December 3-7, 2000, Kyoto, Japan

Preliminary Program

Sunday, December 3, 2000

Sun 15:00--20:00 Conference registration

Sun 18:00--20:00 Evening reception


Monday, December 4, 2000

Mon 8:50-- 9:00 Opening Remarks

by: Tsutomu Matsumoto (General Chair)

Mon 9:00--10:55 Session 1: Cryptanalysis I

Mon 9:00-- 9:23 Cryptanalytic Time/Memory/Data Tradeoffs for Stream Ciphers
Alex Biryukov (Weizmann Institute, Israel) and Adi Shamir (Weizmann Institute, Israel)
Mon 9:23-- 9:46 Cryptanalysis of the RSA Schemes with Short Secret Exponent from Asiacrypt '99
Glenn Durfee (Stanford University, USA) and Phong Q. Nguyen (Ecole Normale Superieure, France)
Mon 9:46--10:09 Why Textbook ElGamal and RSA Encryption are Insecure
Dan Boneh (Stanford University, USA), Antoine Joux (DCSSI, France) and Phong Q. Nguyen (Ecole Normale Superieure, France)
Mon 10:09--10:32 Cryptanalysis of the TTM Cryptosystem
Louis Goubin (Bull, France) and Nicolas T. Courtois (Bull, France)
Mon 10:32--10:55 Attacking and Repairing Batch Verification Schemes
Colin Boyd (Queensland University of Technology, Australia) and Chris Pavlovski (Queensland University of Technology, Australia)

Mon 10:55--11:15 Morning break

Mon 11:15--12:15 Session 2: IACR Distinguished Lecture

Mon 11:15--12:15 Cryptography Everywhere
Thomas A. Berson (Anagram Labs, USA)

Mon 12:20--13:30 Lunch

Mon 14:00--15:55 Session 3: Digital Signatures

Mon 14:00--14:23 Security of Signed ElGamal Encryption
Claus P. Schnorr (University of Frankfurt, Germany) and Markus Jakobsson (Bell Labs, USA)
Mon 14:23--14:46 From Fixed-Length to Arbitrary-Length RSA Padding Schemes
Jean-Sebastien Coron (Ecole Normale Superieure, France), Francois Koeune (UCL, Belgium) and David Naccache (Gemplus, France)
Mon 14:46--15:09 Towards Signature-Only Signature Schemes
Adam Young (Columbia University, USA) and Moti Yung (CertCo, USA)
Mon 15:09--15:32 A New Forward-Secure Digital Signature Scheme
Michel Abdalla (University of California at San Diego, USA) and Leonid Reyzin (MIT, USA)
Mon 15:32--15:55 Unconditionally Secure Digital Signature Schemes Admitting Transferability
Goichiro Hanaoka (University of Tokyo, Japan), Junji Shikata (University of Tokyo, Japan), Yuliang Zheng (Monash University, Australia) and Hideki Imai (University of Tokyo, Japan)

Mon 15:55--16:25 Afternoon break

Mon 16:25--18:20 Session 4: Protocols I

Mon 16:25--16:48 Efficient Secure Multi-Party Computation
Martin Hirt (ETH Zurich, Switzerland), Ueli Maurer (ETH Zurich, Switzerland) and Bartosz Przydatek (Carnegie Mellon University, USA)
Mon 16:48--17:11 Mix and Match: Secure Function Evaluation via Ciphertexts
Markus Jakobsson (Bell Labs, USA) and Ari Juels (RSA Labs, USA)
Mon 17:11--17:34 A Length-Invariant Hybrid Mix
Miyako Ohkubo (NTT East, Japan) and Masayuki Abe (NTT Labs, Japan)
Mon 17:34--17:57 Attack for Flash MIX
Masashi Mitomo (Tokyo Institute of Technology, Japan) and Kaoru Kurosawa (Tokyo Institute of Technology, Japan)
Mon 17:57--18:20 Distributed Oblivious Transfer
Moni Naor (Weizmann Institute, Israel) and Benny Pinkas (STAR Lab, USA)

