Luca Nizzardo, was a PhD student of the IMDEA Software Institute and his thesis “Cryptographic Techniques for the Security of Cloud and Blockchain Systems” defended in 2018 was directed by the Associate Professor, Dario Fiore. Nowadays he works for Protocol Labs helping to build protocols, systems, and tools to improve how Internet works.
This month the UPM has resolved the two winners of the Extraordinary Award and Luca’s thesis is one of them. In which he investigates how to enforce the honest behavior of parties involved in a digital interaction over the Internet. In particular, considering two emerging paradigms in this setting: Cloud computing and E-commerce.
The Human interactions often involve people who have different and sometimes contrasting interests, like buyers and sellers or consumers and providers. For what regards physical interactions, the society has developed during the years many different ways to protect users against misbehaviors. Nevertheless, when this communication happens in the digital world through the Internet, where people do not meet or even know each other, such a protection is more challenging to obtain, and additional digital tools are needed in order to defend users.
Two main security concerns that have given attention by the research community are those about the privacy and authenticity of the data stored and processed in untrusted environments. Intuitively, for privacy a Client does not want the server to learn any information about the outsourced data. For authenticity, the Client instead wants to be sure that the Cloud computed correctly on the outsourced data.vIn his thesis he focused on this second problem, advancing the study of homomorphic authenticators. In homomorphic authenticators a Client C outsources authenticated data to the Cloud. Later on, a third entity (the Verifier) can ask the Cloud to compute a function f over the Client’s outsourced data. Using a special procedure, the Cloud can provide the Verifier with an authenticator for the output of the function, which allows the Verifier to check the validity of the computation queried.
The contribution of the thesis addresses three different aspects of homomorphic authenticators: definitions, efficiency and functionalities.
First, it introduces a new security model which is stronger and easier to deal with compared with the existing one, along with two compilers which allow one to go from the old model to the new one. Second, it provides the first linearly homomorphic signature scheme whose verification keys have size sublinear in that of the outsourced dataset. Third, it formalizes the notion of homomorphic authenticators for functions which take inputs authenticated using different keys, providing concrete constructions both in the case of private and public verification.
For what regards E-commerce and, more in general, the possibility of transferring value through the Internet, this work is focused on achieving fair exchange by profiting of the Blockchain features, where with fair exchange we mean the possibility for two users to swap digital goods such that neither can cheat the other through Zero Knowledge Contingent Payments (ZKCP) protocol.