Our regular Crypto Café seminars take place every other Thursday,10 am-10:50 am during the semester. We invite local and international experts on topics in Mathematics and Computer Science related to Cryptography and Information Security.
Come and join us for freshly brewed coffee and interesting conversations on the most exciting topics in cryptography.
Where: SE-43 (Charles E. Schmidt College of Science) - Room 215 and via Zoom
You can catch up on any missed meetings by following the below link:
Fall, 2025, Crypto Cafe Schedule: Coming Soon!
April 10, 2025, 10:00 am +Zoom (click here)
Speaker : Maryam Taghi Zadeh (FAU)
The SHA-2 and SHA-3 hash function families exhibit distinct security characteristics when integrated into XMSS implementations. This research evaluates their comparative performance metrics, security properties, and implementation considerations within the XMSS framework. We analyze the practical implications of various parameter sets as defined in RFC 8391, specifically examining tree height and Winternitz parameter selections and their effects on signature size, generation time, and verification efficiency.
Our work demonstrates the viability of both hash function families within XMSS while highlighting their specific trade-offs. The SHA-3 implementation, based on the Keccak algorithm standardized in FIPS 202, provides superior resistance against side-channel attacks and length extension vulnerabilities compared to SHA-2, while exhibiting different performance characteristics. We present empirical data on computational efficiency across multiple platforms and address the state management challenges inherent to stateful signature schemes like XMSS.
This research contributes to ongoing standardization efforts for post-quantum cryptographic primitives and provides practical insights for organizations preparing for the transition to quantum-resistant signature schemes.
Keywords: Post-Quantum Cryptography, Hash-Based Signatures, XMSS, SHA-2, SHA-3, Digital Signatures, Cryptographic Implementation
March 27, 2025, 10:00 am +Zoom (click here)
Speaker: Merve Karabulut (FAU)
Title: Efficient CPA Attack on Hardware Implementation of ML-DSA in Post-Quantum Root of Trust
Abstract: Side-channel attacks (SCA) present a serious threat to cryptographic implementations, including those designed for post-quantum security. This talk introduces the first Correlation Power Analysis (CPA) attack on an industry-grade hardware implementation of ML-DSA within a Silicon Root of Trust framework. Our attack exploits side-channel leakage from the modular reduction process following the Number Theoretic Transform-based polynomial multiplication. By leveraging leakage from a unique reduction algorithm and the zeroization mechanism used for securely erasing sensitive data, we demonstrate secret key extraction using only 10,000 power traces. This attack compromises the integrity of the root of trust, enabling signature forgery for certificate generation. Our findings highlight critical vulnerabilities in commercially deployed post-quantum cryptographic systems and emphasize the need for robust countermeasures.
