
Invited Speakers
ASCrypto 2013 is honored to announce the following invited speakers:
Hashbased Signatures
Johannes Buchmann, Technische
Universität Darmstadt
Digital signatures are of great importance for securing the Internet and, more generally, IT infrastructures. For example, they guarantee the authenticity of software updates and of SSL connections. In the late 1970s Ralph Merkle proposed a signature scheme which was at this time competing with the RSA scheme. This scheme had several disadvantages. This is why RSA is mostly used today. However, in the presence of quantum computers, the Merkle scheme is a very interesting alternative. In recent years there has been some research to make this scheme more practical. In this lecture I describe the results of this research. I will present the XMSS scheme proposed by Andreas Hülsing that overcomes most of the problems of the Merkle scheme. The lecture will start by describing the basic idea of the Merkle scheme. The lecture will then address the required optimizations: key generation, one time signature, path building, etc. the lecture will also discuss security proofs. It will be shown in the lecture that XMSS is the most interesting post quantum signature alternative both from the point of few of security and efficiency.
Bio: Professor, Department of Computer Science and CASED, Technische
Universität Darmstadt, Germany.
 1982 PhD Mathematics
 1985/86 Postdoc Ohio State University, supported by Fellowship of the Alexander von Humboldt Foundation
 1988  1996 Professor of Computer Science Universität des Saarlandes, Germany
 1993 Leibniz Prize Deutsche Forschungsgemeinschaft
 1996  present Professor of Computer Science and Mathematics Technische Universität Darmstadt
 2001  2007 Vice President Research Technische Universität Darmstadt
 2008  2011 Director Center of Advanced Security Research Darmstadt CASED.
 2011  present ViceDirector CASED
 2011 Member of German Academy of Science Leopoldina


Homomorphic Encryption
Zvika Brakerski, Weizmann Institute of Science
The problem of constructing fully homomorphic encryption (FHE) is one of the oldest and most fascinating in cryptography. An FHE scheme allows one to perform arbitrary computations f on encrypted data Enc(x), so as to obtain the encryption Enc( f(x) ), using only public information and without learning anything about the value of x. This enables outsourcing computations on private data to a third party, while maintaining the data's privacy (for example "oblivious web search")  a core task for secure cloud computing.
The problem has been presented back in 1978, but the first candidate was only introduced in 2009 in Gentry's breakthrough work. Since then, there have been rapid and exciting developments. In this course I will define fully homomorphic encryption, survey the literature, and present state of the art constructions.
Bio: I am a Simons Postdoctoral Fellow at the Computer Science Department of Stanford University, hosted by Prof. Dan Boneh. Starting October, I will join the Weizmann Institute of Science as a faculty member at the Department of Computer Science and Applied Mathematics.
My research interests are foundations of computer science. I currently work mostly in cryptography.
I completed my Ph.D. at the Department of Computer Science and Applied Mathematics of the Weizmann Institute of Science in 2011, advised by Prof. Shafi Goldwasser. I received my M.Sc. from the Faculty of Engineering of TelAviv University in 2002. My advisor was Prof. Boaz PattShamir. Prior to that, in 2001, I received a joint B.Sc. from the Faculty of Engineering and the School of Computer Science of TelAviv University. 

Multivariate Quadratic (MQ) Encryption
Jintai Ding, University of Cincinnati
There are many very efficient multivariate signature systems like Rainbow, but multivariate encryption schemes like IPHFE are far less efficient. The common defect in many of the broken encryption schemes comes from the fact that certain quadratic forms associated with their central maps have low rank, which makes them vulnerable to the MinRank attack. In this lecture, we will present a new simple and efficient multivariate pubic key encryption scheme based on matrix multiplication, which does not have such a low rank property. The new scheme is called Simple Matrix Scheme or ABC in short. This construction was presented in PQC 2013. We will also present some of the new improvements on this scheme and a careful security analysis.
Bio: Professor of Mathematical Sciences, University of Cincinnati.
 1995 Ph.D. Yale University
 1990 M.A. University of Sciences and Technology of China, Hefei, China
 1988 B.S. Xian Jiaotong University, Xian, China


