DOCSLIB.ORG

Protecting Privacy by Splitting Trust

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Protecting Privacy by Splitting Trust PROTECTING PRIVACY BY SPLITTING TRUST A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES OF STANFORD UNIVERSITY IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY Henry Corrigan-Gibbs December 2019 Abstract In this dissertation, we construct two systems that protect privacy by splitting trust among multiple parties, so that the failure of any one, whether benign or malicious, does not cause a catastrophic privacy failure for the system as a whole. The first system, called Prio, allows a company to collect aggregate statistical data about its users without learning any individual user’s personal information. The second, called Riposte, is a system for metadata-hiding communication that allows its users to communicate over an insecure network without revealing who is sending messages to whom. Both systems defend against malicious behavior using zero-knowledge proofs on distributed data, a cryptographic tool that we develop from a new type of probabilistically checkable proof. The two systems that we construct maintain their security properties in the face of an attacker who can control the entire network, an unlimited number of participating users, and any proper subset of the servers that comprise the system. These systems split trust in the sense that, as long as an attacker cannot compromise all of the participating servers, the system provides “best-possible” protection of the confidentiality of user data. Through the design, implementation, and deployment of these systems, we show that it is possible for us to enjoy the benefits of modern computing while protecting the privacy of our data. iv To my teachers v Acknowledgments My cousin Joe often jokes that I am a lifetime student. It occurred to me recently that this isn’t really a joke. So, as a lifetime student, I want to dedicate this dissertation to my teachers—all of the people in my life who have shared their knowledge and experience with me and who have enriched my life in the process. The Applied Crypto Group has been my academic home on campus and most of what I learned in grad school, I learned from its tremendous set of students and postdocs: Alex Ozdemir, Ananth Raghunathan, Ben Fisch, Benedikt Bünz, Benton Case, David Wu, Dmitry “Dima” Kogan, Florian Tramèr, Giancarlo Pellegrino, Hart Montgomery, Joe Bonneau, Joe Zimmerman, Kevin Lewi, Mark Zhandry, Riad Wahby, Saba Eskandarian, Sam Kim, Sergio Benitez, Suman Jana, Valeria Nikolaenko, and Yan Michalevsky. In my first year at Stanford, I shared an office with the members of the Secure Com- puter Systems Group. Those students, including Adam Belay, Ali Mashtizadeh, Amit Levy, Daniel Giffin, David Terei, Deian Stefan, and Edward Z. Yang, taught me volumes about programming, systems, and computer security. I want to thank Edward especially for many enlightening bike rides in the foothills and for his sage advice at a number of points in grad school when I needed it most. Later in grad school, I had the pleasure of working in an office with Francis Y. Yan, Greg Hill, John Emmons, Riad S. Wahby, and Sadjad Fouladi. I benefited immensely from Greg’s good taste in all things—from research questions and chart design to Bay Area restaurants and office decor. Talking with John about technical questions, especially on our Saturday-morning rides on Skyline, was terrific. The dedication and precision that Riad brings to his work consistently blows me away; I thank him for being so generous in giving feedback on my talks, papers, and half-baked ideas throughout my time at Stanford. And I thank Sadjad for being my source of truth on programming in general, and C++ in particular. vi During the latter part of grad school, I worked closely with a set of student co-authors and with my co-teachers of CS355 and CS359C: Sam Kim, Emma Dauterman, Florian Tramèr, Saba Eskandarian, Albert Kwon, David Wu, and Dima Kogan. Sam, you rarely raise your hand to ask a question or make a comment in talks, but when you do, without fail, you make an insightful observation that the rest of us would have missed. Emma, I continue to be impressed by the level of dedication and drive that you bring to your work and I look forward to seeing what you accomplish in this next phase of your research career. Florian, I greatly enjoyed our philosophical discussions about computer security (and your dark sense of humor about it all) at lunchtime, in the reading groups, and—most of all—on the ski lift. Saba, I feel very fortunate to have had you as a colleague and friend for these years, to share in both the successes of grad school and to commiserate when things didn’t go to plan. It’s hard to imagine