糖心TV

Abstract: In this talk, I will present an overview of my research which has been primarily driven by tackling real-world security problems. One key motivation in my work is to design security protocols that are "self-enforcing": i.e., without depending on trusted third parties. Self-enforcing protocols are powerful building blocks in many real-world applications where completely trustworthy third parties are hard to find or simply do not exist. They also serve to illustrate an interesting perspective that certain tasks intuitively regarded as impossible in the physical world can be made possible in the digital world by the novel use of cryptography, coding and other engineering techniques. To demonstrate this, I will present two examples from my research on designing and deploying self-enforcing security protocols in key exchange and electronic voting. Future research challenges will also be presented.

Bio: Dr Feng Hao is a Reader in Security Engineering in the School of Computing, Newcastle University. He graduated with a PhD in Computer Science from the University of Cambridge in 2007. He had a total of 6 years working experience in security industry before joining Newcastle University as a lecturer in 2010, and was promoted to a reader in 2014. He is the lead designer of J-PAKE, a password-authenticated key exchange protocol, which has been used by many million users in commercial products including Firefox, Palemoon, Google Nest, ARM mbed OS, NXP IoT gateway, OpenSSL, NSS, and Bouncycastle API. As of 2018, J-PAKE has been adopted by the Thread Group as an industry standard for IoT and standardized internationally in ISO/IEC 11770-4 and RFC 8236. Besides key exchange, he led the design of DRE-i, the first end-to-end verifiable e-voting system without tallying authorities.