WCAP'06 - III Workshop on Cryptographic Algorithms and Protocols

WCAP 2006 - III Workshop on Cryptographic Algorithms and Protocols
(in conjunction with SBSeg 2006)
Santos - Brazil
Aug 30-Sep 1, 2006

Contents of this page

News (please check frequently - last update Aug 25)
Program
Courses: speakers and contents
Talks
Schedule
Registration
Chair and contact
Venue, accomodations, how to arrive
Crypto and beer

News (back to top)

(Aug 28) Details of Prof. J López's course posted.
(July 28) Tentative schedule for keynote talks (SBSeg program) posted. Check each talk.
(July 26) Schedule of talks announced. Check here.
(July 17) New talk announced. Check here.
(July 17) Course information posted. Check here.
(Feb. 6) Please check soon for news on invited speakers.

Program (back to top)

The main purpose of WCAP is to bring together researchers and students in cryptography in Brasil and neighboring countries, in order to foster the development of cooperative research projects. The usual format of the workshop includes short courses presented by well known researchers in different areas of cryptography.

So far, this year, we have in the line-up:

five short courses, given by Profs. Dan Bernstein, Çetin Koç, Tanja Lange, Julio López and Bart Preneel.
an invited talk by Prof. David Naccache, also given as a keynote to SBSeg 2006.

Click here for WCAP 2005.

Courses: contents and speakers (back to top)

The international speakers invited to WCAP 2006 will also give keynote talks at SBSeg 2006. We include here the abstracts for those talks as well. Please check the SBSeg 2006 schedule for day and time.

Speaker: Prof. Dan J. Bernstein (U. of Illinois, Chicago)

[DB] Short course at WCAP

Title: High-speed cryptographic software

Abstract: To be posted

[DB-K] Keynote at SBSeg (to be presented Mon, Aug 28, 2:30pm)

Title: The DNS security mess

Abstract: To be posted

Short CV: Please check Prof. Bernstein's page for his research interests, publications and links.

Speaker: Prof. Çetin K. Koç (Istanbul Commerce U. and Oregon State U.)

[CK] Short course at WCAP

Title: A Critical Survey of Multiplication Algorithms in GF(2^m)

Abstract:
In this seminar, we describe, explain, and give analysis of multiplication algorithms for the finite field GF(2^m). These algorithms have been introduced during the last 20 years. Depending on their structure and time/space requirements, they may be suitable for applications ranging from error-correcting codes (short operands) to cryptography (long operands). Particulary, we will talk about the standard modular multiplication, the Montgomery multiplication, and the matrix-vector multiplication techniques.

[CK-K] Keynote at SBSeg (to be presented Tue, Aug 29, 2:30pm)

Title: Cryptographic Engineering

Abstract:
Cryptographic engineering deals with hardware and software realizations of cryptographic functions, such as deterministic and true random number generators, secret-key cryptosystems (DES, AES, RC4, etc.), message-digest and authentication functions (MD5, SHA-X, HMAC, etc.), and public-key cryptosystems (RSA, Diffie-Hellman, Digital Signature Standard, and Elliptic Curve Cryptography). Of particular interest to the research community are implementations on embedded systems, since there are some significant challenges in creating efficient cryptographic implementations on embedded processors, due to low computing power, low dynamic memory for data, and limitations on program code size and stack memory usage. We will give an overview of the subject and summarize our research and development projects in cryptographic engineering, for example, efficient implementations of elliptic curve cryptography on embedded software platforms, creation of scalable and unified hardware architectures for public-key cryptosystems, and the design of true random number generators.

Short CV: Çetin Kaya Koç is currently the director of Information Security Research Center at Istanbul Commerce University. He is on leave from the School of Electrical Engineering and Computer Science at Oregon State University. Koç received B.S. (1980, summa cum laude) and M.S. (1982) degrees Electrical Engineering from Istanbul Technical University, and M.S. (1985) and Ph.D. (1988) degrees in Electrical and Computer Engineering from UC Santa Barbara. He joined the Department of Electrical and Computer Engineering at the University of Houston in 1988 as an Assistant Professor, and then moved to Oregon State University in 1992, where he has been Assistant Professor (1992-1995), Associate Professor (1995-1998), Professor (since 1998), and Honors College Faculty (since Fall 2003). Prof. Koç is the founder and director of the Information Security Laboratory at Oregon State University. He received the OSU College of Engineering Research Award for Outstanding and Sustained Research Leadership in September 2001. Prof. Koç's research interests are in cryptographic engineering, algorithms and architectures for cryptography, computer arithmetic and finite fields, parallel algebraic and numerical computation, and network security. He has co-founded the Workshop on Cryptographic Hardware and Embedded Systems (CHES) in 1999 and has been the program chair and proceedings editor from 1999 to 2003. He is currently serving in the steering committee of CHES. The Proceedings of CHES Workshops are published by Springer Verlag in the Lecture Notes in Computer Science (LNCS) series. Prof. Koç was the Guest Editor of the special issue in April 2003 of IEEE Transactions on Computers on cryptographic hardware and embedded software development. He is also in the editorial boards of IEEE Transactions on Computers, IEEE Transactions on Mobile Computing, and Internation Journal of Network Security. Prof. Koç has been working as a consulting engineer with research and development interests in cryptographic design and high-speed computing for several organizations and companies including Intel Corporation, RSA Security, and Samsung Electronics. Prof. Koç is a senior member of IEEE and IEEE Computer Society.

