微博

ECO中文网

 找回密码
 立即注册

QQ登录

只需一步,快速开始

查看: 1193|回复: 0
收起左侧

2012 沙菲-戈德瓦瑟

[复制链接]
发表于 2022-4-23 10:39:13 | 显示全部楼层 |阅读模式

马上注册 与译者交流

您需要 登录 才可以下载或查看,没有帐号?立即注册

x
Shafi Goldwasser

PHOTOGRAPHS
BIRTH:
1959, New York City

EDUCATION:
B.S., Department of Mathematics, Carnegie Mellon University (1979); M.S., Department of Electrical Engineering and Computer Science, University of California at Berkeley (1981); Ph.D., Department of Electrical Engineering and Computer Science, University of California at Berkeley (1984).

EXPERIENCE:
Bantrel Postdoctoral Fellowship, Massachusetts Institute of Technology (1983); Assistant Professor, Massachusetts Institute of Technology (1983-1987); Associate Professor, Massachusetts Institute of Technology (1987-1992); Professor of Electrical Engineering and Computer Science, Massachusetts Institute of Technology (1992-present); Professor of Computer Science and Applied Mathematics, Weizmann Institute of Science (1993-present); Co-Leader of the Cryptography and Information Security Group, Massachusetts Institute of Technology (1995-present); RSA Professor of Electrical Engineering and Computer Science, Massachusetts Institute of Technology (1997-present).

HONORS AND AWARDS:
IBM Young Faculty Development Award (1983-1985); NSF Presidential Young Investigator Award (1987-1992); NSF Award for Women in Science (1991-1996); Co-winner, SIGACT Gödel Prize (1993); ACM Grace Murray Hopper Award (1996); RSA Award in Mathematics for Outstanding Mathematical Contributions to Cryptography (1998); Weizmann Institute Levenson Prize in Mathematics (1999); Co-winner, SIGACT Gödel Prize (2001); Fellow, American Academy of Arts and Science (2001); Fellow, National Academy of Sciences (2004); Fellow, National Academy of Engineering (2005); Distinguished Alumnus Award in Computer Science and Engineering, University of California, Berkeley (2006);  Athena Lecturer, Association for Computing Machinery’s Committee on Women in Computing (2008); Franklin Institute Benjamin Franklin Medal in Computer and Cognitive Science (2010); IEEE Emanuel R. Piore Award (2011); Fellow, IACR (2012).

PRESS RELEASE
SHAFI GOLDWASSER DL Author Profile link
United States, Israel – 2012
CITATION
Along with Silvio Micali, for transformative work that laid the complexity-theoretic foundations for the science of cryptography, and in the process pioneered new methods for efficient verification of mathematical proofs in complexity theory.

SHORT ANNOTATED
BIBLIOGRAPHY
ACM TURING AWARD
LECTURE VIDEO
RESEARCH
SUBJECTS
ADDITIONAL
MATERIALS
VIDEO INTERVIEW
Shafi Goldwasser has made fundamental contributions to cryptography, computational complexity, computational number theory and probabilistic algorithms.  Her career includes many landmark papers which have initiated entire subfields of computer science.  These include creating the theoretical foundations of modern cryptography, the introduction of zero-knowledge interactive proofs, the introduction of multi-prover proofs (later known as probabilistically checkable proofs), discovering the connection between probabilistically checkable proofs and the intractability of approximation problems, showing how to use the theory of elliptic curves to distinguish primes from composites, and launching combinatorial property testing.

Shafi was born in 1959 in New York City. Her parents were Israeli, and her joint American/Israeli citizenship presaged the two countries that would play such an important role in her research. Her family returned to Israel where Shafi attended grade school in Tel Aviv. In high school she was especially interested in physics, mathematics and literature. After her schooling she returned to the U.S. and became an undergraduate in the mathematics department at Carnegie Mellon University. Soon, however, she became interested in programming (which she had never done before) and computer science. One computer science course that she especially remembers, taught by Jon Bentley, was an algorithms and discrete math course that she loved. She also worked on the CM* project at CMU, a 50-processor multiprocessor system. Shafi next had a summer internship at the RAND Corporation in Los Angeles. She loved living on Venice Beach, but her seduction by California wasn’t complete until she drove up the coast road one weekend and entered Berkeley for the first time.

