Unconditionally secure cryptography is sometimes perceived as being inherently unrealistic, perhaps due to Shannon's pessimistic results from the 50-ties. However, more recent research has shown that information theoretic security is in fact possible in many realistic scenarios. We will survey some of these results. A first set of results are about secure multiparty computation where information theoretic methods not only give higher security, but also more efficient protocols, even to the point where large scale practical applications can be handled. Although the information theoretic security requires secure point to point channels, the efficiency is preserved even if the channels are implemented by standard cryptography. A second set of results is in quantum cryptography. It can shown that even using quantum communication, information theoretic security is impossible without some limitation on the adversary. On the other hand, information theoretically secure and non-interactive bit commitment and oblivious transfer can be implemented assuming only a limitation on the size of the adversary's quantum memory.

Date:	11:20-12:00, Monday, March 23, 2009

Venue:	FIT Building 1-315, Tsinghua University

Title:	Trends in Information Theoretically Secure Cryptography

Speaker:	Ivan Damgård

Biography:	Ivan Damgård is a professor at the University of Aarhus in Denmark. He researches and teaches cryptography and is known among other things for the Merkle-Damgård construction used in most modern cryptographic hash functions such as SHA-1 and MD5. He discovered the structure independently of Ralph Merkle and published it in 1989. Ivan Damgård is also one of the founders of the Cryptomathic company.

Abstract:	Unconditionally secure cryptography is sometimes perceived as being inherently unrealistic, perhaps due to Shannon's pessimistic results from the 50-ties. However, more recent research has shown that information theoretic security is in fact possible in many realistic scenarios. We will survey some of these results. A first set of results are about secure multiparty computation where information theoretic methods not only give higher security, but also more efficient protocols, even to the point where large scale practical applications can be handled. Although the information theoretic security requires secure point to point channels, the efficiency is preserved even if the channels are implemented by standard cryptography. A second set of results is in quantum cryptography. It can shown that even using quantum communication, information theoretic security is impossible without some limitation on the adversary. On the other hand, information theoretically secure and non-interactive bit commitment and oblivious transfer can be implemented assuming only a limitation on the size of the adversary's quantum memory.