Can the government compel decryption? Don't trust -- verify

If a court knows that a respondent knows the password to a device, can the court compel the respondent to enter that password into the device? In this work, we propose a new approach to the foregone conclusion doctrine from Fisher v US that governs the answer to this question. The Holy Grail of this line of work would be a framework for reasoning about whether the testimony implicit in any action is already known to the government. In this paper we attempt something narrower. We introduce a framework for specifying actions for which all implicit testimony is, constructively, a foregone conclusion. Our approach is centered around placing the burden of proof on the government to demonstrate that it is not "rely[ing] on the truthtelling" of the respondent. Building on original legal analysis and using precise computer science formalisms, we propose demonstrability as a new central concept for describing compelled acts. We additionally provide a language for whether a compelled action meaningfully entails the respondent to perform in a manner that is 'as good as' the government's desired goal. Then, we apply our definitions to analyze the compellability of several cryptographic primitives including decryption, multifactor authentication, commitment schemes, and hash functions. In particular, our framework reaches a novel conclusion about compelled decryption in the setting that the encryption scheme is deniable: the government can compel but the respondent is free to use any password of her choice.CNS-1915763 - National Science Foundation; HR00112020021 - Department of Defense/DARPA; CNS-1718135 - National Science Foundation; CNS-1801564 - National Science Foundation; CNS-1931714 - National Science FoundationAccepted manuscrip

Census TopDown: The Impacts of Differential Privacy on Redistricting

The 2020 Decennial Census will be released with a new disclosure avoidance system in place, putting differential privacy in the spotlight for a wide range of data users. We consider several key applications of Census data in redistricting, developing tools and demonstrations for practitioners who are concerned about the impacts of this new noising algorithm called TopDown. Based on a close look at reconstructed Texas data, we find reassuring evidence that TopDown will not threaten the ability to produce districts with tolerable population balance or to detect signals of racial polarization for Voting Rights Act enforcement

The GGM Function Family is Weakly One-Way

We give the first demonstration of the cryptographic hardness of the Goldreich-Goldwasser-Micali (GGM) function family when the secret key is exposed. We prove that for any constant $\epsilon>0$, the GGM family is a $1/n^{2+\epsilon}$-weakly one-way family of functions, when the lengths of secret key, inputs, and outputs are equal. Namely, any efficient algorithm fails to invert GGM with probability at least $1/n^{2+\epsilon}$, even when given the secret key. Additionally, we state natural conditions under which the GGM family is strongly one-way

Multi-regulation computing: examining the legal and policy questions that arise from secure multiparty computation

This work examines privacy laws and regulations that limit disclosure of personal data, and explores whether and how these restrictions apply when participants use cryptographically secure multi-party computation (MPC). By protecting data during use, MPC can help to foster the positive effects of data usage while mitigating potential negative impacts of data sharing in scenarios where participants want to analyze data that is subject to one or more privacy laws, especially when these laws are in apparent conflict so data cannot be shared in the clear. But paradoxically, most adoptions of MPC to date involve data that is not subject to any formal privacy regulation. We posit that a major impediment to the adoption of MPC is the difficulty of mapping this new technology onto the design principles of data privacy laws. To address this issue and with the goal of spurring adoption of MPC, this work introduces the first systematic framework to reason about the extent to which secure multiparty computation implicates data privacy laws. Our framework revolves around three questions: a definitional question on whether the encodings still constitute ‘personal data,’ a process question about whether the act of executing MPC constitutes a data disclosure event, and a liability question about what happens if something goes wrong. We conclude by providing advice to regulators and suggestions to early adoptors to spur uptake of MPC.NSF 18-209 - National Science Foundation; CNS-1915763 - National Science Foundation; HR00112020021 - Department of Defense/DARPA; CNS-1801564 - National Science Foundation; CNS-1931714 - National Science Foundation; CNS-1718135 - National Science Foundationhttps://aloni.net/wp-content/uploads/2022/08/Multi-Regulation-Computing-Walsh-Varia-Cohen-Sellars-Bestavros-ACM-CSLAW-22.pdfAccepted manuscrip

