Privacy for the Cloud

David Pointcheval

ERC Advanced Grant no 339563

Summary

Many companies have already started the migration to the Cloud and many individuals share their personal informations on social networks. While some of the data are public information, many of them are personal and even quite sensitive. Unfortunately, the current access mode is purely right-based: the provider first authenticates the client, and grants him access, or not, according to his rights in the access-control list. Therefore, the provider itself not only has total access to the data, but also knows which data are accessed, by whom, and how: privacy, which includes secrecy of data (confidentiality), identities (anonymity), and requests (obliviousness), should be enforced. Moreover, while high availability can easily be controlled, and thus any defect can immediately be detected, failures in privacy protection can remain hidden for a long time. The industry of the Cloud introduces a new implicit trust requirement: nobody has any idea at all of where and how his data are stored and manipulated, but everybody should blindly trust the providers. The providers will definitely do their best, but this is not enough. Privacy-compliant procedures cannot be left to the responsibility of the provider: however strong the trustfulness of the provider may be, any system or human vulnerability can be exploited against privacy.

This presents too huge a threat to tolerate.

The distribution of the data and the secrecy of the actions must be given back to the users. It requires promoting privacy as a global security notion.


A new generation of secure multi-party computation protocols is required to protect everybody in an appropriate way, with privacy and efficiency: interactive protocols will be the core approach to provide privacy in practical systems, in contrast with the current trends in cryptography with fully homomorphic encryption and other advanced encryption techniques, that are quite interesting but essentially theoretical. Recent implicit interactive proofs of knowledge will be a starting point. But stronger properties are first expected for improving privacy. They will be integrated into new ad-hoc broadcast systems, in order to distribute the management among several parties, and eventually remove any trust requirements.

Privacy for the Cloud will have a huge societal impact since it will revolutionize the trust model: users will be able to make safe use of outsourced storage, namely for personal, financial and medical data, without having to worry about failures or attacks of the server. It will also have a strong economic impact, conferring a competitive advantage on Cloud providers implementing these tools.

Members

Principal Investigator

  • David Pointcheval

Permanent Members

  • Michel Abdalla*
  • Georg Fuchsbauer*

Post-Docs

  • Pooya Farshim

Students

  • Jérémy Chotard
  • Pierre-Alain Dupont*
  • Chloé Hébant
  • Anca Nitulescu
  • Quentin Santos*

Previous

  • Fabrice Ben Hamouda*
  • Raphael Bost*
  • Florian Bourse
  • Mario Cornejo*
  • Geoffroy Couteau
  • Julia Hesse
  • Thomas Peters
  • Olivier Sanders*
  • Hoeteck Wee*

