[crypto] Fwd: PROGRAM Crypto Working Group, September 6, 2019
R. Hirschfeld
ray at unipay.nl
Sat Aug 17 00:48:22 CEST 2019
-------- Original Message --------
Subject: PROGRAM Crypto Working Group, September 6, 2019
Date: 2019-08-16 22:34
From: Secretariaat DM <secdm at tue.nl>
To: Secretariaat DM <secdm at tue.nl>
Dear all,
Herewith I send you the program of the CWG-meeting on Friday, September
6, 2019.
With kind regards, / Met vriendelijke groeten,
Anita Klooster
secretary of the section Discrete Mathematics
[cid:image001.png at 01D4442F.81AF2D80]
Dept. of Mathematics and Computer Science
MF 6.101
Office hours: Monday and Wednesday 08.30-17.00 h / Friday 08.30-12.30 h
Tel.: +31 (0)40 2472254
CRYPTO WORKING GROUP
Friday, September 6, 2019
De Kargadoor (http://www.kargadoor.nl/utrecht/zaalverhuur.html)
Oudegracht 36, Utrecht
Program
10.45 – 11.30 hrs. Frank van den Bosch-Blom (TU/e),
Efficient Secure Ridge
Regression from Randomized Gaussian Elimination
11.30 - 11.45 hrs. Coffee / tea break
11.45 - 12.30 hrs. Benjamin Wesolowski (CWI),
Verifiable delay functions
12.30 - 14.00 hrs. Lunch break (lunch not included)
14.00 - 14.45 hrs. Ko Stoffelen (RU Nijmegen),
pqm4: Testing and
Benchmarking NIST PQC on ARM Cortex-M4
14.45 - 15.00 hrs. Coffee / tea break
15.00 - 15.45 hrs. Thijs Laarhoven (TU/e),
Approximate Voronoi cells
for the closest vector problem, revisited
Abstract talk Frank van den Bosch-Blom: Efficient Secure Ridge
Regression from Randomized Gaussian Elimination
We present a practical protocol for secure ridge regression. We develop
the necessary secure linear algebra tools, using only basic arithmetic
over prime fields. In particular, we will show how to solve linear
systems of equations and compute matrix inverses efficiently, using
appropriate secure random self-reductions of these problems. The
distinguishing feature of our approach is that the use of secure
fixed-point arithmetic is avoided entirely, while circumventing the need
for rational reconstruction at any stage as well.
We demonstrate the potential of our protocol in a standard setting for
information-theoretically secure multiparty computation, tolerating a
dishonest minority of passively corrupt parties. Using the MPyC
framework, which is based on threshold secret sharing over finite
fields, we show how to handle large datasets efficiently, achieving
practically the same root-mean-square errors as Scikit-learn. Moreover,
we do not assume that any (part) of the datasets is held privately by
any of the parties, which makes our protocol much more versatile than
existing solutions.
Abstract talk Ko Stoffelen: pqm4: Testing and Benchmarking NIST PQC on
ARM Cortex-M4
pqm4 is a testing and benchmarking framework that we developed to study
how submissions to the ongoing NIST competition on post-quantum
cryptography behave on ARM Cortex-M4 microprocessors. If the next
generation of public-key cryptographic schemes is going to be larger and
slower than the DLP-based ECC that we use today, it is important to
learn how feasible the schemes are in more constrained environments such
as on microprocessors. pqm4 currently includes 10 key encapsulation
mechanisms and 5 signature schemes of the NIST PQC competition. For the
remaining 11 schemes, the available implementations require more memory
than is available on our target platform or they depend on large
external libraries, which makes them arguably unsuitable for embedded
devices.
Abstract talk Thijs Laarhoven: Approximate Voronoi cells for the closest
vector problem, revisited
We consider one of the classical hard lattice problems, the closest
vector problem with preprocessing (CVPP), and show how to obtain fast
heuristic algorithms for CVPP in high dimensions using approximate
Voronoi cells, which can be seen as generalizations of the exact Voronoi
cell of a lattice. Although writing down a natural algorithm to solve
CVPP with these approximate Voronoi cells is straightforward, analyzing
it tightly has proven to be a challenge. We outline previous approaches
for analyzing the performance of this "randomized slicer" algorithm, and
show how in ongoing work we have found a way to obtain tight asymptotic
bounds on its success probability.
Partly based on joint work with Emmanouil Doulgerakis and Benne de
Weger, and on ongoing joint work with Leo Ducas and Wessel van Woerden.
More information about the crypto
mailing list