Program

DECEMBER 9

16:00-18:00: Registration

19:00-21:00: Dinner buffet(Pacific Cafe, 1st Floor)

DECEMBER 10

9:00-10:00

Registration

10:00-10:10

Opening Remarks

Session 1: Symmetric Cryptanalysis

Session Chair: Yvo Desmedt

10:10-10:35

Cube Cryptanalysis of Hitag2 Stream Cipher 
Siwei Sun, Lei Hu, Yonghong Xie and Xiangyong Zeng

10:35-11:00

New Impossible Differential Cryptanalysis of Reduced-Round Camellia
Leibo Li, Jiazhe Chen and Keting Jia

11:00-11:25

The Initialization Stage Analysis of ZUC v1.5
Chunfang Zhou, Xiutao Feng and Dongdai Lin

11:25-12:25

Invited Talk (1): Sponge functions
Speaker: Joan Daemen (STMicroelectronics, Belgium)

12:25-14:00

Lunch(Pacific Cafe, 1st Floor)

Session 2: Symmetric Ciphers

Session Chair: Joan Daemen

14:00-14:25

Algebraic Cryptanalysis of the Round-reduced and Side Channel Analysis of the Full PRINTCipher-48
Stanislav Bulygin and Johannes Buchmann

14:25-14:50

EPCBC - A Block Cipher Suitable for Electronic Product Code Encryption
Huihui Yap, Khoongming Khoo, Axel Poschmann and Matt Henricksen

14:50-15:15

On Permutation Layer of Type 1, Source-Heavy, and Target-Heavy Generalized Feistel Structures
Shingo Yanagihara and Tetsu Iwata

15:15-16:15

Invited Talk (2): Breaking Fully-Homomorphic-Encryption Challenges
Speaker: Phong Q. Nguyen (INRIA, France and Tsinghua University, China)

16:15-16:35

Coffee Break (20 minutes)

Session 3: Public Key Cryptography

Session Chair: Josef Pieprzyk

16:35-17:00

Security Analysis of An Improved MFE Public Key Cryptosystem
Xuyun Nie, Zhaohu Xu, Li Lu and Yongjian Liao

17:00-17:25

A New Lattice-Based Public-Key Cryptosystem Mixed with a Knapsack
Yanbin Pan, Yingpu Deng, Yupeng Jiang and Ziran Tu

17:25-17:50

Achieving Short Ciphertexts or Short Secret-Keys for Adaptively Secure General Inner-Product Encryption
Tatsuaki Okamoto and Katsuyuki Takashima

18:30-20:30

Welcome Reception (Asia Garden, 1st Floor)

 

DECEMBER 11

8:00-9:00

Registration

Session 4: Protocol Attacks and Privacy Techniques

Session Chair: Gene Tsudik

9:00-9:25

Comments on the SM2 Key Exchange Protocol
Jing Xu and Dengguo Feng

9:25-9:50

Cryptanalysis of a Provably Secure Cross-Realm Client-to-Client Password Authenticated Key Agreement Protocol of CANS' 09
Wei-Chuen Yau, Raphael C.-W. Phan, Bok-Min Goi and Swee-Huay Heng

9:50-10:15

Passive Attack on RFID LMAP++ Authentication Protocol
Shaohui Wang and Wei-Wei Zhang

10:15-10:40

Multi-Show Anonymous Credentials with Encrypted Attributes in the Standard Model
Sébastien Canard, Roch Lescuyer and Jacques Traore

10:40-11:00

Coffee Break (20 mimutes)

Session 5: Privacy Techniques (1)

Session Chair: Dongdai Lin

11:00-11:25

Group Signature with Constant Revocation Costs for Signers and Verifiers
Chun-I Fan, Ruei-Hau Hsu and Mark Manulis

11:25-12:25

Invited Talk (3): Client Puzzles for Denial-of-service Resistant Authentication
Speaker: Colin Boyd (QUT, Australia)

12:25-13:30

Lunch(Pacific Cafe, 1st Floor)

13:00-13:45

CANS Steering Committee Meeting

Half-Day Tour

14:00-17:00

Half-Day Tour

18:30-21:00

Banquet (Ocean View Restaurant)

 

DECEMBER 12

Session 6: Privacy Techniques (2)

