Yehuda Lindell

Last updated
Yehuda Lindell
YehudaLindell2.jpg
Born24 February 1971 (1971-02-24) (age 53)
Australia
Alma materBSc Bar-Ilan University, 1997
MSc Bar-Ilan University, 1998
Ph.D. Weizmann Institute of Science, 2002
Known for Secure multi-party computation
Scientific career
Fields Cryptography
Institutions Bar Ilan University
Doctoral advisor Oded Goldreich and Moni Naor

Yehuda Lindell (born 24 February 1971) is an Israeli professor in the Department of Computer Science at Bar-Ilan University where he conducts research on cryptography with a focus on the theory of secure computation and its application in practice. Lindell currently leads the cryptography team at Coinbase.

Contents

Education and academic positions

Lindell received a BSc and Msc degree in computer science from Bar-Ilan University. He then obtained a PhD in computer science from the Weizmann Institute of Science in 2002. Lindell received a Raviv Fellowship [1] and spent two years at IBM's cryptography research group at the T.J. Watson Research Center. In 2004, he returned to Israel to take up an academic position at Bar-Ilan University. [2] Lindell's work on secure computation was recognized by the award of an ERC starting grant in 2009 and an ERC consolidators grant in 2014. [3] Lindell was appointed as an IACR Fellow in 2021. [4]

Industry experience

Lindell worked from 2004 to 2014 as a permanent cryptographic consultant to Safenet, formally Aladdin. He co-founded the company Unbound Security, and served as its Chief Scientist from 2014 to 2018. In early 2019, he took over the role of CEO of Unbound Security, taking leave from Bar-Ilan University. In January 2022, Unbound Security was acquired by Coinbase, and Lindell now leads their cryptography team.

Research

Lindell's main contributions are in the field of secure multiparty computation. Lindell's research initially focused on theoretical feasibility, and in particular in the area of protocol composition. Lindell has carried out extensive research on efficient two-party secure computation via the Yao garbled circuit construction, and on efficient multiparty computation for the multiparty honest-majority setting based on Secret sharing. His most cited work is a joint paper with Benny Pinkas on privacy preserving data mining [5] in which the use of secure computation was proposed for performing data mining algorithms; in particular the ID3 algorithm. Lindell provided the first proof of security for the basic Yao protocol, [6] and the first proof of security for the BGW protocol. [7] Lindell has also worked on the design of two-party protocols which are secure against active adversaries, [8] [9] [10] [11] the introduction of the concept of covert adversarial models, [12] and much more. Lindell won the IBM Pat Goldberg Memorial Best Paper Award in Computer Science, Electrical Engineering and Math in 2006 for his work on the composition of Authenticated Byzantine Agreement, [13] and the best paper award at ACM CCS 2016 for work on high-throughput MPC protocols. [14] In 2021, Lindell published a review article on secure multiparty computation in the Communications of the ACM. [15]

Lindell is also the co-inventor of the AES-GCM-SIV mode of operation for symmetric encryption, standardized by the IETF Crypto Forum Research Group in RFC 8452. [16] He received the best paper award at ACM CCS 2017 for the research paper behind AES-GCM-SIV. [17]

Lindell is also the author of a textbook with Jonathan Katz on modern cryptography. This textbook is utilized in many universities around the world as a standard reference work.

Books

Related Research Articles

In cryptography, a random oracle is an oracle that responds to every unique query with a (truly) random response chosen uniformly from its output domain. If a query is repeated, it responds the same way every time that query is submitted.

In cryptography, an oblivious transfer (OT) protocol is a type of protocol in which a sender transfers one of potentially many pieces of information to a receiver, but remains oblivious as to what piece has been transferred.

A cryptographic protocol is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives. A protocol describes how the algorithms should be used and includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.

Secure multi-party computation is a subfield of cryptography with the goal of creating methods for parties to jointly compute a function over their inputs while keeping those inputs private. Unlike traditional cryptographic tasks, where cryptography assures security and integrity of communication or storage and the adversary is outside the system of participants, the cryptography in this model protects participants' privacy from each other.

Provable security refers to any type or level of computer security that can be proved. It is used in different ways by different fields.

In cryptography, a password-authenticated key agreement (PAK) method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a password.

The Diffie–Hellman problem (DHP) is a mathematical problem first proposed by Whitfield Diffie and Martin Hellman in the context of cryptography and serves as the theoretical basis of the Diffie–Hellman key exchange and its derivatives. The motivation for this problem is that many security systems use one-way functions: mathematical operations that are fast to compute, but hard to reverse. For example, they enable encrypting a message, but reversing the encryption is difficult. If solving the DHP were easy, these systems would be easily broken.

In cryptography the standard model is the model of computation in which the adversary is only limited by the amount of time and computational power available. Other names used are bare model and plain model.

In computational complexity theory, a computational hardness assumption is the hypothesis that a particular problem cannot be solved efficiently. It is not known how to prove (unconditional) hardness for essentially any useful problem. Instead, computer scientists rely on reductions to formally relate the hardness of a new or complicated problem to a computational hardness assumption about a problem that is better-understood.

