Our regular Crypto Café seminars take place every other Thursday,10 am-10:50 am during the semester. We invite local and international experts on topics in Mathematics and Computer Science related to Cryptography and Information Security.
Come and join us for freshly brewed coffee and interesting conversations on the most exciting topics in cryptography.
Where: SE-43 (Charles E. Schmidt College of Science) - Room 215 and via Zoom
You can catch up on any missed meetings by following the below link:
Spring, 2025, Crypto Cafe Schedule:
April 10, 2025, 10:00 am +Zoom (click here)
Speaker : Maryam Taghi Zadeh (FAU)
The SHA-2 and SHA-3 hash function families exhibit distinct security characteristics when integrated into XMSS implementations. This research evaluates their comparative performance metrics, security properties, and implementation considerations within the XMSS framework. We analyze the practical implications of various parameter sets as defined in RFC 8391, specifically examining tree height and Winternitz parameter selections and their effects on signature size, generation time, and verification efficiency.
Our work demonstrates the viability of both hash function families within XMSS while highlighting their specific trade-offs. The SHA-3 implementation, based on the Keccak algorithm standardized in FIPS 202, provides superior resistance against side-channel attacks and length extension vulnerabilities compared to SHA-2, while exhibiting different performance characteristics. We present empirical data on computational efficiency across multiple platforms and address the state management challenges inherent to stateful signature schemes like XMSS.
This research contributes to ongoing standardization efforts for post-quantum cryptographic primitives and provides practical insights for organizations preparing for the transition to quantum-resistant signature schemes.
Keywords: Post-Quantum Cryptography, Hash-Based Signatures, XMSS, SHA-2, SHA-3, Digital Signatures, Cryptographic Implementation
March 27, 2025, 10:00 am +Zoom (click here)
Speaker: Merve Karabulut (FAU)
Title: Efficient CPA Attack on Hardware Implementation of ML-DSA in Post-Quantum Root of Trust
Abstract: Side-channel attacks (SCA) present a serious threat to cryptographic implementations, including those designed for post-quantum security. This talk introduces the first Correlation Power Analysis (CPA) attack on an industry-grade hardware implementation of ML-DSA within a Silicon Root of Trust framework. Our attack exploits side-channel leakage from the modular reduction process following the Number Theoretic Transform-based polynomial multiplication. By leveraging leakage from a unique reduction algorithm and the zeroization mechanism used for securely erasing sensitive data, we demonstrate secret key extraction using only 10,000 power traces. This attack compromises the integrity of the root of trust, enabling signature forgery for certificate generation. Our findings highlight critical vulnerabilities in commercially deployed post-quantum cryptographic systems and emphasize the need for robust countermeasures.
March 13, 2025, 10:00 am +Zoom (click here)
Speaker: Dipayan Das, Ph.D., Florida Atlantic University
Title: Cryptanalysis of some Lattice-based Assumptions
Abstract: Cryptography relies on the assumptions of computationally hard problems. It should be hard for security, offer functionalities for cryptographic applications, and be efficient to implement. Recently, lattice-based assumptions have emerged as a strong building block for post-quantum cryptography. In this talk, I will present recent cryptanalytic results on two lattice-based assumptions, namely the Finite Field Isomorpshim problem (PKC'18, JoMC'20), and the Partial Vandermonde Knapsack Problem (ACNS'14, DCC'15, ACISP'18, Eprint'20,DCC'22). These assumptions have been used extensively for various lattice-based constructions, including encryptions, fully homomorphic encryptions, signatures, signature aggregations, etc.
Bio: Dipayan Das is an Assistant Professor in the Florida Atlantic University Department of Mathematics and Statistics. Previously, he was a Postdoc researcher at the NTT Social Informatics Laboratories in Japan. Before that, he was a PostDoc researcher at CISPA Helmholtz center for information security in Germany. He did his PhD at the National Institute of Technology, Durgapur in India.