working in an office without you around the corner. Albert, it was great fun working with you—you manage to be extremely focused and hardworking while also being very cheerful and laid back. It has been so satisfying to see your efforts in grad school pay off. David, you are one of my research role models. Even as your list of accomplishments and responsibilities grows longer and longer, you continue to maintain the same kindness, patience, and humility that you have always had. It is reassuring in this post-PhD life to know that if I ever get really stuck on something, I can always give you a call. Dima, discussing research problems with you in the various cafés around campus was a highlight of my time at Stanford. I learned so much about research just by watching you think and write, and I hope to have many more chances to work with you in the future. The staff members in the Gates Building were outstanding. I can’t thank them enough. Jay Subramanian expertly handled all sorts of issues that came up during my PhD studies. I never went wrong by following her advice. Angela Cao and Jam Kiattinant made sure that my funding was always in the right place at the right time. Mary Jane Swenson was a problem-solver extraordinaire. Even though she worked in a different group and on a different floor, she was an unfailingly reliable source of advice and help. Megan Harris and Ruth Harris were indispensable. They made sure that I always had the resources I needed to be a happy and productive grad student. Room bookings, travel funding, catering, supplies, office space, and on and on—they took care of it all with such class and such professionalism. I am in awe. I have worked with an excellent set of research external collaborators. This group includes Wendy Mu, Jay Chen, Bill Thies, Ed Cutrell, Nakull Gupta, Curtis Northcutt, Judson Wilson, Stuart Schechter, Srini Devadas, Eric Rescorla, Robert Helmer, Anthony Miyaguchi, vii and Dominic Rizzo. I thank them for exposing me to new areas of computer science and for teaching me to be a better researcher. The material in PartI of this dissertation is work done jointly with Elette Boyle, Niv Gilboa, and Yuval Ishai. As collaborators, they were welcoming, encouraging, and forgiving, and they were so much fun to work with. Yuval’s obsession with finding the right abstraction has changed the way I think about cryptography, and I continue to admire his consistent good humor and humility. I have found that making mistakes is one of the best (if not the most pleasant) ways to learn. I really appreciate those who took the time to email me to report errors in my papers: Justin Holmgren, Elette Boyle, Jiamin Zhu, Ben Riva, and Ling Ren. Each of them brainstormed and checked candidate fixes with me, and each was unfailingly kind throughout the process. Justin Thaler offered a number of suggestions that improved the work in PartI of this dissertation. During the shepherding process at NSDI 2017, Jay Lorch gave extensive and extremely helpful editorial advice on the work that forms Chapter4 of this dissertation. I would like to thank Fraser Brown, Geoffrey Voelker, Lorenzo Alvisi, Mihir Bellare, Phil Rogaway, and Remzi Arpaci-Dusseau for offering sound and thoughtful counsel as I made decisions in the last year of graduate school. The Stanford faculty has been extraordinarily supportive throughout my PhD studies. Matei Zaharia always had time for a technical discussion with me and offered good ideas faster than I could write them down. Phil Levis reminded me over and over to be true to my own taste and values in research. Zakir Durumeric shared his candid thoughts about starting out as a new professor. Keith Winstein was generous beyond all reason with his time, office space, funding, and controversial opinions. His critical eye improved my talks and made me a more careful researcher. Omer Reingold was the first person I would ask about difficult meta-research questions, and I always left his office happier than when I entered. David Mazières gave very candid and very helpful criticism of my talks and writing throughout grad school, and his encouragement during the job-application process was invaluable. David’s mantras (“Close the loop!”) will stay with me for life. A conversation with Martin Hellman early on in the PhD process shaped the way I viewed research, and I am delighted and thankful that he agreed to sit on the committee for my dissertation defense. I thank Nate Persily for agreeing to serve as the external chair for my defense. When I was an undergrad, Bryan Ford first got me excited about systems and computer security. He has been my academic guardian angel ever since. Bryan also taught me the viii most important lesson about research: if you’re not having fun, you’re doing it wrong.
