Encryption is a tool for achieving information privacy. It is usually analyzed in the single-user setting, where only a single recipient of encrypted data is considered. In the real word, however, there are many users, sending each other encrypted data. We investigate the crucial question of whether protocols? various security properties hold in the real ?multi-user? setting. First, we address data-privacy of public-key encryption schemes in the multi-user setting, namely in the presence of attacks involving the encryption of related messages under different public keys, as exemplified by Hastad?s classical attacks on RSA. We provide a model for measuring the security in this setting and prove that security in the single-user setting implies security in the multi-user setting, as long as the former is interpreted in the strong sense. This reassuring result pinpoints many schemes guaranteed to be secure in the multi-user setting. We then highlight the importance in practice of considering and achieving better concrete security, and present improved concrete security results for two popular schemes. While hiding data was considered the only goal of encryption, the emerging concerns about the users? privacy rights in the digital world highlighted the importance of another property, namely, hiding identities of intended recipients of encrypted data. Next, we study this property of encryption in the multi-user setting, which we call ?anonymity? or ?key-privacy?. Finally, we propose and explore an interesting technique that offers important performance and bandwidth benefits in scenarios where a sender needs to encrypt messages for several receivers. We also provide a general test that helps to determine when the technique can be securely applied.
Speaker Biography
Alexandra Boldyreva received her B.S. and M.S. degrees in Applied Mathematics from the St. Petersburg State Technical University, Russia. She is currently a Computer Science Ph.D. candidate in the Cryptography and Security Laboratory at the University of California, San Diego. Her research focuses on cryptography and information security, in particular, the design and analysis of efficient provably-secure protocols.