 Thanks for the introduction and I'm going to talk about unconditionally secure computation against low complexity leakage. So let me start this talk by giving you a scenario. So let's say that you have a piece of cryptographic hardware with some secret key embedded inside. This hardware might be used to perform some sensitive computation such as digitally signing your financial transactions. So even though this hardware may not be faulty and the cryptographic algorithms implemented by this hardware are in fact secure, there might be other means through which an attacker might be able to extract information about the secret key inside this hardware. So these class of attacks are called as site channel attacks and there has been a lot of work in our community studying specific site channels. So the question we would like to answer is that how do we protect our sensitive computations against leakage from these site channels? So one way to do this is to use ad hoc measures for example using a Faraday sketch to protect against electromagnetic radiation leakage. However, a major drawback of this approach is that for every new kind of attack, you must come up with a new kind of countermeasure and this is usually infeasible in practice. So on the other hand, a clean and a theoretically sound way to protect against site channel leakage is to use a primitive called as leakage resilient circuit compilers. And this primitive was introduced in this highly influential work of Ishae Sahai and Wagner. And in this work, we'll focus on this approach to protect against site channel leakage. So let me now explain what is meant by a leakage resilient circuit compiler. So let's model the sensitive computation as a Boolean circuit C along with that takes in a secret input and produces some output. So a leakage resilient circuit compiler as the name suggests takes in this circuit and transforms this into a randomized circuit C hat, along with an encoder and a decoder. So this encoder takes in this secret input and produces an encoded version of this input. And when we run this randomized circuit C hat on the encoded input, it produces the encoded output and which when passed through the decoder produces the output in the clear. So this is the functionality and we require two properties to be satisfied from the leakage resilient circuit compiler. So the first is the correctness property which says that the output that we obtained by running C hat on some secret input is the same as the output that we obtained when running the original circuit C on the same input. In other words, the functionality is preserved. And the second property is the security property which roughly states that any leakage acting on the wires of C hat does not learn any information about the underlying secret input. So this security notion is formalized using a notion called as one-shot leakage security and let me now explain this notion. So let's say that we have a C hat executed on some secret input X. And let's say that we have some leakage function acting on the wires of this C hat. So one-shot leakage security states that the output of this leakage function is statistically close to its output when C hat is run on a different input X prime. So in other words, what this security notion states is that any leakage function cannot distinguish whether the secret input was X or X prime. So here we implicitly assume that there is no leakage acting on the wires of both the encoder as well as the decoder. So notice that assuming that the encoder is leak-free is in fact necessary because if we allow any sort of leakage on the encoder, then the leakage function can just look at a few bits of the input and then output it. So there is no hope of giving any sort of security. However, this security notion additionally assumes that the decoder is also leak-free and this is somewhat a strong assumption. So given that the encoder and decoder are leak-free, in order to disallow some trivial solutions, we need both the encoder and the decoder to be universal. And their sizes must be independent of the size of the circuit. However, as I had mentioned before, there are some drawbacks of this security notions. Firstly, it assumes the existence of a trusted decoder, which is a fairly strong assumption. And additionally, the leakage is only happening from a single execution of the circuit C hat. So to overcome both these limitations, a stronger notion of security called as continuous leakage security has been proposed in the same work of Ishei Sakai and Wagner. And I would just give you a brief overview of the continuous leakage model without going into the formal details. So in the continuous leakage setting, the Boolean circuits that we want to protect are models to store secrets and such circuits are called as stateful circuits. And the security definition is modeled as a game between an adversary and a challenger. So the adversary is now allowed to get leakage from many different executions of the circuit which stores the same secret. So there is a continuous notion of leakage which is happening. And in each of these executions, the leakage function can be