BEGIN:VCALENDAR
VERSION:2.0
PRODID:researchseminars.org
CALSCALE:GREGORIAN
X-WR-CALNAME:researchseminars.org
BEGIN:VEVENT
SUMMARY:Bill Brumley (Tampere University)
DTSTART:20230213T163000Z
DTEND:20230213T173000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/1
DESCRIPTION:Title: Side Channel Analysis and Lattice Attacks\nby Bill Brumley (
Tampere University) as part of Florida Atlantic University Crypto Café\n\
nLecture held in SE43 - Room 215.\n\nAbstract\nLattice attacks are a typic
al endgame for side channel attacks targeting digital signature schemes. D
uring the procurement phase\, the attacker queries digital signatures\, me
ssages\, and corresponding side channel traces\, then tries to extract sec
ret information from these traces and apply lattice methods to recover th
e private key. But in practice\, these traces are often incomplete and/or
noisy\, complicating theoretical models for applying lattices. In this tal
k\, I discuss some of the lattice attack techniques developed over the yea
rs\, and outline a few interesting open problems that highlight the gap be
tween theory and practice for applied side channel attacks powered by latt
ice methods.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:David Wu (University of Texas at Austin)
DTSTART:20230327T150000Z
DTEND:20230327T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/2
DESCRIPTION:Title: Succinct Vector\, Polynomial\, and Functional Commitments from L
attices\nby David Wu (University of Texas at Austin) as part of Florid
a Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstract\
nIn a functional commitment scheme\, a user can commit to an input x and l
ater on\, open it to an arbitrary function evaluation f(x). We require tha
t both the commitment and the opening be short. Important special cases of
functional commitments include vector commitments and polynomial commitme
nts. In this talk\, I will introduce a new lattice-based framework for con
structing functional commitments that supports functions computable by arb
itrary (bounded-depth) Boolean circuits. Our constructions rely on a new f
alsifiable "basis-augmented SIS" assumption that we introduce\, which can
be viewed as a new "q-type" variant of the standard SIS assumption.\n\nJoi
nt work with Hoeteck Wee\n\nBio: David Wu is an assistant professor in the
Department of Computer Science at the University of Texas at Austin. He i
s broadly interested in applied and theoretical cryptography as well as co
mputer security. Previously\, David received a PhD in computer science fro
m Stanford University in 2018 and was an assistant professor at the Univer
sity of Virginia from 2019 to 2021. He has received the NSF CAREER Award\,
the Microsoft Research Faculty Fellowship\, and a Google Research Scholar
Award. His work has been recognized with a Best Paper Award at CRYPTO (20
22)\, two Best Young-Researcher Paper Awards at CRYPTO (2017\, 2018) and a
n Outstanding Paper Award at ESORICS (2016).\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Mila Anastasova (FAU)
DTSTART:20230227T160000Z
DTEND:20230227T170000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/4
DESCRIPTION:Title: Time-Efficient Finite Field Microarchitecture Design for Curve44
8 and Ed448 on Cortex-M4.\nby Mila Anastasova (FAU) as part of Florida
Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstract\n
The elliptic curve family of schemes has the lowest computational latency\
, memory use\, energy consumption\, and bandwidth requirements\, making it
the most preferred public key method for adoption into network protocols.
Being suitable for embedded devices and applicable for key exchange and a
uthentication\, ECC is assuming a prominent position in the field of IoT c
ryptography. The attractive properties of the relatively new curve Curve44
8 contribute to its inclusion in the TLS1.3 protocol and pique the interes
t of academics and engineers aiming at studying and optimizing the schemes
. When addressing low-end IoT devices\, however\, the literature indicates
little work on these curves. In this presentation\, we present an efficie
nt design for both protocols based on Montgomery curve Curve448 and its bi
rationally equivalent Edwards curve Ed448 used for key agreement and digit
al signature algorithm\, specifically the X448 function and the Ed448 DSA\
, relying on efficient low-level arithmetic operations targeting the ARM-b
ased Cortex-M4 platform. Our design performs point multiplication\, the ba
se of the Elliptic Curve Diffie Hellman (ECDH)\, in 3\,2KCCs\, resulting i
n more than 48% improvement compared to the best previous work based on Cu
rve448\, and performs sign and verify\, the main operations of the Edwards
curves Digital Signature Algorithm (EdDSA)\, in 6\,038KCCs and 7\,404KCCs
\, showing a speedup of around 11% compared to the counterparts. We presen
t our novel modular multiplication and squaring architectures reaching ∼
25% and ∼ 35% faster runtime than the previous best-reported results\,
respectively\, based on Curve448 key exchange counterparts\, and ∼ 13% a
nd ∼ 25% better latency results than the Ed448-based digital signature c
ounterparts targeting Cortex-M4 platform.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Keegan Ryan (University of California\, San Diego)
DTSTART:20230424T150000Z
DTEND:20230424T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/5
DESCRIPTION:Title: Fast Practical Lattice Reduction through Iterated Compression\nby Keegan Ryan (University of California\, San Diego) as part of Florid
a Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstract\
nWe introduce a new lattice basis reduction algorithm with approximation g
uarantees analogous to the LLL algorithm and practical performance that fa
r exceeds the current state of the art. We achieve these results by iterat
ively applying precision management techniques within a recursive algorith
m structure and show the stability of this approach. We analyze the asympt
otic behavior of our algorithm\, and show that the heuristic running time
is $O(n^{\\omega}(C+n)^{1+\\varepsilon})$ for lattices of dimension $n$\,
$\\omega\\in (2\,3]$ bounding the cost of size reduction\, matrix multipli
cation\, and QR factorization\, and $C$ bounding the log of the condition
number of the input basis $B$. This yields a running time of $O\\left(n^\\
omega (p + n)^{1 + \\varepsilon}\\right)$ for precision $p = O(\\log \\|B\
\|_{max})$ in common applications. Our algorithm is fully practical\, and
we have published our implementation. We experimentally validate our heuri
stic\, give extensive benchmarks against numerous classes of cryptographic
lattices\, and show that our algorithm significantly outperforms existing
implementations.\n\nKeegan Ryan is a 4th year PhD student advised by Prof
. Nadia Heninger at the University of California\, San Diego. His research
interests include practical cryptanalysis of real-world systems\, particu
larly problems involving lattice reduction.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Corentin Jeudy (Orange Labs\, Université de Rennes)
DTSTART:20230313T150000Z
DTEND:20230313T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/6
DESCRIPTION:Title: On the Secret Distributions in Module Learning With Errors\n
by Corentin Jeudy (Orange Labs\, Université de Rennes) as part of Florida
Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstract\n
The Module Learning With Errors (M-LWE) problem is a core assumption of la
ttice-based cryptography\, and it underlies the security of the future pos
t-quantum cryptography standards Kyber and Dilithium selected by NIST. The
problem is parameterized by a secret distribution as well as an error dis
tribution. There is a gap between the choices of those distributions for t
heoretical hardness results (uniform secret modulo q) and practical scheme
s (small bounded secret). In this talk\, we narrow this gap by presenting
three results focused on the secret distribution. We show that both search
and decision M-LWE remain hard when the secret distribution is uniform ov
er small bounded secret\, provided that the rank is larger by a log(q) fac
tor. We then show the hardness of search M-LWE for more general secret dis
tributions carrying sufficient entropy.\n\nThis talk is based on the publi
shed papers "On the Hardness of Module Learning With Errors with Short Dis
tributions" (Journal of Cryptology 2023) and "Entropic Hardness of Module-
LWE from Module-NTRU" (Indocrypt 2022) which are joint works with Katharin
a Boudgoust\, Adeline Roux-Langlois and Weiqiang Wen.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Cariel Cohen (Securily)
DTSTART:20230410T150000Z
DTEND:20230410T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/7
DESCRIPTION:Title: Securing Cloud Business Applications: A Practical Approach to Cy
bersecurity and Compliance\nby Cariel Cohen (Securily) as part of Flor
ida Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstrac
t\nThis topic explores practical approaches to securing business applicati
ons and addressing cybersecurity and compliance challenges faced by busine
sses in today's dynamic digital landscape. Cariel will share insights on b
est practices for securing cloud workloads\, data\, and applications\, inc
luding implementing access controls\, training employees on cybersecurity
awareness\, and protecting data against a variety of risks. Attendees will
gain valuable knowledge and practical solutions that are used in helping