Speaker: Prof. Tanja Lange (Tech. U. of Denmark)

[TL] Short course at WCAP

Title: Hyperelliptic Curve Cryptography

Abstract:
Discrete Logarithm (DL) systems are one of the two main cryptographic primitives in public key cryptography. Their security is based on the hardness of computing the scalar a given the basepoint P and Q=aP, where P is an element of a carefully chosen group. The most common groups are the multiplicative group of a finite field and the group of points on an elliptic curve over a finite field. In 1989 Neal Koblitz suggested to use the Jacobian of hyperelliptic curves as a further group worth studying for DL systems; elliptic curves can be seen as a special case of this proposal as curves of genus one. We show how one can compute in this group in general and present results on the security: it turns out that for curves of larger genus there are subexponential algorithms to solve the Discrete Logarithm Problem (DLP) so that the group order must be chosen larger to achieve the same level of security as elliptic curves. For curves of genus two one can use the same group size as for elliptic curves and the arithmetic has similar speed and can be faster in some cases. We give details on arithmetic on elliptic curves and curves of genus two for different ground fields and explain some special cases. If time permits we also consider pairings on elliptic and hyperelliptic curves - a mathematical concept which found applications in identity based encryption and short signatures, to mention just a few.

[TL-K] Keynote at SBSeg (to be presented Mon, Aug 28, 3:50pm)

Title: e-BATS - Public key benchmarking

Abstract:
To be posted

Short CV: Please check Prof. Lange's page for her research interests, publications and links.

Speaker: Prof. Julio López (State U. of Campinas)

[JL] Short course at WCAP

Title: Software Implementation of Binary Field Arithmetic

Abstract:
In this course, we will give an overview on fast algorithms for software implementation of arithmetic operations in GF(2^m) in the context of elliptic curve cryptography. In particular, we will analyze fast methods for multiplication using normal and polynomial bases. We conclude by presenting running times of our software implementations in several computational platforms. Specific topics include: Introduction to binary fields, normal and polynomial bases, algorithms for field multiplication, algorithms for inversion, field operations for the halving point method, running times, implementations issues.

Short CV: Julio López is currently an assistant professor at the Institute of Computing (IC) of the University of Campinas, Brazil. He received B.S degree in Mathematics (1983), and M.Sc (1988) degree in Mathematics both from the University of Valle, Colombia, and MA (1991) degree in Applied Mathematics from The University of Texas at Austin, and D.Sc (2000) degree in Computer Science form the University of Campinas, Brazil. His research interests are in software implementation of cryptographic algorithms, efficient algorithms, finite field arithmetic and cryptographicapplications.

Speaker: Prof. Bart Preneel (Kath. U. Leuven)

[BP1] Short course at WCAP

Title: Hash functions: recent developments

Abstract:
In the past two years serious weaknesses have been pointed out in widely used cryptographic hash functions. An efficient algorithm has been developed that produces collisions for MD5 and it has been shown that finding collisions for SHA-1 is about 100 million times easier than believed earlier. In this talk we review the implications of these recent attacks on current and future applications (such as digital signatures, TLS, and HMAC), and we discuss which alternatives are available in existing and emerging standards. A second set of results, which has received less publicity outside the cryptographic community, has pointed out structural weaknesses in the common approach to design cryptographic hash functions. It turns out that the current design principles for iterated hash functions result in a total security breakdown once collisions can be found for the building block of the hash function. An important consequence of these weaknesses is that -- in contrast to popular belief -- the concatenation of two iterated hash functions does not result in an increase in security. We summarize these new results and review their impact on current and future hash function designs.

[BP2] Short course at WCAP

Title: MAC Algorithms: state of the art and recent developments

Abstract:
We present a survey of attacks on Message Authentication Codes (MACs). First we defines the required security properties. Next we describe generic forgery and key recovery attacks on MACs. Subsequently an overview is presented of the most important MAC constructions and on attacks on these algorithms. The MACs described include CBC-MAC and its variants (including CMAC), the MAC algorithms derived from cryptographic hash functions, and the ISO banking standard Message Authenticator Algorithm, also known as MAA. We conclude by presenting an overview of MAC algorithms derived from authentication codes or universal hash functions such as UMAC and Poly1305-AES.