Shafi enrolled in graduate school in Computer Science at the University of California, Berkeley, without knowing what she wanted to study. Her master's work was with Michael Powell and David Patterson, studying the optimal instruction set for the RISC architecture. But she soon met a group of enthusiastic young theoretical computer scientists – including Eric Bach, Faith Ellen, Mike Luby, Jeff Shallit, Vijay Vazirani and her Turing Award co-recipient Silvio Micali – and she began to see that her interests lay in theoretical areas.

Goldwasser describes her experiences as a Berkeley graduate student.       
What closed the deal for her was a number theory course by another Turing Award recipient, Manuel Blum. Subjects such as primality testing, quadratic residues, quadratic non-residues, RSA, and coin-tossing really excited her. She happily attended the first Crypto conference in Santa Barbara and met the three authors of the RSA cryptographic system, themselves later Turing Award recipients: Ron Rivest, Adi Shamir and Len Adleman.

Goldwasser describes beginning her collaboration with Micali and work on cryptography in a class of Manuel Blum’s.       
The first problem Shafi began working on with Micali was how to hide partial information in “mental poker”. Their solution [1] was an essentially perfect way of encrypting a single bit (against a computationally limited adversary), and they invented a “hybrid” technique to show that independently encrypting individual bits causes the whole message to be secure. In their example, encryption security was provably based on a quadratic residuosity assumption. They were the first to give a rigorous definition of semantic security for a public-key encryption system, and showed that it was equivalent to a number of other intuitive formulations of security. Julius Caesar may have used cryptography, but now we were finally beginning to understand it.

Goldwasser explains how to play “mental poker” while hiding all partial information.       
Upon graduating from Berkeley in 1984, Shafi went to the Massachusetts Institute of Technology, first as a postdoc, and then as a faculty member. She became the RSA Professor of Electrical Engineering and Computer Science in 1997. In 1992 she began a parallel career as a Professor of Computer Science and Applied Mathematics at the Weizmann Institute of Science in Israel. Shafi, with her husband and computer scientist Nir Shavit and their two sons, somehow divide their time between the two institutes, spending about three years at a time in each country.

It was an exciting time when Shafi came to M.I.T. She joined a group with similar research interests: Micali had arrived, and Benny Chor, Oded Goldreich, Ron Rivest and Mike Sipser were there. With Goldreich and Micali [4], Shafi investigated whether the notion of a pseudorandom number generator could be generalized so that one could generate exponentially many bits (or equivalently, a function) pseudorandomly. What would it even mean to do this? This definition was in itself important, and it is why we understand today what it means for a block cipher such as AES to be secure. They also showed how to provably transform a pseudorandom number generator into a pseudorandom function generator. These ideas had applications to the (then) new field of Learning Theory, providing examples of things that cannot be learned.

Shafi, with Micali (and later Rackoff) [6], had been thinking for a while about expanding the traditional notion of “proof” to an interactive process in which  a "prover" can convince a probabilistic "verifier" of the correctness of  a mathematical proposition with overwhelming probability if and only if the proposition is correct. They called this interactive process an "interactive proof" (a name suggested by Mike Sipser). They wondered if one could  prove some non-trivial statement (for example, membership of a string in a hard language) without giving away any knowledge whatsoever about why it was true. They defined that the verifier receives no knowledge  from the prover if the verifier  could simulate on his own the probability distribution that he obtains in interacting with the prover.The idea that “no knowledge” means simulatability was a very important contribution. They also gave the first example of these “zero knowledge interactive proofs” using quadratic residuosity. This paper won the first ACM SIGACT Gödel Prize. This zero-knowledge work led to a huge research program in the community that continues to this day, including results showing that (subject to an assumption such as the existence of one-way functions) a group of distrusting parties can compute a function of all their inputs without learning any knowledge about other people’s inputs beyond that which follows from the value of the function.

Goldwasser recalls her introduction, with Micali, of zero knowledge proofs.       
Sharing the Gödel Prize was a paper by László Babai and Shlomo Moran that gave a different notion of interactive proof, where the randomness of the verifier is only from public coins. An example in Shafi's paper on zero knowledge clearly seemed to require private coins, but Shafi and Michael Sipser [7] later proved that the two notions are equivalent. This involved using public coins to do interactive proofs showing lower bounds on the sizes of sets.

Around this time, Shafi returned to her love of number theory. After hearing a talk by René Schoof about counting the number of points on elliptic curves, she and Joe Kilian [3] showed that for most primes, it is possible to use elliptic curves to construct a normal, non-interactive proof that the number is indeed prime. This meant that when a “prime” is chosen for a cryptographic algorithm such as RSA, one can be absolutely certain that the number really is prime. (It was only much later that we learned of a polynomial-time algorithm for primality testing.)