businesses thrive in the face of emerging cybersecurity threats and ever-c
hanging compliance requirements.\n\nWith over 20 years of experience in th
e cybersecurity industry\, our speaker is a co-founder and passionate code
r with a love for cryptography\, authentication and patents. He has extens
ive experience working with major public corporations\, including Aqua Sec
urity\, Sony Pictures\, and 5B Technologies. Throughout his career\, he ha
s been dedicated to ethical hacking and compliance\, ensuring that busines
ses remain secure and compliant in the face of emerging cybersecurity thre
ats.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Adam Yergovich (Department of State)
DTSTART:20230829T140000Z
DTEND:20230829T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/8
DESCRIPTION:Title: Challenges in Securing a Worldwide Enterprise Network Footprint
- The Basics from Australia to Zimbabwe\nby Adam Yergovich (Department
of State) as part of Florida Atlantic University Crypto Café\n\nLecture
held in SE 215.\n\nAbstract\nMany modern theories on Information Security
rely on sophisticated and efficient infrastructure we take for granted in
developed countries. When operating in nearly every country in the world
it is necessary to focus on the basics. There might be questionable infra
structure or even openly hostile host nations\, but basic "hygiene" is oft
en the best roadmap to securing information and communication - and often
the most neglected.\n\nSpeaker bio: Adam Yergovich works for the Departmen
t of State\, Bureau of Diplomatic Security as a Regional Cyber Security Of
ficer currently stationed in Fort Lauderdale Florida. He has previously b
een stationed in Frankfurt Germany\, Bangkok Thailand\, and Moscow Russia
but traveled extensively within those regions. He graduated from from the
University of California Davis with a degree in Computer Science and Engi
neering and worked for several years designing single board computers for
a small California company before joining State.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Zhijun Yin (FAU)
DTSTART:20230926T140000Z
DTEND:20230926T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/9
DESCRIPTION:Title: Exploring the Power of Multivariate Public Key Cryptography (MPK
C)\nby Zhijun Yin (FAU) as part of Florida Atlantic University Crypto
Café\n\nLecture held in SE 215.\n\nAbstract\nMultivariate Public Key Cryp
tography (MPKC) leverages multivariate quadratic polynomial mappings over
finite fields as the foundation for its trapdoor one-way functions. This i
nnovative approach offers remarkable efficiency in both encryption and dec
ryption processes\, making it a compelling choice for secure communication
s.\n\nIn contrast to traditional cryptographic methods\, attacking MPKC in
volves solving a system of nonlinear equations over the finite field\, a s
ignificantly more complex challenge than NP-hard problems like Boolean sat
isfiability\, which is equivalent to solving equations over the finite fie
ld GF(2).\n\nIn this presentation\, we will delve into MPKC through a simp
lified example featuring three variables within the finite field of GF(2).
This illustrative toy example will demystify key concepts such as public
and secret keys\, encryption\, decryption\, and cryptanalysis. Join us as
we unravel the intriguing world of MPKC and its potential impact on modern
cryptography.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Tran Ngo (FAU)
DTSTART:20231010T140000Z
DTEND:20231010T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/10
DESCRIPTION:Title: Analysis for Lattice Enumeration\nby Tran Ngo (FAU) as part
of Florida Atlantic University Crypto Café\n\nLecture held in SE 215.\n\
nAbstract\nLattice reduction algorithms such as BKZ (Block-Korkine-Zolotar
ev) play a central role in estimating the security of lattice-based crypto
graphy. The subroutine in BKZ which needs to find the shortest vector in a
projected sublattice can be instantiated with enumeration algorithms. The
enumeration procedure can be seen as a depth-first search on some "enumer
ation tree" whose nodes denote a partial assignment of the coefficients\,
corresponding to lattice points as a linear combination of the lattice bas
is with the coefficients. This work provides a concrete analysis for the c
ost of quantum lattice enumeration based on the quantum tree backtracking
algorithm of Montanaro (ToC\, '18). More precisely\, we give a concrete im
plementation of Montanaro's algorithm for lattice enumeration based on the
quantum circuit model. We also show how to optimize the circuit depth by
parallelizing the components. Based on the circuit designed\, we discuss t
he concrete quantum resource estimates required for lattice enumeration. T
his is a joint work with Shi Bai\, Maya-Iggy van Hoof\, Floyd B. Johnson\,
and Tanja Lange.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:William Youmans (FAU)
DTSTART:20231024T140000Z
DTEND:20231024T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/11
DESCRIPTION:Title: An algorithm for solving the principal ideal problem with subfi
elds\nby William Youmans (FAU) as part of Florida Atlantic University
Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nThe principal ideal p
roblem (PIP) is the problem of deciding whether a given ideal of a number
field is principal and\, if it is\, of finding a generator. Solving the PI
P applies to solving major computational tasks in number theory. It is als
o connected to the search for approximate short vectors in so-called ideal
lattices\, which is a crucial problem in cryptography. We present a novel
application of norm relations to utilize information from subfields to so
lve the PIP in fields of degree up to 1800.\n\nDr. William Youmans receive
d a BA in pure mathematics in 2017 and a PhD in mathematics in 2023 from t
he University of South Florida. Since May 2023 he has been a postdoctoral
research fellow at Florida Atlantic University. His research interests inc
lude lattice-based cryptography\, computational number theory\, and quantu
m algorithms.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Paul Zimmermann (INRIA/LORIA\, France)
DTSTART:20230912T140000Z
DTEND:20230912T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/12
DESCRIPTION:Title: Deciphering Charles Quint (A diplomatic letter from 1547)\n
by Paul Zimmermann (INRIA/LORIA\, France) as part of Florida Atlantic Univ
ersity Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nAn unknown and
almost fully encrypted letter written in 1547 by Emperor Charles V to his
ambassador at the French Court\, Jean de Saint-Mauris\, was identified in
a public library\, the Bibliothèque Stanislas (Nancy\, France). As no de
cryption of this letter was previously published or even known\, a team of
cryptographers and historians gathered together to study the letter and i
ts encryption system. First\, multiple approaches and methods were tested
in order to decipher the letter without any other specimen. Then\, the let
ter has now been inserted within the whole correspondence between Charles
and Saint-Mauris\, and the key has been consolidated thanks to previous ke
y reconstructions. Finally\, the decryption effort enabled us to uncover t
he content of the letter and investigate more deeply both cryptanalysis ch
allenges and encryption methods.\n\nPaul Zimmermann is a Directeur de Rech
erche at INRIA/LORIA\, Nancy\, France. His research interests include asym
ptotically fast arithmetic\, computer algebra and computational number the
ory. Together with Richard Brent\, he has written the book "Modern Compute
r Arithmetic"\, and he has coordinated the book "Computational Mathematics
with SageMath". He has contributed to some of the record computations in
integer factorization and discrete logarithm. He is the author or co-autho
r of several computer packages\, including the GNU MPFR library providing
arithmetic on floating-point numbers with correct rounding\, and CADO-NFS\
, an implementation of the number field sieve for integer factorization. H
is latest project is CORE-MATH\, an implementation of mathematical functio
ns with correct rounding for the IEEE 754 standard formats.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Zhenisbek Assylbekov (Purdue University Fort Wayne)
DTSTART:20231107T150000Z
DTEND:20231107T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/13
DESCRIPTION:Title: Intractability of Learning AES with Gradient-based Methods\
nby Zhenisbek Assylbekov (Purdue University Fort Wayne) as part of Florida
Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstract\n
We show the approximate pairwise orthogonality of a class of functions fo
rmed by a single AES output bit under the assumption that all of its roun
d keys except the initial one are independent. This result implies the ha
rdness of learning AES encryption (and decryption) with gradient-based met
hods. The proof relies on the Boas-Bellman type of inequality in inner-pro
duct spaces.\n\nBio: Zhenisbek has a PhD in Mathematical Statistics from H
iroshima University. After the PhD and some period of work in industry\, h
e got a job at Nazarbayev University\, where he was working as a Teaching
Assistant\, Instructor\, and Assistant Professor in the Department of Math
ematics during 2011-2023. Currently\, he is an Assistant Professor of Data
Science at Purdue University Fort Wayne.\n \nHis research interests are i
n machine learning with applications to natural language processing (NLP).
