You are viewing this page in an unauthorized frame window.
This is a potential security issue, you are being redirected to https://csrc.nist.gov.
An official website of the United States government
Here’s how you know
Official websites use .gov A
.gov website belongs to an official government
organization in the United States.
Secure .gov websites use HTTPS A
lock (
) or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
All times are displayed in local Maryland timezone: Eastern Daylight Time (EDT) = UTC -4 (where UTC = Coordinated Universal Time)
Bios of the invited speakers:
Ni Trieu is an Assistant Professor of computer science at Arizona State University (ASU). Her research interests are in the area of cryptography and security, with a specific focus on secure computation and its applications such as private set intersection, private database queries, and privacy-preserving machine learning. Before joining ASU, she was a postdoc at UC Berkeley. She received her PhD degree from Oregon State University.
Pratyush Mishra is an assistant professor at the University of Pennsylvania. He completed his Ph.D. in Computer Science at UC Berkeley. His research is focused on cryptography and security, with a focus on the theory and practice of succinct cryptographic proof systems, and on efficient systems for secure computation. He is a co-author of the arkworks zkSNARK libraries, which are used by several academic and industrial projects. He is a founding scientist and advisor at Aleo, a privacy-preserving smart contract system.
Sourav Das received his Ph.D. in Computer Science from the University of Illinois Urbana-Champaign, working with Prof. Ling Ren on applied cryptography and consensus algorithms. Currently, he is working as a Senior Researcher at Category Labs. He is a recipient of the Chainlink Ph.D. Fellowship, a best paper runner's up at ACM CCS 2021, and the Mavis Future Faculty fellow at UIUC. He received his Bachelor's degree from IIT Delhi, where his thesis "Scaling smart contracts in Proof-of-work Blockchains" won the best undergraduate thesis award in the department.
Organization: The STPPA series is hosted by the NIST Privacy-Enhancing Cryptography (PEC) project. The STPPA8 event was organized by Luís Brandão, who opened the event with an introduction talk. Each of the PEC team members (Angela Robinson, René Peralta, Luís Brandão) introduced an invited speaker. The panel conversation included the three speakers as panelists, and René and Luís as moderators. The virtual event (webinar) received around 160 registrations for virtual participation (not counting 3 speakers, 3 hosts, and 4 in-person attendees), of which around 101 attended a portion online.
About STPPA: In the "Special Topics on Privacy and Public Auditability" series, the NIST privacy-enhancing cryptography (PEC) project hosts talks on various interconnected topics related to privacy and public auditability. A main goal of the STPPA series is to gather reference material about "PEC tools", which may facilitate future reflections on aspects of standardization and of development of recommendations/guidelines about advanced cryptography, namely for uses related to privacy and public auditability. Each event intends to convey basic technical background, incite curiosity, suggest research questions and discuss applications, with an emphasis on the role of cryptographic tools.
Abstract. Welcome to STPPA#8: the 8th event of the Special Topics on Privacy and Public Auditability (STPPA)! This event's theme is "Experimenting with implementations of PEC primitives", with talks on Private Set Intersection (PSI), Zero-Knowledge Proofs (ZKP) and Threshold BLS Signatures. This brief talk opens the event, explains the context of the "Privacy Enhancing Cryptography" (PEC) project, welcomes the speakers, and presents the event schedule.
Abstract. Private Set Intersection (PSI) enables multiple parties to securely compute the intersection of their private datasets without revealing any additional information. This talk provides a comprehensive overview of three prominent PSI paradigms covering both exact and approximate matching scenarios. It begins with elliptic curve Diffie–Hellman (EC-DH) based PSI tailored for small sets, emphasizing its compactness and efficiency. Next, we explore high-performance OT-based PSI constructions that utilize batched oblivious pseudorandom functions (OPRFs) to achieve scalability and speed for large datasets. Finally, the talk introduces distance-aware oblivious transfer protocols designed for fuzzy PSI, which relax exact matching requirements to proximity-based comparisons, broadening PSI's applicability to noisy, real-world data. Throughout the presentation, we highlight strategies to accelerate PSI performance by experimenting with implementations of core cryptographic primitives. By examining practical optimizations in elliptic curve computations, OT extensions, and distance-aware OT techniques, we show how these foundational components can significantly improve the performance of PSI systems in practice.
11:30 AMHow to Program ZKPs Pratyush Mishra - University of Pennsylvania, USA
Abstract. Succinct Zero-Knowledge Proofs (ZKPs) are a powerful cryptographic primitive that allow a prover to convince a verifier that a computation executed correctly with an extremely short and quickly-checkable proof. ZKPs are seeing wide deployment in decentralized systems as they promise to greatly improve scalability and privacy without compromising on the integrity guarantees of these systems. However, how does one actually write and prove program executions with a ZKP?
In this talk, we will see the approaches adopted by practitioners and researchers for proving programs in ZKPs, focusing on the following three approaches:
Hardware Description Languages
Custom DSLs
Embedded DSLs
We will see code examples as well as have some time for hands-on demos.
Joint work with: Alex Ozdemir (Stanford University)
Abstract. Threshold signature schemes protect the signing key by sharing it among a group of signers so that an adversary must corrupt a threshold number of signers to be able to forge signatures. The increasing demand for decentralized applications has resulted in large-scale adoption of threshold signature schemes. A popular choice of threshold signature is the BLS signature, introduced by Boldyreva building on the work of Boneh–Lynn–Shacham [BLS01]. Boldyreva’s BLS threshold signature scheme is popular because its verification is identical to a standard non-threshold BLS signature, its signing process is non-interactive, the signatures are unique and small (a single elliptic curve group element), and the scheme is very efficient in terms of both computation and communication. These properties have resulted in practical adoptions of Boldyreva’s BLS threshold signature for applications in the decentralized setting. In this talk, I will take a deep dive into the design and implementation of Boldyreva’s Threshold BLS signature scheme. Specifically, I will talk about Shamir's secret sharing scheme, the original BLS signature scheme, and how we can thresholdize it. Finally, I will also provide a walk-through a prototype implementation of the scheme.
Abstract. Informal panel conversation, with the STPPA8 speakers of the talks on Private Set Intersection (PSI), Zero-Knowledge Proofs (ZKP), and Threshold BLS signatures. The panel will reflect on the accessibility of code for real world deployment, applicability for privacy and auditability goals, and other considerations about opportunities, challenges, and visions for the future.
