On The Challenges of Bringing Cryptography from Papers to Products: Results from an Interview Study with Experts
Authors
Fischer, K.; Trummová, I.; Gajland, P.; Acar, Y.; Fahl, S.; Sasse, A.
Year
2024
Published
33rd USENIX Security Symposium. The USENIX Association, 2024.
Type
Proceedings paper
Departments
Annotation
Cryptography serves as the cornerstone of information security and privacy in modern society. While notable progress has been made in the implementation of cryptographic techniques, a substantial portion of research outputs in cryptography, which strive to offer robust security solutions, are either implemented inadequately or not at all. Our study aims to investigate the challenges involved in bringing cryptography innovations from papers to products. To address this open question, we conducted 21 semistructured interviews with cryptography experts who possess extensive experience (10+ years) in academia, industry, and nonprofit and governmental organizations. We aimed to gain insights into their experiences with deploying cryptographic research outputs, their perspectives on the process of bringing cryptography to products, and the necessary changes within the cryptography ecosystem to facilitate faster, wider, and more secure adoption. We identified several challenges including misunderstandings and miscommunication among stakeholders, unclear delineation of responsibilities, misaligned or conflicting incentives, and usability challenges when bringing cryptography from theoretical papers to end-user products. Drawing upon our findings, we provide a set of recommendations for cryptography researchers and practitioners. We encourage better supporting cross-disciplinary engagement between cryptographers, standardization organizations, and software developers for increased cryptography adoption.
Security Notions for the VeraGreg Framework and Their Reductions
Authors
Klemsa, J.; Trummová, I.
Year
2020
Published
ISEA-ISAP 2020. IEEE Xplore, 2020. p. 8-20. ISBN 978-1-7281-6708-4.
Type
Proceedings paper
Departments
Annotation
Homomorphic encryption enables computations with encrypted data, however, in its plain form, it does not guarantee that the computation has been performed honestly. For the Fully Homomorphic Encryption (FHE), a verifiable variant emerged soon after the introduction of FHE itself, for a single-operation homomorphic encryption (HE), particular verifiable variant has been introduced recently, called the VeraGreg Framework. In this paper, we identify a weakness of List Non-Malleability as defined for the VeraGreg framework—an analogy to the classical Non-Malleability—and define a stronger variant, which addresses the weakness and which we show not to be strengthenable any more. Next, we suggest a decomposition of the abstract VeraGreg framework, introduce novel notions of security for the resulting components and show some reductions between them and/or their combinations. We conjecture that VeraGreg achieves the strongest (and desirable) security guarantee if and only if its building blocks achieve certain, much more tangible properties. Finally, we suggest a simplification to the original VeraGreg instantiation, which now relies on hardness of particular kind of the famous Shortest Vector Problem for lattices.