[BP-K] Keynote at SBSeg (to be presented Tue, Aug 29, 1:30pm)

Title: Electronic Identity Cards

Abstract:
In past years there has been a growing interest in the roll-out of national electronic identity cards. Several countries have already issued a substantial number of cards and most EU countries have plans to start doing so in the next years. First we will describe the lessons learned from the design and deployment of the Belgian electronic identity card. After a pilot phase in 2001, today about 2.5 million cards have been issued to citizens and a large number of applications are being deployed. Next we will present the broader European and international context. Here we will compare the different approaches and try to assess their strengths and weaknesses; special attention will be paid to issues related to privacy. As a final point, we will discuss how one could achieve a workable form of interoperability at an international level.

Short CV: Bart Preneel received the Electrical Engineering degree and the Doctorate in Applied Sciences in 1987 and 1993 respectively, both from the Katholieke Universiteit Leuven (Belgium). He is a professor at the Electrical Engineering Department of the Katholieke Universiteit Leuven and visiting professor at the T.U.Graz in Austria. He is heading the research group COSIC at the K.U.Leuven, which currently has about 40 members. He has held visiting professor positions at the Ruhr-Univ. Bochum (Germany), at the Univ. of Bergen (Norway) and the Univ. of Ghent (Belgium). He has also been a research fellow at the EECS Department of the University of California at Berkeley. Since 2004 he is scientific advisor at Philips Research in Eindhoven. His main research interests are cryptology and information security. He has authored and co-authored more than 200 articles in international journals and conference proceedings and is editor of eight books. He is Vice President of the International Association of Cryptologic Research (http://www.iacr.org), Chairman of the Leuven Security Excellence Consortium (http://www.l-sec.be) and he has been project manager of the European IST projects NESSIE and STORK. Currently he is project manager of ECRYPT (http://www.ecrypt.eu.org), the EU-funded European Network of Excellence on Cryptology and Watermarking. In 2003, he has received the European Information Security Award in the area of academic research, and he received an honorary Certified Information Security Manager (CISM) designation by the Information Systems Audit and Control Association (ISACA). He is a member of the Editorial Board of the Journal of Cryptology, the ACM Transactions on Information Security and the IEEE Transactions on Forensics and Security. He has extensive expertise in standardization and more than 15 years of experience in consulting for the IT and financial industry.

Talks (back to top)

Speaker: Prof. David Naccache (École Normale Supérieure, Département d'Informatique)

[DN-K] Keynote at SBSeg (to be presented Mon, Aug 28, 1:30pm)

Title: Alien vs. Quine, the Vanishing Circuit and Other Tales from the Industry’s Crypt (presented at Eurocrypt 2006)

Abstract:
This talk illustrates the everyday challenges met by embedded security practitioners by five real examples. All the examples were actually encountered while designing, developing or evaluating commercial products.

This note, which is not a refereed research paper, presents the details of one of these five examples. It is intended to help the audience follow that part of our presentation.

Short CV: To be posted

Schedule (WCAP only) (back to top)

Keynotes DB-K, CK-K, TL-K, DN-K and BP-K will be given as part of the SBSeg program. Times above are still tentative. Please check the SBSeg program frequently for changes.
All WCAP short-courses given at Marte Room in Mendes Convention Center.

Wed 30 Thu 31 Fri 1
8:30 - 10:30 BP1 CK CK
10:30 - 10:50 Coffee-break Coffee-break Coffee-break
10:50 - 12:00 Opening JL JL
12:00 - 1:30 Lunch Lunch Lunch
1:30 - 3:30 DB DB BP2
3:30 - 3:50 Coffee-break Coffee-break Coffee-break
3:50 - 5:50 TL TL Closing
Crypto and beer

Registration (back to top)

Please refer to the SBSeg registration page. Just remember that the WCAP fee covers only WCAP activities and thus does not cover any SBSeg'06 mini-courses.

Chair and contact (back to top)

Prof. Ricardo Dahab

Venue, accomodations, how to arrive (back to top)

Please refer to the Mendes Convention Center.

Crypto and beer
To be announced.

(page maintained by R. Dahab)

	Wed 30	Thu 31	Fri 1
8:30 - 10:30	BP1	CK	CK
10:30 - 10:50	Coffee-break	Coffee-break	Coffee-break
10:50 - 12:00	Opening	JL	JL
12:00 - 1:30	Lunch	Lunch	Lunch
1:30 - 3:30	DB	DB	BP2
3:30 - 3:50	Coffee-break	Coffee-break	Coffee-break
3:50 - 5:50	TL	TL	Closing
		Crypto and beer