[crypto] [secdm at tue.nl: REMINDER: PROGRAM Crypto Working Group, May 25, 2018]

R. Hirschfeld ray at unipay.nl
Wed May 23 20:48:07 CEST 2018


------- Start of forwarded message -------
From: Secretariaat DM <secdm at tue.nl>
Subject: REMINDER: PROGRAM Crypto Working Group, May 25, 2018
Date: Wed, 23 May 2018 12:21:18 +0000

Dear all,

Herewith I send you the complete program of the CWG-meeting on Friday, May 25, 2018.
But please also read this extra message:

May 25 is not only the next Crypto Working Group but also the day the GDPR takes effect.

You've been getting these CWG-emails because at some point you asked Tanja, me, or one of our predecessors to be added to this list.

If you don't want to receive any more announcements for the CWG and other Ei/PSI events, just send an email back to secdm at tue.nl<mailto:secdm at tue.nl> and I'll take you off the mailing list.

You can also find more information on our twitter feed https://twitter.com/Ei_PSI

With kind regards / Met vriendelijke groeten,
Anita Klooster
secretary of the section Discrete Mathematics

[cid:image001.gif at 01CB8FB5.88A9C0F0]

Dept. of Mathematics and Computer Science
MF 4.058
Office hours: Monday and Friday 08.30-12.30 h / Tuesday and Wednesday 08.30-17.00 h
Telephone: +31 (0)40 2472254
Email: secdm at tue.nl<mailto:secdm at tue.nl>




CRYPTO WORKING GROUP


Friday, May 25, 2018
De Kargadoor (http://www.kargadoor.nl/utrecht/zaalverhuur.html)
Oudegracht 36, Utrecht



Program

10.45 - 11.30 hrs.      Boris ©koriæ (TU/e),

                                                           Quantum stuff with optical PUFs

11.30 -  11.45 hrs.      Coffee / tea break


11.45 - 12.30 hrs.       Martijn Stam (Univ. of Bristol),

                                          Untagging Tor: A Formal Treatment of Onion Encryption

                                    (joint work with Jean Paul Degabriele)


12.30 -  14.00 hrs.      Lunch break (lunch not included)


14.00 - 14.45 hrs.       Kit Smeets (UCL),

                                             Rounded Gaussians - Fast and Secure Constant-Time Sampling for Lattice-Based Crypto


14.45 - 15.00 hrs.       Coffee / tea break


15.00 - 15.45 hrs.       Jason Donenfeld (Edge Security),

                                             Considerations in designing WireGuard


Abstract talk Boris ©koriæ: Quantum stuff with optical PUFs

The combination of optical PUFs and quantum optics makes it possible to build remote authentication protocols whose security relies only on a single physical assumption, e.g. the assumption that it is difficult to losslessly emulate a PUF's behaviour. QSA (Quantum Secure Authentication) is an example of such a protocol. Unfortunately, QSA requires photons to travel the distance between Alice and Bob twice. This talk discusses a new protocol, PUF-Enabled Asymmetric Communication (PEAC), which needs only one-way travel.

http://export.arxiv.org/abs/1802.07573



Abstract talk Martijn Stam: Untagging Tor: A Formal Treatment of Onion Encryption (joint work with Jean Paul Degabriele, presented at RWC'18 and published at Eurocrypt'18)
Tor is a primary tool for maintaining anonymity online. It provides a low-latency, circuit-based, bidirectional secure channel between two parties through a network of onion routers, with the aim of obscuring exactly who is talking to whom, even to adversaries controlling part of the network. Tor relies heavily on cryptographic techniques, yet its onion encryption scheme is susceptible to tagging attacks (Fu and Ling, 2009), which allow an active adversary controlling the first and last node of a circuit to deanonymize with near-certainty. This contrasts with less active traffic correlation attacks, where the same adversary can at best deanonymize with high probability. The Tor project has been actively looking to defend against tagging attacks and its most concrete alternative is proposal 261, which specifies a new onion encryption scheme based on a variable-input-length tweakable cipher.

We provide a formal treatment of low-latency, circuit-based onion encryption, relaxed to the unidirectional setting, by expanding existing secure channel notions to the new setting and introducing circuit hiding to capture the anonymity aspect of Tor. We demonstrate that circuit hiding prevents tagging attacks and show proposal 261's relay protocol is circuit hiding and thus resistant against tagging attacks.
------- End of forwarded message -------


More information about the crypto mailing list