17th IMA International Conference on Cryptography and Coding
16 - 18 December 2019, St Anne’s College, University of Oxford
1 Invited Talks
Cas Cremers: Security Standardisation and Secure Messaging
Modern secure messaging protocols can offer strong security guarantees, such as perfect forward secrecy and post-compromise security [1]. Many widely used messaging applications, such as WhatsApp, Facebook Secure Conversations, Skype, and the Signal App have started to use one common underlying mechanism: the Signal protocol library. Yet while there exist good modern standardised protocols for secure channels, such as IETF TLS 1.3, there are no such open standard counterparts for secure messaging.
Early 2018, the Internet Engineering Task Force (IETF) officially started a working group with the goal of developing an open internet standard for secure messaging, called MLS [2]. This project aims to repeat the successful collaboration between industry and academia that has helped the development of TLS 1.3 [3], and the concrete formation of the working group was triggered by new developments in secure group messaging [4].
In this talk we will discuss the goals of Messaging Layer Security, its ongoing development, and some of the many challenges that still await. Challenges remain in at least three areas: technical solutions, limitations of analysis techniques, and process challenges.
[1] "On Post-Compromise Security", K. Cohn-Gordon. C. Cremers, and L. Garratt. IEEE CSF 2016 and https://eprint.iacr.org/2016/221.pdf.
[2] "Messaging Layer Security", IETF, https://datatracker.ietf.org/wg/mls/about/.
[3] "Reactive and Proactive Standardisation of TLS", K.G. Paterson and T. van der Merwe. SSR 2016.
[4] "On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees", K. Cohn-Gordon, C. Cremers, L. Garratt, J. Millican, and K. Milner. 2018, ACM CCS 2018 and https://eprint.iacr.org/2017/666.pdf.
Nadia Heninger: The Cryptographic Legacy of Old RNG Designs
Randomness is vital to cryptographic security. Pseudorandom number generation algorithms have been the topic of decades of academic study, and a variety of cryptographic pseudorandom number generation algorithms have been formally standardized over the years. However, in spite of these formal foundations and standards, cryptographic disasters stemming from flawed random number generator implementations happen with distressing frequency. We will tour several recent incidents of flawed random number generator designs, trace these flaws to gaps in understanding between researchers, standards bodies, and implementers, and discuss implications for security and policy moving forward.
Clémentine Maurice: Side-channel Attacks on Microarchitecture: Beyond Crypto
Hardware is often considered as an abstract layer that behaves correctly, just executing instructions and outputing a result. However, the internal state of the hardware leaks information about the programs that are executing, paving the way for covert or side-channel attacks. Historically, cryptography has been a strong focus of research in the field of microarchitectural side-channel attacks However, the last years have shown a shift in the targets. During this presentation, we will review how microarchitectural attacks evolved in the last decade, and we will delve into side-channel attacks on keystroke timings as well as robust covert channels in the cloud.
Unfortunately, Clémentine’s talk had to be cancelled.
Francesca Musiani: Nuancing the ‘User’ of Secure Messaging Tools
From 2016 to 2018, the H2020 NEXTLEAP (NEXT-generation Techno-Social and Legal Encryption, Access and Privacy) project has sought to ‘create, validate, and deploy communication and computation protocols that can serve as pillars for a secure, trust-worthy, annotable and privacy-respecting Internet that ensures citizens fundamental rights’. Its consortium included computer scientists and social scientists working in close interaction. In this talk, I will present some of the work that was conducted in the ‘social sciences-led’ strand of NEXTLEAP, which attempted to account for the diversity of users of secure messaging applications and their underlying protocols, as well as the different motivations of their developers.