* People part-time involved in the project

Publications

2018

  •  Publisher Version
  •  ACM Author-Izer
  •  Full Version
  •  Related Material
  •  Presentation Slides
Decentralized Multi-Client Functional Encryption for Inner Product by Jérémy Chotard, Edouard Dufour Sans, Romain Gay, Duong Hieu Phan, David Pointcheval. In Advances in Cryptology - Proceedings of ASIACRYPT '18, Springer, 2018
On the Leakage of Corrupted Garbled Circuits by Aurélien Dupin, David Pointcheval, Christophe Bidan. In The 12th International Conference on Provable Security (ProvSec '18), Springer, vol. 11192, pp. 3-21, 2018
Practical Strategy-Resistant Privacy-Preserving Elections by Sébastien Canard, David Pointcheval, Quentin Santos, Jacques Traoré. In The 23rd European Symposium on Research in Computer Security (ESORICS '18) -- Part II, Springer, vol. 11099, pp. 331-349, 2018
On Tightly Secure Non-Interactive Key Exchange by Julia Hesse, Dennis Hofheinz, Lisa Kohl. In Advances in Cryptology -- Proceedings of CRYPTO '18 -- Part II, Springer, vol. 10992, pp. 65-94, 2018
Combiners for Backdoored Random Oracles by Balthazar Bauer, Pooya Farshim, and Sogol Mazaheri. In Advances in Cryptology -- Proceedings of CRYPTO '18 -- Part II, Springer, vol. 10992, pp. 272-302, 2018
Indifferentiable Authenticated Encryption by Manuel Barbosa, Pooya Farshim. In Advances in Cryptology -- Proceedings of CRYPTO '18 -- Part I, Springer, vol. 10991, 2018
Fast Homomorphic Evaluation of Deep Discretized Neural Networks by Florian Bourse, Michele Minelli, Matthias Minihold, Pascal Paillier. In Advances in Cryptology -- Proceedings of CRYPTO '18 -- Part III, Springer, vol. 10993, pp. 483-512, 2018
Privacy-Preserving Plaintext-Equality of Low-Entropy Inputs by Sébastien Canard, David Pointcheval, Quentin Santos, Jacques Traoré. In Conference on Applied Cryptography and Network Security (ACNS '18), Springer, vol. 10892, pp. 262-279, 2018
New Protocols for Secure Equality Test and Comparison by Geoffroy Couteau. In Conference on Applied Cryptography and Network Security (ACNS '18), Springer, vol. 10892, pp. 303-320, 2018
Efficient Designated-Verifier Non-Interactive Zero-Knowledge Proofs of Knowledge by Pyrros Chaidos, Geoffroy Couteau. In Advances in Cryptology - Proceedings of EUROCRYPT '18, Springer, vol. 10822, pp. 193-221, 2018
Fuzzy-Password Authenticated Key Exchange by Pierre-Alain Dupont, Julia Hesse, David Pointcheval, Leonid Reyzin, Sophia Yakoubov. In Advances in Cryptology - Proceedings of EUROCRYPT '18, Springer, vol. 10822, pp. 393-424, 2018
Reassessing Security of Randomizable Signatures by David Pointcheval, Olivier Sanders. In The Cryptographers' Track at RSA Conference '18 (CT-RSA '18), Springer, vol. 10808, pp. 319-338, 2018
Advanced password-authenticated key exchanges by Pierre-Alain Dupont. PhD Thesis, 2018 - PhD Thesis
Searchable Encryption: New Constructions of Encrypted Databases by Raphaël Bost. PhD Thesis, 2018 - PhD Thesis

2017

  •  Publisher Version
  •  ACM Author-Izer
  •  Full Version
  •  Related Material
  •  Presentation Slides
Human Computing for Handling Strong Corruptions in Authenticated Key Exchange by Alexandra Boldyreva, Shan Chen, Pierre-Alain Dupont, David Pointcheval. In Proceedings of the 30th IEEE Computer Security Foundations Symposium (CSF '17), IEEE Computer Society, pp. 159-175, 2017
Homomorphic-Policy Attribute-Based Key Encapsulation Mechanisms by Jérémy Chotard, Duong Hieu Phan, David Pointcheval. In Proceedings of the 20th International Conference on Information Security (ISC '17), Springer, vol. 10599, pp. 155-172, 2017
Removing the Strong RSA Assumption from Arguments over the Integers by Geoffroy Couteau, Thomas Peters, David Pointcheval. In Advances in Cryptology - Proceedings of EUROCRYPT '17 -- Part II, Springer, vol. 10211, pp. 321-350, 2017
Removing Erasures with Explainable Hash Proof Systems by Michel Abdalla, Fabrice Benhamouda, David Pointcheval. In Conference on Practice and Theory in Public-Key Cryptography (PKC '17) -- Part I, Springer, vol. 10174, pp. 151-174, 2017
Cut Down the Tree to Achieve Constant Complexity in Divisible E-Cash by David Pointcheval, Olivier Sanders, Jacques Traoré. In Conference on Practice and Theory in Public-Key Cryptography (PKC '17) -- Part I, Springer, vol. 10174, pp. 61-90, 2017
CCA-Secure Inner-Product Functional Encryption from Projective Hash Functions by Fabrice Benhamouda, Florian Bourse, Helger Lipmaa. In Conference on Practice and Theory in Public-Key Cryptography (PKC '17) -- Part II, Springer, vol. 10175, pp. 36-66, 2017
Zero-Knowledge Proofs for Secure Computation by Geoffroy Couteau. PhD Thesis, 2017 - PhD Thesis
Homomorphic Secret Sharing: Optimizations and Applications by Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Michele Orrù. In Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS '17), ACM Press, pp. 2105-2122, 2017
Functional Encryption for Inner-Product Evaluations by Florian Bourse. PhD Thesis, 2017 - PhD Thesis
Functional Encryption with Oblivious Helper by Pierre-Alain Dupont, David Pointcheval. In Proceedings of the 12th ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS '17), ACM Press, pp. 205-214, 2017

