Preliminary Eurocrypt '96 program
Zaragoza, Spain
May 12-16, 1996

Sunday, May 12

18:30-22:00 Registration --- Welcome Cocktail

Monday, May 13

08:45-09:30 Registration
09:30-09:45 Introduction to EUROCRYPT `96

09:45-11:15 Session Cryptanalysis I

Chair: Serge Vaudenay (ENS, France)

09:45-10:15 Low-exponent RSA with related messages
Don Coppersmith (IBM T. J. Watson, USA), Matthew Franklin (AT&T Research, USA), Jacques Patarin (CP8 Transac, France), Michael Reiter (AT&T Research, USA)
10:15-10:45 Generating ElGamal signatures without knowing the secret key
Daniel Bleichenbacher (ETH Zürich, Switzerland)
10:45-11:15 On the security of two MAC algorithms
Bart Preneel (K. U. Leuven, Belgium), Paul C. van Oorschot (Bell-Northern Research, Canada)

11:15-11:45 Coffee break

11:15-13:15 Session Public Key Cryptosystems

Chair: David Naccache (Gemplus, France)

11:15-11:45 Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms
Jacques Patarin (CP8 Transac, France)
11:45-12:15 A public key cryptosystem based on elliptic curves over Z/nZ equivalent to factoring
Bernd Meyer (Universität des Saarlandes, Germany), Volker Müller (University of Waterloo, Canada)
12:15-12:45 Public key encryption and signature schemes based on polynominals over Z_n
Jörg Schwenk (Deutsche Telekom AG, Germany), Jörg Eisfeld (University of Giessen, Germany)
13:20- Group Photograph

14:00-16:00 Lunch

16:00-17:00 Session New Schemes and Protocols

Chair: Claus P. Schnorr (University of Frankfurt, Germany)

16:00-16:30 Multi-authority secret-ballot elections with linear work
Ronald Cramer (CWI, The Netherlands), Matthew Franklin (AT&T Bell Labs., USA), Berry Schoenmakers (DigiCash, The Netherlands), Moti Yung (IBM T. J. Watson, USA)
16:30-17:00 Asymmetric fingerprinting
Birgit Pfitzmann, Matthias Schunter (University of Hildesheim, Germany)

17:00-17:30 Coffee break

17:30-19:00 Session Multi-Party Computation

Chair: Tatsuaki Okamoto (NIT Labs., Japan)

17:30-18:00 Homomorphisms of secret sharing schemes: a tool for verifiable signature sharing
Mike Burmester (Royal Holloway, England)
18:00-18:30 Efficient multiplicative sharing schemes
Simon R. Blackburn, Mike Burmester (Royal Holloway, England), Yvo Desmedt (University of Wisconsin, USA), Peter R. Wild (Royal Holloway, England)
18:30-19:00 Equivocable oblivious transfer
Donald Beaver (Transarc, USA)

Tuesday, May 14

09:30-10:20 IACR Distinguished Lecture
James L. Massey (ETH Zürich, Switzerland) The difficulty with difficulty

Chair: Ueli Maurer (ETH Zürich, Switzerland)

10:20-11:20 Session Proofs of Knowledge

Chair: Ronald Rivest (MIT, USA)

10:20-10:50 Short discreet proofs
Joan Boyar (Odense University, Denmark), René Peralta (JAIST, Japan)
10:50-11:20 Designated verifier proofs and their applications
Markus Jakobsson (UC San Diego, USA), Kazue Sako (NEC, Japan), Russell Impagliazzo (UC San Diego, USA)

11:20-11:50 Coffee break

11:50-13:20 Session Number Theory and Algorithms

Chair: Arjen K. Lenstra (Bellcore, USA)

11:50-12:20 Finding a small root of a univariate modular equation
Don Coppersmith (IBM T. J. Watson, USA)
12:20-12:50 New modular multiplication algorithms for fast modular exponentiation
Seong-Min Hong, Sang-Yeop Oh, Hyunsoo Yoon (KAIST, Korea)
12:50-13:20 Finding a small root of a bivariate integer equation; factoring with high bits known
Don Coppersmith (IBM T. J. Watson, USA)