Session Chair: Xiaoyun Wang

9:00-9:25

Fast Computation on Encrypted Polynomials and Applications
Payman Mohassel

9:25-9:50

AniCAP: An Animated 3D CAPTCHA Scheme based on Motion Parallax
Yang-Wai Chow and Willy Susilo

9:50-10:15

Towards Attribute Revocation in Key-Policy Attribute Based Encryption
Pengpian Wang, Dengguo Feng and Liwu Zhang

10:15-10:35

Coffee Break (20 mimutes)

Session 7: Varia

Session Chair: Yuliang Zheng

10:35-11:00

A Note on (Im)possibilities of Obfuscating Programs of Zero-Knowledge Proofs of Knowledge
Ning Ding and Dawu Gu

11:00-12:00

Invited Talk (4): Expressive Encryption Systems from Lattices
Speaker: Xavier Boyen(Xerox PARC, USA)

12:00-12:15

Closing Remarks

12:15-13:35

Lunch(Pacific Cafe, 1st Floor)

 

Invited Talks

Title 1:  Sponge functions

Speaker: Prof. Joan Daemen (STMicroelectronics, Belgium) (joint work with Guido Bertoni, Michal Peeters and Gilles Van Assche)

Abstract: The sponge construction takes a fixed-length permutation into a function supporting inputs of any length and returning an output of arbitrary length: a sponge function. We originally introduced sponge functions to compactly express the security requirements for hash functions that support variable digest length. Taking a random fixed-length permutation results in a random sponge, an ideal primitive with finite state that comes as close as possible to a random oracle, as we formally proved in the indifferentiability framework. Security claims based on random sponges are more natural and intuitive than the classical claims based on the digest length.
Later we decided to use the sponge construction in actual designs, with a fully specified underlying permutation designed to resist cryptanalysis. Sponge functions as such can be used in many different modes of use: hashing, MAC computation, stream cipher, mask generating function (MGF), salted hashing and even tree hashing. Recently, we discovered a variant of the sponge construction called the duplex construction that extends the range of modes of use and whose security is equivalent to that of the sponge construction. Modes of use include efficient authenticated encryption and reseedable pseudo random sequence generators. As such, the sponge and duplex constructions support the full range of symmetric cryptographic operations, requiring only a fixed-length permutation. This fact make fixed-length permutations suitable to replace block ciphers as the swiss army knife of symmetric cryptography. Compared to block ciphers, permutations are easier to design and, when used in the sponge and duplex construction, are considerably more flexible. Our SHA-3 candidate Keccak was the first published sponge function family. In the meanwhile already three other sponge function families have been published in the lightweight crypto range: Quark, Photon and Spongent.
The talk will cover the use of the sponge construction in defining security properties and in design.

Title 2:  Breaking Fully-Homomorphic-Encryption Challenges

Speaker:  Prof. Phong Q. Nguyen (INRIA, France and Tsinghua University, China)

Abstract: Following Gentry's breakthrough work in Proc. STOC '09, there is currently great interest on fully-homomorphic encryption (FHE), which allows to compute arbitrary functions on encrypted data. Though the area has seen much progress recently, it is still unknown if fully-homomorphic encryption will ever become truly practical one day, or if it will remain a theoretical curiosity. In order to find out, several FHE numerical challenges have been proposed by Gentry and Halevi, and by Coron et al., which provide concrete parameters whose efficiency and security can be studied. We report on recent attempts at breaking FHE challenges, and we discuss the difficulties of assessing precisely the security level of FHE challenges, based on the state-of-the-art. It turns out that security estimates were either missing or too optimistic.

Title 3:  Client puzzles for denial-of-service resistant authentication

Speaker:  Prof. Colin Boyd (QUT, Australia)

Abstract: A puzzle scheme is a mechanism for delaying a party aiming to obtain some service. Among their applications, puzzles are helpful in protecting authentication protocols from denial-of-service attacks. This talk will provide an overview of puzzle properties and their applications, including formal models for their analysis. Different constructions will be surveyed and integration of puzzles into cryptographic protocols considered. Protection of real-world protocols such as TLS and web services will also be considered. This talk will present joint work with Juan Gonzalez Nieto, Lakshmi Kuppusamy, Jothi Rangasamy, Douglas Stebila.

Title 4:  Expressive Encryption Systems from Lattices

Speaker:  Dr. Xavier Boyen (Xerox PARC, USA)

Abstract: In this survey, we review a number of the many “expressive” encryption systems that have recently appeared from lattices, and explore the innovative techniques that underpin them.