Goldwasser describes her work with Joe Kilian on proofs of primality.       
Shafi then started asking a number of questions concerning what kinds of security can be achieved without computational complexity assumptions. This led to a model for multi-party computation where, instead of an assumption, one changes the physical model so that every pair of parties has a secure channel between them. Shafi, with Michael Ben-Or and Avi Wigderson, showed [8] that with sufficiently many honest parties, function evaluation in this setting can be done securely. The construction uses a form of algebraic “verifiable secret sharing”, a variant on an idea first proposed [2] by Goldwasser, Baruch Awerbuch, Benny Chor, and Micali.

Another outcome of this research was a variant of interactive proofs where the prover is replaced by two or more provers who cannot talk with each other. Shafi, with Ben-Or, Kilian and Wigderson, showed [9] that two provers are sufficient, and that all of NP can be proven with zero knowledge in this model without any assumptions. This inspired many extremely important results by other people. We can't explain all that development here, so we will cut to Shafi's next big contribution.

Shafi, with Feige, Lovasz, Safra and Szegedy, by examining the power of multi-prover proofs, discovered [10] that the existence of these proofs (with certain parameters) implies a hardness of approximation result for certain NP-complete languages. Specifically, they showed that if the size of a maximum clique in a graph can be approximated within a constant factor, then all of NP can be accepted in nearly polynomial time. This result inspired decades of results about PCPs (probabilistically checkable proofs, an alternative characterization of multi-prover proofs) and hardness of approximation. This paper earned Shafi her second Gödel Prize, shared with two papers that prove nearly optimal parameters for PCPs. One of the most important contributors to this area is Johan Håstad, who years earlier had been the very first of Shafi's many amazing graduate students.

Goldwasser defines the concept of a probabilistically checkable proof.       
With Mihir Bellare, Carsten Lund and Alexander Russell, Shafi produced [11] one of the first works showing how to fine-tune some of the PCP parameters, leading to improved results on hardness of approximation. The theme of approximation enters her work in a number of other ways as well. One computational problem, which quantum computers have not to date been able to attack and on which public-key cryptography can be based, is approximating the shortest vector size in an integer lattice.  Shafi and Goldreich [12] showed an especially succinct interactive proof for this approximation problem, thus demonstrating it is unlikely to be NP-hard.

On the algorithmic side, with Goldreich and Dana Ron, Shafi introduced the subject of “property testing” for combinatorial properties [13].  Given an object (such as a graph) for which either a given property holds or the object is far from any other object for which the property holds, we want to (probabilistically) determine which is the case by examining the object in only a small  number of locations. In [13] property-testers are devised which need to examine only a constant number of edges in a graph for several NP-complete properties such as 3-coloring, max-cut, and other graph partition problems..

Interactive proofs also play a major role in her recent research about how a user can delegate computation to a very fast but untrusted “cloud” computer. This is one of the most important research areas in cryptography today. Shafi, with Yael Tauman Kalai and Guy Rothblum, introduced [15] one practical formulation of this question, and showed how to efficiently delegate the computation of small-depth functions.

Shafi has recently explored different models for how to achieve “code obfuscation”. For example, with Tauman Kalai and Rothblum she proposed [16] the model of "one-time program" which obfuscates a program so that it can be executed only for a prescribed number of executions, assuming a special kind of universal secure hardware.  In recent work [18] with Tauman Kalai, Vinod Vaikuntanathan, Raluca Ada Popa, and Nickolai Zeldovich on “functional encryption,” Shafi introduced yet another new paradigm for general function obfuscation called “token-based obfuscation."

Another recent area of research [17] is protection against “side-channel attacks”, where an adversary is able to get information (for example, by measuring processor power consumption) that is not part of the stream of bits specified by a protocol. Shafi, with Adi Akavia and Vaikuntanathan, had the first results showing how to do public-key encryption in a way that remains secure even if the secret memory containing the secret key is partially leaked. This was the beginning of an intensive research effort by the cryptographic community to define and achieve leakage resilience for cryptographic primitives and protocols.

Two other interesting facts about Shafi: Since her husband Nir Shavit has also won a Gödel Prize, her household total of three may be a record. And recently, Shafi has become a fan and practitioner of “Playback Theater”, an improvisational interactive group experience.