Load more

Recommended publications
  • Arxiv:2104.04742V2 [Quant-Ph] 13 Apr 2021 Keywords: Quantum Cryptography, Remote State Preparation, Zero-Knowledge, Learning with Errors Table of Contents
    Non-Destructive Zero-Knowledge Proofs on Quantum States, and Multi-Party Generation of Authorized Hidden GHZ States Léo Colisson 1, Frédéric Grosshans 1, Elham Kashefi1,2 1 Laboratoire d’Informatique de Paris 6 (LIP6), Sorbonne Université, 4 Place Jussieu, 75252 Paris CEDEX 05, France {leo.colisson, frederic.grosshans}@lip6.fr 2 School of Informatics, University of Edinburgh, 10 Crichton Street, Edinburgh EH8 9AB, UK Abstract. Due to the special no-cloning principle, quantum states appear to be very useful in cryptography. But this very same property also has drawbacks: when receiving a quantum state, it is nearly impossible for the receiver to efficiently check non-trivial properties on that state without destroying it. This allows a malicious sender to send maliciously crafted states without being detected. The natural (destructive) method for testing a quantum state is the “cut-and-choose” method. However, this method has many drawbacks: the security is only linear, and the class of states and properties that can be tested is quite restricted. In this work, we propose a different approach, and we initiate the study of Non-Destructive Zero-Knowledge Proofs on Quantum States. Our method binds a quantum state to a classical encryption of that quantum state. That way, the receiver can obtain guarantees on the quantum state by asking to the sender to prove properties directly on the classical encryption. This method is therefore non-destructive, and it is possible to verify a very large class of properties. For instance, we can force the sender to send different categories of states depending on whether they know a classical password or not.
    [Show full text]
  • On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs*
    On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs* Benny Applebaum† Eyal Golombek* Abstract We study the randomness complexity of interactive proofs and zero-knowledge proofs. In particular, we ask whether it is possible to reduce the randomness complexity, R, of the verifier to be comparable with the number of bits, CV , that the verifier sends during the interaction. We show that such randomness sparsification is possible in several settings. Specifically, unconditional sparsification can be obtained in the non-uniform setting (where the verifier is modelled as a circuit), and in the uniform setting where the parties have access to a (reusable) common-random-string (CRS). We further show that constant-round uniform protocols can be sparsified without a CRS under a plausible worst-case complexity-theoretic assumption that was used previously in the context of derandomization. All the above sparsification results preserve statistical-zero knowledge provided that this property holds against a cheating verifier. We further show that randomness sparsification can be applied to honest-verifier statistical zero-knowledge (HVSZK) proofs at the expense of increasing the communica- tion from the prover by R−F bits, or, in the case of honest-verifier perfect zero-knowledge (HVPZK) by slowing down the simulation by a factor of 2R−F . Here F is a new measure of accessible bit complexity of an HVZK proof system that ranges from 0 to R, where a maximal grade of R is achieved when zero- knowledge holds against a “semi-malicious” verifier that maliciously selects its random tape and then plays honestly.
    [Show full text]
  • Interactive Proofs
    Interactive proofs April 12, 2014 [72] L´aszl´oBabai. Trading group theory for randomness. In Proc. 17th STOC, pages 421{429. ACM Press, 1985. doi:10.1145/22145.22192. [89] L´aszl´oBabai and Shlomo Moran. Arthur-Merlin games: A randomized proof system and a hierarchy of complexity classes. J. Comput. System Sci., 36(2):254{276, 1988. doi:10.1016/0022-0000(88)90028-1. [99] L´aszl´oBabai, Lance Fortnow, and Carsten Lund. Nondeterministic ex- ponential time has two-prover interactive protocols. In Proc. 31st FOCS, pages 16{25. IEEE Comp. Soc. Press, 1990. doi:10.1109/FSCS.1990.89520. See item 1991.108. [108] L´aszl´oBabai, Lance Fortnow, and Carsten Lund. Nondeterministic expo- nential time has two-prover interactive protocols. Comput. Complexity, 1 (1):3{40, 1991. doi:10.1007/BF01200056. Full version of 1990.99. [136] Sanjeev Arora, L´aszl´oBabai, Jacques Stern, and Z. (Elizabeth) Sweedyk. The hardness of approximate optima in lattices, codes, and systems of linear equations. In Proc. 34th FOCS, pages 724{733, Palo Alto CA, 1993. IEEE Comp. Soc. Press. doi:10.1109/SFCS.1993.366815. Conference version of item 1997:160. [160] Sanjeev Arora, L´aszl´oBabai, Jacques Stern, and Z. (Elizabeth) Sweedyk. The hardness of approximate optima in lattices, codes, and systems of linear equations. J. Comput. System Sci., 54(2):317{331, 1997. doi:10.1006/jcss.1997.1472. Full version of 1993.136. [111] L´aszl´oBabai, Lance Fortnow, Noam Nisan, and Avi Wigderson. BPP has subexponential time simulations unless EXPTIME has publishable proofs. In Proc.
