UK Crypto Day: 20 June 2024 at The University of Edinburgh
Schedule
- 9:00 - 9:45: Arrival
- 9:45 - 10:00: Opening remarks
- 10:00 - 10:45: Thomas Kerber (IOG), [Fr]agility in Zero-Knowledge Cryptography
- 10:45 - 11:15: Coffee Break
- 11:15 - 12:00: Mary Maller (Ethereum Foundation and PQShield), Threshold signatures from sigma protocols
- 12:00 - 13:30: Lunch and poster session
- 13:30 - 14:15: Chloe Martindale (University of Bristol), Why to love isogenies in 2024
- 14:15 - 14:30: Short break
- 14:30 - 15:15: Nicholas Spooner (University of Warwick), An efficient quantum parallel repetition theorem and applications
- 15:15 - 15:45: Coffee Break
- 15:45 - 16:30: Thomas Zacharias (University of Glasgow), Are continuous stop-and-go mixnets provably secure?
- 16:30 - 18:00: Reception and closing remarks
Registration
Registration is free but required. To register please click here. The registration closes one week before the event, or when we reach full capacity. We plan to have a poster session. If you want to present a poster, send an email to michele.ciampi at ed.ac.uk with the poster’s title and abstract.
Speakers/Talks
Thomas Kerber: [Fr]agility in Zero-Knowledge Cryptography
Cryptographic agility is all about being able to adopt new cryptographic algorithms and abandon old ones as they become insecure or as the field advances. Midnight has a challenging variant of this problem, in which two goals are in conflict:
- Adopting new algorithms should support the system’s existing state
- Keeping as much of the state private as possible, including information needed to reinterpret it for new algorithms This talk will give an introduction to Midnight, how it relies on cryptography, our current plans for cryptographic agility, and the limitations we can observe.
Bio. Thomas is a technical architect at Midnight, a data-protection focused blockchain focused on zero-knowledge proofs. He holds a PhD in cryptography from Edinburgh University, focusing on the blockchain-related applications of zero-knowledge, specifically for privacy.
Mary Maller: Threshold signatures from sigma protocols.
A threshold signature scheme allows t-out-of-N parties to sign a message, but not t - 1. In this talk we discuss two recent threshold schemes: Sparkle+ and TRaccoon. The first scheme is adaptively secure under the discrete logarithm assumption. The second scheme is secure under the Self-Target MSIS and hint-LWE lattice assumptions. We discuss the different techniques required between the two settings.
Chloe Martindale: Why to love isogenies in 2024
Isogeny-based cryptography has gone through something of a renaissance in the last two years. At the last UK crypto day, we heard all about SQISign, an isogeny-based signature scheme submitted to the NIST call for post-quantum signatures. This time, we will focus on a different aspect of isogeny-based cryptography: the fast-developing landscape of attacks and new primitives leveraging techniques related to “Kani’s lemma”, first introduced to the field in the attacks on SIKE in 2022. We will give a high-level overview of what these techniques are, the state-of-the-art on where the limits are believed to be in terms of attacks, and discuss the many new constructive applications that have been borne out of these techniques.
Bio. Dr Chloe Martindale is a Senior Lecturer at the University of Bristol doing research on post-quantum cryptography. Her main research interests are in constructions and cryptanalysis of isogeny-based schemes, and, more generally, cryptography with foundations in number theory. Dr Martindale also works on the dissemination of scientific knowledge through her work in reviewing future standards as part of the crypto panel of experts for the CFRG and through public engagement at schools and public science events. Before coming to Bristol in 2019, Dr Martindale was a postdoc at Eindhoven University of Technology in the group of Prof. dr. Tanja Lange, and she did her PhD at Leiden University and Bordeaux University under the supervision of Dr Marco Streng.
Nicholas Spooner: An efficient quantum parallel repetition theorem and applications
A fundamental question in cryptography is whether the security of a “weak” cryptographic primitive can be generically amplified. We investigate this question in the quantum setting. We prove a general security amplification result for any quantum cryptographic primitive with a three-message security game, including (canonical) quantum commitments and quantum money.
Bio. Nick Spooner is an Assistant Professor of Computer Science at the University of Warwick. For the academic year 2023-24 he is a visiting assistant professor at NYU. His work focuses on probabilistic proof systems, zero knowledge, and quantum and post-quantum cryptography. He received his PhD from UC Berkeley in 2020.
Thomas Zacharias: Are continuous stop-and-go mixnets provably secure?
Anonymous communication protocols encompass privacy-enhancing technologies in order to protect the privacy of the communication metadata. Mix networks (mixnets) are cryptographic routing protocols that offer anonymous communication by rerouting packets over several hops and adding delays on every hop of messages that allow the messages to mix with each other. All mixnets that attempt to provide provable anonymity guarantees do so by relying on some kind of round-based communication model. However, it is difficult to implement such round structure in practice when there are thousands of nodes and millions of clients in the system. Continuous stop-and-go mixnets (e.g., Loopix and Nym) provide a nice alternative that avoids such round-based communication by adding a random delay (typically, chosen from an exponential distribution) for each message on every hop independent of all other hops and all other messages. Although attractive as a system-design choice, it was not yet known if continuous mixnets can provide provable anonymity guarantees. Existing end-to-end analyses for such designs provide only experimental evaluations for anonymity and were lacking a comprehensive formal treatment. In this talk, we present the first formal analysis of continuous mixnets that closes this gap. We provide two indistinguishability based definitions (of sender anonymity), namely pairwise unlinkability and user unlinkability, tuned specifically for continuous stop-and-go mixnets. We derive the adversarial advantage as a function of the protocol parameters for the two definitions. We show that there is a fundamental lower bound on the adversarial advantage for pairwise unlinkability; however, strong user unlinkability (negligible adversarial advantage) can be achieved if the users message rate is proportional to message processing rate on the nodes.
Bio. Thomas Zacharias is a Lecturer in Cybersecurity at the University of Glasgow. Previously, he worked as a Senior Researcher at the University of Edinburgh. He holds a PhD in Cryptography from the Department of Informatics and Telecommunications from the University of Athens. His research focuses on problems of Computer Security and Privacy examined from a cryptographic perspective, which comprises formal modelling, design and analysis of provably secure constructions that build upon state-of-the-art cryptographic tools. His main research areas are: 1) electronic voting (e-voting), 2) privacy-preserving communications, 3) blockchain protocols, 4) multi-party computation, and 5) foundations of Cryptography. Besides its pure academic contribution, his work aims at designing and analysing usable cryptographic systems that can find real-world applications. Currently, he explores the problem of decentralisation as it manifests in several interesting classes of distributed protocols (e.g. e-voting systems, blockchain protocols and contact tracing schemes).
Venue
Informatics Forum (University of Edinburgh) Room G.07, 10 Crichton St, Newington, Edinburgh EH8 9AB.
Google Maps | Apple Maps | OpenStreetMap
Contacts
For any inquiry related to the event, please send an email to the organizer Michele Ciampi at michele.ciampi at ed.ac.uk.
The event is sponsored by the Laboratory for Foundation of Computer Science (LFCS) of the University of Edinburgh, Input-Output Global (IOG), and The Scottish Informatics & Computer Science Alliance (SICSA).