学术报告
我的位置在: 首页 > 学术报告 > 正文
Leakage deterring secret sharing and its application in secure cloud computing
浏览次数:日期:2019-07-04编辑:网络空间安全系

Speaker:  Dr. Changyu Dong, Newcastle University, UK

Time:     9:30am July 12, 2019

venue:  软件大楼106

Abstract:
Outsourcing data and computation to clouds has become a common business practice. However, using public clouds leads to potential security and privacy risks. One promising approach for countering the risks is to share the client's data among multiple clouds using a secret sharing scheme, and compute on the shares in the clouds using a multiparty computation (MPC) scheme. But this requires the client to trust the cloud servers to properly protect the shares: the shares are the only thing needed to reconstruct the data and they are now out of the client's control. Should all shares in the clouds be compromised, the client has no way to shield the data from the adversary. The trust is hard to come by, because the cloud providers may cut corners on security for more obvious benefits such as higher profits.
In this talk, I will present Leakage dEterring Authenticated Secret sHaring (LEASH) that is designed to incentivize the cloud providers to protect the client's data like their own. Moreover, LEASH is designed to be MPC friendly, meaning that the shares can be used directly in MPC, to facilitate secure outsourced computation in the clouds. LEASH also incorporates share authentication so the client can ensure the integrity of the outsourced data and the correctness of the outsourced computation. I will discuss multiple technical challenges we overcame while developing LEASH, and possible future directions.

Biography:
Changyu Dong received the Ph.D. degree from Imperial College London in 2009. He is currently a Senior Lecturer with the School of Computing, Newcastle University. He has authored over 30 publications in international journals and conferences. His research interests include applied cryptography, trust management, data privacy, and security policies. His recent work focuses
mostly on designing practical secure computation protocols. The application domains include secure cloud computing and privacy preserving data mining.