(Written by Georg)
Since Matthew Green from John Hopkins University was unable to come to PKC, I was asked to give the talk for him and I agreed. His paper is on Secure Blind Decryption, a cryptographic primitive which extends a public-key encryption scheme by the following functionality: a User, holding a ciphertext and a Decryptor holding the decryption key run a protocol upon which the User learns the encrypted message. Security demands on the one hand that the User does not learn anything more than the message and on the other that the Decryptor cannot distinguish which ciphertext the User asked to be decrypted.
This primitive has many applications from Oblivious Transfer (with additional properties) to Private Information Retrieval. A practical motivation is that when outsourcing data to an (untrusted) "cloud", not only must the data be protected, but it should also remain hidden which data is accessed. Examples include medical records or patents, where merely the information of which record is accessed can reveal much about a patient's status or a company's intentions.
The author constructs the first CCA-secure scheme with a blind decryption protocol by applying the CHK transform to a variant of a tag-based Cramer-Shoup-type cryptosystem based on DLIN and a new F-unforgeable one-time signature.
Another highlight of the day was Vinod Vaikuntanathan's invited talk on leakage-resilient cryptography. Whereas traditional cryptographic models assume that certain information (such as decryption keys) are completely secret, this is not true in practice: realisations of cryptographic schemes might succumb to side-channel attacks, which reveal parts of the secrets. Leakage-resilient cryptography tries to model these attacks formally and provide (provable) security against them.