2015
Predicate Encryption for Multi-Dimensional Range Queries from Lattices by Romain Gay, Pierrick Méaux, Hoeteck Wee. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 752-776, 2015
Public-Key Encryption Indistinguishable Under Plaintext-Checkable Attacks by Michel Abdalla, Fabrice Benhamouda, David Pointcheval. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 332-352, 2015
Secure Efficient History-Hiding Append-Only Signatures in the Standard Model by Benoît Libert, Marc Joye, Moti Yung, Thomas Peters. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 450-473, 2015
Simple Functional Encryption Schemes for Inner Products by Michel Abdalla, Florian Bourse, Angelo De Caro, David Pointcheval. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 733-751, 2015
Conception et Optimisation de Mécanismes Cryptographiques Anonymes by Olivier Sanders. PhD Thesis, 2015 - PhD Thesis

2014

  •  Publisher Version
  •  Full Version
  •  Related Material
  •  Presentation Slides
Better Zero-Knowledge Proofs for Lattice Encryption and Their Application to Group Signatures by Fabrice Benhamouda, Jan Camenisch, Stephan Krenn, Vadim Lyubashevsky, Gregory Neven. In Advances in Cryptology -- Proceedings of ASIACRYPT '14 -- Part I, Springer, vol. 8873, pp. 551-572, 2014
Semi-Adaptive Attribute-Based Encryption and Improved Delegation for Boolean Formula by Jie Chen, Hoeteck Wee. In The 9th Conference on Security in Communication Networks (SCN '14), vol. 8642, pp. 277-297, 2014
Forward Secure Non-Interactive Key Exchange by David Pointcheval, Olivier Sanders. In The 9th Conference on Security in Communication Networks (SCN '14), Springer, vol. 8642, pp. 21-39, 2014
Related-Key Security for Pseudorandom Functions Beyond the Linear Barrier by Michel Abdalla, Fabrice Benhamouda, Alain Passelègue, Kenneth G. Paterson. In Advances in Cryptology -- Proceedings of CRYPTO '14 -- Part I, vol. 8616, pp. 77-94, 2014

Reports

2017

  •  Publisher Version
  •  Full Version
  •  Related Material
  •  Presentation Slides
Decentralized Multi-Client Functional Encryption for Inner Product by Jérémy Chotard, Edouard Dufour Sans, Duong Hieu Phan, David Pointcheval. Technical report, IACR ePrint Archive, no. 2017/989, 2017

2016

  •  Publisher Version
  •  Full Version
  •  Related Material
  •  Presentation Slides
Revisiting Covert Multiparty Computation by Geoffroy Couteau. Technical report, IACR ePrint Archive, no. 2016/951, 2016
Efficient Secure Comparison Protocols by Geoffroy Couteau. Technical report, IACR ePrint Archive, no. 2016/544, 2016
Better Security for Functional Encryption for Inner Product Evaluations by Michel Abdalla, Florian Bourse, Angelo De Caro, David Pointcheval. Technical report, IACR ePrint Archive, no. 2016/011, 2016
Verifiable Dynamic Symmetric Searchable Encryption: Optimality and Forward Security by Raphael Bost, Pierre-Alain Fouque, David Pointcheval. Technical report, IACR ePrint Archive, no. 2016/062, 2016

2014

  •  Publisher Version
  •  Full Version
  •  Related Material
  •  Presentation Slides
Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions by Fabrice Benhamouda, David Pointcheval. Technical report, IACR ePrint Archive, no. 2013/833, 2014

Resume: David Pointcheval

Education

  • Habilitation à Diriger des Recherches (HDR), University of Paris 7 - Denis Diderot, 2002
        Title: Public-key encryption and provable security
  • PhD in Computer Science, University of Caen, 1996
        Superviser: Jacques Stern
        Title: Proofs of knowledge and their security proofs
  • Ecole Normale Supérieure (ENS), Paris, 1991-1996

Employment

  • "Directeur de Recherche" CNRS (equiv. to full professor at university) at ENS, since 2007
  • "Chargé de Recherche" CNRS (equiv. to assistant professor at university) at ENS, 1998-2007
  • Teaching Assistant, University of Caen, 1996-1998

Responsibilities

  • Chair of the Computer Science Department at ENS, since 2017
  • Deputy Head of the Computer Science Department at ENS, from 2011 to 2017
  • Head of the Crypto Team at ENS, since 2005
        This team has been a joint research group with ENS, CNRS and INRIA, since 2007

Last update: July 17th, 2017