Hong-Sheng Zhou, Ph.D.
Associate Professor VCU College of Engineering
- Engineering East Hall, E4242, Richmond VA
Hong-Sheng Zhou's main research area is Cryptography, spanning the full spectrum from theory to practice
Social
Biography
Dr. Zhou is working in multiple areas of cryptography including secure computing; voting; secure outsourcing; blockchain technologies; and extreme cryptography against strong leakage, tampering, kleptographic and quantum attacks. He has published a number of papers in top cybersecurity and distributed computing conferences, such as CRYPTO, EUROCRYPT, ACM CCS, and PODC. Dr. Zhou’s research has been funded by NSF and multiple industry awards
Areas of Expertise
Education
University of Connecticut
Ph.D.
Computer Science
2010
Shanghai Jiaotong University
M.E.
Communication and Information Systems
2004
Nanjing University of Posts and Telecommunications
B.E.
Electrical Engineering (Wireless Communications)
1998
Selected Articles
Multi-input Functional Encryption
EUROCRYPT2014
We introduce the problem of Multi-Input Functional Encryption, where a secret key sk f can correspond to an n-ary function f that takes multiple ciphertexts as input. We formulate both indistinguishability-based and simulation-based definitions of security for this notion, and show close connections with indistinguishability and virtual black-box definitions of obfuscation.
Assuming indistinguishability obfuscation for circuits, we present constructions achieving indistinguishability security for a large class of settings. We show how to modify this construction to achieve simulation-based security as well, in those settings where simulation security is possible.
Multi-Client Verifiable Computation with Stronger Security Guarantees
Theory of Cryptography Conference2015
At TCC 2013, Choi et al. introduced the notion of multiclient verifiable computation (MVC) in which a set of clients outsource to an untrusted server the computation of a function f over their collective inputs in a sequence of time periods. In that work, the authors defined and realized multi-client verifiable computation satisfying soundness against a malicious server and privacy against the semi-honest corruption of a single client. Very recently, Goldwasser et al. (Eurocrypt 2014) provided an alternative solution relying on multi-input functional encryption.
Locally Decodable and Updatable Non-malleable Codes and Their Applications
Theory of Cryptography Conference2015
Non-malleable codes, introduced as a relaxation of error-correcting codes by Dziembowski, Pietrzak and Wichs (ICS ’10), provide the security guarantee that the message contained in a tampered codeword is either the same as the original message or is set to an unrelated value. Various applications of non-malleable codes have been discovered, and one of the most significant applications among these is the connection with tamper-resilient cryptography. There is a large body of work considering security against various classes of tampering functions, as well as non-malleable codes with enhanced features such as leakage resilience.
Leakage-Resilient Circuits Revisited – Optimal Number of Computing Components Without Leak-Free Hardware
EUROCRYPT2015
Side channel attacks – attacks that exploit implementation-dependent information of a cryptosystem – have been shown to be highly detrimental, and the cryptographic community has recently focused on developing techniques for securing implementations against such attacks. An important model called Only Computation Leaks (OCL) [Micali and Reyzin, TCC ’04] and its stronger variants were proposed to model a broad class of leakage attacks (a type of side-channel attack). These models allow for unbounded, arbitrary leakage as long as (1) information in each leakage observation is bounded, and (2) different parts of the computation leak independently. Various results and techniques have been developed for these models and we continue this line of research in the current work.
Incoercible Multi-party Computation and Universally Composable Receipt-Free Voting
CRYPTO2015
Composable notions of incoercibility aim to forbid a coercer from using anything beyond the coerced parties’ inputs and outputs to catch them when they try to deceive him. Existing definitions are restricted to weak coercion types, and/or are not universally composable. Furthermore, they often make too strong assumptions on the knowledge of coerced parties—e.g., they assume they known the identities and/or the strategies of other coerced parties, or those of corrupted parties—which makes them unsuitable for applications of incoercibility such as e-voting, where colluding adversarial parties may attempt to coerce honest voters, e.g., by offering them money for a promised vote, and use their own view to check that the voter keeps his end of the bargain.
