• Date: Thursday December 2nd, 2021, affiliated to the NISK 2021 conference.
• Registration fee: The event is free to attend. We provide lunch for all attendees. Dinner is covered individually.
• Registration deadline: Thursday November 11th (we might accept late registration if available seats).
• Registration: Send an email to tjerand.silde@ntnu.no with name and affiliation.
• Presentations: Ph.D. students are expected to give a short talk about their work during the workshop.
• Organisers: NTNU Applied Cryptology Lab and Norwegian Defence Research Establishment.
• Location: Lecture hall EL2, Elektrobygget, NTNU Gløshaugen, Trondheim.

Organisation committee: Lise Millerjord (NTNU), Tjerand Silde (NTNU) and Martin Strand (FFI). Contact: Tjerand Silde.

• 08:45: Registration
• 09:15: Opening
• 09:30: Invited talk
  • Carsten Baum (Aarhus University): " Modern Cryptography through the Lense of Secure Computation".
• 10:15: Coffee and refreshments
• 10:30: Industry talks
  • Håkon Jacobsen (Thales): "Implementing stateful hash-based signatures"
  • Martin Strand (FFI): " Anonymous tokens and private contact tracing"
• 11:30: Orientation from research institutions
• 12:00: Lunch
• 13:00: Presentations by Ph.D. students part 1
  • Hans Heum (Simula UiB): "Crowd Security"
  • Bor de Kock / Lise Millerjord (NTNU): "Symmetric Key Exchange with Forward Security and Robust Synchronization"
  • Lea Sibylle Nürnberger (NTNU): "Fully Homomorphic Encryption"
• 14:00: Coffee and refreshments
• 14:30: Presentations by Ph.D. students part 2
  • Pia Bauspiess (NTNU): "Efficient and long-term protection of biometric face identification systems"
  • Shuang Wu (NTNU): "PriBank: Confidential Blockchain Scaling Using Short Commit-and-Prove NIZK Argument"
  • Oskar Goldhahn (NTNU): "Machine Verification in Post Quantum Cryptography"
  • Magnus Ringerud (NTNU): "Subversion resilient authenticated key exchange"
  • Elsie Mestl (NTNU / Kongsberg): "Key Exchange over Unreliable Networks"
• 16:00: Wrap up
• 18:00: Dinner at Una Pizzeria, Solsiden

Speaker: Carsten Baum, Aarhus University

Title: "Modern Cryptography through the Lense of Secure Computation"

Abstract: Modern Cryptography has developed a rich basket of tools which go far beyond e-mail encryption or Blockchains. In fact, certain subfields of it are maturing at a rapid pace and can soon deliver performant techniques for computing on large amounts of secret data. At the center of it is a paradigm called "Secure Computation", which drastically differs from the classic view of cryptography as mere encryption.

In this talk, I will explain the ideas behind secure computation and introduce some of its more prominent tools such as Secure Multiparty Computation (MPC) and Zero-Knowledge proofs. We will then look into multiple areas which benefit from this view of cryptography:

1. We will discuss how MPC can be leveraged to perform machine learning without central data aggregation.
2. We will explore how efficient Zero-Knowledge proofs using MPC can give us signature schemes that are secure against quantum computers.
3. We will discuss an ongoing project where Zero-Knowledge proofs are used to show weaknesses in computer programs without revealing the exploit code.

Speaker: Håkon Jacobsen, Thales

Title: "Implementing stateful hash-based signatures"

Abstract: Hash-based signature schemes are considered to be some of the more conservative choices for post-quantum signatures. Unfortunately, many hash-based signature schemes are stateful, and thus come with a sharp edge: if the state is not properly updated after each signing operation, then all security is lost. In this talk I will describe the difficulties of using stateful signature schemes in practice, and some techniques for solving it.

Speaker: Martin Strand, FFI

Title: "Anonymous tokens and private contact tracing"

Abstract: Anonymous tokens have recent applications in private Internet browsing and anonymous statistics collection. We develop new schemes in order to include public metadata such as expiration dates for tokens. This inclusion enables planned mass revocation of tokens without distributing new keys. We show how anonymous tokens can improve the privacy in dp3t-like digital contact tracing applications, as used in the Norwegian contact tracing app Smittestopp. Joint work with Tjerand Silde. See paper at: eprint.iacr.org/2021/203.

• 18:00: Una Pizzeria, Solsiden
• We will make a reservation based on interest
• Costs are covered individually: NOK 245,- for buffet.

This workshop is supported by The Norwegian Research Council.