From ray at unipay.nl Wed Feb 5 10:42:54 2020 From: ray at unipay.nl (R. Hirschfeld) Date: Wed, 05 Feb 2020 10:42:54 +0100 Subject: [crypto] Fwd: REMINDER: Crypto Working Group, February 7, 2020, DIFFERENT LOCATION In-Reply-To: <77F22861F2CA414DAA9C3C4F20071A84DCD43FB1@XSERVER32C.campus.tue.nl> References: <77F22861F2CA414DAA9C3C4F20071A84DCD43FB1@XSERVER32C.campus.tue.nl> Message-ID: <461bf6a9553eaa73f770e7d1e9e8407a@unipay.nl> -------- Original Message -------- Subject: REMINDER: Crypto Working Group, February 7, 2020, DIFFERENT LOCATION Date: 2020-02-05 10:08 From: Secretariaat DM To: Secretariaat DM Dear all, Herewith I send you a reminder for the CWG-meeting this Friday, February 7, 2020. With kind regards, / Met vriendelijke groeten, Anita Klooster secretary of the section Discrete Mathematics [cid:image001.png at 01D4442F.81AF2D80] Dept. of Mathematics and Computer Science MF 6.101 Office hours: Monday and Wednesday 08.30-17.00 h / Friday 08.30-12.30 h Tel.: +31 (0)40 2472254 CRYPTO WORKING GROUP Friday, February 7, 2020 Opleidingsruimte-Utrecht (http://opleidingsruimte-utrecht.nl/Routebeschrijving-Mariaplaats-3.pdf) Mariaplaats 3, Utrecht Program 10.45 ? 11.30 hrs. Aldo Gunsing (RU Nijmegen), Deck-Based Wide Block Cipher Modes and an Exposition of the Blinded Keyed Hashing Model 11.30 - 11.45 hrs. Coffee / tea break 11.45 - 12.30 hrs. Douglas Stebila (Univ. of Waterloo, Canada), Exploring Post-Quantum Cryptography in Internet Protocols 12.30 - 14.00 hrs. Lunch break (lunch not included) 14.00 - 14.45 hrs. Florian Hahn (Univ. of Twente), Secure Data Aggregation Grouped by Multiple Attributes 14.45 - 15.00 hrs. Coffee / tea break 15.00 - 15.45 hrs. Tomer Ashur (TU Eindhoven), Design of Symmetric-Key Primitives for Advanced Cryptographic Protocols Abstract talk Aldo Gunsing: Deck-Based Wide Block Cipher Modes and an Exposition of the Blinded Keyed Hashing Model We present two tweakable wide block cipher modes from doubly-extendable cryptographic keyed (deck) functions and a keyed hash function: double-decker and docked-double-decker. Double-decker is a direct generalization of Farfalle-WBC of Bertoni et al. (ToSC 2017(4)), and is a four-round Feistel network, docked-double-decker is a modified variant. We prove these constructions secure using a new security model for keyed hashes namely the blinded keyed hashing model. We demonstrate that blinded keyed hashing is more general than the conventional notion of XOR-universality, and that it allows us to instantiate our constructions with keyed hash functions that have a very strong claim on bkh security but not necessarily on XOR-universality, such as Xoofffie (ePrint 2018/767). Abstract talk Douglas Stebila: Exploring Post-Quantum Cryptography in Internet Protocols Post-quantum cryptographic primitives have a range of trade-offs compared to traditional public key algorithms, either having slower computation or larger public keys and ciphertexts/signatures, or both. In this talk, I will discuss how these trade-offs may impact various Internet security protocols, focusing primarily on the Transport Layer Security (TLS) protocol as a case study. First, I will discuss the various choices one must make at the protocol specification level when deciding how to integrate post-quantum algorithms into network security protocols, with special consideration of the so-called hybrid or combined scenario, where a traditional and post-quantum algorithm are used simultaneously to provide robust security. Next, I will talk about our experience with prototype implementations of post-quantum and hybrid algorithms in the TLS and the Secure Shell (SSH) protocols, including whether particular algorithms even can be used due to size constraints. Building on this, I will present results on the performance impact of post-quantum algorithms, showing how network characteristics such as round-trip time and packet loss rate affect connection establishment time. Finally, I'll briefly discuss some open questions both from an engineering and theory perspective. Along the way I'll discuss the Open Quantum Safe project, an open-source software project for prototyping and experimenting with post-quantum cryptography. Abstract talk Tomer Ashur: Design of Symmetric-Key Primitives for Advanced Cryptographic Protocols While traditional symmetric primitives like AES and SHA3 are optimized for efficient hardware and software implementations, a range of emerging applications using advanced cryptographic protocols such as multi-party computation and zero-knowledge proofs require optimization with respect to a different metric: arithmetic complexity. In this paper we study the design of secure cryptographic primitives optimized to minimize this metric. We begin by identifying the differences in the design space between such arithmetization-oriented ciphers and traditional ones, with particular emphasis on the available tools, efficiency metrics, and relevant cryptanalysis. This discussion highlights a crucial point --- the considerations for designing arithmetization-oriented ciphers are fundamentally different from the considerations arising from traditional cipher design. The natural next step is to identify sound principles to securely navigate this new terrain, and to materialize these principles into concrete designs. To this end, we present two families of arithmetization-oriented symmetric-key primitives. By motivating our design decisions at length with respect to the identified principles, we show that it is possible to design secure and efficient primitives for this emerging domain.