He is interested in both the theoretical analysis of machine learning alg
orithms and the practical implementation and experimental evaluation of su
ch algorithms on text data. He is also interested in hardness of learning
which is closely related to cryptography because cryptographic primitives
are exactly what is hard for machine learning.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Paolo Santini (Università Politecnica delle Marche)
DTSTART:20231121T150000Z
DTEND:20231121T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/14
DESCRIPTION:Title: A New Formulation of the Linear Equivalence Problem and Shorter
LESS Signatures\nby Paolo Santini (Università Politecnica delle Marc
he) as part of Florida Atlantic University Crypto Café\n\nLecture held in
SE 215.\n\nAbstract\nThe problem of determining whether two linear codes
are equivalent is called Code Equivalence Problem. When codes are endowed
with the Hamming metric (which is the most studied case)\, the equivalence
is mainly considered with respect to monomial transformations (permutatio
ns with scaling factors) and the problem is known as the Linear Equivalenc
e Problem (LEP). Code equivalence can be described as a transitive\, non-c
ommutative group action and\, as such\, finds a natural application in cry
ptography: for example\, it is possible to design zero-knowledge proofs\,
and hence signature schemes. In recent works\, it has been shown that LEP
can be reformulated using notions such as information sets (arguably\, ubi
quitous objects in coding theory) and canonical forms. This unlocks some n
ew features\, such as the possibility of communicating the equivalence map
in a very compact way (which leads to much shorter signatures)\, as well
as opening new attack avenues. In this talk\, we recall the basics of code
equivalence and then focus on these recent results\, aiming to describe h
ow they can be applied to boost the performance of cryptographic schemes.\
n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Dominic Gold (FAU)
DTSTART:20231205T150000Z
DTEND:20231205T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/15
DESCRIPTION:Title: TDA-Preprocessing Yields Quantifiable Efficiency Gains in Priva
cy-Preserving ML Models\nby Dominic Gold (FAU) as part of Florida Atla
ntic University Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nCompu
tational tools grounded in algebraic topology\, known collectively as topo
logical data analysis (TDA)\, have been used for dimensionality-reduction
to preserve salient and discriminating features in data. TDA's flagship me
thod\, persistent homology (PH)\, extracts distinguishing shape characteri
stics from the data directly and provide inherent noise-tolerance and comp
act\, interpretable representations of high-dimensional data that are amen
able to well-established statistical methods and machine learning (ML) mod
els\; this faithful but compressed representation of data motivates TDA's
use to address the complexity\, depth\, and inefficiency issues present in
privacy-preserving\, homomorphic encryption (HE)-based ML models through
ciphertext packing---the process of packing multiple encrypted observation
s into a single ciphertext for Single Instruction\, Multiple Data (SIMD) o
perations.\n\nBy investigating several TDA featurization techniques on the
MNIST digits dataset using a logistic regression (LR) classifier\, we dem
onstrated that the TDA methods chosen improves encrypted model evaluation
with a 10-25 fold reduction in amortized time while improving model accura
cy up to 1.4% compared to naive reductions that used downscaling/resizing.
The developed technique also has implications for multiclass classificati
on by sending multiple model classifications in a single packed ciphertext
to reduce the communication overhead between the Client and Server\, pote
ntially avoiding restriction to a binary classification (as done in past H
E-ML literature for secure classification of MNIST digits).\n\nBiography:
Dominic Gold is a 6th year graduate teaching assistant at Florida Atlantic
University who studies both cryptography and data science\, with his main
interest in secure/privacy-preserving machine learning on encrypted data.
The intersectionality of his research in homomorphic encryption and topol
ogical data analysis shows promising implications for research in both fie
lds\, with his work in cryptography recognized by venues such as USENIX an
d ACM CCS. The ultimate goal of his work is to enable real-time prediction
s on encrypted biomedical data to improve both the reliability\, security\
, and equitability of healthcare systems.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Vincenzo Pallozzi Lavorante (University of South Florida)
DTSTART:20240129T150000Z
DTEND:20240129T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/16
DESCRIPTION:Title: Locality and complexity distribution in coding theory\, an appr
oach based on Galois theory\nby Vincenzo Pallozzi Lavorante (Universit
y of South Florida) as part of Florida Atlantic University Crypto Café\n\
nLecture held in SE 215.\n\nAbstract\nThe storage of information and the n
ecessity to ease the heaviness of big data computations are two key aspect
s to consider when investigating new problems in coding theory. The conce
pt of locality is closely linked to the reliability of distributed storage
systems\, while matrix multiplication is often the first operation requir
ed for secure distribution. This presentation will provide an overview of
the latest developments and explore how Galois theory can offer valuable t
ools for addressing and contributing to these areas.\n\nBio: Dr. Pallozzi
Lavorante received a Ph.D. in Mathematics in 2022 from the University of M
odena and Reggio Emilia in Italy. Since August 2022 he has been a Postdoct
oral fellow at the University of South Florida. His research interest focu
ses on Galois Theory and polynomials over finite fields with applications
to coding theory\, code-based cryptography\, and finite geometry.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Jason LeGrow (Virginia Polytechnic Institute and State University)
DTSTART:20240311T140000Z
DTEND:20240311T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/17
DESCRIPTION:Title: Post-Quantum Blind Signatures from Group Actions\nby Jason
LeGrow (Virginia Polytechnic Institute and State University) as part of Fl
orida Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstr
act\nBlind signatures are a kind of cryptographic scheme which allows a Us
er to receive a Signer’s signature on a message\, in such a way that the
message is not revealed to the Signer. Blind signatures can be used in ma
ny applications\, such as a electronic voting and anonymous purchasing. To
resist attacks by quantum computers\, we must design blind signature sche
mes based on computational problems which are believed to be hard for quan
tum computers: so-called post-quantum protocols. I will discuss techniques
for constructing post-quantum blind signatures from cryptographic group a
ctions in the setting of isogeny-based cryptography and code-based cryptog
raphy.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Xinxin Fan (IoTeX)
DTSTART:20240325T140000Z
DTEND:20240325T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/18
DESCRIPTION:Title: Zero-Knowledge Proofs - An Industry Perspective\nby Xinxin
Fan (IoTeX) as part of Florida Atlantic University Crypto Café\n\nLecture
held in SE 215.\n\nAbstract\nDriven by the rapid growth of blockchain and
web3\, zero-knowledge proofs have gained considerable development during
the past few years. In this talk\, I will give a state-of-the-art overview
of zero-knowledge proofs and their potential use cases from an industry p
erspective and highlight a number of research challenges that need to be f
urther investigated.\n\nDr. Xinxin Fan is the Head of Cryptography at IoTe
X\, a Silicon Valley-based technology platform that empowers the emerging
machine economy with innovative combination of blockchain and IoT. He is r
esponsible for directing the company’s strategy and product roadmaps as
well as developing the core technologies and IP portfolio. Before joining
IoTeX\, he was a senior research engineer of the Security and Privacy Grou
p at Bosch Research Technology Center North America. Dr. Xinxin Fan receiv
ed his Ph.D. in Electrical and Computer Engineering from the University of
Waterloo in 2010. He has published 60+ referred research papers in top-ti
er journals\, conferences and workshops in the areas of cryptography and i
nformation security and is an inventor of 17 patent filings for innovative
information security and privacy-enhancing technologies. He is also a Cer
tified Information Systems Security Professional (CISSP) from (ISC)^2 and
a (co-)chair of IEEE P2418.1 and IEEE P2958 standards working groups.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Francesco Sica (FAU)
DTSTART:20240408T140000Z
DTEND:20240408T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/19
DESCRIPTION:Title: Acceleration of multiscalar multiplication for zkSNARKs\nby
Francesco Sica (FAU) as part of Florida Atlantic University Crypto Café\
n\nLecture held in SE 215.\n\nAbstract\nThe main computational bottleneck
in the implementation of zero-knowledge succinct arguments of knowledge (z
kSNARKs) based on elliptic curves\, such as Pinocchio\, is the evaluation
(called multiscalar multiplication) $\\sum_{i=1}^n a_i P_i$\, where the $a
_i$’s are scalar and the $P_i$’s are fixed elliptic curve points. We w
ill review currently used techniques and introduce new improvements. \nThi
s is joint work with Xinxin Fan\, Veronika Kuchta and Lei Xu.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Merve Karabulut (FAU)
DTSTART:20240212T150000Z
DTEND:20240212T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/20
DESCRIPTION:Title: Number Theoretic Transform: A Python-based Speed Enhancement\nby Merve Karabulut (FAU) as part of Florida Atlantic University Crypto
Café\n\nLecture held in SE 215.\n\nAbstract\nOur proposal involves a Pyth
on-based solution that utilizes Numba's just-in-time compilation capabilit
ies. We aim to optimize the control flow of the Number Theoretic Transform
(NTT) operation to exploit parallelism in modern CPUs. Our solution lever
ages multi-core processing\, multi-threading\, and cache memory.\n\nSpeake
r bio: Merve is a computer engineering graduate from Yildiz Technical Univ
ersity\, with experience in full-stack development and blockchain\, especi
ally with Hyperledger. At FAU\, she is working towards a Ph.D.\, focusing
on PQC with Dr. Reza Azarderakhsh. Her goal is to create secure solutions
resistant to quantum computing and efficient implementation of algorithms.