    [Show full text]
  • IEEE TCDP Editorial Notes, June 2020 1. IEEE TCDP Awards
    IEEE TCDP Editorial Notes, June 2020 TCDP Editor: Palden Lama, University of Texas at San Antonio TCDP Chair: Xiaobo Zhou, University of Colorado, Colorado Springs Welcome to the June 2020 edition of the IEEE Distributed Processing Technical Committee’s Newsletter. This volume includes awards, interesting articles, job advertisements, upcoming conferences. The IEEE Computer Society Technical Committee on Distributed Processing (TCDP) is the ideal and appropriate organization to: • Foster and provide a fertile ground of our conferences. • Provide a forum for discussing all activities related to distributed processing. • Accept and publish through newsletters short articles from TCDP members. • Announce job advertisements. • Distribute to this community call for papers. • Announce upcoming conferences. 1. IEEE TCDP Awards 2020 IEEE TCDP Outstanding Technical Achievement Awards https://tc.computer.org/tcdp/awardrecipients/ The IEEE Computer Society Technical Committee on Distributed Processing (TCDP) has named Professor John Ousterhout from Stanford University and Professor Miron Livny from University of Wisconsin as the recipients of the 2020 Outstanding Technical Achievement Award. John Ousterhout is the Bosack Lerner Professor of Computer Science at Stanford University. He received a BS in Physics from Yale University and a PhD in Computer Science from Carnegie Mellon University. He was a Professor of Computer Science at U.C. Berkeley for 14 years, followed by 14 years in industry, where he founded two companies (Scriptics and Electric Cloud), before returning to academia at Stanford. He is a member of the National Academy of Engineering, a Fellow of the ACM, and has received numerous awards, including the ACM Software System Award, the ACM Grace Murray Hopper Award, the National Science Foundation Presidential Young Investigator Award, and the U.C.
    [Show full text]
  • Is It Easier to Prove Theorems That Are Guaranteed to Be True?
    Is it Easier to Prove Theorems that are Guaranteed to be True? Rafael Pass∗ Muthuramakrishnan Venkitasubramaniamy Cornell Tech University of Rochester [email protected] [email protected] April 15, 2020 Abstract Consider the following two fundamental open problems in complexity theory: • Does a hard-on-average language in NP imply the existence of one-way functions? • Does a hard-on-average language in NP imply a hard-on-average problem in TFNP (i.e., the class of total NP search problem)? Our main result is that the answer to (at least) one of these questions is yes. Both one-way functions and problems in TFNP can be interpreted as promise-true distri- butional NP search problems|namely, distributional search problems where the sampler only samples true statements. As a direct corollary of the above result, we thus get that the existence of a hard-on-average distributional NP search problem implies a hard-on-average promise-true distributional NP search problem. In other words, It is no easier to find witnesses (a.k.a. proofs) for efficiently-sampled statements (theorems) that are guaranteed to be true. This result follows from a more general study of interactive puzzles|a generalization of average-case hardness in NP|and in particular, a novel round-collapse theorem for computationally- sound protocols, analogous to Babai-Moran's celebrated round-collapse theorem for information- theoretically sound protocols. As another consequence of this treatment, we show that the existence of O(1)-round public-coin non-trivial arguments (i.e., argument systems that are not proofs) imply the existence of a hard-on-average problem in NP=poly.