Due to the increased deployment of secure messaging protocols in a variety of settings, differences between what developers “believe” are the needs of their users and their actual needs can have very tangible and potentially problematic consequences. Based on 90 interviews with both high and low-risk users, as well as the developers, of popular secure messaging applications, we mapped the design choices made by developers to threat models of both high-risk and low-risk users. Our research revealed interesting and sometimes surprising results, among which: high-risk users often consider client device seizures to be more dangerous than compromised servers; key verification is important to high-risk users, but they often do not engage in cryptographic key verification, instead using other “out of band” means; high-risk users, unlike low-risk users, often need pseudonyms and are heavily concerned over metadata collection. Developers tend to value open standards, open-source, and decentralization, but high-risk users often find these aspects less urgent given their more pressing concerns; and while, for developers, avoiding trusted third parties is an important concern, several high-risk users are in fact happy to rely on trusted third parties ‘protected’ by specific geo-political situations. We conclude by suggesting that work still needs to be done for secure messaging protocols to be aligned with real user needs, including high-risk, and with real-world threat models.
2 Accepted Papers
- Behzad Abdolmaleki, Hamidreza Khoshakhlagh and Daniel Slamanig. A Framework for UC-Secure Commitments from Publicly Computable Smooth Projective Hashing (eprint)
- Terry Shue Chien Lau, Chik How Tan and Theo Fanuela Prabowo. Key Recovery Attack on Rank Metric Code-based Signatures
- Daniele Cozzo and Nigel Smart. Sharing the LUOV: Threshold Post-Quantum Signatures
- Claire Delaplace, Andre Esser and Alexander May. Improved Low-Memory Subset Sum and LPN Algorithms via Multiple Collisions (eprint)
- Jan Camenisch, Maria Dubovitskaya and Patrick Towa. Efficient Fully Secure Leakage-Deterring Encryption
- Nigel Smart and Younes Talibi Alaoui. Distributing any Elliptic Curve Based Protocol (eprint)
- Ivan Damgård, Helene Haagh, Michael Nielsen and Claudio Orlandi. Commodity-Based 2PC for Arithmetic Circuits (eprint)
- Pedro Branco, Jintai Ding, Manuel Goulão and Paulo Mateus. A Framework for Universally Composable Oblivious Transfer from One-Round Key-Exchange (eprint)
- Rowena Alma Betty and Akihiro Munemasa. Classification of self-dual codes of length 20 over \(\mathbb{Z}_4\) and length at most 18 over \(\mathbb{F}_2+u\mathbb{F}_2\)
- Hyang-Sook Lee and Jeongeun Park. On the Security of Multikey Homomorphic Encryption (eprint)
- Ramiro Martínez and Paz Morillo. RLWE-based Zero-Knowledge Proofs for linear and multiplicative relations
- Karim Baghery. Subversion-Resistant Simulation (Knowledge) Sound NIZKs (eprint)
- Shyam Murthy and Srinivas Vivek. Cryptanalysis of a Protocol for Efficient Sorting on SHE Encrypted Data (eprint)
- Marcel Armour and Bertram Poettering. Decryption Algorithm Substitution Attacks
- Maria Eichlseder, Daniel Kales and Markus Schofnegger. Forgery Attacks on FlexAE and FlexAEAD (eprint)
- Shingo Sato and Junji Shikata. Quantum-Secure (Non-)Sequential Aggregate Message Authentication Codes
- Shingo Sato and Junji Shikata. SO-CCA secure PKE from KEM in the QROM and the QICM
3 Accepted Presentations
- James Howe, Marco Martinoli, Elisabeth Oswald and Francesco Regazzoni. Optimised Lattice-Based Key Encapsulation in Hardware
- Gabrielle De Micheli, Remi Piau and Cecile Pierrot. A Tale of Three Signatures: practical attack of ECDSA with wNAF
- Nina Bindel, Mike Hamburg, Andreas Hülsing and Edoardo Persichetti. Tighter proofs of CCA security in the quantum random oracle model
- Monika Trimoska, Sorina Ionica and Gilles Dequen. A SAT-based approach for index calculus on binary elliptic curves
- Jake Massimo. Primality Testing in Cryptographic Applications
- Anamaria Costache, Kim Laine and Rachel Player. Homomorphic noise growth in practice: comparing BGV and FV
Sergiu Carpov, Malika Izabachène and Victor Mollimard.TFHE Toolbox for homomorphic neural network prediction(talk had to be cancelled)- Woojoo Na, Alexander Allin and Christophe Petit. Trapdoor attacks on Cayley hash function parameters proposed at the NutMiC 2019 conference
- Lydia Garms and Anja Lehmann. Group Signatures with Selective Linkability
4 Registration / Practical Information
5 Code of Conduct
We are committed to providing an experience free of harassment and discrimination at the IMA CCC conference, respecting the dignity of every participant.
