| 8:00-5:00 | Excursion to Channel Islands National Marine Sanctuary. Transportation to Sea Landing leaves outside Anacapa Hall at 7:30. |
| 4:00-8:00 | Registration, Anacapa Hall |
| 6:30-10:00 | Reception, Anacapa Lawn |
| 8:00 | Registration outside Lotte Lehmann Auditorium |
| 8:30-8:45 | Welcome |
| 8:45-9:05 | Keying Hash Functions for Message Authentication
Mihir Bellare, Univ. California at San Diego, USA Ran Canetti, MIT, USA Hugo Krawczyk, IBM, USA |
| 9:10-9:30 | Universal Hashing and Multiple Authentication
M. Atici, Univ. Nebraska at Lincoln, USA Douglas Stinson, Univ. Nebraska at Lincoln, USA |
| 9:35-9:55 | Universal Hash Functions from Exponential Sums over
Finite Fields and Galois Rings
Tor Helleseth, University of Bergen, Norway Thomas Johansson, Lund University, Sweden |
| 10:00-10:25 | Break |
| 10:30-10:50 | Asymmetric Cryptography with a Hidden Monomial
Jacques Patarin, CP8 TRANSAC, France |
| 10:55-11:15 | Anonymous Communication and Anonymous Cash
Daniel Simon, Microsoft, USA |
| 11:20-12:12 | Export Controls: Past, Present, and
Future
Andy Clark, Independent consultant |
| 12:15-1:00 | Lunch |
| 1:40-2:00 | Weaknesses in Some Threshold Cryptosystems
Susan Langford, Atalla Corp., USA |
| 2:05-2:15 | Hidden Collisions on DSS
Serge Vaudenay, Ecole Normal Supérieure, France |
| 2:20-2:40 | The Dark Side of 'Black-Box' Cryptography,
or: Why Should We Trust Capstone?
Adam Young, Columbia Univ., USA Moti Yung, IBM, USA |
| 2:45-3:05 | Timing Attacks on Implementations of
Diffie-Hellman, RSA, DSS, and Other Systems
Paul Kocher, Stanford, USA |
| 3:10-3:35 | Break |
| 3:40-4:00 | All Bits in ax+b mod p Are Hard
Mats Näslund, Royal Insitute of Technology, Sweden |
| 4:05-4:25 | Hardness of Computing the Most Significant Bits of Secret Keys in
Diffie-Hellman and Related Schemes
Dan Boneh, Princeton Univ., USA Ramarathnam Venkatesan, Bellcore, USA |
| 4:30-5:20 | [title to be announced]
Cliff Stoll |
| 7:00-10:00 | Reception (De La Guerra Lawn) |
| 8:30-8:50 | Security of 2t-Root Identification
and Signatures
Claus P. Schnorr, Univ. Frankfurt, Germany |
| 8:55-9:15 | Robust and Efficient Sharing of RSA Functions
Rosario Gennaro, MIT, USA Stanislaw Jarecki, MIT, USA Hugo Krawczyk, IBM, USA Tal Rabin, MIT, USA |
| 9:20-9:40 | New Generation of Secure and Practical RSA-Based Signatures
Ronald Cramer, CWI, The Netherlands Ivan Dåmgard, Aarhus Univ., Denmark |
| 9:45-10:10 | Break |
| 10:15-10:35 | Proving Without Knowing: On Oblivious, Agnostic and Blindfolded Provers
Markus Jakobsson, Univ. California at San Diego, USA Moti Yung, IBM, USA |
| 10:40-11:00 | Practical and Provably-Secure Commitment Schemes from Collision-Free
Hashing
Shai Halevi, MIT, USA Silvio Micali, MIT, USA |
| 11:05-11:55 | Relation of Theory to Practice in Cryptography [exact title
to be announced]
Ron Rivest, MIT, USA |
| 12:00-1:00 | Lunch |
| Free afternoon, or | |
| 2:00-4:00 | Family Crypto
led by Michael Fellows Location to be announced |
| 7:00-11:00 | Informal presentations to be announced
Corwin Pavillion in the University Center |
| 9:00-9:20 | Improved Differential Attacks on RC5
Lars Knudsen, Katholieke Univ. Leuven, Belgium Willi Meier, HTL, Switzerland |
| 9:25-9:45 | Improving Implementable Meet-in-the-Middle Attacks by Orders of
Magnitude
Paul van Oorschot, Bell-Northern Research, Canada Michael Wiener, Bell-Northern Research, Canada |
| 9:50-10:15 | Break |
| 10:20-10:40 | Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES
John Kelsey, Counterpane Systems, USA Bruce Schneier, Counterpane Systems, USA David Wagner, Univ. California at Berkeley, USA |
| 10:45-11:05 | How to Protect DES Against Exhaustive Key Search
Joe Kilian, NEC Research Institute, USA Phillip Rogaway, Univ. California at Davis, USA |
| 11:10-12:00 | Cryptographic applications in electronic commerce
Ernest Brickell |
| 12:00-1:00 | Lunch |
| 1:30-1:50 | Diffie-Hellman Oracles
Ueli Maurer, ETH Zürich, Switzerland Stefan Wolf, ETH Zürich, Switzerland |
| 1:55-2:15 | Algorithms for Black-Box Fields and Their Application to Cryptography
Dan Boneh, Princeton Univ., USA Richard Lipton, Princeton Univ., USA |
| 2:20-2:40 | Fast Hashing on the Pentium
Antoon Bosselaers, Katholieke Univ. Leuven, Belgium René Govaerts, Katholieke Univ. Leuven, Belgium Joos Vandewalle, Katholieke Univ. Leuven, Belgium |
| 2:45-3:05 | On Fast and Provably Secure Message Authentication Based on
Universal Hashing
Victor Shoup, Bellcore, USA |
| 3:10-3:35 | Break |
| 3:40-4:30 | Cryptology, Technology, and Politics
Whitfield Diffie, Sun Microsystems |
| 4:30-5:15 | IACR Business Meeting |
| 6:00-9:00 | Beach barbecue, Goleta Beach |
| 9:00-9:25 | Quantum Cryptography over Underground Optical Fibers
R. J. Hughes, Los Alamos National Labs, USA G. G. Luther, Los Alamos National Labs, USA G. L. Morgan, Los Alamos National Labs, USA C. G. Peterson, Los Alamos National Labs, USA C. Simmons, Los Alamos National Labs, USA |
| 9:30-9:55 | Quantum Key Distribution and String Oblivious Transfer in Noisy Channels
Dominic Mayers, Univ. de Montréeal, Canada |
| 10:00-10:20 | Linear Complexity of Periodic Sequences: A General Theory
James Massey, Swiss Federal Institute of Technology, Switzerland Shirlei Serconek, Univ. Federal de Goias, Brazil |
| 10:25-10:45 | Generalization of Siegenthaler Inequality and Schnorr-Vaudenay
Multipermutations
Paul Camion, INRIA, France Anne Canteaut, INRIA, France |
| 10:50-11:15 | Break |
| 11:20-11:40 | Trade-offs Between Communication and Storage in Unconditionally
Secure Schemes
for Broadcast Encryption and Interactive Key Distribution
Carlo Blundo, Univ. di Salerno, Italy Luiz Frota Mattos, CEPESC/SAE, Brazil Douglas Stinson, Univ. Nebraska at Lincoln, USA |
| 11:45-12:05 | New Results on Visual Cryptography
Stefan Droste, Univ. Dortmund, Germany |
| 12:10-1:00 | Lunch |
| Adjourn |