- PQC Asia Forum in Seoul

- HOME > PQC Asia Forum in Seoul > Speakers
- Speakers

The NIST Post-Quantum Cryptography Standardization Process In February 2016, NIST announced that it was beginning a process to standardize post-quantum algorithms for public-key cryptography. In August, NIST issued a draft Call for Proposals outlining submission requirements and evaluation criteria for these algorithms. In this talk, I will summarize the feedback we received, and discuss the impact on the Call for Proposals, which is expected to be released around November. I will also share some thoughts on the long road ahead towards post-quantum standardization. MOODY, Dustin (NIST, USA) Dr. Dustin Moody is a mathematician in the Computer Security Division of the National Institute of Standards and Technology. His area of research deals with elliptic curves, and their applications in cryptography. He received his Ph.D. from the University of Washington in 2009. Dr. Moody leads the Post-Quantum Cryptography project at NIST. Simple and Provable Secure ( Authenticated ) Key Exchange Based on the LWE Public key cryptosystems (PKC) are critical part of the foundation of modern communication systems, in particular, Internet. However Shor's algorithm shows that the existing PKC like Diffie-Hellmann key exchange, RSA and ECC can be broken by a quantum computer. To prepare for the coming age of quantum computing, we need to build new public key cryptosystems that could resist quantum computer attacks. In this lecture, we present a practical and provably secure (authenticated) key exchange protocol based on the learning with errors problems, which is conceptually simple and has strong provable security properties. This new constructions was established in 2011-2012. These protocols are indeed practical. We will explain that all the existing LWE based key exchanges are variants of this fundamental design. In addition, we will explain how to use the signal function invented for KE for authentication schemes. DING, Jintai (University of Cincinnati, USA) Jintai Ding is a professor at the Department of Mathematical Sciences of the University of Cincinnati. He received his B.A. from Xian Jiaotong University in 1988, his M.A. in mathematics from the University of Science and Technology of China in 1990 and his Ph.D in mathematics from Yale in 1995. He was a lecturer at the Research Institute for Mathematical Sciences of Kyoto University from 1995 to 1998. He has been a faculty member at the University of Cincinnati since 1998. From 2006 to 2007, he was a visiting professor and Alexander Von Humboldt Fellow at Technical University of Darmstadt. He received the Zhong Jia Qing Prize from by the Chinese Mathematical Society in 1990. He was a Taft fellow at Taft Research Center in 2009-2010. His main research interests are in cryptography, computational algebra and information security. He was a co-chair of the second international workshop on post-quantum cryptography. He and his colleagues developed the Rainbow signature scheme, the GUI HFEV- signature, the Simple Matric encryption scheme and the LWE-based post-quantum key exchange scheme. Computational Problems in Post-Quantum Cryptography The security of post-quantum cryptography is based on some computational problems such as the multivariate quadratic (MQ) polynomial problems and the shortest vector problem (SVP) over lattices. In this talk, we give an overview of the hardness of solving these computational problems by presenting some recent top records in the computational challenge problems such as Fukuoka MQ Challenge and Darmstadt Lattice Challenges. TAKAGI, Tsuyoshi (Kyushu University, Japan) Tsuyoshi Takagi received the B.Sc. and M.Sc. degrees in mathematics from Nagoya University in 1993 and 1995, respectively. He had engaged in the research on network security at NTT Laboratories from 1995 to 2001. He received the PhD from Technical University of Darmstadt in 2001. He was an Assistant Professor in the Department of Computer Science at Technical University of Darmstadt until 2005. He is currently a Professor in the Institute of Mathematics for Industry at Kyushu University. His current research interests are information security and cryptography. He has received DOCOMO Mobile Science Award in 2013, IEICE Achievement Award in 2013, and JSPS Prize in 2014. Dr. Takagi is a Program Chair of the 7th International Conference on Post-Quantum Cryptography, PQCrypto 2016. Practical Public Key Encryption Based on Lattices In this talk, we propose a new public key encryption based on the hardness of Learning with Errors (LWE). Our scheme is provably secure and much more efficient than the previous. We verify its efficiency by implementation. We also introduce its homomorphic extension and symmetric version and compare them with the previous schemes. CHEON, Jung Hee (Seoul National University, Korea) Cheon Jung Hee is a South Korean mathematician and cryptographer whose research interest includes computational number theory, cryptography, and information security. He is one of the inventors of braid cryptography, one of group-based cryptography. He is particularly known for his work on an efficient algorithm on strong DH problem. He was awarded Excellent Performance in 2013 and 2009 from Ministry of Education and Science Technology. He received the best paper award in Asiacrypt 2008 for improving Pollard rho algorithm, and the best paper award in Eurocrypt 2015 for attacking Multilinear Maps. Public Key Authentication in Postquantum PKC We believe that the public key authentication is very important issue to be settled before the standardization and wide implementation of public key crytographic schemes in commercial security services or products. For the public key authentication, it is important to have no duplicate public keys which means that different public keys do not share the private keys in common.

