May 17, 2023, SE-43, Room 215; 11:00 a.m.
Speaker: Rick Hensbergen(Esther.ai, Founder)
Title: Performance of penetration testing to secure cloud-based solutions
Video Recording
April 24, 2023, SE-43, Room 215; 11:00 a.m.
Speaker: Ryan Keegan (University of California, San Diego).
Bio : Keegan Ryan is a 4th year PhD student advised by Prof. Nadia Heninger at the University of California, San Diego. His research interests include practical cryptanalysis of real-world systems, particularly problems involving lattice reduction.
Title: Fast Practical Lattice Reduction through Iterated Compression
Abstract: We introduce a new lattice basis reduction algorithm with approximation guarantees analogous to the LLL algorithm and practical performance that far exceeds the current state of the art. We achieve these results by iteratively applying precision management techniques within a recursive algorithm structure and show the stability of this approach. We analyze the asymptotic behavior of our algorithm, and show that the heuristic running time is O(nω(C+n)1+ε) for lattices of dimension n, ω∈ (2,3] bounding the cost of size reduction, matrix multiplication, and QR factorization, and C bounding the log of the condition number of the input basis B. This yields a running time of O(nω(p + n)1+ε) for precision p=O(log|B|max) in common applications. Our algorithm is fully practical, and we have published our implementation. We experimentally validate our heuristic, give extensive benchmarks against numerous classes of cryptographic lattices, and show that our algorithm significantly outperforms existing implementations.
April 10, 2023, SE-43, Room 215; 11:00 am
Speaker: Cariel Cohen (CTO at Securily) (FLYER)
Bio: With over 20 years of experience in the cybersecurity industry, our speaker is a co-founder and passionate coder with a love for cryptography, authentication and patents. He has extensive experience working with major public corporations, including Aqua Security, Sony Pictures, and 5B Technologies. Throughout his career, he has been dedicated to ethical hacking and compliance, ensuring that businesses remain secure and compliant in the face of emerging cybersecurity threats.
Title: Securing Cloud Business Applications: A Practical Approach to Cybersecurity and Compliance
Abstract: This topic explores practical approaches to securing business applications and addressing cybersecurity and compliance challenges faced by businesses in today's dynamic digital landscape. Cariel will share insights on best practices for securing cloud workloads, data, and applications, including implementing access controls, training employees on cybersecurity awareness, and protecting data against a variety of risks. Attendees will gain valuable knowledge and practical solutions that are used in helping businesses thrive in the face of emerging cybersecurity threats and ever-changing compliance requirements.
March 27, 2023, SE-43, Room 215: 11:00 am
Speaker: David J. Wu (The University of Texas at Austin)
Bio: David Wu is an assistant professor in the Department of Computer Science at the University of Texas at Austin. He is broadly interested in applied and theoretical cryptography as well as computer security. Previously, David received a PhD in computer science from Stanford University in 2018 and was an assistant professor at the University of Virginia from 2019 to 2021. He has received the NSF CAREER Award, the Microsoft Research Faculty Fellowship, and a Google Research Scholar Award. His work has been recognized with a Best Paper Award at CRYPTO (2022), two Best Young-Researcher Paper Awards at CRYPTO (2017, 2018) and an Outstanding Paper Award at ESORICS (2016).
Title: Succinct Vector, Polynomial, and Functional Commitments from Lattices
Abstract:
In a functional commitment scheme, a user can commit to an input x and later on, open it to an arbitrary function evaluation f(x). We require that both the commitment and the opening be short. Important special cases of functional commitments include vector commitments and polynomial commitments. In this talk, I will introduce a new lattice-based framework for constructing functional commitments that supports functions computable by arbitrary (bounded-depth) Boolean circuits. Our constructions rely on a new falsifiable "basis-augmented SIS" assumption that we introduce, which can be viewed as a new "q-type" variant of the standard SIS assumption.