adaptively chosen based on the prior information available with the adversary. And most importantly, there is no trusted decoder. So even the wires of the decoder can be subject to leakage. So at the end of this game, we require that the adversary not to learn any information about the stored secret. So when compared to the one-shot leakage security setting, the definition here is the leakage is continuous. It is the leakage functions can be adaptively chosen, and there is no trusted decoder. So this is the strongest notion of security that has been considered in leakage-resilient circuit compilers literature. Okay, so given this security definition, the next big question to ask is that what are the classes of leakage functions that we can protect against? So in this work, we focus on global leakage functions, meaning that the leakage function can view all the wires of the circuit C hat. So ideally, we would like to protect against arbitrary polynomial time leakage. However, given this model of global leakage, it follows from the seminal works with respect to impossibility of program obfuscation that if we allow the leakage functions to be arbitrary polynomial time, then there is no hope of giving any sort of security. So in order to circumvent this impossibility result, we have to restrict the classes of leakage. And in this work, we restrict them to have a constant depth, somewhat like AC0 circuits. So recall that AC0 is the class of polynomial size circuits with unbounded fan in and, or, and not gates. And the circuits have a constant depth. So the next question that you might be wondering is that, why is this restriction interesting? So this restriction is interesting because AC0 already captures many natural leakage attacks. For example, AC0 can compute a CNF or a DNF of a set of wires. It can check if a set of wires is in a certain range. It can also do comparison. It can do compute maximum or a minimum of a set of values. So AC0 is already a rich classes of leakage functions. And interestingly, it is not implied by a weaker notion of leakage, called as wire probe leakage. And this shows that AC0 is strictly stronger than the wire probe leakage model. However, AC0 has its own limitations. It does not capture certain leakage attacks, such as taking a weighted sum of wire values. So the essence of the slide is that AC0 is already an interesting class of leakage functions, which is not implied by wire probe leakage. However, it does not capture certain leakage attacks, such as taking a weighted sum of wire values. So given our focus on AC0 leakages, let me now give you a brief overview of the prior work in this area. Fast et al in 2010 and the subsequent work of Miles and Viola in 2013 gave leakage resilience circuit compilers against AC0 circuits, assuming the existence of leak-free hardware tokens. However, this is a fairly strong assumption that we would like to avoid. So in 2012, Rothplum gave a construction that does not use any leak-free hardware tokens. However, the security analysis relied on an unproven complexity theoretic conjecture with regard to AC0 circuits. So a long-standing open problem in this area is to construct an unconditional construction of leakage resilience circuit compiler against AC0 leakages. And in this work, we resolved this question in the positive by showing that a construction of leakage resilience circuit compiler that has unconditional security against AC0 leakages. So what's more interesting is that in the one-shot setting, we show that the original construction of Isai and Wagner that was only proved secure against a weaker model of wire probe leakage is, in fact, secure against the stronger AC0 leakage. So we show that the exact same construction is, in fact, secure against AC0 leakage. And in the continuous setting, we modify the construction of Rothplum and remove this need for this unproven complexity theoretic conjecture from the security analysis. So these are the results. And in the rest of the talk, I'll give you a brief description of the ISW construction and give you the high-level overview of the proof that it is, in fact, secure against AC0 leakages in the one-shot setting. Unfortunately, I wouldn't have time to go into the details of our construction in the continuous setting. And I would encourage you to look into our paper. And I'll finally conclude with some open problems. So let's begin with the description of the ISW construction. And let's start with the encoder. So recall that the encoder takes in some secret input and produces an encoded version of this input. So let's call the secret input to be x, which is k bits long. The encoding is simple. So every bit of this secret input is encoded using a random string of length lambda, whose parity is equal to this particular bit. So xi is encoded using xi1 to xi lambda, which are just random bits, except that the parity of these bits is equal to xi. And this is done for every bit of the secret input. So let's see how the randomized circuit C hat is constructed. So at a high level, every wire of the original circuit is transformed into a bundle of lambda wires in this C hat, such that the