In this talk, we review the underlying mathematical property of the public key cryptography based RSA to guarantee that no duplicate public keys exist in the public key cryptography based RSA. The existence of duplicated public keys of a public key cryptographic scheme is closely related to the underlying computational problems. Most of the computational problems for postquantum PKCs have several solutions and this necessitates to study its effect on public key duplicates for such schemes. We present our analysis on the existence of duplicate public keys of some variants of SIS-type problems and suggest how to assure duplication free public keys in the schemes based on several problems of SIS-type.LIM, Seongan (Ewha Womans University, Korea) Seongan Lim received her Ph.D degree in mathematics from Purdue University, West Lafayette, IN. USA. She was a researcher/team manager of cryptographic technology team at KISA during the years 1999 and 2004. She has been working with the Institute of Mathematical Sciences as a research professor at Ewha Womans University since 2009. Her active research area includes public key cryptography. The Recent PQC Research Activities in China Chinese cryptographers conduct several PQC-related projects since the last couple of years, and especially we're launching some new programs which target is to reply the NIST call this February. In this presentation, I will give an overview of these research activities. A motivation of coorperating with international partners to push PQC standarlization is mentioned as well. XIANG, Hong (Chongqing University, China) Dr./Prof. Hong Xiang is the Director of Key Laboratory of Dependable Service Computing in Cyber Physical Society (CPS-DSC), Ministry of Education, People’s Republic of China. He is also a head of advanced cryptography research group in the Chongqing University.

**Important Project**

‧ 2014- Head of workgroup “Advanced Cryptography and The Applications”, Special Publication 8 , Chinese Association for Cryptologic Research.

‧ 2014- Senior Advisor of the workgroup “Security Guidance of Industry Control System”, Ministry of Industry and Information Technology of the People’s Republic of China

‧ 2010-2012 Director of the workgroup “Standards of Security Auditing for Cloud Computing”, Ministry of Industry and Information Technology of the People’s Republic of China

‧ 2004-2009 Head (Chongqing) of the workgroup “Best Practices of Risk Assessment and Security E-government”, Office of Informatization, The State Council, People’s Republic of China