2016

  •  Publisher Version
  •  ACM Author-Izer
  •  Full Version
  •  Related Material
  •  Presentation Slides
NIZKs with an Untrusted CRS: Security in the Face of Parameter Subversion by Mihir Bellare, Georg Fuchsbauer, Alessandra Scafuro. In Advances in Cryptology -- Proceedings of ASIACRYPT '16 -- Part II, Springer, vol. 10032, pp. 777-804, 2016
On the (In)security of SNARKs in the Presence of Oracles by Dario Fiore, Anca Nitulescu. In 14th International Conference on Theory of Cryptography -- Proceedings of TCC 2016-B -- Part I, Springer, vol. 9985, pp. 108-138, 2016
Sophos -- Forward Secure Searchable Encryption by Raphael Bost. In Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS '16), ACM Press, pp. 1143-1154, 2016
FHE Circuit Privacy Almost for Free by Florian Bourse, Rafaël Del Pino, Michele Minelli, Hoeteck Wee. In Advances in Cryptology -- Proceedings of CRYPTO '16 -- Part II, Springer, vol. 9815, pp. 62-89, 2016
Encryption Switching Protocols by Geoffroy Couteau, Thomas Peters, David Pointcheval. In Advances in Cryptology -- Proceedings of CRYPTO '16 -- Part I, Springer, vol. 9814, pp. 308-338, 2016
Divisible E-Cash Made Practical by Sébastien Canard, David Pointcheval, Olivier Sanders, Jacques Traoré. In IET Information Security, The Institution of Engineering and Technology, vol. 10, no. 6, pp. 332-347, 2016
Robust Password-Protected Secret Sharing by Michel Abdalla, Mario Cornejo, Anca Nitulescu, David Pointcheval. In The 21st European Symposium on Research in Computer Security (ESORICS '16), Springer, vol. 9879, pp. 61-79, 2016
Public-Key Encryption Indistinguishable Under Plaintext-Checkable Attacks by Michel Abdalla, Fabrice Benhamouda, David Pointcheval. In IET Information Security, The Institution of Engineering and Technology, vol. 10, no. 6, pp. 288-303, 2016
Short Randomizable Signatures by David Pointcheval, Olivier Sanders. In The Cryptographers' Track at RSA Conference '16 (CT-RSA '16), Springer, vol. 9610, pp. 111-126, 2016
Security for the Cloud by Mario Cornejo-Ramirez. PhD Thesis, 2016 - PhD Thesis
Diverse modules and zero-knowledge by Fabrice Benhamouda. PhD Thesis, 2016 - PhD Thesis
Practical ``Signatures with Efficient Protocols'' from Simple Assumptions by Benoît Libert, Fabrice Mouhartem, Thomas Peters, Moti Yung. In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ACM, pp. 511-522, 2016