Author: Charles Rackoff



沙菲-戈德瓦瑟

照片
出生地:美国
1959年,纽约市

学历:卡内基梅隆大学数学系学士(1979年);电子工程系硕士。
卡内基梅隆大学数学系学士(1979年);加利福尼亚大学伯克利分校电子工程和计算机科学系硕士(1981年);加利福尼亚大学伯克利分校电子工程和计算机科学系博士(1984年)。

工作经验。
麻省理工学院Bantrel博士后奖学金(1983);麻省理工学院助理教授(1983-1987);麻省理工学院副教授(1987-1992);麻省理工学院电子工程和计算机科学教授(1992至今)。魏茨曼科学研究所计算机科学和应用数学教授(1993年至今);麻省理工学院密码学和信息安全小组联合领导(1995年至今);麻省理工学院电子工程和计算机科学RSA教授(1997年至今)。

荣誉和奖项。
IBM青年教师发展奖(1983-1985);NSF总统青年研究员奖(1987-1992);NSF科学女性奖(1991-1996);SIGACT哥德尔奖共同获奖者(1993);ACM格雷斯-默里-霍普奖(1996);RSA数学奖对密码学的杰出数学贡献(1998);魏兹曼研究所列文森数学奖(1999);SIGACT哥德尔奖共同获奖者(2001)。美国艺术与科学学院院士(2001年);美国国家科学院院士(2004年);美国国家工程院院士(2005年);加州大学伯克利分校计算机科学与工程杰出校友奖(2006年);美国计算机协会女性计算机委员会雅典娜讲师(2008年);富兰克林学院本杰明-富兰克林计算机和认知科学奖(2010年);IEEE伊曼纽尔R。Piore奖(2011年);IACR研究员(2012年)。

新闻发布
SHAFI GOLDWASSER DL作者简介链接
美国, 以色列 - 2012
参考文献
与Silvio Micali一起,为密码学科学奠定了复杂性理论基础的变革性工作,并在此过程中开创了有效验证复杂性理论中数学证明的新方法。

简短注释
书目
亚马逊图灵奖
讲座视频
研究成果
主题
额外的
材料
采访视频
沙菲-戈德瓦瑟在密码学、计算复杂性、计算数论和概率算法方面做出了基本贡献。 她的职业生涯包括许多里程碑式的论文,这些论文开创了计算机科学的整个子领域。 其中包括创建了现代密码学的理论基础,引入了零知识互动证明,引入了多验证器证明(后来被称为概率可检查证明),发现了概率可检查证明和近似问题的不可控性之间的联系,展示了如何使用椭圆曲线的理论来区分素数和合成物,并启动了组合属性测试。

沙菲1959年出生在纽约市。她的父母是以色列人,她的美国/以色列联合公民身份预示着这两个国家将在她的研究中发挥如此重要的作用。她的家人回到了以色列,沙菲在特拉维夫上小学。在高中时,她对物理学、数学和文学特别感兴趣。完成学业后,她回到美国,成为卡内基梅隆大学数学系的一名本科生。但很快,她就对编程(她以前从未做过)和计算机科学产生了兴趣。她特别记得一门计算机科学课程,由乔恩-本特利教授,是一门她很喜欢的算法和离散数学课程。她还在CMU的CM*项目中工作,这是一个50个处理器的多处理器系统。沙菲接下来在洛杉矶的兰德公司进行了暑期实习。她喜欢住在威尼斯海滩,但她对加州的诱惑并不完全,直到她在一个周末开车上了海岸公路,第一次进入伯克利。

沙菲在不知道自己想研究什么的情况下,进入了加州大学伯克利分校的计算机科学研究生院。她的硕士工作是与迈克尔-鲍威尔和大卫-帕特森一起,研究RISC架构的最佳指令集。但她很快就遇到了一群热情的年轻理论计算机科学家--包括埃里克-巴赫、菲斯-艾伦、迈克-卢比、杰夫-沙利特、维贾伊-瓦兹拉尼和她的图灵奖共同获得者西尔维奥-米卡里--她开始发现自己的兴趣在于理论领域。

戈德瓦瑟描述了她作为伯克利大学研究生的经历。       
对她来说,完成交易的是另一位图灵奖获得者曼努埃尔-布卢姆的数论课程。诸如首要性测试、二次残差、二次非残差、RSA和掷硬币等主题确实让她感到兴奋。她高兴地参加了在圣巴巴拉举行的第一届加密会议,并见到了RSA加密系统的三位作者,他们也是后来的图灵奖得主。罗恩-里维斯特、阿迪-沙米尔和伦-阿德曼。