If you experience harassment or discriminatory behavior at IMA CC, we encourage you to reach out to the Conference Chair Martin Albrecht or Ciara Rafferty.
Participants who violate this code may be sanctioned and/or expelled from the event, at the joint discretion of the Conference Chair and Ciara Rafferty. Any action will only be taken with the consent of the complaining party. UK law applies.
If you witness harassment or discriminatory behavior, please consider intervening.
6 Programme
Monday
Time | Session |
---|---|
Invited Talk (Session Chair: Martin Albrecht) | |
09:40 - 10:40 | Cas Cremers: Security Standardisation and Secure Messaging |
10:40 - 11:10 | Break |
FHE Security (Session Chair: Martin Albrecht) | |
11:10 - 11:35 | Hyang-Sook Lee and Jeongeun Park. On the Security of Multikey Homomorphic Encryption |
11:35 - 12:00 | Shyam Murthy and Srinivas Vivek. Cryptanalysis of a Protocol for Efficient Sorting on SHE Encrypted Data |
12:00 - 13:00 | Lunch |
Coding (Attacks) (Session Chair: Martin Albrecht) | |
13:00 - 13:25 | Terry Shue Chien Lau, Chik How Tan and Theo Fanuela Prabowo. Key Recovery Attack on Rank Metric Code-based Signatures |
13:25 - 13:50 | Claire Delaplace, Andre Esser and Alexander May. Improved Low-Memory Subset Sum and LPN Algorithms via Multiple Collisions |
13:50 - 14:15 | Rowena Alma Betty and Akihiro Munemasa. Classification of self-dual codes of length 20 over \(\mathbb{Z}_4\) and length at most 18 over \(\mathbb{F}_2+u\mathbb{F}_2\) |
14:15 - 14:45 | Break |
Adversarial Quantum Queries (Session Chair: Alex Davidson) | |
14:45 - 15:10 | Shingo Sato and Junji Shikata. Quantum-Secure (Non-)Sequential Aggregate Message Authentication Codes |
15:10 - 15:35 | Shingo Sato and Junji Shikata. SO-CCA secure PKE from KEM in the QROM and the QICM |
Presentations (Lattices) (Session Chair: Ciara Rafferty) | |
15:35 - 16:00 | James Howe, Marco Martinoli, Elisabeth Oswald and Francesco Regazzoni. Optimised Lattice-Based Key Encapsulation in Hardware |
16:00 - 16:25 | Anamaria Costache, Kim Laine and Rachel Player. Homomorphic noise growth in practice: comparing BGV and FV |
17:00 | Drinks Reception |
Tuesday
Time | Session |
---|---|
Invited Talks (Session Chair: Martin Albrecht) | |
09:40 - 10:40 | Nadia Heninger: The Cryptographic Legacy of Old RNG Designs |
10:40 - 11:10 | Break |
MPC (Session Chair: Alex Davidson) | |
11:10 - 11:35 | Ivan Damgård, Helene Haagh, Michael Nielsen and Claudio Orlandi. Commodity-Based 2PC for Arithmetic Circuits |
11:35 - 12:00 | Nigel Smart and Younes Talibi Alaoui. Distributing any Elliptic Curve Based Protocol |
12:00 - 13:00 | Lunch |
Constructions (Session Chair: Liz Quaglia) | |
13:00 - 13:25 | Daniele Cozzo and Nigel Smart. Sharing the LUOV: Threshold Post-Quantum Signatures |
13:25 - 13:50 | Jan Camenisch, Maria Dubovitskaya and Patrick Towa. Efficient Fully Secure Leakage-Deterring Encryption |
13:50 - 14:15 | Behzad Abdolmaleki, Hamidreza Khoshakhlagh and Daniel Slamanig. A Framework for UC-Secure Commitments from Publicly Computable Smooth Projective Hashing |