\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Lukas Kölsch (University of South Florida)
DTSTART:20240226T213000Z
DTEND:20240226T223000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/21
DESCRIPTION:Title: A general and unifying construction for semifields and their re
lated maximum rank distance codes\nby Lukas Kölsch (University of Sou
th Florida) as part of Florida Atlantic University Crypto Café\n\n\nAbstr
act\n********* IMPORTANT: THIS TALK AT 4:30 PM *********\n\nSemifields are
algebraic structures that can be for instance used to construct nondesarg
uesian planes in finite geometry\, as well as maximum rank distance (MRD)
codes with special parameters (more precisely\, every element in the code
will be a square matrix with full rank). Many constructions of MRD codes a
re rooted in ideas from semifield theory. Interestingly\, many known const
ructions of semifields only exist in even dimension (i.e. the dimension ov
er the prime field is even)\, leading to MRD codes in even dimension or MR
D codes in odd dimension over a field of even degree. In this talk\, we pr
esent a unifying construction for almost all semifields of this type\, inc
luding semifields found by Dickson\, Knuth\, Hughes-Kleinfeld\, Taniguchi\
, Dempwolff\, Bierbrauer\, Zhou-Pott in the last 120 years. Our constructi
on recovers all these semifields\, and gives many new examples.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Edoardo Persichetti (FAU)
DTSTART:20240905T140000Z
DTEND:20240905T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/22
DESCRIPTION:Title: A Brief Introduction to Code-Based Cryptography\nby Edoardo
Persichetti (FAU) as part of Florida Atlantic University Crypto Café\n\n
Lecture held in SE 215.\n\nAbstract\nCode-based cryptographic primitives a
re among the main solutions for Post-Quantum Cryptography\, the area of st
udy in charge of protecting our information and communication in the prese
nce of quantum adversaries. In this talk\, I will briefly walk through the
history of this field\, highlighting the main constructions\, modern appr
oaches\, and recent developments. Everyone welcome!\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Shi Bai (FAU)
DTSTART:20240919T140000Z
DTEND:20240919T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/23
DESCRIPTION:Title: Lattice-based cryptography: construction and analysis.\nby
Shi Bai (FAU) as part of Florida Atlantic University Crypto Café\n\nLectu
re held in SE 215.\n\nAbstract\nLattice-based cryptography holds a great p
romise for post-quantum cryptography. It enjoys strong security proof base
d on the so-called worst-case to average-case reduction\; relatively\neffi
cient implementations\; as well as algorithmic simplicity. In this talk\,
we will discuss a post-quantum scheme based on lattice\; and several algor
ithms for evaluating the security of average-case/worst-case problems in l
attice-based cryptography.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Ruslan Ospanov (Eurasian National University)
DTSTART:20241017T140000Z
DTEND:20241017T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/24
DESCRIPTION:Title: The MCDM-RL-based Framework for Consensus Protocol Selection fo
r IoT networks.\nby Ruslan Ospanov (Eurasian National University) as p
art of Florida Atlantic University Crypto Café\n\nLecture held in SE 215.
\n\nAbstract\nThis topic is a part of my PhD research topic: “Design and
analysis of cryptographic algorithms and protocols for solving the proble
m of consensus in distributed ledger technologies”. \n\nReinforcement le
arning (RL) has played a key role in the rapid development of artificial i
ntelligence technologies that has been observed over the past decade. Rein
forcement learning methods have shown impressive results in a range of fie
lds. Specifically\, RL is widely applied in robotics\, control systems\, a
nd the Internet of Things (IoT) to address challenges in automation\, opti
mization\, and the management of complex systems. The IoT is also a major
area for the implementation of distributed ledger and blockchain technolog
ies\, which provide effective solutions to overcome the limitations of con
ventional IoT applications. A key element of the distributed ledger refere
nce architecture is the consensus layer\, which handles agreement among ne
twork nodes\, ensuring the ledger’s state remains consistent while maint
aining data security\, accuracy\, and protection. The selection of a conse
nsus protocol plays a crucial role in determining the performance and secu
rity of the blockchain system. \n\nThis talk is devoted to the issue of se
lection a blockchain consensus protocol for IoT networks using the combine
d application of multi-criteria decision making (MCDM) and reinforcement l
earning (RL) methods. In this talk\, I will consider an idea of integratio
n multi-criteria decision making and reinforcement learning methods to blo
ckchain consensus protocol selection for IoT. It proposes a combined conse
nsus protocol selection and management system for IoT networks based on th
e multi-criteria decision making method and reinforcement learning.\n\nRus
lan Ospanov has been engaged in scientific and educational activities in t
he field of mathematics and cryptography for more than 20 years\, has doze
ns of scientific and scientific-methodological works\, as well as several
copyright certificates from Qazpatent (National Institute of Intellectual
Property of the Ministry of Justice of the Republic of Kazakhstan (NIIP)).
