[crypto] [secdm at tue.nl: PROGRAM Crypto Working Group, March 24, 2017]
R. Hirschfeld
ray at unipay.nl
Sat Mar 18 16:25:47 CET 2017
------- Start of forwarded message -------
From: Secretariaat DM <secdm at tue.nl>
Subject: PROGRAM Crypto Working Group, March 24, 2017
Date: Sat, 18 Mar 2017 11:01:22 +0000
Dear all,
Herewith I send you the program of the CWG-meeting on Friday, March 24, 2017.
With kind regards / Met vriendelijke groeten,
Anita Klooster
secretary of the section Discrete Mathematics
[cid:image001.gif at 01CB8FB5.88A9C0F0]
Dept. of Mathematics and Computer Science
MF 4.058
Office hours: Monday and Friday 08.30-12.30 h / Tuesday and Wednesday 08.30-17.00 h
Telephone: +31 (0)40 2472254
Email: secdm at tue.nl<mailto:secdm at tue.nl>
CRYPTO WORKING GROUP
Friday, March 24, 2017
De Kargadoor (http://www.kargadoor.nl/utrecht/zaalverhuur.html)
Oudegracht 36, Utrecht
Program
10.45 - 11.30 hrs. Joost Rijneveld (RU Nijmegen),
MQDSS signatures - construction
11.30 - 11.45 hrs. Coffee / tea break
11.45 - 12.30 hrs. Simona Samardjiska (RU Nijmegen),
MQDSS signatures - security
12.30 - 14.00 hrs. Lunch break (lunch not included)
14.00 - 14.45 hrs. Andreas Hülsing (TU/e),
Semantic Security and Indistinguishability in the Quantum World
14.45 - 15.00 hrs. Coffee / tea break
15.00 - 15.45 hrs. Christine van Vredendaal (TU/e),
Short generators without quantum computers: the case
of multiquadratics
Abstract talks Joost Rijneveld & Simona Samardjiska: MQDSS signatures - construction & security
We present MQDSS, the first signature scheme with a security reduction based on the problem of solving a multivariate system of quadratic equations (the MQ problem). In order to construct this scheme, we give a new security reduction for the Fiat-Shamir transform from a large class of 5-pass identification schemes and show that a previous attempt from the literature to obtain such a proof does not achieve the desired goal. We also give concrete parameters for MQDSS, provide a detailed security analysis showing that the resulting instantiation MQDSS-31-64 achieves 128 bits of post-quantum security, and describe an optimized implementation.
Abstract talk Andreas Hülsing: Semantic Security and Indistinguishability in the Quantum World
At CRYPTO 2013, Boneh and Zhandry initiated the study of quantum-secure encryption. They proposed first indistinguishability definitions for the quantum world where the actual indistinguishability only holds for classical messages, and they provide arguments why it might be hard to achieve a stronger notion. In this work, we show that stronger notions are achievable, where the indistinguishability holds for quantum superpositions of messages. We investigate exhaustively the possibilities and subtle differences in defining such a quantum indistinguishability notion for symmetric-key encryption schemes.
We justify our stronger definition by showing its equivalence to novel quantum semantic-security notions that we introduce. Furthermore, we show that our new security definitions cannot be achieved by a large class of ciphers -- those which are quasi-preserving the message length. On the other hand, we provide a secure construction based on quantum-resistant pseudorandom permutations; this construction can be used as a generic transformation for turning a large class of encryption schemes into quantum indistinguishable and hence quantum semantically secure ones. Moreover, our construction is the first completely classical encryption scheme shown to be secure against an even stronger notion of indistinguishability, which was previously known to be achievable only by using quantum messages and arbitrary quantum encryption circuits.
This is joint work with Tommaso Gagliardoni (TU Darmstadt) and Christian Schaffner (UvA & CWI & QuSoft)
------- End of forwarded message -------
More information about the crypto
mailing list