14:15 - 14:40 | Pedro Branco, Jintai Ding, Manuel Goulão and Paulo Mateus. A Framework for Universally Composable Oblivious Transfer from One-Round Key-Exchange |
14:40 - 15:10 | Break |
Presentations (Attacks) (Session Chair: Ciara Rafferty) | |
15:10 - 15:35 | Gabrielle De Micheli, Remi Piau and Cecile Pierrot. A Tale of Three Signatures: practical attack of ECDSA with wNAF |
15:35 - 16:00 | Jake Massimo. Primality Testing in Cryptographic Applications |
16:00 - 16:25 | Monika Trimoska, Sorina Ionica and Gilles Dequen. A SAT-based approach for index calculus on binary elliptic curves |
Invited Talk (Session Chair: Martin Albrecht) | |
16:30 - 17:30 | Francesca Musiani: Nuancing the ‘User’ of Secure Messaging Tools |
19:00 | Conference Dinner |
Wednesday
Time | Session |
---|---|
Attacks on AEAD Primitives (Session Chair: Martin Albrecht) | |
09:40 - 10:05 | Marcel Armour and Bertram Poettering. Decryption Algorithm Substitution Attacks |
10:05 - 10:30 | Maria Eichlseder, Daniel Kales and Markus Schofnegger. Forgery Attacks on FlexAE and FlexAEAD |
10:30 - 11:10 | Break |
ZK (Session Chair: Alex Davidson) | |
11:10 - 11:35 | Ramiro Martínez and Paz Morillo. RLWE-based Zero-Knowledge Proofs for linear and multiplicative relations |
11:35 - 12:00 | Karim Baghery. Subversion-Resistant Simulation (Knowledge) Sound NIZKs |
12:00 - 13:00 | Lunch |
Presentations (Session Chair: Ciara Rafferty) | |
13:00 - 13:25 | Woojoo Na, Alexander Allin and Christophe Petit. Trapdoor attacks on Cayley hash function parameters proposed at the NutMiC 2019 conference |
13:25 - 13:50 | Nina Bindel, Mike Hamburg, Andreas Hülsing and Edoardo Persichetti. Tighter proofs of CCA security in the quantum random oracle model |
13:50 - 14:15 | Lydia Garms and Anja Lehmann. Group Signatures with Selective Linkability |
14:15 - 14:20 | Closing Remarks |
7 Calls
The mathematical theory and practice of both cryptography and coding underpins the provision of effective security and reliability for data communication, processing and storage. This seventeenth International Conference in an established and successful IMA series on the theme of "Cryptography and Coding" solicits original research papers and presentations on all technical aspects of cryptography and coding.
Submissions are welcome on any cryptographic or coding-theoretic topic including, but not limited to:
- Foundational theory and mathematics;
- The design, proposal, and analysis of cryptographic or coding primitives and protocols
- Secure implementation and optimisation in hardware or software; and
- Applied aspects of cryptography and coding.
Call for Papers
The proceedings will be published in Springer's Lecture Notes in Computer Science series, and will be available at the conference.
Submissions must not substantially duplicate work that any of the authors has published elsewhere or has submitted in parallel to a journal or any other conference or workshop with proceedings. Accepted submissions may not appear in any other conference or workshop that has proceedings. Authors of accepted papers must guarantee that their paper will be presented at the conference and must make a full version of their paper available online.
