Actualité - Annonce de Thèse/HDR

Date : July 5, 2024, 10 a.m. - Type : Thesis - Gael MARCADET - Amphi recherche pôle physique

Design of Secure Multi-User Protocols: Application to Bandits, Ticketing and File Transfer

Cryptographic protocols establish a series of interactions among numerous users to deliver
specific functionality while ensuring various properties, a protocol being considered
secure when it successfully ensures all intended properties. Accomplishing these properties
requires the need of cryptographic primitives, whose usage may entail computation
overhead, limiting the scalability of the protocol. Throughout this manuscript, we focus
on three problems dealing with multiple users.

The first contribution focuses on the design of a federated multi-armed bandits framework
where a federation server, acting as a learning agent, sequentially pulls a bandit arm,
the environment responding with a reward coming from an unknown distribution associated
with the chosen arm. In this contribution, we introduce Tango, a secure federated
multi-armed bandits protocol fixing and extending our initial attempt Samba shown to
be insecure. Tango is proved to prevent the federation server to learn the reward distribution,
the obtained rewards and the pulled bandit arm, at the cost of a large computation
overhead due to the usage of expensive cryptographic primitives. In the second part of
this contribution, we introduce Salsa a secure federated multi-armed bandits protocol
moving away from the blueprint of Samba and Tango, still preventing the federation
server to learn sensitive data while achieving high-performance.

The second contribution of this manuscript addresses a problem involving a large number of
users, since it concerns the design of a ticketing system. Indeed, despite the
high-demand, these systems provide very restricted guarantees. For instance, one may
easily resell a ticket twice. To go further, tickets are nominatives, revealing
the identity of the ticket’s owner. Using standard cryptographic primitives, we propose
two scalable anonymous and transferable ticketing systems called Applause and
Spotlight, ensuring anonymity of users while featuring ticket purchasing, ticket refunding,
ticket validation and ticket transferability. The difference between Applause
and Spotlight lies in the ability to recover the identity of an attendee: In Applause,
the anonymity of every user is guaranteed at any time, a property that still hold with
Spotlight except for an additional third-party able to recover the identity of an attendee,
at the cost of a slightly longer ticket validation.

Our third and last contribution focuses on the broadcast file transfer problem consisting
to share a file with a group of users. The trivial solution consisting to
store files on a single publicly available server falls short for instance when the server is
down or when the server handles a high number of requests, and is not suitable when the
exchanged file contains sensitive data. In this contribution, we introduce an universally
composable and efficient protocol allowing one to share a file with a specified group of users
while ensuring confidentiality, integrity of the file and sender authentication.


Benjamin Nguyen, Professeur des Universités, INSA Centre-Val de Loire - Reviewer
* Melek Önen, Maître de Conférence, HDR, EURECOM - Reviewer
* Ioana Boureanu, Professeure des Universités, University of Surrey - Examiner
* Jean-Guillaume Dumas, Professeur des Universités, Université Grenobles-Alpes - Examiner
* Chloé Hébant, Cryptographe, COSMIAN - Examiner
* Pascal Lafourcade, Professeur des Universités, Université Clermont-Auvergne – Thesis director.