戈德瓦瑟描述了她与米卡利开始合作,并在曼努埃尔-布卢姆的一个班上从事密码学工作。       
沙菲与米凯利开始研究的第一个问题是如何在 "心理扑克 "中隐藏部分信息。他们的解决方案[1]是一种基本上完美的加密单一比特的方式(针对计算能力有限的对手),他们发明了一种 "混合 "技术,表明独立加密个别比特会导致整个信息的安全。在他们的例子中,加密的安全性是基于二次残差假设而证明的。他们是第一个为公钥加密系统给出语义安全的严格定义的人,并表明它等同于其他一些安全的直观表述。凯撒大帝可能已经使用了密码学,但现在我们终于开始了解它了。

戈德瓦瑟解释了如何在隐藏所有部分信息的同时玩 "心理扑克"。       
1984年从伯克利毕业后,沙菲去了麻省理工学院,先是做博士后,然后是做教员。她于1997年成为电子工程和计算机科学的RSA教授。1992年,她开始了在以色列魏茨曼科学研究所担任计算机科学和应用数学教授的平行生涯。沙菲和她的丈夫、计算机科学家尼尔-沙维特以及他们的两个儿子一起,不知不觉地在两个研究所之间分配时间,每次在每个国家停留大约三年。

当沙菲来到麻省理工学院时,那是一个令人兴奋的时刻,她加入了一个有类似研究兴趣的小组。Micali已经到了,Benny Chor、Oded Goldreich、Ron Rivest和Mike Sipser也在那里。与Goldreich和Micali一起[4],Shafi研究了伪随机数生成器的概念是否可以被泛化,以便可以伪随机地生成指数级的许多比特(或等同于一个函数)。这样做到底意味着什么?这个定义本身就很重要,这也是为什么我们今天能理解像AES这样的区块密码的安全含义。他们还展示了如何将一个伪随机数生成器证明性地转化为一个伪随机函数生成器。这些想法适用于学习理论(当时)的新领域,提供了不能学习的事物的例子。

Shafi和Micali(以及后来的Rackoff)[6],已经思考了一段时间,将传统的 "证明 "概念扩展为一个互动过程,在这个过程中,"证明者 "可以以压倒性的概率说服概率论的 "验证者 "相信一个数学命题的正确性,当且仅当该命题是正确的。他们把这种互动过程称为 "互动证明"(由Mike Sipser建议的名称)。他们想知道是否可以证明一些非微不足道的陈述(例如,硬语言中的字符串成员)而不泄露任何关于它为什么是真的知识。他们定义,如果验证者可以自己模拟他在与验证者的互动中获得的概率分布,那么验证者就不会从验证者那里得到任何知识。"无知识 "意味着可模拟性,这一想法是一个非常重要的贡献。他们还给出了这些 "零知识互动证明 "的第一个例子,使用二次残差。这篇论文赢得了第一届ACM SIGACT哥德尔奖。这项零知识的工作导致了社区中一个巨大的研究项目,并持续到今天,包括显示(在一个假设下,如单向函数的存在)一群不信任的各方可以计算他们所有输入的函数,而不需要学习任何关于其他人的输入的知识,除了从函数的值中得到的知识。

戈德瓦瑟回忆说,她和米卡利一起提出了零知识证明。       
分享哥德尔奖的是拉斯洛-巴贝和什洛莫-莫兰的一篇论文,它给出了一个不同的交互式证明的概念,其中验证者的随机性只是来自公共硬币。沙菲论文中关于零知识的一个例子显然似乎需要私人硬币,但沙菲和迈克尔-西普斯[7]后来证明这两个概念是等同的。这涉及到使用公共硬币来做交互式证明,显示集合大小的下限。

大约在这个时候,沙菲回到了她对数论的热爱。在听到René Schoof关于计算椭圆曲线上的点数的演讲后,她和Joe Kilian[3]表明,对于大多数素数,可以用椭圆曲线来构建一个正常的、非交互式的证明,证明这个数字确实是素数。这意味着,当一个 "素数 "被选择用于RSA等加密算法时,人们可以绝对确定这个数字确实是素数。(只是在很久以后,我们才知道有一种多项式时间的素数检验算法)。

戈德瓦瑟描述了她与乔-基里安在证明素数方面的工作。       
然后Shafi开始提出一些问题,涉及到在没有计算复杂性假设的情况下可以实现什么样的安全性。这导致了一个多方计算的模型,在这个模型中,人们改变了物理模型,使每一对当事人之间都有一个安全通道,而不是假设。Shafi与Michael Ben-Or和Avi Wigderson表明[8],在有足够多的诚实方的情况下,这种情况下的函数评估可以安全地完成。该构造使用了一种代数 "可验证秘密共享 "的形式,这是Goldwasser、Baruch Awerbuch、Benny Chor和Micali首次提出的想法的一个变种[2]。