    [Show full text]
  • DRAFT -- DRAFT -- Appendix
    Appendix A Appendix A.1 Probability theory A random variable is a mapping from a probability space to R.Togivean example, the probability space could be that of all 2n possible outcomes of n tosses of a fair coin, and Xi is the random variable that is 1 if the ith toss is a head, and is 0 otherwise. An event is a subset of the probability space. The following simple bound —called the union bound—is often used in the book. For every set of events B1,B2,...,Bk, k ∪k ≤ Pr[ i=1Bi] Pr[Bi]. (A.1) i=1 A.1.1 The averaging argument We list various versions of the “averaging argument.” Sometimes we give two versions of the same result, one as a fact about numbers and one as a fact about probability spaces. Lemma A.1 If a1,a2,...,an are some numbers whose average is c then some ai ≥ c. Lemma A.2 (“The Probabilistic Method”) If X is a random variable which takes values from a finite set and E[X]=μ then the event “X ≥ μ” has nonzero probability. Corollary A.3 If Y is a real-valued function of two random variables x, y then there is a choice c for y such that E[Y (x, c)] ≥ E[Y (x, y)]. 403 DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 404 APPENDIX A. APPENDIX Lemma A.4 If a1,a2,...,an ≥ 0 are numbers whose average is c then the fraction of ai’s that are greater than (resp., at least) kc is less than (resp, at most) 1/k.
    [Show full text]
  • Combinatorial Topology and Distributed Computing Copyright 2010 Herlihy, Kozlov, and Rajsbaum All Rights Reserved
    Combinatorial Topology and Distributed Computing Copyright 2010 Herlihy, Kozlov, and Rajsbaum All rights reserved Maurice Herlihy Dmitry Kozlov Sergio Rajsbaum February 22, 2011 DRAFT 2 DRAFT Contents 1 Introduction 9 1.1 DecisionTasks .......................... 10 1.2 Communication.......................... 11 1.3 Failures .............................. 11 1.4 Timing............................... 12 1.4.1 ProcessesandProtocols . 12 1.5 ChapterNotes .......................... 14 2 Elements of Combinatorial Topology 15 2.1 Theobjectsandthemaps . 15 2.1.1 The Combinatorial View . 15 2.1.2 The Geometric View . 17 2.1.3 The Topological View . 18 2.2 Standardconstructions. 18 2.3 Chromaticcomplexes. 21 2.4 Simplicial models in Distributed Computing . 22 2.5 ChapterNotes .......................... 23 2.6 Exercises ............................. 23 3 Manifolds, Impossibility,DRAFT and Separation 25 3.1 ManifoldComplexes ....................... 25 3.2 ImmediateSnapshots. 28 3.3 ManifoldProtocols .. .. .. .. .. .. .. 34 3.4 SetAgreement .......................... 34 3.5 AnonymousProtocols . .. .. .. .. .. .. 38 3.6 WeakSymmetry-Breaking . 39 3.7 Anonymous Set Agreement versus Weak Symmetry Breaking 40 3.8 ChapterNotes .......................... 44 3.9 Exercises ............................. 44 3 4 CONTENTS 4 Connectivity 47 4.1 Consensus and Path-Connectivity . 47 4.2 Consensus in Asynchronous Read-Write Memory . 49 4.3 Set Agreement and Connectivity in Higher Dimensions . 53 4.4 Set Agreement and Read-Write memory . 59 4.4.1 Critical States . 63 4.5 ChapterNotes .......................... 64 4.6 Exercises ............................. 64 5 Colorless Tasks 67 5.1 Pseudospheres .......................... 68 5.2 ColorlessTasks .......................... 72 5.3 Wait-Free Read-Write Memory . 73 5.3.1 Read-Write Protocols and Pseudospheres . 73 5.3.2 Necessary and Sufficient Conditions . 75 5.4 Read-Write Memory with k-Set Agreement .
