BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:How to Compute in the Presence of Leakage - Rothblum\, G (Microsof
 t Research)
DTSTART:20120411T150000Z
DTEND:20120411T160000Z
UID:TALK37406@talks.cam.ac.uk
CONTACT:Mustapha Amrani
DESCRIPTION:We address the following problem: how to execute any algorithm
 \, for an unbounded number of executions\, in the presence of an attacker 
 who gets to observe partial information on the internal state of the compu
 tation during executions.\n\nThis general problem has beenaddressed in the
  last few years with varying degrees of success. It is important for runni
 ng cryptographic algorithms in the presence of side-channel attacks\, as w
 ell as for running non-cryptographic algorithms\, such as a proprietary se
 arch algorithm or a game\, on a cloud server where parts of the execution'
 s internals might be observed.\n\nIn this work\, we view algorithms as run
 ning on a leaky CPU. In each (sub)-computation run on the CPU\, we allow t
 he adversary to observe the output of an arbitrary and adaptively chosen l
 ength-bounded function on the CPU's input\, output\, and randomness.\n\nOu
 r main result is a general compiler for transforming any algorithm into on
 e that is secure in the presence of this family of partial observation att
 acks (while maintaining the algorithm's functionality). This result is unc
 onditional\, it does not rely on any secure hardware components or cryptog
 raphic assumptions.\n
LOCATION:Seminar Room 1\, Newton Institute
END:VEVENT
END:VCALENDAR