[crypto] Fwd: REMINDER: Crypto Working Group, February 7, 2020, DIFFERENT LOCATION
R. Hirschfeld
ray at unipay.nl
Wed Feb 5 10:42:54 CET 2020
-------- Original Message --------
Subject: REMINDER: Crypto Working Group, February 7, 2020, DIFFERENT
LOCATION
Date: 2020-02-05 10:08
From: Secretariaat DM <secdm at tue.nl>
To: Secretariaat DM <secdm at tue.nl>
Dear all,
Herewith I send you a reminder for the CWG-meeting this Friday, February
7, 2020.
With kind regards, / Met vriendelijke groeten,
Anita Klooster
secretary of the section Discrete Mathematics
[cid:image001.png at 01D4442F.81AF2D80]
Dept. of Mathematics and Computer Science
MF 6.101
Office hours: Monday and Wednesday 08.30-17.00 h / Friday 08.30-12.30 h
Tel.: +31 (0)40 2472254
CRYPTO WORKING GROUP
Friday, February 7, 2020
Opleidingsruimte-Utrecht
(http://opleidingsruimte-utrecht.nl/Routebeschrijving-Mariaplaats-3.pdf)
Mariaplaats 3, Utrecht
Program
10.45 – 11.30 hrs. Aldo
Gunsing (RU Nijmegen),
Deck-Based Wide Block Cipher Modes and an
Exposition of the Blinded Keyed Hashing Model
11.30 - 11.45 hrs. Coffee /
tea break
11.45 - 12.30 hrs. Douglas
Stebila (Univ. of Waterloo, Canada),
Exploring Post-Quantum Cryptography in
Internet Protocols
12.30 - 14.00 hrs. Lunch
break (lunch not included)
14.00 - 14.45 hrs. Florian
Hahn (Univ. of Twente),
Secure Data Aggregation Grouped by Multiple
Attributes
14.45 - 15.00 hrs. Coffee /
tea break
15.00 - 15.45 hrs. Tomer
Ashur (TU Eindhoven),
Design of Symmetric-Key Primitives for
Advanced Cryptographic Protocols
Abstract talk Aldo Gunsing: Deck-Based Wide Block Cipher Modes and an
Exposition of the Blinded Keyed Hashing Model
We present two tweakable wide block cipher modes from doubly-extendable
cryptographic keyed (deck) functions and a keyed hash function:
double-decker and docked-double-decker. Double-decker is a direct
generalization of Farfalle-WBC of Bertoni et al. (ToSC 2017(4)), and is
a four-round Feistel network, docked-double-decker is a modified
variant. We prove these constructions secure using a new security model
for keyed hashes namely the blinded keyed hashing model. We demonstrate
that blinded keyed hashing is more general than the conventional notion
of XOR-universality, and that it allows us to instantiate our
constructions with keyed hash functions that have a very strong claim on
bkh security but not necessarily on XOR-universality, such as Xoofffie
(ePrint 2018/767).
Abstract talk Douglas Stebila: Exploring Post-Quantum Cryptography in
Internet Protocols
Post-quantum cryptographic primitives have a range of trade-offs
compared to traditional public key algorithms, either having slower
computation or larger public keys and ciphertexts/signatures, or both.
In this talk, I will discuss how these trade-offs may impact various
Internet security protocols, focusing primarily on the Transport Layer
Security (TLS) protocol as a case study.
First, I will discuss the various choices one must make at the protocol
specification level when deciding how to integrate post-quantum
algorithms into network security protocols, with special consideration
of the so-called hybrid or combined scenario, where a traditional and
post-quantum algorithm are used simultaneously to provide robust
security. Next, I will talk about our experience with prototype
implementations of post-quantum and hybrid algorithms in the TLS and the
Secure Shell (SSH) protocols, including whether particular algorithms
even can be used due to size constraints. Building on this, I will
present results on the performance impact of post-quantum algorithms,
showing how network characteristics such as round-trip time and packet
loss rate affect connection establishment time. Finally, I'll briefly
discuss some open questions both from an engineering and theory
perspective.
Along the way I'll discuss the Open Quantum Safe project, an open-source
software project for prototyping and experimenting with post-quantum
cryptography.
Abstract talk Tomer Ashur: Design of Symmetric-Key Primitives for
Advanced Cryptographic Protocols
While traditional symmetric primitives like AES and SHA3 are optimized
for efficient hardware and software implementations, a range of emerging
applications using advanced cryptographic protocols such as multi-party
computation and zero-knowledge proofs require optimization with respect
to a different metric: arithmetic complexity. In this paper we study the
design of secure cryptographic primitives optimized to minimize this
metric. We begin by identifying the differences in the design space
between such arithmetization-oriented ciphers and traditional ones, with
particular emphasis on the available tools, efficiency metrics, and
relevant cryptanalysis. This discussion highlights a crucial point ---
the considerations for designing arithmetization-oriented ciphers are
fundamentally different from the considerations arising from traditional
cipher design.
The natural next step is to identify sound principles to securely
navigate this new terrain, and to materialize these principles into
concrete designs. To this end, we present two families of
arithmetization-oriented symmetric-key primitives. By motivating our
design decisions at length with respect to the identified principles, we
show that it is possible to design secure and efficient primitives for
this emerging domain.
More information about the crypto
mailing list