[crypto] Fwd: Reviving the Crypto Working Group (March 17)

R. Hirschfeld ray at unipay.nl
Sat Mar 4 02:01:10 CET 2023 


-------- Original Message --------
Subject: Reviving the Crypto Working Group (March 17)
Date: 2023-03-03 19:01
 From: Andreas Hülsing <a.t.huelsing at tue.nl>
To: Zekeriya Erkin - EWI <Z.Erkin at tudelft.nl>, simona s 
<simonas at cs.ru.nl>, Thijs Laarhoven <mail at thijs.com>, Tanja Lange 
<tanja at hyperelliptic.org>

Dear colleague,

We are happy to announce that after a long pause the Crypto Working 
Group is starting again.

The next CWG will take place Friday, March 17, 10:15-16:00h at De 
Kargadoor, Oudegracht 36, in Utrecht.
We have four amazing speakers, the good old apple pie, and the chance to 
finally meet again.

For the agenda see below.

Best wishes,

Andreas, Simona, Tanja, Thijs, and Zekeriya

P.S.: Due to retirement and other incidents we lost the most recent 
mailing-list and recovered a version from 2018. In case you asked to be 
removed from the list in the mean time, we are very sorry and would ask 
you to please let us know once more. At the same time we will have 
missed new people and people that moved or got new email addresses, so 
please spread the word.


========
Agenda
========

10:30-11:15 Mike Kudinov

11:30-12:15 João Faria Miranda Duarte

14:15-15:00 Monika Trimoska

15:15-16:00 Jelle Vos

====================================
Details
====================================

Mike Kudinov (TU/e)

Title:
  Latest results regarding the SPHINCS+ signature scheme
Abstract:
  In 2020, Kudinov, Kiktenko, and Fedorov pointed out a flaw in the 
tight security proof of the SPHINCS+ construction. In this talk, we 
discuss a new tight security proof for SPHINCS+. The flaw can be traced 
back to the security proof for the Winternitz one-time signature scheme 
(WOTS) used within SPHINCS+.
  We will talk about a security proof for WOTS and multi-instance WOTS 
against non-adaptive chosen message attacks where the adversary only 
learns the public key after it makes its signature queries. We argue 
that this is sufficient to give a tight security proof for SPHINCS+.
  Moreover, we discuss new lower bounds on the quantum query complexity 
for generic attacks against properties of cryptographic hash functions.
  Lastly, SPHINCS+C will be presented. This is a proposed modification 
to SPHINCS+ that allows for a better trade-off between the size of the 
signature, signature generation time, and verification time.

---------------------------------

João Faria Miranda Duarte (TNO)

Title:
  The HAPKIDO Project: The Standardisation and Implementation of Hybrid 
Certificates

Abstract:
  Public-key infrastructures (PKI) are a crucial building block in 
providing and maintaining trust in digital communications through the 
use of cryptography. With the advent of large-scale quantum computers, 
PKIs are one of the most important digital systems that will be severely 
affected. Henceforth, the underlying cryptographic will need to be 
migrated to a new kind of quantum-safe cryptography. This transition is 
considered to be the most complex one in the history of cryptography due 
to its urgency and the lack of maturity of quantum-safe cryptography. 
Hence, the deployment of classical and quantum-safe cryptography will 
need to be carried out simultaneously, which can be done via a “hybrid” 
model which employs both classical and quantum-safe cryptography. This 
hybrid model will need to be standardised and multiple standards have 
been proposed, but some are not mature enough, or they do exist, but 
their implementation is either not available, incomplete, not open 
source, not production-ready or not compliant to standards.
  HAPKIDO, Hybrid Approach for quantum-safe Public-Key Infrastructure 
Development for Organizations, is a project involving seven parties from 
the private and the public sector. In this talk, we will talk about the 
combined efforts, the challenges and the progress of the HAPKIDO 
Project, with a particular focus on the work done in the realm of hybrid 
certificates, which includes analysing standards, implementation and 
deployment challenges for said certificates.

---------------------------------

Monika Trimoska (RU)

Title:
  Disorientation faults in CSIDH

Abstract:
  The cryptographic community is actively looking for alternatives for 
protecting our data and communications from adversaries with a large 
quantum computer. One of the families of post-quantum cryptography is 
based on the hardness of finding isogenies of elliptic curves. The 
isogeny-based scheme SIDH and its instantiation SIKE have recently been 
broken by a surprising polynomial-time attack. However, the CSIDH 
cryptosystem and protocols based on the CSIDH group action are not 
affected by the attack and remain a noteworthy target for cryptanalysis. 
In this work, we investigate a new class of fault-injection attacks 
against the CSIDH family of cryptographic group actions. Our 
disorientation attacks effectively flip the direction of some isogeny 
steps, resulting in an incorrect output curve. The placement of the 
disorientation fault during the algorithm influences the distribution of 
the output curve in a key-dependent manner. We explain how an attacker 
can post-process a set of faulty outputs to fully recover the private 
key. This presentation will focus on analysing the graph of faulty 
curves formed in the post-processing stage and getting an intuition on 
how it can be used to infer constraints on the secret key. This is joint 
work with Gustavo Banegas, Juliane Krämer, Tanja Lange, Michael Meyer, 
Lorenz Panny, Krijn Reijnders and Jana Sotáková.

---------------------------------

Jelle Vos (TU Delft)

Title:
  TBA
Abstract:
  TBA

More information about the crypto mailing list