[crypto] Fwd: [CWG] Next Crypto Working Group, June 2

Fri May 26 15:45:28 CEST 2023

-------- Original Message --------
Subject: [CWG] Next Crypto Working Group, June 2
Date: 2023-05-26 15:10
 From: Hülsing, Andreas <a.t.huelsing at tue.nl>
To: "Tanja Lange (tanja at hyperelliptic.org)" <tanja at hyperelliptic.org>, 
"simonas at cs.ru.nl" <simonas at cs.ru.nl>, "Z.Erkin at tudelft.nl" 
<Z.Erkin at tudelft.nl>, "Guarise Vieira, Heloise" 
<h.guarise.vieira at tue.nl>

Dear all,

Please find the detailed program for the next crypto working group 
below.

Hope to see you in Utrecht!

Andreas, Simona, Tanja, Zeki

-------------------

CRYPTO WORKING GROUP

Friday, June 02, 2023
De Kargadoor (http://www.kargadoor.nl/utrecht/zaalverhuur.html)
Oudegracht 36, Utrecht

Program

10:45 - 11:30 Robert Subroto (RU)
               Decomposition of finite commutative semisimple group 
algebras, and some applications in cryptography

11:30 - 11:45 Coffee / tea break

11:45 - 12:30 Mike Hamburg (Rambus)
               Constant-sum encoding

12:30 - 14:00 Lunch break (lunch not included)

14:00 - 14:45 Chenglu Jin (CWI)
               Towards Remote Verifiable Computation without Digital 
Secrets

14:45 - 15:00 Coffee / tea break

15:00 - 15:45 Zekeriya Erkin (TU Delft)
            Financial Crime Detection with Privacy

--------------------------------------------------------------------------------
Abstracts
--------------------------------------------------------------------------------

Robert Subroto (RU)

*Decomposition of finite commutative semisimple group algebras, and some 
applications in cryptography*

We present a full decomposition of finite commutative semisimple group 
algebras, which are a type of algebraic objects with many applications 
in coding theory and cryptography.
Important results include a formula for counting the number of simple 
components, together with a strong criterion to determine invertibility 
of elements in the group algebra.

Besides being of mathematical interest, these results are also useful 
for studying algebraic properties of certain cryptographic functions 
which rely on these group algebras.
An interesting example are Circulant Column Parity Mixers (CCPMs), which 
are a class of linear boolean functions used in well-known cryptographic 
primitives like Keccak-f and Xoodoo.
These CCPMs can be redefined as module endomorphisms over such a group 
algebra, giving it a more simplified and natural flavour.
By doing so, many non-trivial results are now trivial consequences of 
results of the decomposition of the group algebra.

Another interesting application can be found in the the post-quantum 
cryptographic scheme LEDAcrypt, where they rely on verifying 
invertibility of circulant matrices in an efficient way.
This again relates to the structure of the decomposition of the group 
algebra.

--------------------------------------------------------------------------------

Mike Hamburg (Rambus)

*Constant-sum encoding*

One-time signatures such as XMSS, LMS and SPHINCS+ need to encode hashes 
of messages so that the encoding one hash cannot, in every position, be 
greater or equal to the encoding of another hash.  They achieve this 
using a checksum encoding technique.  If we could instead use a 
constant-sum encoding technique, then signatures would have constant 
signing and verification time, and might also be slightly smaller and 
faster.  However, constant-sum encoding is rather complicated, and with 
existing proposals requires either large tables or large binomial 
coefficient calculations.  Here I will go over some new ideas to make 
these algorithms smaller and more efficient.

--------------------------------------------------------------------------------

Chenglu Jin (CWI)

*Towards Remote Verifiable Computation without Digital Secrets*

he development of secure processor architecture technology has seen many 
challenges. It turns out difficult to implement efficient resource 
sharing and at the same time eliminate or protect against side channels 
as a result of shared caches and other buffers. For this reason, 
implemented hardware isolation cannot provide confidential computing (as 
of yet). Nevertheless, the hardware isolation for access control as 
implemented by micro code and added circuitry cannot be circumvented and 
this allows for verifiable computation. However, even though 
computations can be isolated in enclaves, how can we provide remote 
attestation of computed output? Remote attestation requires digital 
secrets which may leak due to side channels. We show two puzzle pieces 
which together can be used to implement remote attestation without 
secure digital computation or digital secrets: We use a strong PUF for 
masking ‘session signing keys’ and we use these in a new one-time 
signature primitive. In essence, computing a signature for an output 
boils down to directly reading out a signature from unmasked digital 
storage.

--------------------------------------------------------------------------------

Zekeriya Erkin (TU Delft)

*Financial Crime Detection with Privacy*

Privacy-enhancing technologies, particularly MPC, have been questioned 
about their practicality. Last summer, a competition was organized by 
the USA and UK governments ( U.S.-U.K. PETs Prize Challenges), where 
privacy researchers were tasked to solve the fraud detection problem 
using machine learning algorithms while providing privacy guarantees to 
banks and their users. For this purpose, we developed the cryptographic 
part of the solution, where the result is a custom protocol that allows 
payment providers to check whether a user's credentials match the 
credentials in a bank's database without the bank learning any 
information about the user. At the same time, the payment provider never 
has access to the bank's database. These seemingly-impossible 
constructions are made possible using a particular type of encryption 
called homomorphic encryption. The competition results show that 
privacy-enhancing technologies are fast enough to be practically 
deployable. They provide solutions for problems that are otherwise hard 
to address without exposing private data.

We are glad to announce that our team from the Delft University of 
Technology and researchers from the University of Washington Tacoma won 
second place as the "PPML Huskies" team.

In this talk, we will investigate the proposed approach that wins a 
prize and the competition itself.