Rank Metric CodeBased cryptography
Phillipe Gaborit, Université de Limoges
 Introduction and definition
 rank metric codes
 qpolynomials
 Decoding rank metric codes
 Gabidulin codes
 LRPC codes
 Complexity of decoding random rank codes
 basic approaches by Chabaud/Stern and Ourivski/Johansson
 recent attacks by Gaborit/Ruatta/Schrek
 Encryption with rank metric codes
 the GPT cryptosystem and its variations
 Overbeck structural attack on GPT cryptosystem
 Faure and Loidreau cryptosystem
 LRPC cryptosystem
 Authentication with rank metric
 Chen scheme and attack
 reparation of the Chen scheme
 Signature with rank metric
Bio: 

Introduction to Provable Security
Alejandro Hevia, University of Chile
In this lecture, I will present an short introduction to provable security (or reductionist security) in cryptography. This talk will focus in practiceoriented provable security, its concepts, methods, and goals. I will start by discussing what provable security is and is not, the idea and importance of reductions, identifying assumptions, capturing adversarial resources and leakage of information, and obtaining exact security, as well as the pros and cons of the underling
security models, including the random oracle model. In order to illustrate these concepts, I will motivate and discuss the security models for signatures and encryption, their proofs (including games) and guarantees, and the practical importance of the tightness in
reductions.
Bio: Alejandro Hevia received his Bachelor and Engineering degree in Computer Science from the University of Chile in 1995 and 1998 respectively, and his Ph.D. in Computer Science from University of California, San Diego (UCSD) in 2006. Since then, he is at the School of Engineering of the University of Chile where he is now Assistant Professor at the Department of Computer Science.
His research interests include cryptography and computer security, in particular, cryptographic protocols for distributed systems (voting and anonymity), and malware analysis and prevention. He has collaborated with important research labs, including IBM T.J. Watson Research Center, NTT Docomo USA, and INRIA SophiaAntipolis. He has also served on several program committees for conferences in both cryptography and applied security, and coorganized the Second International Conference on Cryptology and Information Security in Latin America (Latincrypt 2012), among others. Prof. Hevia is a recipient of, among others, the Marcos Orrego Puelma Award (1999), the president's MIDEPLAN Scholarship (1999), and the R.B. Wooley Jr. Fellowship from the Irwin & Joan Jacobs School of Engineering at UCSD (20033004).
Prof. Hevia is director of the Chilean Computer Emergency Response Team (CLCERT) associated to the the Applied Cryptography and Security Laboratory (CASLAB) of the University of Chile. He is currently also the CLEI representative for theIFIP TC11 Group.


Efficient Implementation of PostQuantum Cryptography
Peter Schwabe, Radboud University Nijmegen
My lecture will consist of three parts. In the first part I will give background on fast arithmetic using the SIMD computing capabilities offered by vector instruction sets of modern CPUs. The other two parts will each consider one example of highspeedpostquantum cryptography in software that uses this fast SIMD arithmetic. Specifically, I will consider the implementation of the latticebased signature scheme proposed by Lyubashevsky at Eurocrypt
2012 and the implementation of codebased cryptography (McEliece/Niederreiter encryption and CFS signatures).
Bio: I am an assistant professor (Universitair Docent) for computer security in the Digital Security Group at Radboud University Nijmegen. Until November 2012 I was a postdoc in the Research Center for Information Technology Innovation and the Institute of Information Science of Academia Sinica. Before that, I was postdoc in the Department of Electrical Engineering of National Taiwan University within the IntelNTU Connected Context Computing Center. Before that, I was a postdoc in the Institute of Information Science at Academia Sinica. Before that, I was a Ph.D. student in the Department of Mathematics and Computer Science at Eindhoven University of Technology. 