(Joint work with Hoeteck Wee)
March 13, 2023, SE-43, Room 215: 11:00 am
Speaker: Corentin Jeudy (IRISA, Rennes Cedex, France)
Title: On the Secret Distributions in Module Learning With Errors
Abstract:
The Module Learning With Errors (M-LWE) problem is a core assumption of lattice-based cryptography, and it underlies the security of the future post-quantum cryptography standards Kyber and Dilithium selected by NIST. The problem is parameterized by a secret distribution as well as an error distribution. There is a gap between the choices of those distributions for theoretical hardness results (uniform secret modulo q) and practical schemes (small bounded secret). In this talk, we narrow this gap by presenting three results focused on the secret distribution. We show that both search and decision M-LWE remain hard when the secret distribution is uniform over small bounded secret, provided that the rank is larger by a log(q) factor. We then show the hardness of search M-LWE for more general secret distributions carrying sufficient entropy.
This talk is based on the published papers "On the Hardness of Module Learning With Errors with Short Distributions" (Journal of Cryptology 2023) and "Entropic Hardness of Module-LWE from Module-NTRU" (Indocrypt 2022) which are joint works with Katharina Boudgoust, Adeline Roux-Langlois and Weiqiang Wen.
February 27, 2023, SE-43, Room 215: 11:00 am
Speaker: Mila Anastasova, Florida Atlantic University
Title: Time-Efficient Finite Field Microarchitecture Design for Curve448 and Ed448 on Cortex-M4.
Abstract: The elliptic curve family of schemes has the lowest computational latency, memory use, energy consumption, and bandwidth requirements, making it the most preferred public key method for adoption into network protocols. Being suitable for embedded devices and applicable for key exchange and authentication, ECC is assuming a prominent position in the field of IoT cryptography. The attractive properties of the relatively new curve Curve448 contribute to its inclusion in the TLS1.3 protocol and pique the interest of academics and engineers aiming at studying and optimizing the schemes. When addressing low-end IoT devices, however, the literature indicates little work on these curves. In this presentation, we present an efficient design for both protocols based on Montgomery curve Curve448 and its birationally equivalent Edwards curve Ed448 used for key agreement and digital signature algorithm, specifically the X448 function and the Ed448 DSA, relying on efficient low-level arithmetic operations targeting the ARM-based Cortex-M4 platform. Our design performs point multiplication, the base of the Elliptic Curve Diffie Hellman (ECDH), in 3,2KCCs, resulting in more than 48% improvement compared to the best previous work based on Curve448, and performs sign and verify, the main operations of the Edwards curves Digital Signature Algorithm (EdDSA), in 6,038KCCs and 7,404KCCs, showing a speedup of around 11% compared to the counterparts. We present our novel modular multiplication and squaring architectures reaching ∼ 25% and ∼ 35% faster runtime than the previous best-reported results, respectively, based on Curve448 key exchange counterparts, and ∼ 13% and ∼ 25% better latency results than the Ed448-based digital signature counterparts targeting Cortex-M4 platform.
February 13, 2023, SE-43, Room 215; 11:30 a.m.
Speaker: Dr. Bill Brumley, Tampere University, Finland
Title: Side Channel Analysis and Lattice Attacks
Abstract: Lattice attacks are a typical endgame for side channel attacks targeting digital signature schemes. During the procurement phase, the attacker queries digital signatures, messages, and corresponding side channel traces, then tries to extract secret information from these traces and apply lattice methods to recover the private key. But in practice, these traces are often incomplete and/or noisy, complicating theoretical models for applying lattices. In this talk, I discuss some of the lattice attack techniques developed over the years, and outline a few interesting open problems that highlight the gap between theory and practice for applied side channel attacks powered by lattice methods.
January 30, 2023, SE-43, Room 215; 11:00 a.m.