‧ 2003-2015 Professor of Software School of Chongqing University

‧ 1999-2003 Senior Engineer at the Lab 9, Nortel Networks, Ottawa, Canada

‧ 1998 Doctorate in Mathematics at the University of Alberta, Canada

**Memberships**

Senior Member of Chinese Association for Cryptologic Research

Senior Member of China Computer FederationLattice Enumeration Revisited Lattice enumeration is arguably the simplest method to solve exact lattice problems.Though it does not have the best asymptotical time complexity, it has been used in the largest lattice records, notably NTRU challenges, Darmstadt’s lattice challenges and SVP challenges. In this talk, we review lattice enumeration, together with pruning techniques, and discuss several outstanding issues. NGUYEN, Phong (Inria and CNRS/JFLI and the University of Tokyo, France) Phong Nguyen is senior scientist at Inria and director of the Japanese-French Laboratory for Informatics in Tokyo. He obtained his PhD in 1999 and is an expert in public-key cryptanalysis, especially cryptanalysis based on lattice algorithms. He has been associate editor of the Journal of Cryptology and the Journal of Mathematical Cryptology since 2006. He was Program co-Chair of EUROCRYPT 2013 and 2014, and received the EUROCRYPT 2006 Best Paper Award for joint work with Oded Regev on the cryptanalysis of NTRUSign and the Goldreich-Goldwasser-Halevi lattice-based signature. Algorithms for Lattice Problems via Discrete Gaussians I will present a randomized 2^{n+o(n)}-time and space algorithm for solving the Shortest Vector Problem (SVP) and the Closest Vector Problem (CVP) on n-dimensional Euclidean lattices. In fact, I will present a conceptually simple algorithm that solves the perhaps even more interesting problem of discrete Gaussian sampling (DGS). Prior work only solved DGS for very large parameters. Our SVP/CVP results follow from a natural reduction from SVP to DGS. This talk is based on joint works with Daniel Dadush, Oded Regev, and Noah Stephens-Davidowitz. AGGARWAL, Divesh (National University of Singapore, Singapore) Divesh Aggarwal is an Assistant Professor in the Department of Computer Science at NUS, and a Principal Investigaror at CQT since August, 2016. Before this, he was a post-doctoral researcher from 2014 to 2016 in the School of Computer and Communication Sciences at EPFL, and from 2012 to 2014 in the Department of Computer Science at New York University. Prof. Aggarwal completed his PhD under the guidance of Prof. Ueli Maurer at ETH Zurich in February, 2012. Detecting Entanglement Entanglement is a key phenomenon in quantum physics which has no counterpart in classical mechanics, and is now considered as one of the most important resources in current quantum information and quantum computation theory. But, it is very difficult to determine if a given state is entangled or not. In this talk, we explain some mathematical backgrounds to approach this problem. KYE, Seung-Hyeok (Seoul National University, Korea) Seung-Hyeok KYE is a professor in Mathematics at Seoul National University from 1990. He obtained his B.S. and M.S. from Seoul National University in 1979 and 1981. He also received his Ph.D. from Seoul National University in 1985. He worked at the Song Sim College for Women as Researcher and Associate Professor for 6 years. Also he was visiting at the University of California at Berkeley, Niigata University, University of Illinois at Urbana and Jeju National University. He has organized "ICM Satellite Conference on Operator Algebras and Applications" in 2014, and the conference "Mathematical Aspects in Current Quantum Information Theory" in last February. He was working on operator algebras, and is now intersted in the theory of entanglement arising from quantum physics. Rank Metric Code Based Cryptography Code-based cryptography is considered as one of the quantum-resistant cryptosystems. The reason why code-based cryptography is less practical is that its key size is over 100 thousands bits while RSA has key size of thousand bits. Recently rank metric codes have been used to shorten the key size of code-based cryptography. In this talk, we give an introduction to code-based (public key) cryptography and describe the current status of rank metric code-based cryptography. KIM, Jon-Lark (Sogang University, Korea) Jon-Lark KIM Is a professor in mathematics at Sogang University. His major research field is coding theory, cryptography, combinatorics and algebra. He researches information security and its industrial applications and recreational mathematics. He published a lot of theories and the representative papers are “Higher-order CIS codes”, “Optimal subcodes and optimum distance profiles of self-dual codes” and “ A new class of codes for Boolean masking of cryptographic computation”. And he has a patent on apparatus and method for generating error-correcting codes in order to protect against side-channel attacks. He received 2004 Kirkman medal which recognizes outstanding work by ICA members in their early research careers. High-Performance Cryptographic Operations on General-Purpose Processors With widespread adoption of secure network protocols in the Internet, the demand for high-performance cryptographic operations is fast increasing. In this talk, I will explain state-of-the-art implementation techniques of cryptographic operations such as RSA, AES, and SHA1 on general-purpose processors. We find that GPU has a great potential to be used as a cost-effective accelerator for many cryptographic operations but it often suffers from relatively low PCIe bandwidth that limits performance improvement. In contrast, recent APU that integrates GPU and CPU into a single chip eliminates the I/O bottleneck and produces the best performance-per-dollar for cryptographic operations. I will talk about performance numbers on individual cryptographic operations as well as on realistic secure network protocols such as IPsec and TLS. PARK, KyoungSoo (KAIST, Korea) KyoungSoo Park is an associate professor in the Electrical Engineering department at KAIST. He received his B.S. degree from Seoul National University in 1997, and his M.A. and Ph.D. degrees from Princeton University in 2004 and 2007, respectively, all in computer science. Before joining KAIST, he worked as assistant professor in the computer science department at University of Pittsburgh in the year of 2009. His research interest is focused on the reliability, performance, and security issues in the design and implementation of networked computing systems. He has developed CoBlitz, a scalable large-file content distribution network (CDN), which is acquired by Verivue, Inc., and subsequently by Akamai, Inc. in 2012. He has co-developed HashCache, a memory-efficient caching storage system for developing regions, which was chosen one of the top 10 technologies in 2009 by the MIT technology review magazine. Most recently, his co-authored mTCP paper received the community award at USENIX NSDI. His recent research topic is focused on high performance packet/flow processing systems using multicore/manycore processors, such as PacketShader (a 40Gbps software router), SSLShader (13Gbps SSL proxy), and Kargus (33Gbps software IDS). Multivariate Quadratic Equations I will explain basics of MPKC from algebraic geometer's point of view and explain how algebraic geometry can help understanding various systems, attack schemes and the efficiency of the schemes. Especially, I will focus on the direct attacks using the Gröbner basis and some algebro-geometric methods for understanding the efficiency of the GB computation. HYEON, Donghoon (Seoul National University, Korea) Donghoon Hyeon is an associate professor of Mathematical Sciences at Seoul National University since March 2015. And he was an associate professor of POSTECH. He received the B.S degrees in mathematics and physics from Korea Advanced Institute of Science and Technology. Also, he received his Ph.D in Mathematics from University of Illinois at Urbana-Champaign. His current research area is Algebraic Geometry. He has received Young Scientist Award from The Korean Academy of Science Technology, Excellent Paper Award from Korea Mathematical Society in 2014. Quantum strategy, Quantum Correlations and Operator Algebras Quantum strategy provides a far better performance for some classical problems such as graph coloring problem compared to the classical strategy. This can be explained in terms of quantum correlation matrices. In this talk we will examine its surprising connection to a subfield of pure mathematics called "operator algebra". It turned out that the distinction of various quantum correlation matrices are closely connected to one of the most important open questions in operator algebra, namely "Connes' embedding conjecture". We will also discuss a very recent solution of "Tsirelson's conjecture" by W. Slofstra. LEE, Hun Hee (University of Waterloo/SNU, Korea) HunHee Lee obtained his Ph.D in 2004 at KAIST and received his postdoctoral training at various places including University of Illinois at Urbana Champaign and University of Waterloo. Currently, Dr. Lee is an associate professor at the department of mathematical sciences in SNU. He is working on Non-commutative Lp-spaces, Operator spaces, Non-commutative probability and Abstract harmonic analysis on locally compact (quantum) groups. In 2011 he has been chosen as a TJ park Junior Faculty Fellowship.

