|  | Invited Speakers ASCrypto 2013 is honored to announce the following invited speakers: 
        
          | Hash-based SignaturesJohannes Buchmann, Technische 
            Universität Darmstadt
 Digital signatures are of great importance for securing the Internet and, more generally, IT infrastructures. For example, they guarantee the authenticity of software updates and of SSL connections. In the late 1970s Ralph Merkle proposed a signature scheme which was at this time competing with the RSA scheme. This scheme had several disadvantages. This is why RSA is mostly used today. However, in the presence of quantum computers, the Merkle scheme is a very interesting alternative. In recent years there has been some research to make this scheme more practical. In this lecture I describe the results of this research. I will present the XMSS scheme proposed by Andreas Hülsing that overcomes most of the problems of the Merkle scheme. The lecture will start by describing the basic idea of the Merkle scheme. The lecture will then address the required optimizations: key generation, one time signature, path building, etc. the lecture will also discuss security proofs. It will be shown in the lecture that XMSS is the most interesting post quantum signature alternative both from the point of few of security and efficiency. Bio: Professor, Department of Computer Science and CASED, Technische 
            Universität Darmstadt, Germany. 
                        1982 PhD Mathematics              1985/86 Postdoc Ohio State University, supported by Fellowship of the Alexander von Humboldt Foundation               1988 - 1996 Professor of Computer Science Universität des Saarlandes, Germany 
1993 Leibniz Prize Deutsche Forschungsgemeinschaft 
1996 - present Professor of Computer Science and Mathematics Technische Universität Darmstadt 
2001 - 2007 Vice President Research Technische Universität Darmstadt 
2008 - 2011 Director Center of Advanced Security Research Darmstadt CASED. 
2011 - present Vice-Director CASED 
2011 Member of German Academy of Science Leopoldina | 
  |  
          |             Homomorphic EncryptionZvika Brakerski, Weizmann Institute of Science
 The problem of constructing fully homomorphic encryption (FHE) is one of the oldest and most fascinating in cryptography. An FHE scheme allows one to perform arbitrary computations f on encrypted data Enc(x), so as to obtain the encryption Enc( f(x) ), using only public information and without learning anything about the value of x. This enables outsourcing computations on private data to a third party, while maintaining the data's privacy (for example "oblivious web search") - a core task for secure cloud computing.  The problem has been presented back in 1978, but the first candidate was only introduced in 2009 in Gentry's breakthrough work. Since then, there have been rapid and exciting developments. In this course I will define fully homomorphic encryption, survey the literature, and present state of the art constructions. Bio: I am a Simons Postdoctoral Fellow at the Computer Science Department of Stanford University, hosted by Prof. Dan Boneh. Starting October, I will join the Weizmann Institute of Science as a faculty member at the Department of Computer Science and Applied Mathematics. My research interests are foundations of computer science. I currently work mostly in cryptography.
 I completed my Ph.D. at the Department of Computer Science and Applied Mathematics of the Weizmann Institute of Science in 2011, advised by Prof. Shafi Goldwasser. I received my M.Sc. from the Faculty of Engineering of Tel-Aviv University in 2002. My advisor was Prof. Boaz Patt-Shamir. Prior to that, in 2001, I received a joint B.Sc. from the Faculty of Engineering and the School of Computer Science of Tel-Aviv University.
 | 
  |  
          | Multivariate Quadratic (MQ) EncryptionJintai Ding, University of Cincinnati
 There are many very efficient multivariate signature systems  like Rainbow, but  multivariate encryption schemes like  IPHFE are far less efficient.   The common defect in many of the  broken encryption schemes comes from the fact that certain quadratic  forms associated with their central maps have low rank, which makes them  vulnerable to the MinRank attack. In this lecture, we will  present   a new simple and efficient multivariate pubic key encryption scheme based  on matrix multiplication, which does not have such a low rank property. The new  scheme is called Simple Matrix Scheme or ABC in short. This construction was  presented in PQC 2013. We will also present some of the new improvements on  this scheme and a careful security analysis.   Bio: Professor of Mathematical Sciences, University of Cincinnati. 
 
