After the first week of extensive introductory reading with the MIT paper on “mental poker” and various other links, I spent this week reviewing core concepts of cryptography. In this time, I throughly reviewed different forms of cryptography (asymmetric and symmetric) and then looked at various implementations. Looking at the MIT paper, we will have to implement an asymmetric cryptography solution, in order for the data to remain oblivious and secure.
Following that, I proceeded to watch a presentation by renowned cryptographer and computer scientist, Dr. Moti Yung (https://www.youtube.com/watch?v=-UwJ2Hr1OA8). Along with his detailed explanation of the fundamentals and possible use cases of the mental poker theories, he also presented useful information regarding product development. He explained how computer science theory is useful only when it can directly converted into application, and that theoretical analysis is only 10% of the work in a project. That is a good reminder to computer science researchers like myself to delve into theory as well as evaluate into feasibility and usability of it. As coding enthusiasts, it is easy to drift away into our own “cyberspace” and dream all interesting mathematical and computational puzzles, but we must know how to use them in real life.
In addition, Yung also talked about homomorphic and commutative encryption functions. At first, these topics seemed foreign, so I spent the next day learning more about them. Reading https://eprint.iacr.org/2008/356.pdf, I understood that commutative encryption uses mathematical functions that ensure that f(g(x))=g(f(x)). Looking at the previous MIT paper, I realized that this is essential to the project, as given values can only be authenticated and verified if this is true. Many implementations use prime numbers and modulo functions, and I have seen that they play an indispensable role to cryptography in general. Scrolling through https://crypto.stackexchange.com/questions/26845/are-there-transitive-ciphers-either-symmetric-and-asymmetric/32881, I found many implementations of this, each having their own pros and cons. I intend to revisit this and look closely into relevant ciphers. I also looked at http://web.mit.edu/6.857/OldStuff/Fall02/handouts/L15-voting.pdf (written by the ‘R’ of RSA), detailing homomorphic encryption. I learnt that this is a tool that ensures that outputs of particular function given raw input and encrypted input are identical. It talks about malleability, which is the measure to how much “malleable” or “reversible” a certain algorithm is without all the necessary keys/authenticators. With this, one knows that this can cause a problem with passwords, as stealing even the encrypted data would yield the same result, allowing the hacker to infiltrate and login into the victim’s account. However, we might be able to use this homomorphic encryption with its “blind signatures” that allow for data to be anonymized while staying relevant.
Looking at various papers and articles, I have learnt a lot regarding different encryption concepts and theories. This has taught me valuable lessons regarding the fundamentals. I will take these concepts along with me to the next week and evaluate each component for my final demo application.