My research interests are in Cryptography and Security, and in particular in the design of efficient and provably-secure cryptographic primitives and protocols. Some of the topics I work on include:
- secure delegation of data and computation to the Cloud;
- homomorphic authentication primitives;
- (verifiable) pseudo-random functions;
- identity-based encryption;
- zero-knowledge proof systems;
- onion routing and anonymity;
- foundations of cryptography.
Secure Delegation to the Cloud
The rise of the Cloud computing paradigm is raising many security concerns. For instance, while clients are willing to outsource many tasks and resources to Cloud providers for the sake of several benefits, how can they be assured that the Cloud will operate correctly? Many things can indeed go wrong, e.g., software bugs, hardware errors, attacks from malicious insiders or intruders. Any of these issues can compromise the integrity of either the data or the computations outsourced by the clients to the Cloud.
Several, recent, lines of work are addressing these questions. In the following project we consider a specific setting, of relevant interest in practice.
The goal of this project is to elaborate solutions for the problem described in the figure below.
We can summarize it as follows:
- The client D – the data owner – can (continuously) outsource the storage of many data items to the Cloud server. Each data item is labeled with a string Li.
- The client V – the verifier – wishes to compute on some subset of D’s data, and delegates this task to the Cloud server.
In solving this problem, we aim at achieving the following main properties:
- Integrity: V must be able to check that y is correct, i.e., it is the same value y=P(v1, …, vk) obtained by executing P on the corresponding subset (i.e., according to the requested labels) of D’s data.
- Efficiency: V must run faster than executing P, possibly in time independent of P‘s input size k. Also, the size of any possible proof sent by the cloud server to V should be succinct, i.e., significantly smaller than k.
However, it is also important that D can keep adding values to the cloud storage, and that V can delegate the computation of many different P’s.
Results and Techniques:
In [BFR13] we present a solution to the above problem by employing the cryptographic notion of homomorphic message authenticators (see the figure above). Our solution builds upon the homomorphic MAC techniques developed in [CF13], and works for the evaluation of quadratic polynomials over a large number of variables. We cannot consider the present solution fully practical yet, due to a large (constant) overhead for the cloud server, but the current efficiency measures in [BFR13] are promising: proofs have size below 1 kB and are verifiable by clients in less than 10 milliseconds.
Main related publications
- [FMNP16] Multi-Key Homomorphic Authenticators. D. Fiore, A. Mitrokotsa, L. Nizzardo, E. Pagnin. ASIACRYPT’16
- [FFGKOP16] Hash First, Argue Later. Adaptive Verifiable Computations on Outsourced Data. D. Fiore, C. Fournet, E. Gosh, M. Kohlweiss, O. Ohrimenko, B. Parno. CCS’16
- [CFN15] Programmable Hash Functions Go Private: Constructions and Applications to (Homomorphic) Signatures with Shorter Public Keys. D. Catalano, D. Fiore, L. Nizzardo. CRYPTO’15
- [BBFR15] ADSNARK: Nearly-Practical Privacy-Preserving Proofs on Authenticated Data.
M. Backes, M. Barbosa, D. Fiore, R. M. Reischuk. Oakland’15
- [FGP14] Efficiently Verifiable Computation on Encrypted Data.
D. Fiore, R. Gennaro, V. Pastro. CCS’14
- [CFW14] Homomorphic Signatures with Efficient Verification for Polynomial Functions.
D. Catalano, D. Fiore, B. Warinschi. CRYPTO’14
- [CFGN14] Generalizing Homomorphic MACs for Arithmetic Circuits.
D. Catalano, D. Fiore, R. Gennaro, L. Nizzardo. PKC’14
- [BFR13] Verifiable Delegation of Computation on Outsourced Data. M. Backes, D. Fiore, R. M. Reischuk. CCS’13
- [CF13] Practical Homomorphic MACs for Arithmetic Circuits. D. Catalano, and D. Fiore. EUROCRYPT’13
Other related publications (on homomorphic MACs/Signatures and verifiable computation):
- [CFGV13] Algebraic (Trapdoor) One-Way Functions and Their Applications. D. Catalano, D. Fiore, R. Gennaro, K. Vamvourellis. TCC’13
- [FG12] Publicly Verifiable Delegation of Large Polynomials and Matrix Computations, with Applications. D. Fiore, R. Gennaro. CCS’12
- [CFW12] Efficient Network-Coding Signatures in the Standard Model. D. Catalano, D. Fiore, B. Warinschi. PKC’12
- [CFW11] Adaptive Pseudo-Free Groups and Applications. D. Catalano, D. Fiore, B. Warinschi. EUROCRYPT’11