Aleksandr Yampolskiy
New York, New York, United States
23K followers
500+ connections
About
Dr. Aleksandr Yampolskiy is a cofounder and CEO of SecurityScorecard…
Articles by Aleksandr
Contributions
Activity
-
Last week, the United States sanctioned and charged a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware…
Last week, the United States sanctioned and charged a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware…
Liked by Aleksandr Yampolskiy
-
Congrats Bharanidharan Rajakumar and well done by the Transfr team. Proud to be an investor from day 1.
Congrats Bharanidharan Rajakumar and well done by the Transfr team. Proud to be an investor from day 1.
Shared by Aleksandr Yampolskiy
-
Last week, the United States sanctioned and charged a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware…
Last week, the United States sanctioned and charged a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware…
Shared by Aleksandr Yampolskiy
Experience
Education
Publications
-
The Perfect Scorecard: Getting An 'A' in Cybersecurity From Your Board Of Directors
Corporate board members are known for their relentless focus on the bottom line -- and with good reason. CISOs and other security executives often mired in technical language and expertise and, many times, unable to communicate the business impact that cybersecurity has on the bottom line. This helps explain why the average tenure of a CISO is two years.
An invaluable guide for any CISO, CEO or board member, readers of The Perfect Scorecard: Getting an ‘A’ in
Cybersecurity from…Corporate board members are known for their relentless focus on the bottom line -- and with good reason. CISOs and other security executives often mired in technical language and expertise and, many times, unable to communicate the business impact that cybersecurity has on the bottom line. This helps explain why the average tenure of a CISO is two years.
An invaluable guide for any CISO, CEO or board member, readers of The Perfect Scorecard: Getting an ‘A’ in
Cybersecurity from your Board of Directors, brings together 17 of the best and brightest in cybersecurity today -- CEOs, CISOs, board of director members, and business leaders of every stripe -- to offer actionable advice, best practices, and counsel on effectively closing the communication gap to accelerate organizational success. This book speaks directly to members of corporate boards to obtain a clear picture of cybersecurity risk, especially as attack surfaces have proliferated with increased digitization and Cloud dependence. -
Threshold and Proactive Pseudo-Random Permutations
Third Theory of Cryptography Conference, TCC 2006,
We construct a reasonably efficient threshold and proactive pseudo-random permutation (PRP). Our protocol needs only O(1) communication rounds. It tolerates up to (n – 1)/2 of n dishonest servers in the semi-honest environment. Many protocols that use PRPs (e.g., a CBC block cipher mode) can now be translated into the distributed setting. Our main technique for constructing invertible threshold PRPs is a distributed Luby-Rackoff construction where both the secret keys and the input are shared…
We construct a reasonably efficient threshold and proactive pseudo-random permutation (PRP). Our protocol needs only O(1) communication rounds. It tolerates up to (n – 1)/2 of n dishonest servers in the semi-honest environment. Many protocols that use PRPs (e.g., a CBC block cipher mode) can now be translated into the distributed setting. Our main technique for constructing invertible threshold PRPs is a distributed Luby-Rackoff construction where both the secret keys and the input are shared among the servers. We also present protocols for obliviously computing pseudo-random functions by Naor-Reingold [41] and Dodis-Yampolskiy [25] with shared input and keys.
Other authors -
Spreading Alerts Quietly and the Subgroup Escape Problem
ASIACRYPT 2005, 11th International Conference on the Theory and Application of Cryptology and Information Security
We introduce a new cryptographic primitive called the blind coupon mechanism (BCM). In effect, the BCM is an authenticated bit commitment scheme, which is AND-homomorphic. It has not been known how to construct such commitments before. We show that the BCM has natural and important applications. In particular, we use it to construct a mechanism for transmitting alerts undetectably in a message-passing system of n nodes. Our algorithms allow an alert to quickly propagate to all nodes without its…
We introduce a new cryptographic primitive called the blind coupon mechanism (BCM). In effect, the BCM is an authenticated bit commitment scheme, which is AND-homomorphic. It has not been known how to construct such commitments before. We show that the BCM has natural and important applications. In particular, we use it to construct a mechanism for transmitting alerts undetectably in a message-passing system of n nodes. Our algorithms allow an alert to quickly propagate to all nodes without its source or existence being detected by an adversary, who controls all message traffic. Our proofs of security are based on a new subgroup escape problem, which seems hard on certain groups with bilinear pairings and on elliptic curves over the ring ℤ n .