              1995 Ph.D. Yale University1990 M.A. University of Sciences and Technology of China, Hefei, China1988 B.S. Xian Jiaotong University, Xian, China | 
  |  
          | Rank Metric Code-Based cryptographyPhillipe Gaborit, Université de Limoges
 
              Introduction and definition
              
                
                rank metric codes q-polynomials
 
Decoding rank metric codes
 
                Gabidulin codesLRPC codes
 
Complexity of decoding random rank codes
 
                basic approaches by Chabaud/Stern and Ourivski/Johansson     recent attacks by Gaborit/Ruatta/Schrek
 
Encryption with rank metric codes
 
                 the GPT cryptosystem and its variationsOverbeck structural attack on GPT cryptosystemFaure and Loidreau cryptosystem
 LRPC cryptosystem
 
 Authentication with rank metric
 
                Chen scheme and attack
reparation of the Chen scheme
 
Signature with rank metric Bio:  | 
  |  
          |  Introduction to Provable SecurityAlejandro Hevia, University of Chile
 
 In this lecture, I will present an short introduction to provable            security (or reductionist security) in cryptography. This talk will            focus in practice-oriented provable security, its concepts, methods, and            goals. I will start by discussing what provable security is and is not,            the idea and importance of reductions, identifying assumptions,            capturing adversarial resources and leakage of information, and            obtaining exact security, as well as the pros and cons of the underling 
              security models, including the random oracle model. In order to            illustrate these concepts, I will motivate and discuss the security            models for signatures and encryption, their proofs (including games) and            guarantees, and the practical importance of the tightness in
              reductions.
 Bio: Alejandro Hevia received his Bachelor and Engineering degree in Computer Science from the University of Chile in 1995 and 1998 respectively, and his Ph.D. in Computer Science from University of California, San Diego (UCSD) in 2006. Since then, he is at the School of Engineering of the University of Chile where he is now Assistant Professor at the Department of Computer Science. His research interests include cryptography and computer security, in particular, cryptographic protocols for distributed systems (voting and anonymity), and malware analysis and prevention. He has collaborated with important research labs, including IBM T.J. Watson Research Center, NTT Docomo USA, and INRIA Sophia-Antipolis. He has also served on several program committees for conferences in both cryptography and applied security, and co-organized the Second International Conference on Cryptology and Information Security in Latin America (Latincrypt 2012), among others. Prof. Hevia is a recipient of, among others, the Marcos Orrego Puelma Award (1999), the president's MIDEPLAN Scholarship (1999), and the R.B. Wooley Jr. Fellowship from the Irwin & Joan Jacobs School of Engineering at UCSD (2003-3004). Prof. Hevia is director of the Chilean Computer Emergency Response Team (CLCERT) associated to the the Applied Cryptography and Security Laboratory (CASLAB) of the University of Chile. He is currently also the CLEI representative for theIFIP TC11 Group. 
 | 
  |  
          | Efficient Implementation of Post-Quantum CryptographyPeter Schwabe, Radboud University Nijmegen
 My lecture will consist of three parts. In the first part I will give  background on fast arithmetic using the SIMD computing capabilities offered by  vector instruction sets of modern CPUs. The other two parts will each consider  one example of high-speedpost-quantum cryptography in software that uses this  fast SIMD arithmetic. Specifically, I will consider the implementation of the lattice-based  signature scheme proposed by Lyubashevsky at Eurocrypt2012 and the implementation of code-based cryptography (McEliece/Niederreiter  encryption and CFS signatures).
 Bio: I am an assistant professor (Universitair Docent) for computer security in the Digital Security Group at Radboud University Nijmegen. Until November 2012 I was a postdoc in the Research Center for Information Technology Innovation and the Institute of Information Science of Academia Sinica. Before that, I was postdoc in the Department of Electrical Engineering of National Taiwan University within the Intel-NTU Connected Context Computing Center. Before that, I was a postdoc in the Institute of Information Science at Academia Sinica. Before that, I was a Ph.D. student in the Department of Mathematics and Computer Science at Eindhoven University of Technology. | 
  |  |