How to keep a secret and share a public key (using polynomial commitments)

Tomescu Nicolescu, Ioan Alin.

Author(s)

Tomescu Nicolescu, Ioan Alin.

Download1201526461-MIT.pdf (2.703Mb)

Other Contributors

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.

Advisor

Srinivas Devadas.

Terms of use

MIT theses may be protected by copyright. Please reuse MIT thesis content according to the MIT Libraries Permissions Policy, which is available through the URL provided. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

Despite 40+ years of amazing progress, cryptography is constantly plagued by two simple problems: keeping secret keys secret and making public keys public. For example, public-key encryption is secure only if each user (1) keeps his secret key out of the hands of the adversary and (2) correctly distributes his public key to all other users. This thesis seeks to address these two fundamental problems. First, we introduce communication-efficient, fully-untrusted append-only logs, which can be used to correctly distribute public keys. Our constructions have logarithmic-sized proofs for the two key operations in append-only logs: looking up public keys and verifying the log remained append-only. In contrast, previous logs either have linear-sized proofs or need extra trust assumptions. Our logs can also be used to secure software distribution and, we hope, to increase transparency in any institution that wants to do so. Second, we speed up threshold cryptosystems, which protect secret keys by splitting them up across many users. We introduce threshold signatures, verifiable secret sharing and distributed key generation protocols that can scale to millions of users. Our protocols drastically reduce execution time, anywhere from 2x to 4500x, depending on the scale. For example, at large scales, we reduce time from tens of hours to tens of seconds. At the core of most of our contributions lie new techniques for computing evaluation proofs in constant-sized polynomial commitments. Specifically, we show how to decrease the time to compute n proofs for a degree-bound n polynomial from O(n²) to O(n log n), at the cost of increasing proof size from O(1) to O(log n). Our techniques could be of independent interest, as they give rise to other cryptographic schemes, such as Vector Commitments (VCs).

Description

This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.

Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2020

Cataloged from PDF of thesis.

Includes bibliographical references (pages 155-171).

Date issued

2020

URI

https://hdl.handle.net/1721.1/128298

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.

Collections

Doctoral Theses