All submissions will be blind-reviewed. Papers must be anonymous, with no author names, affiliations, acknowledgements, or obvious references. Submissions should begin with a cover page containing title, a short abstract, and a list of keywords. The body of the paper should be at most 14 pages, excluding the title page with abstract, the bibliography, and clearly marked appendices. Committee members are not required to review appendices, so the paper should be intelligible and self-contained within this length. The submission must be in Springer’s LNCS format (LaTeX). Submissions not meeting these guidelines risk rejection without consideration of their merits.
Submissions should be submitted via EasyChair.
Call for Presentations
The main criteria for acceptance are whether the committee believes that the proposed talk will be of interest and of appropriate quality to present to the IMACC audience:
Submissions must comply with the following rules:
- Submissions can be full papers (maximum 10 pages), abstracts (maximum 2 pages), or the expected presentation slides.
- Submissions must be non-anonymous and must clearly specify which author will give the talk.
- The submission should provide sufficient detail to explain what the talk will be about.
As these presentations do not enter the formal proceedings (see accompanying Call for Papers), we accept and encourage contributed talk proposals which correspond to papers that are under submission or already published elsewhere.
Presentations should be submitted via EasyChair.
Updates
- 2019-08-13: Presentation Submission Deadline extended to 28 August, 6pm (UK time).
- 2019-07-24: Note that presentation submission will open on August 5 and close on August 14 (unchanged).
- 2019-07-12: Paper Submission Deadline extended to 19 July 2019, 6pm (UK Time).
Important Dates
- Submission Deadline: 19 July 2019 (Papers) and 28 August 2019 (Presentations)
- Author Notification: 5 September 2019 (Papers) and 5 October 2019 (Presentations)
- Proceedings Version Deadline: 22 September 2019 (Papers)
- Conference: 16 to 18 December 2019
Committees
Programme Committee
- Martin Albrecht, Royal Holloway, University of London, UK (Chair)
- Alex Davidson, Cloudflare Portugal, Portugal
- Benjamin Dowling, ETH Zurich, Switzerland
- Caroline Fontaine, CNRS (LSV), France
- Julia Hesse, IBM Research Zurich, Switzerland
- Christian Janson, TU Darmstadt, Germany
- Cong Ling, Imperial College, UK
- Emmanuela Orsini, Katholieke Universiteit Leuven, Belgium
- Daniel Page, University of Bristol, UK
- Christophe Petit, University of Oxford, UK
- Rachel Player, Royal Holloway, University of London, UK
- Elizabeth Quaglia, Royal Holloway, University of London, UK
- Ciara Rafferty, Queen’s University Belfast, UK
- Christian Rechberger, TU Graz, Austria
- Adeline Roux-Langlois, Univ Rennes, CNRS, IRISA, France
- Christoph Striecks, AIT, Austria
- Thyla van der Merwe, Mozilla, UK
- Roope Vehkalahti, Aalto University, Finland
- Carolyn Whitnall, University of Bristol, UK
Steering Committee
- Liqun Chen, University of Surrey, UK
- Bahram Honary, School of Computing and Communication, University of Lancaster, UK
- Máire O'Neill, Centre for Secure Information Technologies, ECIT, Queen's University Belfast, UK
- Christopher Mitchell, Information Security Group, Royal Holloway University of London, UK
- Matthew Parker, Institute for Informatics, University of Bergen, Norway
- Kenneth Paterson, Information Security Group, Royal Holloway University of London, UK
- Fred Piper, UK
- Martijn Stam, Simula UiB, Norway
8 Further Information
For further details on the conference, please contact the IMA Conferences Department:
Email: conferences@ima.org.uk
Tel: +44 (0) 1702 354 020
Institute of Mathematics and its Applications, Catherine Richards House, 16 Nelson Street, Southend-on-Sea, Essex, SS1 1EF, UK
See also https://ima.org.uk/11167/17th-ima-international-conference-on-cryptography-and-coding/