13:20-13:50 IACR Business meeting

14:00-16:00 Lunch

16:00-17:00 Session Secret Sharing

Chair: Bart Preneel (K. U. Leuven, Belgium)

16:00-16:30 Publicly verifiable secret sharing
Markus Stadler (ETH Zürich, Switzerland)
16:30-17:00 Optimum secret sharing scheme secure against cheating
Wakaha Ogata (Himeji Institute of Technology, Japan), Kaoru Kurosawa (Tokyo Institute of Technology, Japan)

17:00-17:30 Coffee break

17:30-19:00 Session Cryptanalysis II

Chair: Josep Domingo (University of Rovira i Virgili, Spain)

17:30-18:00 The security of the Gabidulin public key cryptosystem
Keith Gibson (Birkbeck College, England)
18:00-18:30 Non-linear approximations in linear cryptanalysis
Lars R. Knudsen (K. U. Leuven, Belgium), M. J. B. Robshaw (RSA Laboratories, USA)
18:30-19:00 On the difficulty of software key escrow
Lars R. Knudsen (K. U. Leuven, Belgium), Torben P. Pedersen (Cryptomathic, Denmark)


Wednesday, May 15

09:30-10:20 Invited Lecture
Multi party secure protocols: past and present Shafi Goldwasser (MIT, USA)

Chair: Claude Crépeau (University of Montréal, Canada)

10:20-11:20 Session Pseudorandomness

Chair: Jovan Dj. Golic (QUT, Australia)

10:20-10:50 An efficient pseudo-random generator provably as secure as syndrome decoding
Jean-Bernard Fischer (Thomson, France), Jacques Stern (ENS, France)
10:50-11:20 On the existence of secure feedback registers
Andrew Klapper (University of Kentucky, USA)

11:20-11:50 Coffee break

11:50-13:50 Session Cryptographic Functions

Chair: Othmar Staffelbach (Federal Cryptology Section, Switzerland)

11:50-12:20 Fast low order approximation of cryptographic functions
Jovan Dj. Golic (QUT, Australia)
12:20-12:50 Construction of t-resilient functions over a finite alphabet
Paul Camion, Anne Canteaut (INRIA, France)
12:50-13:20 Auto-correlations and new bounds on the nonlinearity of boolean functions
Xian-Mo Zhang (University of Wollongong, Australia), Yuliang Zheng (Monash University, Australia)
13:20-13:50 Foiling birthday attacks in length-doubling transformations
William Aiello, Ramarathnam Venkatesan (Bellcore, USA)

14:00- Lunch

Afternoon City Tour

Evening Gala Dinner

Thursday, May 16

09:00-10:30 Session Key Management and Identification Schemes

Chair: Walter Fumy (Siemens, Germany)

09:00-09:30 Session key distribution using smart cards
Victor Shoup, Avi Rubin (Bellcore, USA)
09:30-10:00 On Diffie-Hellman key agreement with short exponents
Paul C. van Oorschot, Michael J. Wiener (Bell-Northern Research, Canada)
10:00-10:30 On the security of a practical identification scheme
Victor Shoup (Bellcore, USA)

10:30-11:00 Coffee break

11:00-13:00 Session Digital Signature Schemes

Chair: Stefan Brands (CWI, The Netherlands)

11:00-11:30 Robust threshold DSS signatures
Rosario Gennaro, Stanislaw Jarecki (MIT, USA), Hugo Krawczyk (IBM T. J. Watson, USA), Tal Rabin (MIT, USA)
11:30-12:00 New convertible undeniable signature schemes
Ivan Damgård (Aarhus University, Denmark), Torben P. Pedersen (Cryptomathic, Denmark)
12:00-12:30 Security proofs for signature schemes
David Pointcheval, Jacques Stern (ENS, France)
12:30-13:00 The exact security of digital signatures --- how to sign with RSA and Rabin
Mihir Bellare (UC San Diego, USA), Phillip Rogaway (UC Davis, USA)