Crypto 2013 rump session

The Crypto 2013 rump session took place Tuesday 20 August 2013 from 19:30 PDT to 23:00 PDT. Daniel J. Bernstein and Tanja Lange served as chairs.

Slides are available from all presenters who agreed to have their slides officially online. Slides were already gradually made available during the rump session.

The rump session was broadcast as a live Silverlight stream from the following URL: http://gauchocast.ucsb.edu/Panopto/Pages/Viewer/Default.aspx?id=6075c6c2-b2db-4faa-a112-71158db9db1f Silverlight viewer for Windows: http://www.microsoft.com/silverlight/ Silverlight viewer for Linux (Pipelight): https://launchpad.net/pipelight

The call for submissions has been archived below.

AuthorsSpeakerTitleSlides
Crypto 2013 rump session, Tuesday 20 August 2013
Session 1
19:30Ran Canetti and Juan GarayRan CanettiChairs' report for Crypto 2013slides
19:37Andrea Forte, Juan Garay, Trevor Jim, Yevgeniy VahlisJuan GarayEyeDecrypt -- Private Interactions in Plain Sightslides
19:42Sasha BoldyrevaSasha BoldyrevaHow to make 400+ cryptographers appreciate your creativityslides
19:44David ChaumDavid ChaumMajority Decisions .org
19:48Mitsuru MatsuiMitsuru MatsuiThe FEAL Cipher Prize Problem -Winner Announcement-slides
19:50Eli Biham and Yaniv CarmeliAdi ShamirSolving the FEAL 25 Years Prize Problemsslides
19:57Nadia HeningerNadia HeningerFactoring as a serviceslides
20:02Yvo Desmedt, Jean-Jacques Quisquater, Moti YungMoti YungCryptanalysis of MDS-POTIslides
20:09John KelseyJohn KelseyNIST Updateslides
20:15Keith Alexander, Keith AlexanderKeith Alexander, Keith Alexander, Keith AlexanderSpyin' NSAslides
20:20Break
Session 2
20:50Nadhem AlFardan, Dan Bernstein, Kenny Paterson, Bertram Poettering, Jacob SchuldtJacob SchuldtOn the Security of RC4 in TLSslides
20:55Gora Adj, Alfred Menezes, Thomaz Oliveira and Francisco Rodríguez-HenríquezFrancisco Rodríguez-HenríquezWeakness of GF$(3^{6 \cdot 509})$ for Discrete Logarithm Cryptographyslides
21:02Sanjam Garg, Craig Gentry, Shai Halevi, Mariana Raykova, Amit Sahai, Brent WatersSanjam GargCandidate Indistinguishability Obfuscation, Or Sell Apple, Buy Samsungslides
21:07Amit Sahai and Brent WatersBrent WatersHow to Use Indistinguishability Obfuscation: Deniable Encryption, and Moreslides
21:13Aggelos Kiayias and Qiang TangAggelos KiayiasHow to keep a secret: Leakage Deterring Public-Key Cryptosystemsslides
21:17Yevgeniy Dodis, David Pointcheval, Sylvain Ruhault, Damien Vergnaud, Daniel WichsYevgeniy DodisRandom Number Generation, Revisitedslides
21:22Jeremiah Blocki, Manuel Blum, Anupam DattaJeremiah BlockiNaturally Rehearsing Passwordsslides
21:27Benjamin Fuller, Xianrui Meng, Leonid ReyzinBenjamin FullerComputational Fuzzy Extractorsslides
21:32Daniel J. Bernstein, Yun-An Chang, Chen-Mou Cheng, Li-Ping Chou, Nadia Heninger, Tanja Lange, Nicko van SomerenNadia HeningerFactoring RSA keys from certified smart cards: Coppersmith in the wildslides
21:38Tomasz KazanaTomasz KazanaWarsaw is coolslides
21:41Average JoeAverage Joe, Average Joe, Average JoeUnder Surveillanceslides
21:45Break
Session 3
22:15Itai Dinur, Orr Dunkelman, Nathan Keller and Adi ShamirAdi ShamirAn Improved Attack on 4-Round Even-Mansour with 2 Alternating Keysslides
22:21Dominique UnruhDominique UnruhQuantum Time Capsules & Unknown Recipient Encryptionslides
22:25Aggelos Kiayias and Stavros Papadopoulos and Nikos Triandopoulos and Thomas ZachariasAggelos KiayiasDelegatable Pseudorandom Functions and Applicationsslides
22:29Yutaka Kawai, Katsuyuki TakashimaKatsuyuki TakashimaFully-Anonymous Functional Proxy-Re-Encryptionslides
22:34Charanjit S. Jutla and Arnab RoyArnab RoyShorter Quasi-Adaptive NIZKs for Linear Subspacesslides
22:39Luis BrandaoLuis BrandaoCommunication complexity of the forge-and-lose techniqueslides
22:44Marcel Keller, Peter Scholl, Nigel SmartMarcel KellerThe million-entry ORAM on MPCslides
22:46Numerous (several papers involved)Elaine ShiPractical ORAM: From Theory to Secure Processor to Compiler
22:51Elaine Shi, Emil Stefanov, Babis PapamanthouElaine ShiTruly Practical Dynamic Proofs of Retrievability (Without Oblivious RAM)
22:55Yehuda LindellYehuda LindellAnnouncing SCAPI: the Secure Computation APIslides
23:00Fin!
Announcements, http://www.iacr.org/events/
2013.12.01: Algorithmica Call for Papers: Special Issue on Algorithms for Secure Computation, http://www.springer.com/computer/theoretical+computer+science/journal/453
2013.11, Berlin, before CCS: PUFFIN workshop, http://puffin.eu.org
2013.11.18--20, Okinawa, Japan: The 8th International Workshop on Security (IWSEC2013), http://www.iwsec.org/2013/
2013.12.01--05, Bangalore, India: Asiacrypt 2013, make sure to apply for visas NOW! See slides online, http://www.iacr.org/conferences/asiacrypt2013
2014: Lausanne, Switzerland: ACNS 2014