He worked as a teacher in various universities of Kazakhstan (Karaganda S
tate University named after academician E.A. Buketov\, L.N. Gumilyov Euras
ian National University and other). He is also a research fellow at the Re
search Institute of Information Security and Cryptology of L.N. Gumilyov E
urasian National University. Since September 2022\, he has been a doctoral
student at the Eurasian National University named after L.N. Gumilyov\, s
pecializing in Information Security Systems.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Veronika Kuchta (FAU)
DTSTART:20241003T140000Z
DTEND:20241003T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/25
DESCRIPTION:Title: Proximity gaps for Reed-Solomon Codes and their Application in
Interactive Oracle Proofs of Proximity and ZK-SNARKs\nby Veronika Kuch
ta (FAU) as part of Florida Atlantic University Crypto Café\n\nLecture he
ld in SE 215.\n\nAbstract\nReed-Solomon codes have long been a fundamental
tool of error correction and data integrity\, but their applications exte
nd far beyond traditional coding theory. In this talk\, I will explore the
concept of proximity gaps within Reed-Solomon codes—specific measures
of how far a received word is from the closest codeword—and their criti
cal role in the design and analysis of advanced cryptographic protocols\,
such as Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge (ZK
-SNARKs) and Interactive Oracle Proofs of Proximity (IOPPs).\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Francesco Sica (FAU)
DTSTART:20241031T140000Z
DTEND:20241031T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/26
DESCRIPTION:Title: Group Actions and the Discrete Log Problem\nby Francesco Si
ca (FAU) as part of Florida Atlantic University Crypto Café\n\nLecture he
ld in SE 215.\n\nAbstract\nThe discrete logarithm problem (DLP) asks to co
mpute\, in a cyclic group $G=\\langle g \\rangle$\, given $x\\in G$ and $y
= x^k$\, the exponent $k$. This problem can be generalized to a situation
when $G$ acts on a set $X$\, and gives rise to the analogous vectorization
problem (VP)\, asking to recover $\\gamma\\in G$ from knowledge of $x\\in
X$ and $y=\\gamma \\cdot x$.\n\nWe will discuss generic algorithms to sol
ve the VP\, in particular in the presence of hints $z=\\gamma^d \\cdot x$\
, rephrasing a 2006 argument of Cheon.\n\nFrancesco Sica is an assistant p
rofessor in the FAU department of mathematics and statistics. His research
lies at the intersection of number theory and cryptography\, trying to di
scover beautiful connections between the two.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Merey Sarsengeldin (University of Central Florida)
DTSTART:20241114T150000Z
DTEND:20241114T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/27
DESCRIPTION:Title: Variational Quantum Neural Network for modeling and solving Hea
t and Mass transfer problems.\nby Merey Sarsengeldin (University of Ce
ntral Florida) as part of Florida Atlantic University Crypto Café\n\nLect
ure held in SE 215.\n\nAbstract\nIn this study we present a hybrid\nquantu
m-classical neural network (Variational Quantum\nAlgorithm) to model and s
olve heat and mass transfer\nproblems. The underlying PDEs responsible for
modeling diverse phenomena are Stefan Type Problems. These problems are n
onlinear where along with the unknown temperature function unknown boundar
y or flux function has to be determined. This kind of Free Boundary Value
Problems are hard to solve analytically. To solve such kind problems analy
tically and numerically\, we benefit from computational power of Quantum C
omputing and utilize neural networks as a universal function approximator
to find the Heat function and Moving Phase boundary. On the basis of the V
ariational Quantum Neural Network\, we have developed methodological frame
work and\nsoftware artifact which might be of interest and beneficial for
researchers and engineers working in the field of modeling Heat and Mass t
ransfer phenomena.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Abhraneel Dutta (FAU)
DTSTART:20241205T150000Z
DTEND:20241205T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/29
DESCRIPTION:Title: Polynomial Inversion Algorithms in Constant Time for Post-Quant
um Cryptography\nby Abhraneel Dutta (FAU) as part of Florida Atlantic
University Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nThe comput
ation of the inverse of a polynomial over a quotient ring or a finite fiel
d plays a very important role during the key generation of post-quantum cr
yptosystems like NTRU\, BIKE\, and LEDACrypt. It is therefore important th
at there exist an efficient algorithm capable of running in constant time\
, to prevent timing side-channel attacks. In this article\, we study both
constant-time algorithms based on Fermat's Little Theorem and the Extended
GCD Algorithm\, and provide a detailed comparison in terms of performance
. According to our conclusion\, we see that the constant-time Extended GCD
-based Bernstein-Yang's algorithm shows a better performance with 1.76x-3.
76x on x86 platforms compared to FLT-based methods. Although we report num
bers from a software implementation\, we additionally provide a short glim
pse of some recent results when these two algorithms are implemented on va
rious hardware platforms. Finally\, we also explore other exponentiation a
lgorithms that work similarly to the Itoh-Tsuji inversion method. These al
gorithms perform fewer polynomial multiplications and show a better perfor
mance with 1.56x-1.96x on x86 platform compared to Itoh-Tsuji inversion me
thod.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Edoardo Persichetti (FAU)
DTSTART:20250116T150000Z
DTEND:20250116T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/30
DESCRIPTION:Title: On Digital Signatures from Cryptographic Group Actions\nby
Edoardo Persichetti (FAU) as part of Florida Atlantic University Crypto Ca
fé\n\nLecture held in SE 215.\n\nAbstract\nCryptography based on group ac
tions has been studied for a long time. In recent years\, however\, the ar
ea has seen a revival\, partially due to its role in post-quantum cryptogr
aphy. In this talk\, we present our work on a unified taxonomy of a variet
y of techniques used to design digital signature schemes. We describe all
techniques in a single fashion\, show how they impact the performance of t
he resulting protocols and analyse how different techniques can be combine
d for optimal performance. Everyone welcome!\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Eliana Carozza (IRIF\, France)
DTSTART:20250130T150000Z
DTEND:20250130T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/31
DESCRIPTION:Title: Faster Signatures from MPC-in-the-Head\nby Eliana Carozza (
IRIF\, France) as part of Florida Atlantic University Crypto Café\n\nLect
ure held in SE 215.\n\nAbstract\nThe construction of signature schemes usi
ng the MPC-in-the-head paradigm is revisited\, leading to two main contrib
utions:\n\n– It is observed that prior signatures within the MPC-in-the-
head paradigm require a salted version of the GGM puncturable pseudorandom
function (PPRF) to mitigate collision attacks. A new efficient PPRF const
ruction is presented\, which is provably secure in the multi-instance sett
ing. The security analysis\, conducted in the ideal cipher model\, represe
nts a core technical contribution. Unlike previous constructions that reli
ed on hash functions\, the proposed PPRF uses only a fixed-key block ciphe
r\, resulting in significant efficiency gains\, with speed improvements ra
nging from 12× to 55× for a recent signature scheme (Joux and Huth\, Cry
pto’24). This improved PPRF has the potential to enhance the performance
of various MPC-in-the-head signatures.\n\n– A new signature scheme is i
ntroduced\, based on the regular syndrome decoding assumption and a novel
protocol for the MPC-in-the-head paradigm. The proposed scheme achieves a
substantial reduction in communication overhead compared to earlier works.
Despite its conceptual simplicity\, the security analysis involves intric
ate combinatorial considerations.\n\nEliana Carozza is a PhD researcher at
IRIF\, Université Paris Cité\, specializing in post-quantum cryptograph
y and advanced code-based cryptographic primitives.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Ivana Trummová (Czech Technical University)
DTSTART:20250213T150000Z
DTEND:20250213T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/32
DESCRIPTION:Title: Human Factors in Cryptography\nby Ivana Trummová (Czech Te
chnical University) as part of Florida Atlantic University Crypto Café\n\
nLecture held in SE 215.\n\nAbstract\nCryptography can be considered a par
t of mathematics or computer science\, therefore an exact and technical fi
eld. On the other hand\, cryptography is created\, implemented and used by
people\, who have to collaborate\, communicate\, and are prone to making
mistakes. In my work\, I am researching the non-technical aspects of crypt
ography that affect security. In one of my previous projects we have mappe
d the cryptography ecosystem\, described the systemic barriers that hinder
cryptography adoption. In another interview study\, we found out how deve
lopers implement cryptographic standards and how an ideal standard specifi
cation should look like. Now I am studying the processes of cryptography c
ompetitions and their impacts on cryptographic community.\n\nAbout the spe
aker: Ivana Trummová is a cryptography researcher and a teacher focusing
on human factors in security and inter-disciplinary research. She is curre
ntly pursuing a PhD in Cryptography at the Faculty of Information Technolo
gy\, Czech Technical University (CTU) in Prague\, Czech Republic. She also
works as a teacher assistant at CTU\, teaching courses on cryptography\,
mathematics and cybersecurity\, and recently also a new course called "Hum
an Factors in Cryptography and Security"\, which aims to bring an inter-di
sciplinary point of view to computer science students.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Dominic Gold (Johns Hopkins University Applied Physics Laboratory)
DTSTART:20250227T150000Z
DTEND:20250227T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/33
DESCRIPTION:Title: Deterministic Random Bit Generators in Cryptography\nby Dom
inic Gold (Johns Hopkins University Applied Physics Laboratory) as part of
Florida Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAb
stract\nMany cryptographic protocols (e.g.\, key generation\, nonces\, sec
ret sharing) require “good random” as a raw material\, which may be ex
tracted from noise sources surrounding the consuming application. However\
, if the noise sources are biased\, inefficiently generated\, or contain l
ow levels of entropy\, then a deterministic random bit generator (DRBG)—
also known as a pseudorandom random number generator (PRNG)—may be used.
