- About
- Events
- Calendar
- Graduation Information
- Cornell Learning Machines Seminar
- Student Colloquium
- BOOM
- Spring 2025 Colloquium
- Conway-Walker Lecture Series
- Salton 2024 Lecture Series
- Seminars / Lectures
- Big Red Hacks
- Cornell University / Cornell Tech - High School Programming Workshop and Contest 2025
- Game Design Initiative
- CSMore: The Rising Sophomore Summer Program in Computer Science
- Explore CS Research
- ACSU Research Night
- Cornell Junior Theorists' Workshop 2024
- People
- Courses
- Research
- Undergraduate
- M Eng
- MS
- PhD
- Admissions
- Current Students
- Computer Science Graduate Office Hours
- Advising Guide for Research Students
- Business Card Policy
- Cornell Tech
- Curricular Practical Training
- A & B Exam Scheduling Guidelines
- Fellowship Opportunities
- Field of Computer Science Ph.D. Student Handbook
- Graduate TA Handbook
- Field A Exam Summary Form
- Graduate School Forms
- Instructor / TA Application
- Ph.D. Requirements
- Ph.D. Student Financial Support
- Special Committee Selection
- Travel Funding Opportunities
- Travel Reimbursement Guide
- The Outside Minor Requirement
- Diversity and Inclusion
- Graduation Information
- CS Graduate Minor
- Outreach Opportunities
- Parental Accommodation Policy
- Special Masters
- Student Spotlights
- Contact PhD Office
Concrete Security Bounds in Cryptography: Advancing the Meta-Reduction Paradigm
Abstract: A central aspect of research in theoretical cryptography is defining the boundaries of what can be proven secure, both via positive results, which take the form of security reductions, and negative (impossibility) results which prove the non-existence of such reductions. In this talk, we focus on one of the key methods for proving impossibility results, known as the meta-reduction paradigm. Roughly speaking, given a reduction which uses an adversary for some primitive to break the security of an underlying assumption (thus demonstrating that the primitive is secure as long as the assumption is), if we create a "meta-reduction" which efficiently simulates the interaction between this reduction and an "ideal" but inefficient adversary, then we can show that the meta-reduction itself efficiently breaks the assumption, and so either such a reduction cannot exist or the underlying assumption is inherently insecure.
In this talk, I will present two of my recent works, produced jointly with Rafael Pass and Elaine Shi, which leverage the meta-reduction paradigm to prove strong bounds on the "efficiency", or concrete security loss, of reductions that are not impossible. Notably, these constitute the first "complete" concrete security bounds, as, prior to ours, all such results have required significant restrictions on the class of reductions for which they provide bounds. Our first result (presented at TCC '18) removes these restrictions from a classical result by Jean-Sebastien Coron (Eurocrypt '02), ruling out any "efficient" (linear-preserving) reduction from unique or rerandomizable digital signature schemes to arbitrary assumptions. The second provides a similar, yet more technically intricate, impossibility result for reductions from multi-user security of families of pseudorandom functions. Using these works as a starting point, I hope to work towards investigating the full extent and limitations of what we can prove via meta-reductions