Call for submissions (archived)

News: The rump-session chairs are now also handling organization of "Birds of a Feather" sessions beyond the rump session. Contact the rump-session chairs by email with any proposals. Make sure to indicate the exact time slot, location, and title of your BoF session.
When did Wang announce collisions in MD4, MD5, HAVAL-128, and RIPEMD? When did NIST announce the withdrawal of the Data Encryption Standard? When did van Someren introduce oblivious transfers of zero knowledge? The Crypto 2004 rump session!

When did Osvik, Shamir, and Tromer announce AES key extraction in 65 milliseconds? When did Kelsey, Schneier, Vaudenay, and Wagner expose cryptographic plagiarism? When did Alice meet Bob face to face for the first time? The Crypto 2005 rump session!

When did Bleichenbacher announce pencil-and-paper RSA forgeries? When did Cryptico announce a $1000 prize for the best cryptanalysis of Rabbit? When did Callas, Cannoy, and van Someren introduce lettuce-based cryptography? The Crypto 2006 rump session!

When did Biham, Dunkelman, Indesteege, Keller, and Preneel announce successful cryptanalysis of KeeLoq? When did Clark and Sale challenge the cryptographic community to race a rebuilt Colossus? When did Tromer, Ellison, Miller, and Wright present the perfect one-way hash? The Crypto 2007 rump session!

When did Tromer announce successful cryptanalysis of the Gpcode.ak ransomware virus? When did Enright, Rescorla, Savage, Shacham, and Yilek present a factorization of the IACR public key? When did Rescorla, Savage, Shacham, and Spies introduce dryness-rights management? The Crypto 2008 rump session!

When did Petit and Quisquater announce preimages in the SL_2 hash? When did Stevens demonstrate live man-in-the-middle attacks on HTTPS via MD5 collisions? When did Suga introduce UbeHashCoool? The Crypto 2009 rump session!

When did Gentry and Halevi announce FHE cryptanalytic challenges with public keys too large to fit on IBM's web servers? When did the mobile-phone industry open up ZUC for public review? When did Heninger and Shacham present a two-thousand-slide historical review of cryptography? The Crypto 2010 rump session!

When did Bogdanov, Khovratovich, and Rechberger announce biclique cryptanalysis of full AES? When did Peters demonstrate the benefits of Springer's editing? When did Suga introduce the mop construction? The Crypto 2011 rump session!

When did Vaudenay announce successful cryptanalysis of a cryptosystem published at Crypto 2012? When did Matsui offer $1500 to beat a dead FEAL? When did Heninger demonstrate RSA private-key recovery via Google? The Crypto 2012 rump session!

The first Crypto rump session took place in 1981 and was immediately heralded as the most important meeting in cryptography. Each subsequent Crypto rump session has reached a new level of historical significance, outstripped only by the Crypto rump sessions that followed it. The Crypto 2013 rump session will attempt to live up to, and if possible exceed, the exceptionally high standards set by previous Crypto rump sessions; but it relies critically on your contributions! Do you have breaking news, progress reports, or other topics of interest to the cryptographic community? Can you keep your talk short and entertaining? Fill out the submission form and ask for a talk slot!

As an added incentive for putting serious effort into non-serious rump-session talks, the editors of the Journal of Craptology usually promise to invite a paper from the most entertaining rump-session speakers. But we haven't heard from them yet.


There is also a non-rump part of Crypto 2013. The non-rump part has its own web pages, including its own program. Warning: These links are provided purely for informational purposes. The rump-session chairs cannot guarantee the quality of the non-rump part of Crypto 2013.