ACM Conference on Computer and Communications Security 2022: Field Notes 

Valeria Nikolaenko

Editor’s note: Field Notes is a series where we report on the ground at significant industry, research, and other events. In this edition, Valeria Nikolaenko, a16z crypto Research Partner, shares her quick highlights from the ACM CCS conference, which took place November 7-11 in Los Angeles. The conference is one of the largest in computer and communication security. Lera notes: “I highlighted papers and talks you might not want to miss, as well as papers most relevant to blockchain tech. Make sure to also check out the papers that won best paper awards, mentioned below.”

Keynotes

  • Shafi Goldwasser, the Director of the Simons Institute at UC Berkeley, gave a talk on planting an undetectable trapdoor in the machine learning models (paper).
  • Michelle Mazurek, an Associate Professor in University of Maryland, talked about the general confusion about the guidelines (often 300+) given to non-expert to help them stay safe online, including vague caution to be “careful” when using public WiFi, or the rules around password’s expiry. She argues we, as a community, should make the recommendations more clear, and more importantly find channels to reach the general public.
  • Srini Devadas, Professor at MIT, highlighted his recent developments in hardware acceleration of lattice-based fully-homomorphic encryption. On his radar might be accelerations of zero-knowledge provers. Srini’s work is behind the design of Intel SGX.

Blockchain-related papers

Core-cryptography

  • MatProofs: Maintainable Matrix Commitment with Efficient Aggregation
    A new matrix commitment scheme that allows to open any subset of the matrix entries. It is concise (costans-size commitment), aggregatable (proofs for multiple elements can be aggregated into a succinct proof), easily updatable (the old proofs and commitments can be updated) and maintainable (can update all proofs within time sublinear in the length of the committed vector).

MPC, secret sharing, and threshold cryptography

  • ROAST: Robust Asynchronous Schnorr Threshold Signatures
    Is a simple wrapper that turns a FROST threshold Schnorr signature protocol into a protocol with robust and asynchronous signing. Robust here means that for a “t-out-of-n” threshold t honest signers will be able to obtain a valid signature even in the presence of malicious signers. This work is especially important in light of recent standardization efforts for FROST with IETF, and interest from NIST for standardizing threshold cryptography.
  • STAR: Secret Sharing for Private Threshold Aggregation Reporting
    [BEST PAPER AWARD] STAR improves the state of private data collection, it is easy to implement and cheap to run. At a high level the idea is that each client constructs a ciphertext by encrypting their measurement and sends a k-out-of-n secret share of the randomness used to derive the encryption key. The server learns all the measurements that are shared by at least k clients.
  • Threshold Cryptography as a Service (in the Multiserver and YOSO Models)
    Design and implement a novel threshold solution for the recently introduced YOSO (You Only Speak Once) model that works particularly well in systems with dynamic participation – each party only speaks once and then can go offline. The authors show efficient protocols that allow n’ dealers, each with m secrets, to share all their secrets among a set of n shareholders.
  • Server-Aided Continuous Group Key Agreement
    CGKA protocol provides E2E secure group management for groups whose properties may change mid-session (e.g., the set of members, the group name, etc.) Any such change initiates an epoch change and the creation of a new symmetric key known to epoch members but not to anyone else. Members will only transit to a new epoch if they agree with the changes to the properties of the group. This work reduces communication complexity to support larger groups.
  • On the Adaptive Security of Threshold BLS Signature Scheme
    BLS threshold signatures are an important building block for randomness beacons that are inherent to asynchronous consensus. This paper proves adaptive security of BLS with a tight reduction, and states what security notion is needed for DKG.

Zero Knowledge

Consensus

Miscellaneous topics in blockchain

***

Valeria Nikolaenko is a Research Partner at a16z crypto. Her research focuses on cryptography and blockchain security. She has also worked on topics such as long-range attacks in PoS consensus protocols, signature schemes, post-quantum security, and multi-party computation. She holds a PhD in Cryptography from Stanford University, and worked on the Diem blockchain as part of the core research team.

***

The views expressed here are those of the individual AH Capital Management, L.L.C. (“a16z”) personnel quoted and are not the views of a16z or its affiliates. Certain information contained in here has been obtained from third-party sources, including from portfolio companies of funds managed by a16z. While taken from sources believed to be reliable, a16z has not independently verified such information and makes no representations about the enduring accuracy of the information or its appropriateness for a given situation. In addition, this content may include third-party advertisements; a16z has not reviewed such advertisements and does not endorse any advertising content contained therein.

This content is provided for informational purposes only, and should not be relied upon as legal, business, investment, or tax advice. You should consult your own advisers as to those matters. References to any securities or digital assets are for illustrative purposes only, and do not constitute an investment recommendation or offer to provide investment advisory services. Furthermore, this content is not directed at nor intended for use by any investors or prospective investors, and may not under any circumstances be relied upon when making a decision to invest in any fund managed by a16z. (An offering to invest in an a16z fund will be made only by the private placement memorandum, subscription agreement, and other relevant documentation of any such fund and should be read in their entirety.) Any investments or portfolio companies mentioned, referred to, or described are not representative of all investments in vehicles managed by a16z, and there can be no assurance that the investments will be profitable or that other investments made in the future will have similar characteristics or results. A list of investments made by funds managed by Andreessen Horowitz (excluding investments for which the issuer has not provided permission for a16z to disclose publicly as well as unannounced investments in publicly traded digital assets) is available at https://a16z.com/investments/.

Charts and graphs provided within are for informational purposes solely and should not be relied upon when making any investment decision. Past performance is not indicative of future results. The content speaks only as of the date indicated. Any projections, estimates, forecasts, targets, prospects, and/or opinions expressed in these materials are subject to change without notice and may differ or be contrary to opinions expressed by others. Please see https://a16z.com/disclosures for additional important information.

podcast: web3 with a16z

a show about building the next internet, from a16z crypto

newsletter:
web3 weekly

a newsletter from a16z crypto that's your go-to guide on the next internet