Máté Horváth

PhD student

mhorvath (at) crysys.hu

web: www.crysys.hu/~mhorvath/
office: I.E. 429
tel: +36 1 463 2063

Current courses | Publications

Short Bio

Máté obtained his MSc diploma in computer science in the Security and Privacy program of EIT ICT Labs at the University of Trento (Italy) and Eötvös Loránd University (Hungary). His bachelor degree is in mathematics from the Budapest University of Technology and Economics. He has been doing research in the CrySyS Lab. under the guidance of prof. Levente Buttyán since 2014.

Current Courses

Privacy-Preserving Technologies (VIHIAV35)

The sharing and explotation of the ever-growing data about individuals raise serious privacy concerns these days. Is it possible to derive (socially or individually) useful information about people from this Big Data without revealing personal information?
This course provides a detailed overview of data privacy. It focuses on different privacy problems of web tracking, data sharing, and machine learning, as well as their mitigation techniques. The aim is to give the essential (technical) background knowledge needed to identify and protect personal data. These skills are becoming a must of every data/software engineer and data protection officer dealing with personal and sensitive data, and are also required by the European General Data Protection Regulation (GDPR).

Publications

2020

The cost of having been pwned: a security service provider's perspective

G. Biczók, M. Horváth, Sz. Szebeni, I. Lam, L. Buttyán

3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020, 2020.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Biczók, Máté Horváth, Szilveszter Szebeni, Istvan Lam, Levente Buttyán},
   title = {The cost of having been pwned: a security service provider's perspective},
   booktitle = {3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020},
   year = {2020}
}

Abstract

Account information from major online providers are getting exposed regularly; this gives rise to PWND services, providing a smart means to check whether a password or username/password tuple has already been leaked, rendering them ``pwned'' and therefore risky to use. However, state-of-the-art PWND mechanisms leak some information themselves. In this paper, we investigate how this minimal leaked information can speed up password cracking attacks of a powerful adversary, when the PWND mechanism is implemented on-premise by a service provider as an additional security measure during registration or password change. We analyze the costs and practicality of these attacks, and investigate simple mitigation techniques. We show that implementing a PWND mechanism can be beneficial, especially for security-focused service providers, but proper care needs to be taken. We also discuss behavioral factors to consider when deploying PWND services.

There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation

M. Horváth, L. Buttyán, G. Székely, D. Neubrandt

Information Security and Cryptology – ICISC 2019 : Revised selected papers, Springer, 2020, pp. 1-17.

Bibtex | Abstract | Link

@inproceedings {
   author = {Máté Horváth, Levente Buttyán, Gábor Székely, Dóra Neubrandt},
   title = {There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation},
   booktitle = {Information Security and Cryptology – ICISC 2019 : Revised selected papers},
   publisher = {Springer},
   year = {2020},
   pages = {1-17},
   howpublished = "\url{https://eprint.iacr.org/2019/1302}"
}

Abstract

Private Function Evaluation (PFE) enables two parties to jointly execute a computation such that one of them provides the input while the other chooses the function to compute. According to the traditional security requirements, a PFE protocol should leak no more information, neither about the function nor the input, than what is revealed by the output of the computation. Existing PFE protocols inherently restrict the scope of computable functions to a certain function class with given output size, thus ruling out the direct evaluation of such problematic functions as the identity map, which would entirely undermine the input privacy requirement. We observe that when not only the input x is confidential but certain partial information g(x) of it as well, standard PFE fails to provide meaningful input privacy if g and the function f to be computed fall into the same function class. Our work investigates the question whether it is possible to achieve a reasonable level of input and function privacy simultaneously even in the above cases. We propose the notion of Controlled PFE (CPFE) with different flavours of security and answer the question affirmatively by showing simple, generic realizations of the new notions. Our main construction, based on functional encryption (FE), also enjoys strong reusability properties enabling, e.g. fast computation of the same function on different inputs. To demonstrate the applicability of our approach, we show a concrete instantiation of the FE-based protocol for inner product computation that enables secure statistical analysis (and more) under the standard Decisional Diffie--Hellman assumption.

2018

Problem Domain Analysis of IoT-Driven Secure Data Markets

L. Buttyán, M. Horváth

Euro-CYBERSEC 2018. Communications in Computer and Information Science, Springer, 2018, Gelenbe E. et al. (eds.), pp. 57-67, vol. 821.

Bibtex | Abstract | PDF

@incollection {
   author = {Levente Buttyán, Máté Horváth},
   title = {Problem Domain Analysis of IoT-Driven Secure Data Markets},
   booktitle = {Euro-CYBERSEC 2018. Communications in Computer and Information Science},
   publisher = {Springer},
   year = {2018},
   editor = {Gelenbe E. et al. (eds.)},
   pages = {57-67},
   note = {vol. 821}
}

Abstract

The Internet of Things (IoT) provides us with a vast amount of new data day by day, however, currently, most of these are only stored without utilizing their full potential. The attractive concept of data markets can change this situation in the near future and thus we initiate the study of security aspects of such systems. In this work, as a first step, we analyse the data markets based on the possible security requirements of the different participants. We identify more than 30 possible scenarios and connect these to the relevant areas of cryptography. Our analysis also highlights several open problems motivating further research on certain cryptographic primitives.