Speaker: Dr. Veronika Kuchta, Florida Atlantic University
Title: Proof Systems and ZK-SNARKs
Abstract: Zero-knowledge proof (ZKP) systems allow a prover holding some secret witness w for a statement x satisfying some NP relation R, to prove knowledge of w to a verifier (the soundness property), without revealing any information on w to the verifier (the zero-knowledge property) beyond that revealed by the NP statement x known to the verifier.
ZKPs have a myriad of applications in privacy-preserving cryptographic protocols. For statements with large witnesses w, the main limitation of classical ZKPs is that their proof size is proportional to the witness size. To support such applications like verifiable computation and privacy-preserving cryptocurrencies it is desirable to have succinct ZKPs in which the proof (or argument) size is only polylogarithmic in the witness size. This requirement induced constructions of Zero-Knowledge Succinct Non-interactive ARgument of Knowledge (ZK-SNARK).
In this presentation we will look at different approaches to designing efficient ZK-SNARKs from information-theoretical proof system especially focusing on lattice-based and hash-based ZK-SNARK constructions.
December 14, 2022, SE-43, Room 215;1:00 p.m.
Speaker: Jianfeng Xie, Department of Electrical and Computer Engineering, Villanova University (BIO)
Title: Hardware Acceleration for Post-Quantum Cryptography: Algorithmic Derivation, and Architectural Innovation
Abstract: :
Post-quantum cryptography (PQC) has drawn significant attention from various communities recently as the existing public-key cryptosystems such as Rivest Shamir Adleman (RSA) and Elliptic Curve Cryptography (ECC) are proven to be vulnerable to the large-scale quantum computers executing Shor’s algorithm. The National Institute of Standards and Technology (NIST) has already started the PQC standardization process, and hardware acceleration for PQC algorithms is one of the recent focused topics. In this talk, I follow this trend to introduce several interesting methods to accelerate the PQC algorithms on the hardware platform. Specifically, this talk will present the hardware
implementation methods from the aspects of both algorithmic derivation and architectural innovation. Implementation techniques for a lightweight PQC scheme is also covered in this talk. I hope that this talk will facilitate more research to help the PQC standardization and further development.
October 18, 2022, SE-43, Room 215; 4:00 p.m.
Speaker : Shi Bai, Florida Atlantic University
Title : Subfield and sublattice algorithms for variants of NTRU
Abstract : The NTRU problem introduced by Hoffstein, Pipher and Silverman is one of the fundamental problems in lattice-based cryptography. It has been used extensively as a security foundation, for public-key encryption, signatures, fully homomorphic encryption and many others. It has been realized that certain variants of NTRU such as the overstretched NTRU (NTRU variant with a large modulus) are easier than expected. The general strategy is to solve 'part' of the secret in a subfield or sublattice and then recover the full solution. In this talk, we will survey and compare several subfield and sublattice algorithms for overstretched NTRU, and also give some concrete estimates for breaking them.
September 13, 2022, SE-43, Room 215; 4:00 p.m.
Speaker : Sulani Thakshila, Florida Atlantic University
Title : MNTRU Signatures
Abstract : The NTRU cryptosystem is a computational problem introduced in 1996 based on lattices. Module-NTRU lattices generalize NTRU lattices and possess more benefits on the flexibility of ring dimension. In this talk, I will present Fiat-Shamir signatures based on the inhomogeneous variant of Module-NTRU problem. I will present two signature schemes. The first scheme is a lossy identification scheme secure in the QROM. The second scheme is a BLISS-like signature secure in the classic ROM.
August 31, 2022, SE-43, Room 215; 5:00 p.m.
Speaker : Francesco Sica, Florida Atlantic University
Title : A Note on Torsion Point Attacks
Abstract : A technical lemma is being used in attacks on the supersingular isogeny problem with torsion points (SSI-T) à la Petit, which propagates an error. In this talk, I will explain how Lemma 6 in Petit’s Asiacrypt 2017 paper is incorrect and how this can be fixed to make his attack work in theory as well as in practice.