这项研究的另一个成果是交互式证明的变体,其中证明者被两个或更多的证明者取代,他们不能相互交谈。Shafi与Ben-Or、Kilian和Wigderson合作,证明了[9]两个证明者是足够的,而且在这个模型中,所有的NP都可以在没有任何假设的情况下用零知识来证明。这启发了其他人的许多极其重要的结果。我们不能在这里解释所有的发展,所以我们将切入Shafi的下一个重大贡献。

Shafi与Feige、Lovasz、Safra和Szegedy一起,通过研究多验证器证明的力量,发现[10]这些证明的存在(有一定的参数)意味着某些NP-complete语言的近似度结果的硬度。具体来说,他们表明,如果图中最大悬崖的大小可以在一个常数系数内被逼近,那么所有的NP都可以在近乎多项式的时间内被接受。这个结果激发了几十年来关于PCPs(概率可检查证明,多证明人证明的另一种表征)和近似的硬度的结果。这篇论文为沙菲赢得了她的第二个哥德尔奖,与两篇证明PCPs近乎最优参数的论文共享。这一领域最重要的贡献者之一是Johan Håstad,多年前他是Shafi众多惊人的研究生中的第一个。

戈德瓦瑟定义了概率上可检查证明的概念。       
与Mihir Bellare、Carsten Lund和Alexander Russell一起,Shafi产生了[11]最早的作品之一,展示了如何微调PCP的一些参数,导致近似的硬度的改进结果。近似的主题也在其他一些方面进入了她的工作。有一个计算问题是近似整数格中最短的矢量大小,量子计算机至今还无法攻击这个问题,而公钥密码学可以基于这个问题。 Shafi和Goldreich[12]为这个近似问题展示了一个特别简洁的交互式证明,从而证明了它不太可能是NP-hard。

在算法方面,与Goldreich和Dana Ron一起,Shafi引入了组合属性的 "属性测试 "课题[13]。 给定一个对象(如图),对于它来说,要么一个给定的属性成立,要么该对象远离任何其他属性成立的对象,我们想(概率地)通过检查该对象的少量位置来确定哪种情况是真的。在[13]中设计了属性测试器,它只需要检查图中恒定数量的边,以获得几个NP-complete属性,如3-着色、最大切割和其他图分区问题。

在她最近关于用户如何将计算委托给一个非常快但不被信任的 "云 "计算机的研究中,互动证明也发挥了重要作用。这是当今密码学中最重要的研究领域之一。Shafi与Yael Tauman Kalai和Guy Rothblum介绍了[15]这个问题的一个实际表述,并展示了如何有效地委托小深度函数的计算。

Shafi最近探索了如何实现 "代码混淆 "的不同模式。例如,她与Tauman Kalai和Rothblum一起提出了[16]"一次性程序 "的模型,该模型混淆了一个程序,使其只能在规定的执行次数内被执行,并假设了一种特殊的通用安全硬件。 在最近与Tauman Kalai、Vinod Vaikuntanathan、Raluca Ada Popa和Nickolai Zeldovich关于 "函数加密 "的工作[18]中,Shafi为一般函数混淆引入了另一种新的范式,称为 "基于标记的混淆"。

最近的另一个研究领域[17]是对 "侧信道攻击 "的保护,即对手能够获得不属于协议规定的比特流的信息(例如,通过测量处理器的功耗)。Shafi与Adi Akavia和Vaikuntanathan一起取得了第一个成果,表明如何以一种即使包含秘密密钥的秘密存储器被部分泄露也仍然安全的方式进行公开密钥加密。这是密码学界为定义和实现密码学基元和协议的泄漏弹性而进行的密集研究的开始。

关于沙菲还有两个有趣的事实。由于她的丈夫Nir Shavit也获得了哥德尔奖,她家的三个奖项可能是一个记录。最近,沙菲成了 "回放剧院 "的粉丝和实践者,这是一种即兴的互动团体体验。
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|小黑屋|手机版|网站地图|关于我们|七月天| ECO中文网 ( 京ICP备06039041号  

GMT+8, 2022-12-1 22:46 , Processed in 0.070008 second(s), 20 queries .

Powered by Discuz! X3.3

© 2001-2017 Comsenz Inc.

快速回复 返回顶部 返回列表