CRYPTO WORKING GROUP
Friday, June 02, 2023
De Kargadoor (http://www.kargadoor.nl/utrecht/zaalverhuur.html)
Oudegracht 36, Utrecht
Program
10:45 - 11:30 Robert Subroto (RU)
Decomposition of finite commutative semisimple group algebras,
and some applications in cryptography
11:30 - 11:45 Coffee / tea break
11:45 - 12:30 Mike Hamburg (Rambus)
Constant-sum encoding
12:30 - 14:00 Lunch break (lunch not included)
14:00 - 14:45 Chenglu Jin (CWI)
Towards Remote Verifiable Computation without Digital Secrets
14:45 - 15:00 Coffee / tea break
15:00 - 15:45 Zekeriya Erkin (TU Delft)
Financial Crime Detection with Privacy
--------------------------------------------------------------------------------
Abstracts
--------------------------------------------------------------------------------
Robert Subroto (RU)
*Decomposition of finite commutative semisimple group algebras, and some
applications in cryptography*
We present a full decomposition of finite commutative semisimple group
algebras, which are a type of algebraic objects with many applications in
coding theory and cryptography.
Important results include a formula for counting the number of simple
components, together with a strong criterion to determine invertibility of
elements in the group algebra.
Besides being of mathematical interest, these results are also useful for
studying algebraic properties of certain cryptographic functions which rely on
these group algebras.
An interesting example are Circulant Column Parity Mixers (CCPMs), which are a
class of linear boolean functions used in well-known cryptographic primitives
like Keccak-f and Xoodoo.
i:Exit -:PrevPg :NextPg v:View Attachm. d:Del r:Reply j:Next ?:Help
giving it a more simplified and natural flavour.
By doing so, many non-trivial results are now trivial consequences of results
of the decomposition of the group algebra.
Another interesting application can be found in the the post-quantum
cryptographic scheme LEDAcrypt, where they rely on verifying invertibility of
circulant matrices in an efficient way.
This again relates to the structure of the decomposition of the group algebra.
--------------------------------------------------------------------------------
Mike Hamburg (Rambus)
*Constant-sum encoding*
One-time signatures such as XMSS, LMS and SPHINCS+ need to encode hashes of
messages so that the encoding one hash cannot, in every position, be greater or
equal to the encoding of another hash. They achieve this using a checksum
encoding technique. If we could instead use a constant-sum encoding technique,
then signatures would have constant signing and verification time, and might
also be slightly smaller and faster. However, constant-sum encoding is rather
complicated, and with existing proposals requires either large tables or large
binomial coefficient calculations. Here I will go over some new ideas to make
these algorithms smaller and more efficient.
--------------------------------------------------------------------------------
Chenglu Jin (CWI)
*Towards Remote Verifiable Computation without Digital Secrets*
he development of secure processor architecture technology has seen many
challenges. It turns out difficult to implement efficient resource sharing and
at the same time eliminate or protect against side channels as a result of
shared caches and other buffers. For this reason, implemented hardware
isolation cannot provide confidential computing (as of yet). Nevertheless, the
hardware isolation for access control as implemented by micro code and added
circuitry cannot be circumvented and this allows for verifiable computation.
However, even though computations can be isolated in enclaves, how can we
provide remote attestation of computed output? Remote attestation requires
digital secrets which may leak due to side channels. We show two puzzle pieces
which together can be used to implement remote attestation without secure
digital computation or digital secrets: We use a strong PUF for masking
‘session signing keys’ and we use these in a new one-time signature primitive.
In essence, computing a signature for an output boils down to directly reading
out a signature from unmasked digital storage.
--------------------------------------------------------------------------------
Zekeriya Erkin (TU Delft)
*Financial Crime Detection with Privacy*
Privacy-enhancing technologies, particularly MPC, have been questioned about
their practicality. Last summer, a competition was organized by the USA and UK
governments ( U.S.-U.K. PETs Prize Challenges), where privacy researchers were
tasked to solve the fraud detection problem using machine learning algorithms
while providing privacy guarantees to banks and their users. For this purpose,
we developed the cryptographic part of the solution, where the result is a
custom protocol that allows payment providers to check whether a user's
credentials match the credentials in a bank's database without the bank
learning any information about the user. At the same time, the payment provider
never has access to the bank's database. These seemingly-impossible
constructions are made possible using a particular type of encryption called
homomorphic encryption. The competition results show that privacy-enhancing
technologies are fast enough to be practically deployable. They provide
solutions for problems that are otherwise hard to address without exposing
private data.
We are glad to announce that our team from the Delft University of Technology
and researchers from the University of Washington Tacoma won second place as
the "PPML Huskies" team.
In this talk, we will investigate the proposed approach that wins a prize and
the competition itself.