[crypto] Fwd: Reviving the Crypto Working Group (March 17)
R. Hirschfeld
ray at unipay.nl
Sat Mar 4 02:01:10 CET 2023
-------- Original Message --------
Subject: Reviving the Crypto Working Group (March 17)
Date: 2023-03-03 19:01
From: Andreas Hülsing <a.t.huelsing at tue.nl>
To: Zekeriya Erkin - EWI <Z.Erkin at tudelft.nl>, simona s
<simonas at cs.ru.nl>, Thijs Laarhoven <mail at thijs.com>, Tanja Lange
<tanja at hyperelliptic.org>
Dear colleague,
We are happy to announce that after a long pause the Crypto Working
Group is starting again.
The next CWG will take place Friday, March 17, 10:15-16:00h at De
Kargadoor, Oudegracht 36, in Utrecht.
We have four amazing speakers, the good old apple pie, and the chance to
finally meet again.
For the agenda see below.
Best wishes,
Andreas, Simona, Tanja, Thijs, and Zekeriya
P.S.: Due to retirement and other incidents we lost the most recent
mailing-list and recovered a version from 2018. In case you asked to be
removed from the list in the mean time, we are very sorry and would ask
you to please let us know once more. At the same time we will have
missed new people and people that moved or got new email addresses, so
please spread the word.
========
Agenda
========
10:30-11:15 Mike Kudinov
11:30-12:15 João Faria Miranda Duarte
14:15-15:00 Monika Trimoska
15:15-16:00 Jelle Vos
====================================
Details
====================================
Mike Kudinov (TU/e)
Title:
Latest results regarding the SPHINCS+ signature scheme
Abstract:
In 2020, Kudinov, Kiktenko, and Fedorov pointed out a flaw in the
tight security proof of the SPHINCS+ construction. In this talk, we
discuss a new tight security proof for SPHINCS+. The flaw can be traced
back to the security proof for the Winternitz one-time signature scheme
(WOTS) used within SPHINCS+.
We will talk about a security proof for WOTS and multi-instance WOTS
against non-adaptive chosen message attacks where the adversary only
learns the public key after it makes its signature queries. We argue
that this is sufficient to give a tight security proof for SPHINCS+.
Moreover, we discuss new lower bounds on the quantum query complexity
for generic attacks against properties of cryptographic hash functions.
Lastly, SPHINCS+C will be presented. This is a proposed modification
to SPHINCS+ that allows for a better trade-off between the size of the
signature, signature generation time, and verification time.
---------------------------------
João Faria Miranda Duarte (TNO)
Title:
The HAPKIDO Project: The Standardisation and Implementation of Hybrid
Certificates
Abstract:
Public-key infrastructures (PKI) are a crucial building block in
providing and maintaining trust in digital communications through the
use of cryptography. With the advent of large-scale quantum computers,
PKIs are one of the most important digital systems that will be severely
affected. Henceforth, the underlying cryptographic will need to be
migrated to a new kind of quantum-safe cryptography. This transition is
considered to be the most complex one in the history of cryptography due
to its urgency and the lack of maturity of quantum-safe cryptography.
Hence, the deployment of classical and quantum-safe cryptography will
need to be carried out simultaneously, which can be done via a “hybrid”
model which employs both classical and quantum-safe cryptography. This
hybrid model will need to be standardised and multiple standards have
been proposed, but some are not mature enough, or they do exist, but
their implementation is either not available, incomplete, not open
source, not production-ready or not compliant to standards.
HAPKIDO, Hybrid Approach for quantum-safe Public-Key Infrastructure
Development for Organizations, is a project involving seven parties from
the private and the public sector. In this talk, we will talk about the
combined efforts, the challenges and the progress of the HAPKIDO
Project, with a particular focus on the work done in the realm of hybrid
certificates, which includes analysing standards, implementation and
deployment challenges for said certificates.
---------------------------------
Monika Trimoska (RU)
Title:
Disorientation faults in CSIDH
Abstract:
The cryptographic community is actively looking for alternatives for
protecting our data and communications from adversaries with a large
quantum computer. One of the families of post-quantum cryptography is
based on the hardness of finding isogenies of elliptic curves. The
isogeny-based scheme SIDH and its instantiation SIKE have recently been
broken by a surprising polynomial-time attack. However, the CSIDH
cryptosystem and protocols based on the CSIDH group action are not
affected by the attack and remain a noteworthy target for cryptanalysis.
In this work, we investigate a new class of fault-injection attacks
against the CSIDH family of cryptographic group actions. Our
disorientation attacks effectively flip the direction of some isogeny
steps, resulting in an incorrect output curve. The placement of the
disorientation fault during the algorithm influences the distribution of
the output curve in a key-dependent manner. We explain how an attacker
can post-process a set of faulty outputs to fully recover the private
key. This presentation will focus on analysing the graph of faulty
curves formed in the post-processing stage and getting an intuition on
how it can be used to infer constraints on the secret key. This is joint
work with Gustavo Banegas, Juliane Krämer, Tanja Lange, Michael Meyer,
Lorenz Panny, Krijn Reijnders and Jana Sotáková.
---------------------------------
Jelle Vos (TU Delft)
Title:
TBA
Abstract:
TBA
More information about the crypto
mailing list