[crypto] [secdm at tue.nl: PROGRAM Crypto Working Group, June 16, 2017]

R. Hirschfeld ray at unipay.nl
Mon Jun 12 16:32:37 CEST 2017

------- Start of forwarded message -------
From: Secretariaat DM <secdm at tue.nl>
Subject: PROGRAM Crypto Working Group, June 16, 2017
Date: Mon, 12 Jun 2017 11:17:59 +0000

Dear all,

Herewith I send you the program of the CWG-meeting on Friday, June 16, 2017.

With kind regards / Met vriendelijke groeten,
Anita Klooster
secretary of the section Discrete Mathematics

[cid:image001.gif at 01CB8FB5.88A9C0F0]

Dept. of Mathematics and Computer Science
MF 4.058
Office hours: Monday and Friday 08.30-12.30 h / Tuesday and Wednesday 08.30-17.00 h
Telephone: +31 (0)40 2472254
Email: secdm at tue.nl<mailto:secdm at tue.nl>


Friday, March 24, 2017
De Kargadoor (http://www.kargadoor.nl/utrecht/zaalverhuur.html)
Oudegracht 36, Utrecht


10.45 - 11.30 hrs.   Yval Yarom (Univ. of Adelaide) and Léon Groot Bruinderink (TU/e)

                                            To BLISS-B or not to be - Attacking strongSwan's Implementation of Post-Quantum Signatures

11.30 -  11.45 hrs.   Coffee / tea break

11.45 - 12.30 hrs.    Bart Mennink (RU Nijmegen),

                                            Encrypted Davies-Meyer and Its Dual: Towards Optimal Security Using Mirror Theory

12.30 -  14.00 hrs.   Lunch break (lunch not included)

14.00 - 14.45 hrs.    Daniel Genkin (Univ. of Pennsylvania),


14.45 - 15.00 hrs.    Coffee / tea break

15.00 - 15.45 hrs.    Marc Stevens (CWI),

                                   Finding the first collision for SHA-1

Abstract talk Bart Mennink:  Encrypted Davies-Meyer and Its Dual: Towards Optimal Security Using Mirror Theory

At CRYPTO 2016, Cogliati and Seurin introduced the Encrypted Davies-Meyer construction, p_2(p_1(x) xor x) for two n-bit permutations p_1,p_2, and proved security up to 2^{2n/3}. We present an improved security analysis up to 2^n/(67n). Additionally, we introduce the dual of the Encrypted Davies-Meyer construction, p_2(p_1(x)) xor p_1(x), and prove even tighter security for this construction: 2^n/67. We finally demonstrate that the analysis neatly generalizes to prove almost optimal security of the Encrypted Wegman-Carter with Davies-Meyer MAC construction and its newly introduced dual. Central to our analysis is a modernization of Patarin's mirror theorem and an exposition of how it relates to fundamental cryptographic problems.

Abstract talk Marc Stevens: Finding the first collision for SHA-1

The cryptographic hash function SHA-1 is an important industry standard used for various applications such as digital signatures, file deduplication and Git.

The security of many applications depends on that it is infeasible to find hash collisions, i.e. two files with the same hash.

However, SHA-1 has been known to be weak since 2004 when the first theoretical collision attack faster than a brute force attack was presented.

Collision attacks have improved since then, but actually finding a collision remained just out of reach for more than a decade.

In this talk I will discuss the ideas and impact of the first SHA-1 collision that we announced last February after a 2-year collaboration between CWI and Google.

Joint work with Ange Albertini, Elie Bursztein, Pierre Karpman and Yarik Markov.
------- End of forwarded message -------

More information about the crypto mailing list