    [Show full text]
  • List of My Favorite Publications
    List of my favorite publications in order of my personal preference with clickable links L´aszl´oBabai April 11, 2014 [35] L´aszl´o Babai. Monte Carlo algorithms in graph isomorphism testing. Tech. Rep. 79{10, Universit´ede Montr´eal,1979. URL http://people.cs.uchicago.edu/~laci/ lasvegas79.pdf. 42 pages. [53] L´aszl´oBabai. On the order of uniprimitive permutation groups. Ann. of Math., 113(3): 553{568, 1981. URL http://www.jstor.org/stable/2006997. [59] L´aszl´oBabai. On the order of doubly transitive permutation groups. Inventiones Math., 65(3):473{484, 1982. doi:10.1007/BF01396631. [114] L´aszl´oBabai. Vertex-transitive graphs and vertex-transitive maps. J. Graph Theory, 15 (6):587{627, 1991. doi:10.1002/jgt.3190150605. [72] L´aszl´oBabai. Trading group theory for randomness. In Proc. 17th STOC, pages 421{429. ACM Press, 1985. doi:10.1145/22145.22192. [89] L´aszl´oBabai and Shlomo Moran. Arthur-Merlin games: A randomized proof system and a hierarchy of complexity classes. J. Comput. System Sci., 36(2):254{276, 1988. doi:10.1016/0022-0000(88)90028-1. [99] L´aszl´oBabai, Lance Fortnow, and Carsten Lund. Nondeterministic exponential time has two-prover interactive protocols. In Proc. 31st FOCS, pages 16{25. IEEE Comp. Soc. Press, 1990. doi:10.1109/FSCS.1990.89520. See item 1991.108. [108] L´aszl´o Babai, Lance Fortnow, and Carsten Lund. Nondeterministic exponential time has two-prover interactive protocols. Comput. Complexity, 1(1):3{40, 1991. doi:10.1007/BF01200056. Full version of 1990.99. [65] L´aszl´o Babai, Peter J.
    [Show full text]
  • Lecture 14 1 Admin 2 Theorems Vs. Proofs 3 Interactive Proof
    6.841 Advanced Complexity Theory Mar 30, 2009 Lecture 14 Lecturer: Madhu Sudan Scribe: Huy Nguyen 1 Admin The topics for today are: • Interactive proofs • The complexity classes IP and AM Please see Madhu if you have not been assigned a project. 2 Theorems vs. Proofs There is a long history of the notions theorems and proofs and the relation between them. The question about the meaning of these notions is implicit in Hilbert's program, where he asked if you could prove theorems in various general contexts. Then in Godel's work, he proved that no logic system can be both complete and consistent. The notion of P and NP came along also from the investigation of this relation, as evident in the title of Cook's paper \The complexity of theorem-proving procedures" [2]. In the early works, a system of logic consists of a set of axioms and the derivation rules. A theorem is just a string of characters. The axioms are the initial true statements and the derivation rules show how to get new true statements from existing ones. A proof is a sequence of strings where each string is a either an axiom or derived from previous ones by derivation rules. The final string of the proof should be the derived theorem. In computational complexity, we abstract this procedure away. Theorems are statements that have proofs such that the pair (theorem, proof) is easy to verify. With this abstraction, we have separated the theorem from the proof. Intuitively, the complexity class P is roughly equivalent to the complexity of verifying proofs, while the complexity class NP is roughly equivalent to the complexity of finding proofs.
