Cryptography in context: Bitcoin, breaches, and security in the real world
This talk will cover the design, implementation, and deployment of new cryptography to solve security issues that arise in real-world applications. Providing security for practically-deployed systems requires a new approach to cryptography, one that begins with the context in which cryptographic protocols will be used and reasons backwards in order to obtain the necessary security properties. This talk will cover two examples of this approach. First, I will take a detailed look at confidentiality for payments and how to solve the privacy failures of blockchain protocols such as Bitcoin. I will detail the design, implementation, and commercial deployment of Zcash, the first system to offer confidentiality while preserving public verifiability for cryptocurrencies. Next, I will explore cryptography in the context of securing data against breaches, considering the reality that attackers will gain access to cryptographic key material --- thus rendering traditional encryption ineffective. I will show how to use new applications of puncturable encryption to address these vulnerabilities for messaging and device encryption.