Advanced School of Cryptography 2015
ASCrypto 2015 | Latincrypt 2015, Guadalajara, Mexico. PDF
ASCrypto 2015, the Advanced School on Cryptology and Information Security in Latin America,
will take place on August 22nd and 23rd, 2015, in cooperation with IACR, the International
Association for Cryptologic Research. The program of ASCrypto 2015 will consist of four short
four-hour courses that will be given by the following confirmed lecturers,
- Diego Aranha: (University of Campinas, Brazil)
Topics: "Software Vulnerabilities in the Brazilian voting machines", and "Software implementation of bilinear pairings" Show/Hide Abstract
Abstract e-Voting machines: This talks presents a security analysis of the Brazilian voting machine software based on our participation in the official tests organized by the national electoral authority. During the event, vulnerabilities in the software were detected and explored, with significant impact on ballot secrecy and integrity. We present scenarios where these vulnerabilities allow electoral fraud and suggestions to restore the security of the affected mechanisms. Additionally, flaws in the software development process are discussed in detail and we study how the free
software methodology can potentially improve the security and transparency of the system.
- Sandra Díaz Santiago: (ESCOM-IPN, Mexico)
Topic: "A brief introduction to provable security" Show/Hide Abstract
Abstract: A crucial problem involved in the design of an encryption scheme is how to determine its security. The risks of using insecure cryptographic protocols can have serious consequences for people and organizations, such as unauthorized access, damage to sensitive information, identity theft and even lost of money. However to prove the security of a cryptographic protocol is not an easy task. When we talk about security we need to answer several questions such as which cryptographic service our encryption scheme pretend to offer? what does it mean to break the scheme? how it was designed? The answers to these questions must be considered to give an appropriate security notion. Once that we have a security notion, we need to prove that our encryption scheme satisfies this notion. Many attempts have been done trying to figure it out a mechanism to prove the security of an encryption scheme. An option to make a security proof is the paradigm known as provable security, which was proposed by Sha Goldwaser and Silvio Micali in 1984. In this paradigm, we construct an encryption scheme P, assuming the existence of secure atomic primitives. Then the security of P is proved based on the security assumptions on the atomic primitive. The security proof involves a reduction which shows that if the scheme is insecure, then the cryptographic primitive used to construct the protocolis also insecure. In this course we will study the principles of provable security and how to make proofs by reduction, mainly focus on symmetric cryptography.
- Sorina Ionica: (University of Bordeaux, France)
Topic: "Introduction to elliptic curve cryptography" Show/Hide Abstract
Abstract: Groups associated to elliptic curves are used in cryptography for a great number of applications. Two remarkable examples are key exchange and signing. First, we will briefly discuss these protocols and then present some basic theoretical properties of elliptic curves: Hasse's theorem, the divisor class group, and the structure of torsion subgroups. Secondly, we explain that the security of elliptic curve-based schemes relies on the hardness of the discrete logarithm problem (DLP). We discuss generic attacks on DLP, i.e. attacks that apply to all finite abelian groups, such as the Silver-Pohlig-Hellman reduction and the Pollard-$\rho$ method. Finally, we discuss index-calculus attacks adapted to particular classes of elliptic curves and the MOV/Frey-Ruck attack, which reduces the DLP on the curve to a DLP on the base finite field.
- Mehdi Tibouchi: (NTT, Japan)
Topic: "An introduction to cryptographic multilinear maps" Show/Hide Abstract
Abstract: The "cryptographic multilinear map" primitive was originally introduced by
Boneh and Silverberg in 2003 as a generalization of cryptographic
pairings, and has numerous exciting applications, including
attribute-based encryption for circuits, witness encryption and certain
forms of program obfuscation.
However, Boneh and Silverberg showed that geometric constructions similar
to those of pairings are unlikely to exist. A first candidate
construction based on very different principles was proposed by Garg,
Gentry and Halevi in 2013, and was followed by a few others. Those
constructions are rather inefficient, and their security is still in
doubt (in fact, attacks exist against several of them in some contexts),
but they are an important breakthrough from a theoretical perspective.
In this lecture, we will give a general introduction to multilinear maps
and highlight some of their most remarkable applications. We will then
discuss existing constructions, some of the vulnerabilities they were
found to suffer from, and possible countermeasures.
Important dates:
- Early registration deadline: Fri, July 31st.
- ASCrypto 2015 presentations: August 22-23, 2015
- Latincrypt 2015 presentations: August 24-26, 2015