These DRBGs ingest the aforementioned noise sources\, create random seeds
\, and generate random values for further use in downstream cryptographic
applications\, and thus function identically to a true random number gener
ator (TRNG) so long as the noise source itself is not modellable. We will
discuss this pipeline of random number generation\, and go over some of th
e security guarantees within a DRBG.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Merve Karabulut (FAU)
DTSTART:20250327T140000Z
DTEND:20250327T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/34
DESCRIPTION:Title: Efficient CPA Attack on Hardware Implementation of ML-DSA in Po
st-Quantum Root of Trust\nby Merve Karabulut (FAU) as part of Florida
Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nS
ide-channel attacks (SCA) present a serious threat to cryptographic implem
entations\, including those designed for post-quantum security. This talk
introduces the first Correlation Power Analysis (CPA) attack on an industr
y-grade hardware implementation of ML-DSA within a Silicon Root of Trust f
ramework. Our attack exploits side-channel leakage from the modular reduct
ion process following the Number Theoretic Transform-based polynomial mult
iplication. By leveraging leakage from a unique reduction algorithm and th
e zeroization mechanism used for securely erasing sensitive data\, we demo
nstrate secret key extraction using only 10\,000 power traces. This attack
compromises the integrity of the root of trust\, enabling signature forge
ry for certificate generation. Our findings highlight critical vulnerabili
ties in commercially deployed post-quantum cryptographic systems and empha
size the need for robust countermeasures.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Maryam Taghi Zadeh (FAU)
DTSTART:20250410T140000Z
DTEND:20250410T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/35
DESCRIPTION:Title: Post-Quantum Hash-Based Digital Signature Scheme: XMSS with SHA
-2 and SHA-3 Hash Functions\nby Maryam Taghi Zadeh (FAU) as part of Fl
orida Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstr
act\nThis talk presents a comprehensive investigation of the eXtended Merk
le Signature Scheme (XMSS) implemented with both SHA-2 and SHA-3 hash func
tion families as specified in FIPS 202 and RFC 8391. XMSS is a stateful ha
sh-based digital signature scheme that provides post-quantum security guar
antees\, making it a critical consideration amid growing quantum computing
threats to conventional public-key cryptography.\n\nThe SHA-2 and SHA-3 h
ash function families exhibit distinct security characteristics when integ
rated into XMSS implementations. This research evaluates their comparative
performance metrics\, security properties\, and implementation considerat
ions within the XMSS framework. We analyze the practical implications of v
arious parameter sets as defined in RFC 8391\, specifically examining tree
height and Winternitz parameter selections and their effects on signature
size\, generation time\, and verification efficiency.\n\nOur work demonst
rates the viability of both hash function families within XMSS while highl
ighting their specific trade-offs. The SHA-3 implementation\, based on the
Keccak algorithm standardized in FIPS 202\, provides superior resistance
against side-channel attacks and length extension vulnerabilities compared
to SHA-2\, while exhibiting different performance characteristics. We pre
sent empirical data on computational efficiency across multiple platforms
and address the state management challenges inherent to stateful signature
schemes like XMSS.\n\nThis research contributes to ongoing standardizatio
n efforts for post-quantum cryptographic primitives and provides practical
insights for organizations preparing for the transition to quantum-resist
ant signature schemes.\n\nKeywords: Post-Quantum Cryptography\, Hash-Based
Signatures\, XMSS\, SHA-2\, SHA-3\, Digital Signatures\, Cryptographic Im
plementation\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Dipayan Das (FAU)
DTSTART:20250313T140000Z
DTEND:20250313T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/38
DESCRIPTION:Title: Cryptanalysis of some Lattice-based Assumptions\nby Dipayan
Das (FAU) as part of Florida Atlantic University Crypto Café\n\nLecture
held in SE 215.\n\nAbstract\nCryptography relies on the assumptions of com
putationally hard\nproblems. It should be hard for security\, offer\nfunct
ionalities for cryptographic applications\, and be efficient to\nimplement
. Recently\, lattice-based assumptions have emerged as a strong\nbuilding
block for post-quantum cryptography. In this talk\, I will\npresent recent
cryptanalytic results on two lattice-based assumptions\,\nnamely the Fini
te Field Isomorphism problem (PKC'18\, JoMC'20)\, and the\nPartial Vander
monde Knapsack Problem (ACNS'14\, DCC'15\, ACISP'18\, Eprint'20\,DCC'22).
\nThese assumptions have been used extensively for\nvarious lattice-based
constructions\, including encryptions\, fully\nhomomorphic encryptions\, s
ignatures\, signature aggregations\, etc.\n\nAbout the speaker: Dipayan Da
s is an Assistant Professor in the Florida Atlantic University Department
of Mathematics and Statistics. Previously\, he was a Postdoc researcher at
the NTT Social Informatics Laboratories in Japan. Before that\, he was a
PostDoc researcher at CISPA Helmholtz center for information security in G
ermany. He did his PhD at the National Institute of Technology\, Durgapur
in India.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Hansraj Jangir (Florida Atlantic University)
DTSTART:20250902T140000Z
DTEND:20250902T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/40
DESCRIPTION:Title: A Quasi-polynomial time Quantum Algorithm for the Extrapolated
Dihedral Coset Problem\nby Hansraj Jangir (Florida Atlantic University
) as part of Florida Atlantic University Crypto Café\n\nLecture held in S
E 215.\n\nAbstract\nThe Learning With Errors (LWE) problem\, introduced by
Regev (STOC’05)\, is one of the fundamental problems in lattice-based c
ryptography\, believed to be hard even for quantum adversaries. Regev (FOC
S’02) showed that LWE reduces to the quantum Dihedral Coset Problem (DCP
) and later\, Brakerski et al. (PKC 2018) extended this to the more genera
l Extrapolated Dihedral Coset Problem (EDCP). In this talk\, we present a
quasi-polynomial time quantum algorithm for solving EDCP over power-of-two
moduli\, using a quasi-polynomial number of samples. We stress that our a
lgorithm does not affect the security of LWE with standard parameters\, as
the reduction from standard LWE to EDCP limits the number of samples to b
e polynomial.\n\nHansraj is a PhD student in the Department of Mathematics
and Statistics at Florida Atlantic University\, Boca Raton. Prior to star
ting his doctoral studies\, he worked as a Junior Research Fellow at the D
efense Research and Development Organization (DRDO)\, Delhi. His research
interests include lattice based cryptography and quantum algorithms.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Dung Bui (Sorbonne Université)
DTSTART:20250916T140000Z
DTEND:20250916T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/41
DESCRIPTION:Title: FOLEAGE: F4OLE-Based Multi-Party Computation for Boolean Circui
ts\nby Dung Bui (Sorbonne Université) as part of Florida Atlantic Uni
versity Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nSecure Multi-
party Computation (MPC) allows two or more parties to compute any public f
unction over their privately-held inputs\, without revealing any informati
on beyond the result of the computation. Modern protocols for MPC generate
a large amount of input-independent preprocessing material called multipl
ication triples\, in an offline phase. This preprocessing can later be use
d by the parties to efficiently instantiate an input-dependent online phas
e computing the function.\n \nTo date\, the state-of-the-art secure multi-
party computation protocols in the preprocessing model are tailored to sec
ure computation of arithmetic circuits over large fields and require littl