Cryptography with Updates

Starting with the work of Bellare, Goldreich and Goldwasser [CRYPTO\u2794], a rich line of work has studied the design of updatable cryptographic primitives. For example, in an updatable signature scheme, it is possible to efficiently transform a signature over a message into a signature over a related message without recomputing a fresh signature. In this work, we continue this line of research, and perform a systematic study of updatable cryptography. We take a unified approach towards adding updatability features to recently studied cryptographic objects such as attribute-based encryption, functional encryption, witness encryption, indistinguishability obfuscation, and many others that support non-interactive computation over inputs. We, in fact, go further and extend our approach to classical protocols such as zero-knowledge proofs and secure multiparty computation. To accomplish this goal, we introduce a new notion of updatable randomized encodings that extends the standard notion of randomized encodings to incorporate updatability features. We show that updatable randomized encodings can be used to generically transform cryptographic primitives to their updatable counterparts. We provide various definitions and constructions of updatable randomized encodings based on varying assumptions, ranging from one-way functions to compact functional encryption

Alternative Stacking Sequences in Hexagonal Boron Nitride

The relative orientation of successive sheets, i.e. the stacking sequence, in layered two-dimensional materials is central to the electronic, thermal, and mechanical properties of the material. Often different stacking sequences have comparable cohesive energy, leading to alternative stable crystal structures. Here we theoretically and experimentally explore different stacking sequences in the van der Waals bonded material hexagonal boron nitride (h-BN). We examine the total energy, electronic bandgap, and dielectric response tensor for five distinct high symmetry stacking sequences for both bulk and bilayer forms of h-BN. Two sequences, the generally assumed AA' sequence and the relatively unknown (for h-BN) AB (Bernal) sequence, are predicted to have comparably low energy. We present a scalable modified chemical vapor deposition method that produces large flakes of virtually pure AB stacked h-BN; this new material complements the generally available AA' stacked h-BN

Watermarking Cryptographic Capabilities

A watermarking scheme for programs embeds some information called a mark into a program while preserving its functionality. No adversary can remove the mark without damaging the functionality of the program. In this work, we study the problem of watermarking various cryptographic programs such as pseudorandom function (PRF) evaluation, decryption, and signing. For example, given a PRF F, we create a marked program C~ that evaluates F(). An adversary that gets C~ cannot come up with any program C* in which the mark is removed but which still evaluates the PRF correctly on even a small fraction of the inputs. The work of Barak, Goldreich, Impagliazzo, Rudich, Sahai, Vadhan, and Yang (CRYPTO\u2701 and Journal of ACM 59(2)) shows that, assuming indistinguishability obfuscation (iO), such watermarking is impossible if the marked program C~ evaluates the original program with perfect correctness. In this work we show that, assuming iO, such watermarking is possible if the marked program C~ is allowed to err with even a negligible probability, which would be undetectable to the user. Our watermarking schemes are public key, meaning that we use a secret marking key to embed marks in programs, and a public detection key that allows anyone to detect marks in programs. Our schemes are secure against chosen program attacks where the adversary is given oracle access to the marking functionality. We emphasize that our security notion of watermark non-removability considers arbitrary adversarial strategies to modify the marked program, in contrast to the prior works (Nishimaki, EUROCRYPT \u2713)

Interactions between rootstock, inter-stem and scion xylem vessel characteristics of peach trees growing on rootstocks with contrasting size-controlling characteristics

This paper documents that while characteristics of the xylem anatomy and calculated hydraulic conductance of peach rootstock genotypes differ according to their effects on vigour of the scion they do not strongly influence the xylem characteristics of the scion. Furthermore xylem characteristics of a dwarfing rootstock genotype used as an inter-stem do not substantially influence anatomical characteristics of a vigorous rootstock below the inter-stem or the scion above it