Mon 19:00--22:00 Rump Session


Tuesday, December 5, 2000

Tue 8:30--10:02 Session 5: Number Theoretic Algorithms

Tue 8:30-- 8:53 Key Improvements to XTR
Arjen K. Lenstra (Citibank, USA) and Eric R. Verheul (Pricewaterhouse Coopers, Netherlands)
Tue 8:53-- 9:16 Security of Cryptosystems based on Class Groups of Imaginary Quadratic Orders
Safuat Hamdy (TU Darmstadt, Germany) and Bodo Moeller (TU Darmstadt, Germany)
Tue 9:16-- 9:39 Weil Descent of Elliptic Curves over Finite Fields of Characteristic Three
Seigo Arita (NEC, Japan)
Tue 9:39--10:02 Construction of Hyperelliptic Curves with CM and Its Application to Cryptosystems
Jinhui Chao (Chuo University, Japan), Kazuto Matsuo (Toyo Communication, Japan), Hiroto Kawashiro (Chuo University, Japan), and Shigeo Tsujii (Chuo University, Japan)

Tue 10:02--10:30 Morning break

Tue 10:30--12:02 Session 6: Symmetric-Key Schemes I

Tue 10:30--10:53 Provable Security for the Skipjack-like Structure against Differential Cryptanalysis and Linear Cryptanalysis
Jaechul Sung (Korea University, Korea), Sangjin Lee (Korea University, Korea), Jongin Lim (Korea University, Korea), Seokhie Hong (Korea University, Korea) and Sangjoon Park (National Security Research Institute, Korea)
Tue 10:53--11:16 On the Pseudorandomness of Top-Level Schemes of Block Ciphers
Shiho Moriai (NTT Labs, Japan) and Serge Vaudenay (EPF Lausanne, Switzerland)
Tue 11:16--11:39 Exploiting Multiples of the Connection Polynomial in Word-Oriented Stream Ciphers
Philip Hawkes (Qualcomm, Australia) and Gregory G. Rose (Qualcomm, Australia)
Tue 11:39--12:02 Encode-Then-Encipher Encryption: How to Exploit Nonces or Redundancy in Plaintexts for Efficient Cryptography
Mihir Bellare (University of California at San Diego, USA) and Phillip Rogaway (University of California at Davis, USA)

Tue 12:10--13:30 Lunch

Free afternoon


Wednesday 6, 2000

Wed 8:30--10:25 Session 7: Protocols II

Wed 8:30-- 8:53 Verifiable Encryption, Group Encryption, and their Applications to Separable Group Signatures and Signature Sharing Schemes
Jan Camenisch (IBM Zurich, Switzerland) and Ivan Damgaard (University of Aarhus, Denmark)
Wed 8:53-- 9:16 Addition of ElGamal Plaintexts
Markus Jakobsson (Bell Labs, USA) and Ari Juels (RSA Labs, USA)
Wed 9:16-- 9:39 Improved Methods to Perform Threshold RSA
Brian King (University of Wisconsin at Milwaukee, USA)
Wed 9:39--10:02 Commital Deniable Proofs and Electronic Campaign Finance
Matt Franklin (University of California at Davis, USA) and Tomas Sander (STAR Lab, USA)
Wed 10:02--10:25 Provably Secure Metering Scheme
Wakaha Ogata (Tokyo Institute of Technology, Japan) and Kaoru Kurosawa (Tokyo Institute of Technology, Japan)

Wed 10:25--10:55 Morning break

Wed 10:55--11:25 Session 8: Invited Lecture

Wed 10:55--11:25 CRYPTREC Project -- Cryptographic Evaluation Project for the Japanese Electronic Government
Hideki Imai (University of Tokyo, Japan) and Atsuhiro Yamagishi (Information-Technology Promotion Agency, Japan)

