Hong-Sheng Zhou, Ph.D., joined VCU in the fall of 2013. He was a postdoc at Maryland Cybersecurity Center, as a recipient of NSF Computing Innovation Fellowship, under the direction of Jonathan Katz. Before that, he received his Ph.D. at the University of Connecticut with Aggelos Kiayias, Ph.D., as advisor. Currently, Dr. Zhou is also a scientist and co-founder of Fractal Platform, a new blockchain startup.
Dr. Zhou is working in multiple areas of cryptography including secure computing; voting; secure outsourcing; blockchain technologies; and extreme cryptography against strong leakage, tampering, kleptographic and quantum attacks. He has published a number of papers in top cybersecurity and distributed computing conferences, such as CRYPTO, EUROCRYPT, ACM CCS, and PODC. Dr. Zhou’s research has been funded by NSF and multiple industry awards
Areas of Expertise (4)
University of Connecticut: Ph.D., Computer Science 2010
Shanghai Jiaotong University: M.E., Communication and Information Systems 2004
Nanjing University of Posts and Telecommunications: B.E., Electrical Engineering (Wireless Communications) 1998
Selected Articles (5)
Incoercible Multi-party Computation and Universally Composable Receipt-Free VotingCRYPTO
2015 Composable notions of incoercibility aim to forbid a coercer from using anything beyond the coerced parties’ inputs and outputs to catch them when they try to deceive him. Existing definitions are restricted to weak coercion types, and/or are not universally composable. Furthermore, they often make too strong assumptions on the knowledge of coerced parties—e.g., they assume they known the identities and/or the strategies of other coerced parties, or those of corrupted parties—which makes them unsuitable for applications of incoercibility such as e-voting, where colluding adversarial parties may attempt to coerce honest voters, e.g., by offering them money for a promised vote, and use their own view to check that the voter keeps his end of the bargain.
Leakage-Resilient Circuits Revisited – Optimal Number of Computing Components Without Leak-Free HardwareEUROCRYPT
2015 Side channel attacks – attacks that exploit implementation-dependent information of a cryptosystem – have been shown to be highly detrimental, and the cryptographic community has recently focused on developing techniques for securing implementations against such attacks. An important model called Only Computation Leaks (OCL) [Micali and Reyzin, TCC ’04] and its stronger variants were proposed to model a broad class of leakage attacks (a type of side-channel attack). These models allow for unbounded, arbitrary leakage as long as (1) information in each leakage observation is bounded, and (2) different parts of the computation leak independently. Various results and techniques have been developed for these models and we continue this line of research in the current work.
Locally Decodable and Updatable Non-malleable Codes and Their ApplicationsTheory of Cryptography Conference
2015 Non-malleable codes, introduced as a relaxation of error-correcting codes by Dziembowski, Pietrzak and Wichs (ICS ’10), provide the security guarantee that the message contained in a tampered codeword is either the same as the original message or is set to an unrelated value. Various applications of non-malleable codes have been discovered, and one of the most significant applications among these is the connection with tamper-resilient cryptography. There is a large body of work considering security against various classes of tampering functions, as well as non-malleable codes with enhanced features such as leakage resilience.
Multi-Client Verifiable Computation with Stronger Security GuaranteesTheory of Cryptography Conference
2015 At TCC 2013, Choi et al. introduced the notion of multiclient verifiable computation (MVC) in which a set of clients outsource to an untrusted server the computation of a function f over their collective inputs in a sequence of time periods. In that work, the authors defined and realized multi-client verifiable computation satisfying soundness against a malicious server and privacy against the semi-honest corruption of a single client. Very recently, Goldwasser et al. (Eurocrypt 2014) provided an alternative solution relying on multi-input functional encryption.
Multi-input Functional EncryptionEUROCRYPT
2014 We introduce the problem of Multi-Input Functional Encryption, where a secret key sk f can correspond to an n-ary function f that takes multiple ciphertexts as input. We formulate both indistinguishability-based and simulation-based definitions of security for this notion, and show close connections with indistinguishability and virtual black-box definitions of obfuscation. Assuming indistinguishability obfuscation for circuits, we present constructions achieving indistinguishability security for a large class of settings. We show how to modify this construction to achieve simulation-based security as well, in those settings where simulation security is possible.