Searchable Symmetric Encryption for Restricted Search

I. Vajda, M. Horváth

Journal of Communications Software and Systems (JCOMSS), vol. 14, no. 1, 2018.

Bibtex | Abstract | PDF

@article {
   author = {István VAJDA, Máté Horváth},
   title = {Searchable Symmetric Encryption for Restricted Search},
   journal = {Journal of Communications Software and Systems (JCOMSS)},
   volume = {14},
   number = {1},
   year = {2018}
}

Keywords

Searchable Symmetric Encryption; Forward Index; Type-3 Pairings; MAC

Abstract

The proliferation of cloud computing highlights the importance of techniques that permit both secure storage of sensitive data and flexible data management at the same time. One line of research with this double motivation is the study of Searchable Symmetric Encryption (SSE) that has provided several outstanding results in the recent years. These solutions achieve sublinear keyword search in huge databases by using various data structures to store keywords and document identifiers. In this work, we focus on certain scenarios in which search over the whole database is not necessary and show that the otherwise inefficient sequential scan (in linear time) can be very practical. This is due to the fact that adding new entries to the database comes for free in this case while updating a complex data structure without information leakage is rather complicated. To demonstrate the practicality of our approach we build a simple SSE scheme based on bilinear pairings and prove its security against adaptive chosen-keyword attacks in the standard model under the widely used Symmetric eXternal Diffie-Hellman (SXDH) assumption.

2017

Searchable Symmetric Encryption: Sequential Scan Can Be Practical

M. Horváth, I. Vajda

The 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2017), IEEE, 2017.

Bibtex | Abstract

@inproceedings {
   author = {Máté Horváth, István VAJDA},
   title = {Searchable Symmetric Encryption: Sequential Scan Can Be Practical},
   booktitle = {The 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2017)},
   publisher = {IEEE},
   year = {2017}
}

Keywords

Searchable Symmetric Encryption; Forward Index; Type-3 Pairings; MAC

Abstract

The proliferation of cloud computing highlights the importance of techniques that allow both securing sensitive data and flexible data management at the same time. One line of research with this double motivation is the study of Searchable Symmetric Encryption (SSE) that has provided several outstanding results in the recent years. These solutions allow sublinear keyword search in huge databases by using various data structures to store keywords and document identifiers. In this work, we focus on certain scenarios in which search over the whole database is not necessary and show that the otherwise inefficient sequential scan (in linear time) can be very practical. This is due to the fact that adding new entries to the database comes for free in this case while updating a complex data structure without information leakage is rather complicated. To demonstrate the practicality of our approach we build a simple SSE scheme based on bilinear pairings and prove its security against adaptive chosen-keyword attacks in the standard model under the widely used SXDH assumption.

2015

Attribute-Based Encryption Optimized for Cloud Computing

M. Horváth

Infocommunications Journal, vol. 7, no. 2, 2015, pp. 1-9.

Bibtex

@article {
   author = {Máté Horváth},
   title = {Attribute-Based Encryption Optimized for Cloud Computing},
   journal = {Infocommunications Journal},
   volume = {7},
   number = {2},
   year = {2015},
   pages = {1-9}
}

Keywords

storage in clouds; access control; attribute-based encryption; multi-authority; user revocation

Abstract

Attribute-Based Encryption Optimized for Cloud Computing

M. Horváth

SOFSEM 2015: Theory and Practice of Computer Science, Springer Berlin Heidelberg, 2015, Italiano, GiuseppeF. and Margaria-Steffen, Tiziana and Pokorny, Jaroslav and Quisquater, Jean-Jacques and Wattenhofer, Roger, pp. 566-577, http://dx.doi.org/10.1007/978-3-662-46078-8_47.

Bibtex | Abstract

@incollection {
   author = {Máté Horváth},
   title = {Attribute-Based Encryption Optimized for Cloud Computing},
   booktitle = {SOFSEM 2015: Theory and Practice of Computer Science},
   publisher = {Springer Berlin Heidelberg},
   year = {2015},
   editor = {Italiano, GiuseppeF. and Margaria-Steffen, Tiziana and Pokorny, Jaroslav and Quisquater, Jean-Jacques and Wattenhofer, Roger},
   pages = {566-577},
   note = {http://dx.doi.org/10.1007/978-3-662-46078-8_47}
}

Keywords

storage in clouds; access control; attribute-based encryption; multi-authority; user revocation

Abstract

In this work, we aim to make attribute-based encryption (ABE) more suitable for access control to data stored in the cloud. For this purpose, we concentrate on giving to the encryptor full control over the access rights, providing feasible key management even in case of multiple independent authorities, and enabling viable user revocation, which is essential in practice. Our main result is an extension of the decentralized CP-ABE scheme of Lewko and Waters [6] with identity-based user revocation. Our revocation system is made feasible by removing the computational burden of a revocation event from the cloud service provider, at the expense of some permanent, yet acceptable overhead of the encryption and decryption algorithms run by the users. Thus, the computation overhead is distributed over a potentially large number of users, instead of putting it on a single party (e.g., a proxy server), which would easily lead to a performance bottleneck. The formal security proof of our scheme is given in the generic bilinear group and random oracle models.