parity of this bundle is equal to the value carried by this wire. So let's say that if the value carried by this wire is 0, then in C hat, the parity of this bundle of wires representing this wire will be 0. And this invariant is maintained for the output of each gate. So given two bundles whose parity is a and b, then the output of the bundle is g of a comma b. So this invariant is maintained for each gate. And given this the decoder is fairly simple. It just computes the parity and outputs it. So this is the construction. So let's see how is this invariant maintained for each gate. So that is the most interesting part. And let's start with the addition gate in C hat. So the addition gate in C hat takes in two bundles. The first bundle whose parity is a, second bundle whose parity is b, and it has to output a bundle whose parity is a, xor with b. So this is straightforward. So you just compute the bitwise parity of these two bundles and output the resultant bundle. So the parity of the resultant bundle will precisely be equal to a, xor with b. Now the interesting point is the multiplication gate. So the multiplication gate has to take in two bundles again, one whose parity is a and other whose parity is b. And it has to output a bundle whose parity is a times c. So to do this, the ISW construction first defines a Boolean matrix Z of lambda rows and lambda columns where lambda is the length of each bundle. And the entries of this matrix are populated as follows. So every entry in the upper triangular part of this matrix is a random bit. So for every i less than j, Zij is chosen to be a random bit. And the kth diagonal entry will be ak times bk. And every entry along the lower triangular part is chosen as follows. So it is the xor of the corresponding entry in the upper triangular part with aibj and ajbi. So this is how the matrix is defined. And once this matrix is defined, you just take the sum of each column of this matrix to output the resultant bundle. Now the claim is that the parity of this resultant bundle is equal to a times b, which is the invariant that we wanted to maintain. So to see why this is the case, notice that the parity of this bundle is equal to the sum of all the entries of this matrix. And the sum of the upper triangular entry and the lower triangular entry will be aibj xor with ajbi. Thus summing over all the entries of this matrix will be sum over ij of ai times bj. And this is precisely equal to a times b. So this is how the ISW multiplication gate works. So in the rest of the talk, I'll give you the brief overview of the proof that this is in fact secure against AC0 leakages in the one-shot setting. So the main tool that we use in the proof is something called as a local sampler. So let me start with the definition of a local sampler. So a circuit S that takes in a regular input x and some random input r is said to be a local sampler if each output bit of the circuit depends on utmost one bit of this regular input x. However, it can depend on an arbitrary function of r. So for example, the first output bit could be xi times some arbitrary function of r and so on. So given this definition, so a lemma which follows in a straightforward manner is as follows. So let's say that S is a local sampler. Then for any choice of the random input r, the output of S on d0 is indistinguishable to AC0 circuits to the output of S on d1. So here db is a uniform distribution on lambda bit string whose parity is b. So what this lemma states is that AC0 circuits cannot distinguish whether S was evaluated on a random string whose parity was 0 or S was evaluated on a random string whose parity was 1. So the proof of this lemma is just two lines. So notice that d0 is indistinguishable to d1 and this follows from the Hastad's famous result. And since S is a local sampler and for any choice of randomness r, S of db on r is non-uniform in C0 computable. So these two observations put together directly give this lemma. Okay, so given this lemma, let's see how do we prove that the ISW construction is in fact secure against AC0 leakages in the one-shot setting. So recall that we have to prove that any AC0 leakage function acting on the wires of C hat cannot distinguish whether the input was x or from x prime. Okay, so the main steps in the proof is as follows. So we fix the encodings of all the bits of x except the ith bit and we call the encoding to be Ti. We call that Ti is a lambda bit string whose parity is equal to Xi. The main step in the proof is that we show the existence of a local sampler S such that the output of S on regular input Ti and for a uniform choice of randomness r is in fact identical to the wires of C hat. So what we show is that the wires of C hat can be locally sampled. So from the previous lemma what this directly implies that any AC0 function acting on the wires of C hat cannot distinguish whether Ti was an encoding of the bit zero or it was an encoding of the bit one. So this follows directly from the previous lemma. So to show this we first show that the wires of the addition and the multiplication gadgets in the ISW construction are locally sampled and then we use a