    [Show full text]
  • Proofs of Proximity for Distribution Testing
    Electronic Colloquium on Computational Complexity, Report No. 155 (2017) Proofs of Proximity for Distribution Testing Alessandro Chiesa Tom Gur [email protected] [email protected] UC Berkeley UC Berkeley October 12, 2017 Abstract Distribution testing is an area of property testing that studies algorithms that receive few samples from a probability distribution D and decide whether D has a certain property or is far (in total variation distance) from all distributions with that property. Most natural properties of distributions, however, require a large number of samples to test, which motivates the question of whether there are natural settings wherein fewer samples suffice. We initiate a study of proofs of proximity for properties of distributions. In their basic form, these proof systems consist of a tester (or verifier) that not only has sample access to a distribution but also explicit access to a proof string that depends arbitrarily on the distribution. We refer to these as NP distribution testers, or MA distribution testers if the tester is a probabilistic algorithm. We also study IP distribution testers, a more general notion where the tester interacts with an all-powerful untrusted prover. We investigate the power and limitations of proofs of proximity for distributions and chart a landscape that, surprisingly, is significantly different from that of proofs of proximity for functions. Our main results include showing that MA distribution testers can be quadratically stronger than standard distribution testers, but no stronger than that; in contrast, IP distribution testers can be exponentially stronger than standard distribution testers, but when restricted to public coins they can be quadratically stronger at best.
    [Show full text]
  • Bfm:978-3-540-31691-6/1.Pdf
    Lecture Notes in Computer Science 3580 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen University of Dortmund, Germany Madhu Sudan Massachusetts Institute of Technology, MA, USA Demetri Terzopoulos New York University, NY, USA Doug Tygar University of California, Berkeley, CA, USA Moshe Y. Vardi Rice University, Houston, TX, USA Gerhard Weikum Max-Planck Institute of Computer Science, Saarbruecken, Germany Luís Caires Giuseppe F. Italiano Luís Monteiro Catuscia Palamidessi Moti Yung (Eds.) Automata, Languages and Programming 32nd International Colloquium, ICALP 2005 Lisbon, Portugal, July 11-15, 2005 Proceedings 13 Volume Editors Luís Caires Universidade Nova de Lisboa, Departamento de Informatica 2829-516 Caparica, Portugal E-mail: [email protected] Giuseppe F. Italiano Universitá di Roma “Tor Vergata” Dipartimento di Informatica, Sistemi e Produzione Via del Politecnico 1, 00133 Roma, Italy E-mail: [email protected] Luís Monteiro Universidade Nova de Lisboa, Departamento
    [Show full text]
  • Download and Use Untrusted Code Without Fear
    2 KELEY COMPUTER SCIENC CONTENTS INTRODUCTION1 CITRIS AND2 MOTES 30 YEARS OF INNOVATION GENE MYERS4 Q&A 1973–20 0 3 6GRAPHICS INTELLIGENT SYSTEMS 1RESEARCH0 DEPARTMENT STATISTICS14 ROC-SOLID SYSTEMS16 USER INTERFACE DESIGN AND DEVELOPMENT20 INTERDISCIPLINARY THEOR22Y 30PROOF-CARRYING CODE 28 COMPLEXITY 30THEORY FACULTY32 THE COMPUTER SCIENCE DIVISION OF THE DEPARTMENT OF EECS AT UC BERKELEY WAS CREATED IN 1973. THIRTY YEARS OF INNOVATION IS A CELEBRATION OF THE ACHIEVEMENTS OF THE FACULTY, STAFF, STUDENTS AND ALUMNI DURING A PERIOD OF TRULY BREATHTAKING ADVANCES IN COMPUTER SCIENCE AND ENGINEERING. THE FIRST CHAIR OF COMPUTER research in theoretical computer science received a Turing Award in 1989 for this work. learning is bringing us ever closer to the dream SCIENCE AT BERKELEY was Richard Karp, at Berkeley. In the area of programming languages and of truly intelligent machines. who had just shown that the hardness of well- software engineering, Berkeley research has The impact of Berkeley research on the practi- Berkeley’s was the one of the first top comput- known algorithmic problems, such as finding been noted for its flair for combining theory cal end of computer science has been no less er science programs to invest seriously in com- the minimum cost tour for a travelling sales- and practice, as exemplified in these pages significant. The development of Reduced puter graphics, and our illustrious alumni in person, could be related to NP-completeness— by George Necula’s research on proof- Instruction Set computers by David Patterson that area have done us proud. We were not so a concept proposed earlier by former Berkeley carrying code.
    [Show full text]