Informatik, TU Wien

Private Function Evaluation - On the Gap Between Theory and Practice

Demonstrating the crucial relevance of (logical) side-channel attacks for private function evaluation.


Private function evaluation is traditionally achieved in one of three ways: by fully homomorphic encryption, by garbled circuits or by multiparty computation. While all these have been studied for years and seen sophisticated implementations, their practical usefulness is so far still quite limited, either due to high computational complexity, high communication overhead, or similar. By exploring a fourth recent approach to secure function evaluation, we will demonstrate the crucial relevance of (logical) side-channel attacks for private function evaluation. Using a hypothetical (idealized) computing architecture that is assumed to process encrypted data (no matter how this is technically done), we will demonstrate how to break the underlying encryption (no matter how it looks like), using the computing platform only (thus needing no cryptanalysis). Based on these findings, we argue for a broader view on security that explicitly accounts for the context and environment in which the processing happens. This gap is still widely open and will receive attention in the talk. The presentation concludes by drawing the audience’s attention to the wide range of security precautions beyond pure cryptography and access control, pointing out directions of security risk diversion by decision theory – a seemingly powerful yet widely unexplored route to security.


Stefan Rass is currently an associate professor at the Universität Klagenfurt. He owns a double master degree in computer science and technical mathematics, and has a PhD in technical mathematics, with a dissertation related to game theory, security infrastructures and information-theoretic security. His research interests are security, applied cryptography, statistics, decision- and game-theory for security, and security infrastructures. He led many security-related projects, as well as being an active consultant and researcher in several EU projects.


This talk is organized by the Automation Systems Group at the Institute of Computer Aided Automation and AIT Safety and Security Department and belongs to the "Cyber Security Lecture Series".