Wed 11:25--12:11 Session 9: Fingerprinting

Wed 11:25--11:48 Anonymous Fingerprinting with Direct Non-Repudiation
Birgit Pfitzmann (University of Saarlandes, Germany) and Ahmad-Reza Sadeghi (University of Saarlandes, Germany)
Wed 11:48--12:11 Efficient Anonymous Fingerprinting with Group Signatures
Jan Camenisch (IBM Zurich, Switzerland)

Wed 12:15--13:30 Lunch

Wed 14:00--15:09 Session 10: Zero-Knowledge and Provable Security

Wed 14:00--14:23 Increasing the Power of the Dealer in Non-Interactive Zero-Knowledge Proof Systems
Danny Gutfreund (Hebrew University, Israel) and Michael Ben-Or (Hebrew University, Israel)
Wed 14:23--14:46 Zero-Knowledge and Code Obfuscation
Satoshi Hada (IBM Tokyo, Japan)
Wed 14:46--15:09 A Note on Security Proofs in the Generic Model
Marc Fischlin (University of Frankfurt, Germany)

Wed 15:09--15:32 Session 11: Boolean Functions

Wed 15:09--15:32 On Relationships among Avalanche, Nonlinearity and Correlation Immunity
Yuliang Zheng (Monash University, Australia) and Xian-Mo Zhang (University of Wollongong, Australia)

Wed 15:32--16:00 Afternoon break

Wed 16:00--16:46 Session 12: Cryptanalysis II

Wed 16:00--16:23 Cryptanalysis of the Yi-Lam hash
David Wagner (University of California at Berkeley, USA)
Wed 16:23--16:46 Power Analysis, What Is Now Possible...
Mehdi-Laurent Akkar (Bull, France), Regis Bevan (Oberthur, France), Paul Dischamp (Oberthur, France) and Didier Moyart (Oberthur, France)

Wed 16:46--17:09 Session 13: Pseudorandomness

Wed 16:46--17:09 Concrete Security Characterizations of PRFs and PRPs: Reductions and Applications
Anand Desai (Bell Labs, USA) and Sara Miner (University of California at San Diego, USA)

Wed 17:10--18:00 IACR General Meeting

Wed 19:00--21:30 Banquet


Thursday, December 7, 2000

Thu 8:30--10:02 Session 14: Symmetric-Key Schemes II

Thu 8:30-- 8:53 The Security of Chaffing and Winnowing
Mihir Bellare (University of California at San Diego, USA) and Alexandra Boldyreva (University of California at San Diego, USA)
Thu 8:53-- 9:16 Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
Mihir Bellare (University of California at San Diego, USA) and Chanathip Namprempre (University of California at San Diego, USA)
Thu 9:16-- 9:39 Increasing the Lifetime of a Key: A Comparative Analysis of the Security of Re-Keying Techniques
Michel Abdalla (University of California at San Diego, USA) and Mihir Bellare (University of California at San Diego, USA)
Thu 9:39--10:02 Proofs of Security for the Unix Password Hashing Algorithm
David Wagner (University of California at Berkeley, USA) and Ian Goldberg (University of California at Berkeley, USA)

Thu 10:02--10:30 Morning break

Thu 10:30--12:02 Session 15: Public-Key Encryption and Key Distribution

Thu 10:30--10:53 Trapdooring Discrete Logarithms on Elliptic Curves over Rings
Pascal Paillier (Gemplus, France)
Thu 10:53--11:16 Strengthening McEliece Cryptosystem
Pierre Loidreau (INRIA , France)
Thu 11:16--11:39 Password-Authenticated Key Exchange based on RSA
Philip MacKenzie (Bell Labs, USA), Sarvar Patel (Bell Labs, USA) and Ram Swaminathan (Hewlett-Packard, USA)
Thu 11:39--12:02 Round-Efficient Conference Key Agreement Protocols with Provable Security
Wen-Guey Tzeng (National Chiao Tung University, Taiwan) and Zhi-Jia Tzeng (National Chiao Tung University, Taiwan)