Mohammad Mahmoody

Assistant Professor

Tampering Attacks in Cryptography and Learning‚Äč

  Halls department, Hall 3
  Thursday, 28 December 2017
  15:30 - 16:30

Abstract

In this work, we revisit and extend the bitwise tampering model of Austrin et al. to the blockwise setting where each incoming block of randomness becomes tamperable with independent probability p. Our main result is an efficient blockwise p-tampering attack to bias the average of any efficient function f mapping arbitrary distribution X to [-1,+1] by \Omega(p Var[f(X)]), where Var[f(X)] is the variance of f(X), regardless of how X is partitioned into individually tamperable blocks X=(X_1,..., X_n). Further, relying on the blockwise nature of our biasing attack, we show how to bias the output of any seedless multi-source extractors if each source becomes tamperable with independent probability p. Finally, we show how to increase the classification error of deterministic learners in the so-called `poisoning' attack model under Valiant's adversarial noise where the adversary gets to tamper with each training example with independent probability p.

Bio

Mohammad Mahmoody is an assistant professor in the Computer Science Department of the University of Virginia (UVA).
Prior to joining the UVA, he was a postdoctoral research associate in the Computer Science Department of Cornell University under the supervision of Professor Rafael Pass.
He received his Ph.D. in 2010 from the Computer Science Department of Princeton University under the supervision of Professor Boaz Barak.
He is highly interested in theoretical computer science. In particular, he is interested in foundations of cryptography and its interplay with computational complexity.