2015

  •  Publisher Version
  •  ACM Author-Izer
  •  Full Version
  •  Related Material
  •  Presentation Slides
Multilinear and Aggregate Pseudorandom Functions: New Constructions and Improved Security by Michel Abdalla, Fabrice Benhamouda, Alain Passelègue. In Advances in Cryptology -- Proceedings of ASIACRYPT '15 -- Part I, Springer, vol. 9452, pp. 103-120, 2015
Compactly Hiding Linear Spans: Tightly Secure Constant-Size Simulation-Sound QA-NIZK Proofs and Applications by Benoît Libert, Thomas Peters, Marc Joye, Moti Yung. In Advances in Cryptology -- Proceedings of ASIACRYPT '15 -- Part I, Springer, vol. 9452, pp. 681-707, 2015
Secure Distributed Computation on Private Inputs by Geoffroy Couteau, Thomas Peters, David Pointcheval. In Foundations and Practice of Security (FPS '15), Springer, vol. 9482, pp. 14-26, 2015
An Algebraic Framework for Pseudorandom Functions and Applications to Related-Key Security by Michel Abdalla, Fabrice Benhamouda, Alain Passelègue. In Advances in Cryptology -- Proceedings of CRYPTO '15 -- Part I, Springer, vol. 9215, pp. 388-409, 2015
Implicit Zero-Knowledge Arguments and Applications to the Malicious Setting by Fabrice Benhamouda, Geoffroy Couteau, David Pointcheval, Hoeteck Wee. In Advances in Cryptology -- Proceedings of CRYPTO '15 -- Part II, Springer, vol. 9216, pp. 107-129, 2015
Short Group Signatures via Structure-Preserving Signatures: Standard Model Security from Simple Assumptions by Benoît Libert, Thomas Peters, Moti Yung. In Advances in Cryptology -- Proceedings of CRYPTO '15 -- Part II, Springer, vol. 9216, pp. 296-316, 2015
Scalable Divisible E-Cash by Sébastien Canard, David Pointcheval, Olivier Sanders, Jacques Traoré. In Conference on Applied Cryptography and Network Security (ACNS '15), Springer, vol. 9092, pp. 287-306, 2015
Security of the J-PAKE Password-Authenticated Key Exchange Protocol by Michel Abdalla, Fabrice Benhamouda, Philip MacKenzie. In IEEE Symposium on Security and Privacy (S&P '15), IEEE Computer Society, pp. 571-587, 2015
Disjunctions for Hash Proof Systems: New Constructions and Applications by Michel Abdalla, Fabrice Benhamouda, David Pointcheval. In Advances in Cryptology -- Proceedings of EUROCRYPT '15 -- Part II, Springer, vol. 9057, pp. 69-100, 2015
Quasi-Adaptive NIZK for Linear Subspaces Revisited by Eike Kiltz, Hoeteck Wee. In Advances in Cryptology -- Proceedings of EUROCRYPT '15 -- Part II, Springer, vol. 9057, pp. 101-128, 2015
Secure Efficient History-Hiding Append-Only Signatures in the Standard Model by Benoît Libert, Marc Joye, Moti Yung, Thomas Peters. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 450-473, 2015
Simple Functional Encryption Schemes for Inner Products by Michel Abdalla, Florian Bourse, Angelo De Caro, David Pointcheval. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 733-751, 2015
Public-Key Encryption Indistinguishable Under Plaintext-Checkable Attacks by Michel Abdalla, Fabrice Benhamouda, David Pointcheval. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 332-352, 2015
Divisible E-Cash Made Practical by S'ebastien Canard, David Pointcheval, Olivier Sanders, Jacques Traoré. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 77-100, 2015
Predicate Encryption for Multi-Dimensional Range Queries from Lattices by Romain Gay, Pierrick Méaux, Hoeteck Wee. In Conference on Practice and Theory in Public-Key Cryptography (PKC '15), Springer, vol. 9020, pp. 752-776, 2015
Conception et Optimisation de Mécanismes Cryptographiques Anonymes by Olivier Sanders. PhD Thesis, 2015 - PhD Thesis