e communication in the preprocessing phase\, typically $O(N · m)$ to gene
rate m triples among $N$ parties. In contrast\, when it comes to computing
preprocessing for computations that are naturally represented as Boolean
circuits\, the state-of-the-art techniques have not evolved since the 1980
s\, and in particular\, require every pair of parties to execute a large n
umber of oblivious transfers before interacting to convert them to $N$-par
ty triples\, which induces an $\\Omega(N^2 \\cdot m)$ communication overhe
ad.\n \nIn this paper\, we introduce FOLEAGE\, which addresses this gap by
introducing an efficient preprocessing protocol tailored to Boolean circu
its. FOLEAGE exhibits excellent performance: It generates $m$ multiplicati
on triples over $\\mathbb F_2$ using only $N \\cdot m + O(N^2 \\cdot \\log
m)$ bits of communication for $N$-parties\, and can concretely produce ov
er 12 million triples per second in the 2-party setting on one core of a c
ommodity machine. Our result builds upon an efficient Pseudorandom Correla
tion Generator (PCG) for multiplication triples over the field $\\mathbb F
_4$. Roughly speaking\, a PCG enables parties to stretch a short seed into
a large number of pseudorandom correlations non-interactively\, which gre
atly improves the efficiency of the offline phase in MPC protocols. Our co
nstruction significantly outperforms the state-of-the-art\, which we demon
strate via a prototype implementation. This is achieved by introducing a n
umber of protocol-level\, algorithmic-level\, and implementation-level opt
imizations on the recent PCG construction of Bombar et al. (Crypto 2023) f
rom the Quasi-Abelian Syndrome Decoding assumption.\n\nBio: Dung Bui is a
postdoctoral researcher at LIP6\, Sorbonne Université\, France. She compl
eted her PhD at IRIF\, Université Paris Cité.\nHer research interests ar
e in various aspects of both practical and theoretical cryptography\, incl
uding secure multiparty computation\, zero-knowledge proofs\, and post-qua
ntum cryptography.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Sohyun Jeon (Ewha Womans University)
DTSTART:20251028T140000Z
DTEND:20251028T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/42
DESCRIPTION:Title: LastRings: Lattice-based Scalable Threshold Ring Signatures
\nby Sohyun Jeon (Ewha Womans University) as part of Florida Atlantic Univ
ersity Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nThis talk pres
ents the first lattice-based threshold ring signature scheme with signatur
e size scaling logarithmically in the size of the ring while supporting ar
bitrary thresholds. Our construction is also concretely efficient\, achiev
ing signature sizes of less than 150kB for ring sizes up to N=4096 (with t
hreshold size T=N/2\, say). This is substantially more compact than previo
us work.\nOur approach is inspired by the recent work of Aardal et al. (CR
YPTO 2024) on the compact aggregation of Falcon signatures\, that uses the
LaBRADOR lattice-based SNARKs to combine a collection of Falcon signature
s into a single succinct argument of knowledge of those signatures. We pro
ceed in a similar way to obtain compact threshold ring signatures from Fal
con\, but crucially require that the proof system be zero-knowledge in ord
er to ensure the privacy of signers. Since LaBRADOR is not a zkSNARK\, we
associate it with a separate (non-succinct) lattice-based zero-knowledge p
roof system to achieve our desired properties.\n\nBio: Sohyun Jeon recentl
y completed a PhD at Ewha Womans University in the Republic of Korea. Rese
arch interests are lattice-based cryptography. In particular\, she is inte
rested in zero-knowledge proofs and their applications.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Anil Kumar Pradhan (Vaultree)
DTSTART:20251014T140000Z
DTEND:20251014T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/43
DESCRIPTION:Title: Beyond Theory: Industry Challenges in Adopting Homomorphic Encr
yption\nby Anil Kumar Pradhan (Vaultree) as part of Florida Atlantic U
niversity Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nFully Homom
orphic Encryption (FHE) promises quantum-resilient\, privacy-preserving co
mputation for sensitive data across industries. However\, despite academic
breakthroughs\, the leap from laboratory models to enterprise-scale adopt
ion remains daunting. Industry faces formidable obstacles\, including comp
utational resource demands\, implementation complexity\, slow processing s
peeds\, and high costs\, aggravated by a shortage of FHE talent and lack o
f standardized practices. Integrating FHE into legacy and cloud systems re
quires extensive technical overhaul\, often with questionable ROI. The dis
connect between academic solutions and practical business needs\, especial
ly regarding scalability\, cost\, and integration continues to deter wides
pread implementation. Emerging technologies and optimization strategies\,
such as hardware acceleration and real-world application benchmarking\, ma
y help bridge the gap\, but genuine adoption will require collaborative ef
forts and a shift in focus from theoretical promise to operational feasibi
lity.\n\nAnil Kumar Pradhan is a cryptographer specializing in practical p
rivacy-enhancing technologies and their deployment in real-world systems.
At Vaultree\, he works at the intersection of advanced cryptography and in
dustry adoption\, focusing on fully homomorphic encryption (FHE)\, encrypt
ed machine learning\, and secure computation at scale. With a background s
panning both academic research and enterprise engineering\, he bridges the
gap between theoretical innovation and operational feasibility. Anil has
contributed to projects that bring cutting-edge cryptographic methods into
production environments\, with particular attention to performance optimi
zation\, compliance\, and developer experience. He is passionate about mak
ing strong cryptography usable\, scalable\, and impactful across industrie
s that handle sensitive data.\n\nAnil Kumar Pradhan is the Founding Crypto
grapher and Cryptography Research Lead at Vaultree Ireland\, and has over
a decade of experience in applied cryptography. He holds an M.Sc. in Mathe
matics from the Indian Institute of Technology\, Delhi\, and a B.Sc. (Hons
) in Mathematics and Computing from the Institute of Mathematics and Appli
cations\, Bhubaneswar.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Arindam Mukherjee (A.M. College\, Jhalda)
DTSTART:20251125T150000Z
DTEND:20251125T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/44
DESCRIPTION:Title: The Representation Technique for Small Max-Norm LWE\nby Ari
ndam Mukherjee (A.M. College\, Jhalda) as part of Florida Atlantic Univers
ity Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nThe Representatio
n Technique\, originally introduced by Howgrave-Graham and Joux in the con
text of the Subset Sum problem\, has since become a powerful tool in algor
ithmic cryptanalysis. It was later adapted for Information Set Decoding (I
SD). Currently\, the state-of-the-art algorithms to counter subset sum and
syndrome decoding problems make use of the representation technique in so
me form. Recently\, May (Crypto 2021) proposed a representation-based atta
ck against small max-norm LWE. This work was later improved in Asiacrypt 2
023 and JoC 2024 (https://eprint.iacr.org/2023/243).\nIn this talk\, we wi
ll give an overview of the representation technique and its impact on the
small max-norm LWE problem.\n\nArindam Mukherjee works in public-key crypt
analysis\, with a focus on post-quantum hardness assumptions. He received
his MSc and PhD in Mathematics from IIT Madras\, Chennai\, India. He is cu
rrently an Assistant Professor in Mathematics at A.M. College\, Jhalda\, I
ndia.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Anil Kumar Pradhan
DTSTART:20250930T140000Z
DTEND:20250930T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/45
DESCRIPTION:Title: Talk postponed to October 14\nby Anil Kumar Pradhan as part