Secure two-party computation (2PC) a.k.a. Secure function evaluation is sub-problem of secure multi-party computation (MPC) that has received special attention by researchers because of its close relation to many cryptographic tasks. The goal of 2PC is to create a generic protocol that allows two parties to jointly compute an arbitrary function on their inputs without sharing the value of their inputs with the opposing party. One of the most well known examples of 2PC is Yao's Millionaires' problem, in which two parties, Alice and Bob, are millionaires who wish to determine who is wealthier without revealing their wealth. Formally, Alice has wealth , Bob has wealth , and they wish to compute without revealing the values or .

Non-interactive zero-knowledge proofs are cryptographic primitives, where information between a prover and a verifier can be authenticated by the prover, without revealing any of the specific information beyond the validity of the statement itself. This makes direct communication between the prover and verifier unnecessary, effectively removing any intermediaries.

Nigel Smart is a professor at COSIC at the Katholieke Universiteit Leuven and Chief Academic Officer at Zama. He is a cryptographer with interests in the theory of cryptography and its application in practice.

<span class="mw-page-title-main">Moti Yung</span> Israeli computer scientist

Mordechai M. "Moti" Yung is a cryptographer and computer scientist known for his work on cryptovirology and kleptography.

Jonathan Katz is a professor in the Department of Computer Science at the University of Maryland who conducts research on cryptography and cybersecurity. In 2019–2020 he was a faculty member in the Volgenau School of Engineering at George Mason University, where he held the title of Eminent Scholar in Cybersecurity. In 2013–2019 he was director of the Maryland Cybersecurity Center at the University of Maryland.

<span class="mw-page-title-main">Tal Rabin</span> American cryptographer

Tal Rabin is a computer scientist and Professor of Computer and Information Science at the University of Pennsylvania and a Director at Amazon Web Services (AWS). She was previously the head of research at the Algorand Foundation and the head of the cryptography research group at IBM's Thomas J. Watson Research Center.

<span class="mw-page-title-main">Amit Sahai</span> American cryptographer (born 1974)

Amit Sahai is an Indian-American computer scientist. He is a professor of computer science at UCLA and the director of the Center for Encrypted Functionalities.

Chandrasekaran Pandurangan is a computer scientist and academic professor of the Computer Science and Engineering Department at Indian Institute of Technology - Madras (IITM). He mainly focuses on the design of pragmatic algorithms, graph theory and cryptography.

Garbled circuit is a cryptographic protocol that enables two-party secure computation in which two mistrusting parties can jointly evaluate a function over their private inputs without the presence of a trusted third party. In the garbled circuit protocol, the function has to be described as a Boolean circuit.

<span class="mw-page-title-main">Private set intersection</span> Secure multiparty computation cryptographic technique

Private set intersection is a secure multiparty computation cryptographic technique that allows two parties holding sets to compare encrypted versions of these sets in order to compute the intersection. In this scenario, neither party reveals anything to the counterparty except for the elements in the intersection.

An oblivious pseudorandom function (OPRF) is a cryptographic function, similar to a keyed-hash function, but with the distinction that in an OPRF two parties cooperate to securely compute a pseudorandom function (PRF).

References

  1. "Raviv Fellowship Recipients" . Retrieved 2015-05-04.
  2. "CS Faculty | Department of Computer Science".
  3. "ERC Funding and Grants".
  4. "IACR Fellows Program".
  5. Y Lindell and B Pinkas. Privacy preserving data mining. Advances in Cryptology – CRYPTO 2000, 36-54.
  6. Y. Lindell and B. Pinkas. A proof of security of Yao’s protocol for two-party computation. Journal of Cryptology, 22(2):161-188, 2009.
  7. G. Asharov and Y. Lindell. A Full Proof of the BGW Protocol for Perfectly-Secure Multiparty Computation. In the Journal of Cryptology, 30(1):58-151, 2017.
  8. Y. Lindell and B. Pinkas. An efficient protocol for secure two-party computation in the presence of malicious adversaries. Advances in Cryptology – EUROCRYPT 2007, 52-78.
  9. Y. Lindell and B. Pinkas. Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer. Theory of Cryptography Conference TCC 2011, 392-346.
  10. Y. Lindell. Fast Cut-and-Choose Based Protocols for Malicious and Covert Adversaries. Advances in Cryptology – CRYPTO 2013, 1-17.
  11. Y. Lindell and B. Riva. Cut-and-Choose Yao-Based Secure Computation in the Online/Offline and Batch Settings. Advances in Cryptology – CRYPTO 2014, 476-494.
  12. Y. Aumann and Y. Lindell. Security against covert adversaries: Efficient protocols for realistic adversaries. Journal of Cryptology, 23(2), 281-343, 2010.
  13. Y. Lindell, A. Lysyanskaya and T. Rabin. On the Composition of Authenticated Byzantine Agreement. In the Journal of the ACM, 53(6):881–917, 2006.
  14. T. Araki, J. Furukawa, Y. Lindell, A. Nof and K. Ohara. High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority. In the 23rd ACM Conference on Computer and Communications Security (ACM CCS), pages 805–817, 2016.
  15. Y. Lindell. Secure Multiparty Computation (Review Article). Communications of the ACM (CACM), 64(1):86–96, 2021. "Secure Multiparty Computation - CACM".
  16. "Rfc8452". Ietf Datatracker. 17 April 2019.
  17. S. Gueron and Y. Lindell. Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation. In the 24th ACM Conference on Computer and Communications Security (ACM CCS), pages 1019–1036, 2017.