2014

  •  Publisher Version
  •  ACM Author-Izer
  •  Full Version
  •  Related Material
  •  Presentation Slides
Better Zero-Knowledge Proofs for Lattice Encryption and Their Application to Group Signatures by Fabrice Benhamouda, Jan Camenisch, Stephan Krenn, Vadim Lyubashevsky, Gregory Neven. In Advances in Cryptology -- Proceedings of ASIACRYPT '14 -- Part I, Springer, vol. 8873, pp. 551-572, 2014
Forward Secure Non-Interactive Key Exchange by David Pointcheval, Olivier Sanders. In The 9th Conference on Security in Communication Networks (SCN '14), Springer, vol. 8642, pp. 21-39, 2014
Semi-Adaptive Attribute-Based Encryption and Improved Delegation for Boolean Formula by Jie Chen, Hoeteck Wee. In The 9th Conference on Security in Communication Networks (SCN '14), vol. 8642, pp. 277-297, 2014
Related-Key Security for Pseudorandom Functions Beyond the Linear Barrier by Michel Abdalla, Fabrice Benhamouda, Alain Passelègue, Kenneth G. Paterson. In Advances in Cryptology -- Proceedings of CRYPTO '14 -- Part I, vol. 8616, pp. 77-94, 2014

Reports

2018

  •  Publisher Version
  •  ACM Author-Izer
  •  Full Version
  •  Related Material
  •  Presentation Slides
Multi-Client Functional Encryption with Repetition for Inner Product by Jérémy Chotard, Edouard Dufour Sans, Romain Gay, Duong Hieu Phan, David Pointcheval. Technical report, IACR ePrint Archive, no. 2018/1021, 2018
Decentralized Evaluation of Quadratic Polynomials on Encrypted Data by Chloé Hébant, Duong Hieu Phan, David Pointcheval. Technical report, IACR ePrint Archive, no. 2018/1019, 2018
Simpler Constructions of Asymmetric Primitives from Obfuscation by Pooya Farshim, Georg Fuchsbauer, Alain Passelègue. Technical report, IACR ePrint Archive, no. 2018/576, 2018
Unbounded Inner Product Functional Encryption, with Succinct Keys by Edouard Dufour Sans, David Pointcheval. Technical report, IACR ePrint Archive, no. 2018/487, 2018
Reading in the Dark: Classifying Encrypted Digits with Functional Encryption by Edouard Dufour Sans, Romain Gay, David Pointcheval. Technical report, IACR ePrint Archive, no. 2018/206, 2018

2016

  •  Publisher Version
  •  ACM Author-Izer
  •  Full Version
  •  Related Material
  •  Presentation Slides
Revisiting Covert Multiparty Computation by Geoffroy Couteau. Technical report, IACR ePrint Archive, no. 2016/951, 2016
Verifiable Dynamic Symmetric Searchable Encryption: Optimality and Forward Security by Raphael Bost, Pierre-Alain Fouque, David Pointcheval. Technical report, IACR ePrint Archive, no. 2016/062, 2016
Better Security for Functional Encryption for Inner Product Evaluations by Michel Abdalla, Florian Bourse, Angelo De Caro, David Pointcheval. Technical report, IACR ePrint Archive, no. 2016/011, 2016

2014

  •  Publisher Version
  •  ACM Author-Izer
  •  Full Version
  •  Related Material
  •  Presentation Slides
Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions by Fabrice Benhamouda, David Pointcheval. Technical report, IACR ePrint Archive, no. 2013/833, 2014

Resume: David Pointcheval

Education

  • Habilitation à Diriger des Recherches (HDR), University of Paris 7 - Denis Diderot, 2002
        Title: Public-key encryption and provable security
  • PhD in Computer Science, University of Caen, 1996
        Superviser: Jacques Stern
        Title: Proofs of knowledge and their security proofs
  • Ecole Normale Supérieure (ENS), Paris, 1991-1996

Employment

  • "Directeur de Recherche" CNRS (equiv. to full professor at university) at ENS, since 2007
  • "Chargé de Recherche" CNRS (equiv. to assistant professor at university) at ENS, 1998-2007
  • Teaching Assistant, University of Caen, 1996-1998

Responsibilities

  • Chair of the Computer Science Department at ENS, since 2017
  • Deputy Head of the Computer Science Department at ENS, from 2011 to 2017
  • Head of the Crypto Team at ENS, since 2005
        This team has been a joint research group with ENS, CNRS and INRIA, since 2007

Last update: July 17th, 2017