of Florida Atlantic University Crypto Café\n\nLecture held in SE 215.\nA
bstract: TBA\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Bardia Taghavi (FAU)
DTSTART:20260203T150000Z
DTEND:20260203T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/46
DESCRIPTION:Title: Two Birds\, One Stone: A Unified High-Performance NTT Architect
ure for ML-KEM and ML-DSA\nby Bardia Taghavi (FAU) as part of Florida
Atlantic University Crypto Café\n\nLecture held in SE 215.\n\nAbstract\nW
ith the recent NIST standardization of ML-KEM (Kyber) and ML-DSA (Dilithiu
m)\, the focus of Post-Quantum Cryptography (PQC) research has shifted fro
m algorithm selection to efficient hardware implementation. While both sch
emes rely on the hardness of the module-lattice hardness assumptions and u
tilize the Number Theoretic Transform (NTT) for fast polynomial multiplica
tion\, they operate over distinct algebraic rings ($R_q$ with $q=3329$ for
Kyber vs. $q=8\,380\,417$ for Dilithium). This discrepancy typically forc
es hardware designers to implement separate\, redundant accelerators for e
ach scheme\, leading to suboptimal area efficiency.\nIn this talk\, I will
present a novel\, high-performance unified NTT architecture capable of ac
celerating both ML-KEM and ML-DSA within a single\, reconfigurable hardwar
e block. We will examine the mathematical structures that allow for a "dua
l-mode" Butterfly Unit (BFU) design\, utilizing configurable modular reduc
tion techniques (such as Barrett reduction or Montgomery multiplication) t
hat adapt to either modulus at runtime.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Luke Carey (FAU)
DTSTART:20260217T150000Z
DTEND:20260217T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/47
DESCRIPTION:Title: An Overview of DualMS: A Post-Quantum Multi-Signature\nby L
uke Carey (FAU) as part of Florida Atlantic University Crypto Café\n\nLec
ture held in SE 215.\n\nAbstract\nA multi-signature is a cryptographic sch
eme which allows for multiple independent parties to sign a singular messa
ge together. The scheme DualMS by Yanbo Chen (2023) is an example of a pos
t-quantum lattice-based two-round multi-signature scheme\, which utilizes
many fascinating cryptographic techniques\, including Module Learning with
Errors (MLWE)\, rejection sampling\, and the discrete Gaussian. At this t
alk\, we will give an overview of DualMS\, give a very short outline of th
e proof of security\, and briefly discuss possible future directions we ca
n take DualMS.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Merve Karabulut (FAU)
DTSTART:20260303T150000Z
DTEND:20260303T160000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/48
DESCRIPTION:Title: Area–Efficient First-Order Masked Modular Reduction for ML-DS
A in Caliptra Root-of-Trust\nby Merve Karabulut (FAU) as part of Flori
da Atlantic University Crypto Café\n\nLecture held in SE 271.\n\nAbstract
\nMasking is an effective countermeasure against side-channel attacks\, ye
t it often introduces significant hardware overhead. In the Caliptra Root-
of-Trust\, the masked ML-DSA implementation incurs approximately 6× area
overhead due to modular reduction costs. In this talk\, I will present a n
ovel first-order masking architecture that significantly optimizes the mod
ular reduction stage of ML-DSA. Compared to Caliptra’s baseline design\,
our implementation achieves a 12.1× speedup\, reduces LUT usage by 86.7%
and flip-flops by 94.5%\, and improves area–delay efficiency by 91×. E
xtensive TVLA evaluation with over 1\,000\,000 traces shows no detectable
first-order leakage\, meeting Caliptra’s security requirements while sub
stantially improving implementation efficiency.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Maryam Taghi Zadeh (FAU)
DTSTART:20260317T140000Z
DTEND:20260317T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/49
DESCRIPTION:Title: Hardware-Software Co-Design of XMSS Post-Quantum Digital Signat
ure on FPGA\nby Maryam Taghi Zadeh (FAU) as part of Florida Atlantic U
niversity Crypto Café\n\nLecture held in SE 271.\n\nAbstract\nWith the gr
owing demand for quantum-resistant cryptographic solutions\, hash-based si
gnature schemes such as XMSS (eXtended Merkle Signature Scheme) have emerg
ed as strong candidates for post-quantum security. In this work\, we prese
nt a hardware-software co-design implementation of XMSS on the PYNQ-Z2 FPG
A platform\, where the computationally intensive SHAKE-256 hash core is of
floaded to the programmable logic fabric while the higher-level signature
control flow is managed by the ARM processor. The hardware accelerator is
integrated with the software layer through an AXI interface\, enabling eff
icient data transfer and synchronization. We explore multiple architectura
l optimizations including multi-round-per-cycle configurations\, achieving
notable improvements in clock frequency alongside reductions in overall s
igning latency and improved resource utilization. The results demonstrate
that FPGA-based co-design is a practical and efficient approach for deploy
ing post-quantum cryptography in embedded and IoT environments.\n
LOCATION:
END:VEVENT
BEGIN:VEVENT
SUMMARY:Christophe Petit (ULB\, Belgium)
DTSTART:20260414T140000Z
DTEND:20260414T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/50
DESCRIPTION:by Christophe Petit (ULB\, Belgium) as part of Florida Atlanti
c University Crypto Café\n\nLecture held in SE 271.\nAbstract: TBA\n
LOCATION:/talk/CryptoCafe/50/
END:VEVENT
BEGIN:VEVENT
SUMMARY:Calvin Abou Haidar (NTT\, Japan)
DTSTART:20260331T140000Z
DTEND:20260331T150000Z
DTSTAMP:20260411T230426Z
UID:CryptoCafe/51
DESCRIPTION:Title: Rowhammer: how to break FALCON with one bitflip\nby Calvin
Abou Haidar (NTT\, Japan) as part of Florida Atlantic University Crypto Ca
fé\n\nLecture held in SE 271.\n\nAbstract\nThe Rowhammer attack is a faul
t-injection technique leveraging the density of RAM modules to trigger per
sistent hardware bit flips that can be used for probing or modifying prote
cted data. In this paper\, we show that Falcon\, the hash-and-sign signatu
re scheme over NTRU lattices selected by NIST for standardization\, is vul
nerable to an attack using Rowhammer. Falcon's Gaussian sampler is the cor
e component of its security\, as it allows to provably decorrelate the sho
rt basis used for signing and the generated signatures. Other schemes\, la
cking this guarantee (such as NTRUSign\, GGH or more recently Peregrine) w
ere proven insecure. However\, performing efficient and secure lattice Gau
ssian sampling has proved to be a difficult task\, fraught with numerous p
otential vulnerabilities to be exploited. To avoid timing attacks\, a comm
on technique is to use distribution tables that are traversed to output a
sample. The official Falcon implementation uses this technique\, employing
a hardcoded reverse cumulative distribution table (RCDT). Using Rowhammer
\, we target Falcon's RCDT to trigger a very small number of targeted bit
flips\, and prove that the resulting distribution is sufficiently skewed t
o perform a key recovery attack. Namely\, we show that a single targeted b
it flip suffices to fully recover the signing key\, given a few hundred mi
llion signatures\, with more bit flips enabling key recovery with fewer si
gnatures. Interestingly\, the Nguyen–Regev parallelepiped learning attac
k that broke NTRUSign\, GGH and Peregrine does not readily adapt to this s
etting unless the number of bit flips is very large. However\, we show tha
t combining it with principal component analysis (PCA) yields a practical
attack. This vulnerability can also be triggered with other types of persi
stent fault attacks on memory like optical faults. We suggest cheap counte
rmeasures that largely mitigate it\, including rejecting signatures that a
re unusually short.\n\nAbout the speaker: Dr. Abou Haidar is a post-doc at
NTT Social Informatics Laboratories in Tokyo. His research topic is latti
ce based constructions of basic cryptographic primitives\; he's been recen
tly investigating side-channel attacks on post-quantum schemes.\n
LOCATION:
END:VEVENT
END:VCALENDAR