The growing area of encrypted systems combines techniques from applied cryptography with system designs so that the end product can compute directly on ciphertexts without decrypting. However, technical barriers to adoption still exist: the communication and computational costs are quite high. At the same time, improvements in the last fifteen years have brought us near the limit of what is feasible under conservative security definitions. To overcome these challenges and scale encrypted systems to handle realistic workloads, it is necessary to relax the security definitions and permit designs to disclose information about the encrypted computation, referred to as cryptographic leakage.
In this talk, I present two key findings from my research that show a foundational approach to understanding leakage in practical encrypted systems. First, I present the first cryptanalytic techniques for encrypted databases that reconstruct the underlying plaintext under realistic scenarios. Second, I will present a new framework that uses insights from this cryptanalysis to quantify privacy in principled and practical ways. By doing so, we can guide the design of encrypted systems and achieve a better balance between privacy and performance. Together, these results contribute to a holistic understanding of encrypted systems, bridging the gap between attacks and defenses. Finally, I will discuss my long-term vision for building encrypted systems that take a multi-angle approach, combining theory, applied cryptography, and systems to create scalable and secure solutions.
Evgenios Kornaropoulos is an Assistant Professor in the Department of Computer Science at George Mason University. His research focuses on the analysis and design of encrypted systems, including searchable encryption, leakage cryptanalysis, and security of learned systems. He has published papers in top-tier security conferences, including IEEE S&P and ACM CCS, as well as venues outside security, such as ACM SIGMOD and NeurIPS. He is the recipient of the Meta Faculty Award in Security, the Joukowsky Outstanding Dissertation Award, and the Miretta Flytzani-Stephanopoulos Doctoral Thesis Achievement. His research has been funded by the NSF and the Commonwealth Cyber Initiative. Before joining George Mason, he was a Postdoctoral Scholar at the EECS Department of UC Berkeley. He received his Ph.D. in Computer Science at Brown University (2019) and also obtained M.Sc. and B.Sc. degrees in Computer Science from the University of Crete, where he was a member of ICS-FORTH.