straight forward induction or a gate elimination argument to show that all the wires of C hat are locally sampled. So given this key step the rest of the proof just follows from a straight forward hybrid argument. So we fix all the encodings except the first bit. We change this from encoding of X1 to X prime one and we do this for every bit of this input X. So the most interesting part of the proof is that how do we show that the addition and the multiplication gadgets are locally sampled? Okay, so let's start with the addition gadget. Recall that the addition gadget takes in two bundles and outputs the bitwise parity or a bundle which is just the bitwise parity of these two bundles. And since we have fixed the encodings of all the bundles except once, let's fix the second bundle and we want to show that the wires of the addition gate are a local function of A's. Notice that since it's just going to be a bitwise parity this directly is a local function so we don't have to do anything. So the wires of the addition gate are already a local function of this bundle A. So the interesting point is for the multiplication gate. So notice that the multiplication gadget has to take in two bundles, defines this matrix Z and whose entries are populated as follows and it has to take in the sum of all the columns of this matrix and outputs this resultant bundle. And as before let's fix this second bundle and we want to show that the wires of the multiplication gadget are in fact a local function of A's. However if you notice that all the entries of the last row of Z which is used to computing lambda these entries depend on all the bits of A because it is a function of A j's. So Z j i so for j substituted to lambda depends on all the bits of A's and hence summing over all the bits of A's is necessary to compute C lambda and hence this will be a non-local function of A's. So we seem to be stuck now. So we wanted to show that the wires of the multiplication gate are locally sampleable. However we just observed that the wires are in fact non-local function of A's. So we seem to be stuck. However the key inside that allows us to get around this is that even though this distribution of the wires may not be locally sampleable we show that this distribution is in fact identical to a locally sampleable distribution. Okay so this allows us to get around this. Okay so how do we show that this is identically distributed to a locally sampleable distribution? So there is just one small change. So instead of choosing Z ij's to be a random bit as in the previous case we choose it to be a random bit XORed with A i, B j's. So this does not change the distribution. So this distribution is identical to the previous distribution. However if you substitute this value of Z ij with this equation we'll notice that this A i, B j's will just cancel out and Z j i will be a random bit XORed with A j, B i. And now this becomes a local function. Why? Because Z j i's for every j depends on just one bit of A. So even summing over all the entries of a row just depends on a single bit of A and this by definition is a local function. Okay so this is the main insight on how we show that the ISW construction is in fact a leakage resilient in the one-shot setting against AC0 leakages and the main tool that we used was this local sampleability. And to conclude the main result in our talk was to give a construction of leakage resilient circuit compilers that are unconditionally secure against AC0 leakages in the continuous setting. In the one-shot setting we show that the ISW construction as such is AC0 leakage resilient. And some of the interesting open problems are to show whether the ISW construction is secure against continuous leakage. So currently we don't have an attack on or a proof that it is secure and it would be interesting to resolve this problem. Another very interesting problem is to give a construction of leakage resilient circuit compiler for richer complexity classes moving beyond AC0s and it would be interesting if you can do it without using trusted hardware and this would directly improve the result of Miles and Viola from 2013. And that's it. Thank you for your attention. Thank you. We have time for questions. There are microphones on the both aisles. Please step up to them to be heard. Well, while you ponder yours, I have one of mine. This construction elegantly resolves an open question for the past decade. And meanwhile, people have been wondering about using it in practice and deficiency considerations. What are your thoughts on optimizations or optimality of this construction? So in terms of optimality, I think there is a lot of things that can be done because the overhead of the circuit sizes roughly scales K squared where K is the security parameter. But if you just focus on the wire probe leakage, you have better constructions which are just scaling linearly or even polylogismically in the security parameter. Currently we don't know whether we can do those optimizations for the wire probe leakage for the AC0 setting. So that would be very interesting asset. Thank you. Yes, go ahead. So let's think to speak here again.