Special Topics on Privacy and Public Auditability — Event 6

Abstract. Welcome to STPPA#6: the 6^th event of the Special Topics on Privacy and Public Auditability (STPPA)! The event has the them "Community Efforts on Advanced Cryptographic Techniques", and it includes invited talks about various efforts (such as by HomomorphicEncryption, MPC Alliance, ZKProof, ETSI, CFRG and ISO/IEC) for standardization or development of reference material about advanced cryptographic techniques (such as FHE, MPC, ZKP, ABE, PAKE and threshold cryptography).This introductory session includes two parts:

1. Welcoming from the Chief of the Computer security Division, including some words about the NIST-ITL context and interest in emerging privacy-enhancing cryptography.
2. A brief introduction of the STPPA series context, in the scope of the NIST project on privacy-enhancing cryptography (PEC), and more specific notes about the STPPA6 event, including the alignment of its topics with the upcoming NIST First Call for Multi-Party Threshold Schemes.

[Slides] [Video]

Abstract. In this talk we will introduce the HomomorphicEncryption.org community.  HomomorphicEncryption.org was started as an industry consortium to jump-start the standardization process for Fully Homomorphic Encryption, with participation from large industry, start-ups, government and academia.  The community hosts biannual meetings that have created international standards for the FHE protocols and their security settings.  These early efforts have resulted in widely cited and generally agreed-upon security settings for FHE, and has heavily influenced the ISO in their drafting of an FHE standard.

[Slides] [Video]

Abstract. This talk introduces the MPC Alliance, a consortium of organizations focusing on the development of secure multi-party computation (MPC) and its application to use cases within and across industries. Most member organizations fall into two areas of emphasis (security and data privacy), with some representing specific verticals of application and others providing more general-purpose software, services, and infrastructure. The presentation reviews past activities of the MPC Alliance as a whole (including survey and feedback efforts, conferences, and other engagements), as well as the work and contributions of individual member organizations within standards-setting programs and industry bodies. The value of MPC standardization is emphasized, with MPC being vetted -- and in some cases being deployed in production -- within multiple industries.

[Slides] [Video]

Abstract. ZKProof is a global movement to standardise and mainstream advanced cryptography by building a community-driven trust ecosystem.  In this talk I discuss the applications, structure and community behind zero-knowledge proofs.

[Slides] [Video]

Abstract: Over the last two decades, Attribute-Based Encryption (ABE in short) has been raising academic and industrial interest because of its capability of going beyond the "unveil all or nothing” approach which traditional public key cryptography offers. With the aim of facilitating conformance and interoperability of real-world deployments, in 2018 ETSI — the EU-recognized standards Body for telecommunications, broadcasting and electronic communications — released the first technical specifications proposing ABE as a technique to implement distributed, fine-grained attribute-based access control via cryptography. Addressing some potential use cases, this talk will illustrate ETSI TS 103 532, which standardizes four well-consolidated ciphertext policy and key policy ABE schemas, with two different levels of security and two different functionalities (key exchange/message encryption). The talk will address the main achievements, known limitations and challenges at the present time. In parallel to standardization of more traditional Attribute-Based Encryption schemas, the talk will also introduce the work of ETSI TC CYBER QSC group on solutions using attribute subset covers in pre and post-quantum hybridized key encapsulation mechanisms, which prove to be very efficient and effective when not all combinations of attributes are required in the encryption or key policies.

[Slides] [Video]

Abstract. This talk focuses on the latest work on cryptography for use in internet protocols by the Cryptographic Forum Research Group (CFRG), a research group within the Internet Research Task Force (IRTF), a sister organization to the Internet Engineering Task Force (IETF). The presentation summarizes previously published RFCs by the group and ongoing work on advanced cryptographic techniques such as pairing-friendly curves, threshold encryption, and Password-Authenticated Key Exchanges (PAKEs). This talk emphasizes the practical applications and benefits of these techniques in enhancing security, confidentiality, and integrity in internet protocols. This talk emphasizes the importance of peer-reviewed standards and showcases lessons learned by the CFRG. Attendees will gain insights into the cutting-edge work being done in advanced cryptography for internet protocols and the impact on securing digital communications.

[Slides] [Video]

Abstract. Fully Homomorphic Encryption (FHE) empowers users to delegate computation to the cloud. It allows the processing of encrypted inputs without the need for decryption and returns encrypted outputs to intended recipients. However, the industry's adoption of FHE has been slow due to several reasons. First, processing encrypted data incurs a significant performance tax, even for simple operations. Cipher operations can be several orders of magnitude slower than clear-text operations on existing hardware. Second, there is a shortage of automation tools for translating data and applications to enable FHE. Third, there is a lack of standards and best practices for secure FHE deployment, particularly in combination with other confidential computing techniques. In this talk, we will concentrate on the progress made in standardizing FHE under the guidance of ISO/IEC JTC1 SC27, the Joint Technical Committee of the International Organization for Standardization and the International Electrotechnical Commission, since its inception.

Abstract. In this panel conversation at STPPA#6, we gather a speaker from each of the six invited talks to follow up with various questions, answers and comments about promotion of advanced cryptography. Addressed topics may include: lessons learned, development of reference material and standards, applications for privacy and auditability, adoption plans, vision for the future.

[Slide]