-
Inoculation strategies for victims of viruses and the sum-of-squares partition problem
SODA '05 Proceedings of the sixteenth annual ACM-SIAM symposium on Discrete algorithms
We propose a simple game for modeling containment of the spread of viruses in a graph of n nodes. Each node must choose to either install anti-virus software at some known cost C, or risk infection and a loss L if a virus that starts at a random initial point in the graph can reach it without being stopped by some intermediate node. The goal of individual nodes is to minimize their individual expected cost. We prove many game theoretic properties of the model, including an easily applied…
We propose a simple game for modeling containment of the spread of viruses in a graph of n nodes. Each node must choose to either install anti-virus software at some known cost C, or risk infection and a loss L if a virus that starts at a random initial point in the graph can reach it without being stopped by some intermediate node. The goal of individual nodes is to minimize their individual expected cost. We prove many game theoretic properties of the model, including an easily applied characterization of Nash equilibria, culminating in our showing that allowing selfish users to choose Nash equilibrium strategies is highly undesirable, because the price of anarchy is an unacceptable Θ(n) in the worst case. This shows in particular that a centralized solution can give a much better total cost than an equilibrium solution. Though it is NP-hard to compute such a social optimum, we show that the problem can be reduced to a previously unconsidered combinatorial problem that we call the sum-of-squares partition problem. Using a greedy algorithm based on sparse cuts, we show that this problem can be approximated to within a factor of O(log2 n), giving the same approximation ratio for the inoculation game.
-
A Verifiable Random Function with Short Proofs and Keys
Public Key Cryptography Conference - PKC 2005 (Best Paper Award)
We give a simple and efficient construction of a verifiable random function (VRF) on bilinear groups. Our construction is direct. In contrast to prior VRF constructions [14,15], it avoids using an inefficient Goldreich-Levin transformation, thereby saving several factors in security. Our proofs of security are based on a decisional bilinear Diffie-Hellman inversion assumption, which seems reasonable given current state of knowledge. For small message spaces, our VRF’s proofs and keys have…
We give a simple and efficient construction of a verifiable random function (VRF) on bilinear groups. Our construction is direct. In contrast to prior VRF constructions [14,15], it avoids using an inefficient Goldreich-Levin transformation, thereby saving several factors in security. Our proofs of security are based on a decisional bilinear Diffie-Hellman inversion assumption, which seems reasonable given current state of knowledge. For small message spaces, our VRF’s proofs and keys have constant size. By utilizing a collision-resistant hash function, our VRF can also be used with arbitrary message spaces. We show that our scheme can be instantiated with an elliptic group of very reasonable size. Furthermore, it can be made distributed and proactive.
Other authors -
Towards a Theory of Data Entanglement
European Symposium on Research in Computer Security
We give a formal model for systems that store data in entangled form. We propose a new notion of entanglement, called all-or-nothing integrity (AONI) that binds the users’ data in a way that makes it hard to corrupt the data of any one user without corrupting the data of all users. AONI can be a useful defense against negligent or dishonest storage providers who might otherwise be tempted to discard documents belonging to users without much clout. We show that, if all users use the standard…
We give a formal model for systems that store data in entangled form. We propose a new notion of entanglement, called all-or-nothing integrity (AONI) that binds the users’ data in a way that makes it hard to corrupt the data of any one user without corrupting the data of all users. AONI can be a useful defense against negligent or dishonest storage providers who might otherwise be tempted to discard documents belonging to users without much clout. We show that, if all users use the standard recovery algorithm, we can implement AONI using a MAC, but, if some of the users adopt the adversary’s non-standard recovery algorithm, AONI can no longer be achieved. However, even for the latter scenario, we describe a simple entangling mechanism that provides AONI for a restricted class of destructive adversaries.
Other authors
Patents
Languages
-
English
Native or bilingual proficiency
-
Russian
Native or bilingual proficiency
Organizations
-
Young Presidents' Organization (YPO/WPO)
-
Recommendations received
15 people have recommended Aleksandr Join now to view
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Aleksandr Yampolskiy
-
Aleksandr Yampolskiy
Chief Digital Marketing Officer – MAKEUP
-
Aleksandr Yampolskiy
Учащийся в уч. заведении Школа 2
2 others named Aleksandr Yampolskiy are on LinkedIn
See others named Aleksandr Yampolskiy