Give


ECE Seminar Series


ISTeC Distinguished Lecture In conjunction with the Department of Electrical and Computer Engineering and Department of Computer Science Seminar Series

Title: My Business is None of Your Business: Employing Secure Computation for Core Business
Speaker: Moti Yung
Affiliation: Snapchat Inc
Day: Monday, September 25, 2017
Time: 11:00 am - 12:00 pm
Location: Morgan Library Event Hall

Abstract: Innovations in security and privacy are critical to advancing modern computing in our time. I will present an effort involving deployment of commercial applications designed and built as a ‘secure multi-party computation protocol for specific tasks' to be used repetitively to achieve a number of concrete ubiquitous business goals. In these applications, the outputs are calculated in the presence of privacy constraints which prevent parties from sharing their individual inputs directly and openly. I will also discuss what I think are the reasons for the inherent difficulty of developing such routines in general (for achieving business goals). In particular, I will survey what I believe to be the reasons that for almost 40 years since secure computation protocols was invented as a basic theoretical notion (the third component of modern cryptography), capturing specific and then general computational tasks, and in spite of its theoretical and even more recent commendable experimentation success, the notion has not yet been widely and seriously used in achieving routine relevant business goals by main stream industry (in contrast with symmetric key and public key cryptosystems and protocols, which were the first and second invention of modern cryptography, and were also proposed 40-45 years ago, and are used extensively, primarily to implement secure authenticated channels). I will cover some of the basic methodology taken to deploy the technology. (Work done in collaboration with Google Privacy and Ads groups)

Bio: Dr. Moti Yung is a computer scientist whose main interests are in cryptography, security, and privacy. He is currently with Snap Inc. Yung earned his Ph.D. from Columbia University in 1988. He worked at IBM Research, was a vice president and chief scientist at CertCo, and was director of Advanced Authentication Research at RSA Laboratories, and a research scientist with Google. He holds an adjunct faculty appointment at Columbia University where he co-advised several Ph.D. students over the years. He has served as consultant to leading companies and to open projects with various governments as well. Yung’s major interests are building strong useful foundations for the field based on practical needs and reality of systems, and, on the other hand, transforming theoretical ideas into practice. He has contributed extensively to numerous new cryptographic ideas, foundations, techniques, protocols, and systems, and to new central notions like encryption, signature, and protocols (one example is innovating the notion of public key cryptosystems secure against chosen-ciphertext attack -- currently a major requirement from public-key encryption operating on the Internet). He has also contributed to innovative security and privacy industrial constructions embedded in actual large scale systems and networks. Examples of the latter are IBM’s SNA network authentication, the Greek National Lottery system, the security and privacy aspects of Google’s global systems such as the Ad Exchange (ADX), Google private Ads attribution based on off line user activities, and Snapchat's cloud storage security). He also predicted innovations that were later adopted by business (like "social based authentication for account recovery"). Further, his interest in the subtlety of the notion of "trusted systems" has led to predicting what is known as ransomware, and predicting the crypto subversion attack vector: a deniable algorithm substitution attacks on cryptosystems (which was allegedly mounted within the deployed American Federal Information Processing Standard detailing the Dual_EC_DRBG). He is a fellow of the ACM, IEEE, IACR, and the European Assoc. for Theoretical Computer Science (EATCS), and a recipient of ACM's SIGSAC Outstanding Innovation Award.