Buscador Google

DATE

October 4, 5 2021
All times in local Colombian time (GMT -5)

CONTACT

macc@urosario.edu.co

LOCATION

Online



DESCRIPTION

ASCRYPTO is a cryptography summer school collocated with Latincrypt


SPEAKERS


Jesús Javier Chi Dominguez

Jesús Javier Chi Dominguez

Jesús Javier Chi Dominguez

Armando FAZ

Armando FAZ

Armando FAZ

Riad S. Wahby

Riad S. Wahby

Riad S. Wahby

Thomas Prest

Thomas Prest

Thomas Prest

Alice Pellet-Mary

Alice Pellet-Mary

Alice Pellet-Mary

Orr Dunkelman

Orr Dunkelman

Orr Dunkelman


SCHEDULE

4

October

 

Day 1

  8:00
A quick journey on what SI[DH/KE] is, Jesús Javier Chi Domínguez


Let us recall, Diffie-Hellman's (DH) key exchange protocol acts on the integers using modular exponentiations as the main block. The elliptic curve version of DH named ECDH relies on point-curve arithmetic (now scalar point multiplication instead of modular exponentiation). ECDH requires shorter keys than DH, but both are post-quantumly insecure. Thus, we will focus on SIDH, the Supersingular Isogeny variant of DH, and SIKE (its descended): the protocol acts on supersingular curves having the main block being mappings connecting curves. We will address what SI[DH/KE] is and its security by focusing on describing its public and private keyspaces.
 

  10:00
Break


  10:30
Love in the Time of Hash to Curve, Armando Faz


Cryptographic algorithms based on a group with a hard discrete-logarithm problem commonly assume the existence of a hash function that outputs elements of the group. When using elliptic curves to instantiate this group, the "hash to curve" function becomes a non-trivial operation both computationally and security-wise.
The goal of this course is to show best practices for performing this kind of hashing. We highlight the relevance of this primitive regarding security, since it helps to prevent vulnerabilities as those already arisen in real-world deployments.

By the end of the course, we expect participants to get familiar with hash to curve functions and obtain handy resources for its usage and implementation.

The course is composed of three parts. First, we contextualize the hashing operation and its properties and review some basic algorithms. We present work-in-progress efforts for defining a standard way for hashing to elliptic curves in Weierstrass, Montgomery and Edwards forms, quotient groups such as Decaf, and pairing-friendly curves.

In the second part, we present algorithmic optimizations, implementation techniques, and cryptographic libraries. Finally, we review some high-level cryptographic protocols that make use of hashing to curve.
Participants can find useful resources on this course for learning more about this topic and some challenges can also be expected.

 

  12:30
Break


  14:00
Practical proof systems: implementations, applications, and open problems, Riad S. Whaby .
 


We will survey the built proof systems landscape and discuss current and potential future applications of these systems in practice. The focus is both on the relative strengths and weaknesses of existing approaches and on the challenges common to all systems. We will finish with a discussion of important open problems, and recent progress

5

October

 

Day 2

  8:00
Algorithmic problems over lattices, Alice Pellet-Mary


The objective of this talk is to introduce famous lattice problems that are used in cryptography (SVP, LWE, SIS). We will see how they relate to each other, and also study some of the known algorithms that solve them. If time permits, we will also discuss structured variants of these problems, like ring-LWE or module-LWE.
 

  10:00
Break


  10:30
Basic constructions over lattices, Thomas Prest


This talk will present basic lattice-based constructions. We will cover signatures based on hash-then-sign and Fiat-Shamir, as well as key establishment based on lattice variants of Diffie-Hellman and El Gamal.
 

  12:30
Break


  13:30
Recent Advances in Format Preserving Encryption, Orr Dunkelman.
 


In 1997, Brightwell and Smith suggested that there is a need for encrypting special domains into themselves. One can of course try and use standard encryption, but then the outcome is not likely to be in the domain. However, building a secure cipher that can encrypt any domain into any domain is not easy, as evident by the recent attacks on FPE standards. In this talk, we will cover the need for FPE, some of the designs that were proposed, and the security issues of such ciphers.

 


ORGANIZERS


Patrick Longa
MSR Security and Cryptography
Microsoft Research, USA
One Microsoft Way, Redmond, WA 98052
E-mail: plonga@microsoft.com


Carla Ráfols
Wireless and Secure Communications Group
Departament de Tecnologies de la Informació i les Comunicacions
Universitat Pompeu Fabra
Roc Boronat, 138 08018 España
E-mail: carla.rafols@upf.edu


Valérie Gauthier Umaña
Head
Applied Mathematics and Computer Science Department
School of Engineering, Science and Technology
Universidad del Rosario
Bogotá, Colombia
Carrera 6 # 12 C - 16, oficina 502
E-mail: valeriee.gauthier@urosario.edu.co


Francisco Rodríguez Henríquez
Investigador CINVESTAV 3-D
Departamento de Computación
CINVESTAV-IPN
Av. IPN No. 2508 Col. San Pedro Zacatenco
México, D.F. 07360. MEXICO
E-mail: francisco@cs.cinvestav.mx


Organized by