Selected publications :

1. (with Eric Ricard) Hypercontractivity on the q-Araki-Woods algebras. Comm. Math. Phys, 305(2) (2011), 533-553.

2. (with M. Caspers and E. Ricard) Operator biflatness of the L^1-algebras of compact quantum groups, J. Reine Angew. Math. (Crelle's Journal) Volume 2015, Issue 700, Pages 235-244, DOI: 10.1515/crelle-2013-0016.

3. (with Mahya Ghandehari, Ebrahim Samei and Nico Spronk) Some Beurling-Fourier algebras are operator algebras. Trans. Amer. Math. Soc. 367, Number 10 (2015), 7029--7059.

4. (with Jean Ludwig, Ebrahim Samei and Nico Spronk) Weak amenability of Fourier algebras and local synthesis of the anti-diagonal, Adv. Math. 292 (2016), 11--41.

5. (with Ebrahim Samei and Nico Spronk) Similarity degree of Fourier algebras, J. Funct. Anal. 271 (2016), 593--609.Quantum Computing and Post-Quantum Cryptography Quantum computing is bringing fatal threats to classical cryptography. Many existing cryptosystems will be broken by a quantum computer, due to efficient quantum algorithms for factoring and discrete logarithm. More generally, the framework for analyzing security in classical cryptography is also becoming shaky in the quantum adversarial setting.

In this talk, I will give an overview on how quantum attacks could compromise classical cryptography. The focus here will be on quantum algorithms for solving problems that are critical in cryptography. I will introduce some basic quantum algorithmic ideas that are essential in e.g. Shor's quantum factoring algorithm. Finally I will talk about some recent advance in quantum algorithms which surprisingly can be applied to break some lattice-based crypto constructions that were believed quantum-secure.

I hope to show you in my talk that cryptography in the presence of quantum attacks is extremely challenging but exciting, and we would need more and more people to join the workforce.SONG, Fang (University of Portland State, USA) Fang Song is an Assistant Professor in the Computer Science Department at the Portland State University starting Fall 2016. Previously, he spent three years as a postdoctoral fellow at the Institute for Quantum Computing and the Department of Combinatorics and Optimization at the University of Waterloo. He obtained his PhD degree in 2013 in Computer Science and Engineering at the Pennsylvania State University, under the supervision of Sean Hallgren. Prior to coming to Penn State, he received my bachelor's degree from University of Science & Technology of China in 2008. His research interests lie in cryptography, especially in the presence of quantum attacks (a.k.a. post-quantum crypto), quantum algorithms, computational complexity and theoretical computer science broadly. AGGARWAL, Divesh **National University of Singapore, Singapore**November 29(Tue.) 10:25-11:25 Session 8 :

**Algorithms for Lattice Problems via Discrete Gaussian**CHEON, Jung Hee **Seoul National University, Korea**November 28(Mon.) 14:20-15:00 Session 4 :

**Practical Public Key Encryption Based on Lattices**DING, Jintai **University of Cincinnati, USA**November 28(Mon.) 11:10-12:00 Session 2 :

**Simple and Provable Secure(Authenticated) Key Exchange Based on the LWE**HYEON, Donghoon **Seoul National University, Korea**November 29(Tue.) 15:40-16:20 Session 12 :

**Multivariate Quadratic Equations**KIM, Jon-Lark **Sogang University, Korea**November 29(Tue.) 14:00-14:40 Session 10 :

**Rank Metric Code Based Cryptography**KYE, Seung-Hyeok **Seoul National University, Korea**November 29(Tue.) 11:30-12:20 Session 9 :

**Detecting Entanglement**LEE, Hun Hee **University of Waterloo/SNU, Korea**November 29(Tue.) 16:20-17:00 Session 13 :

**Quantum Strategy, Quantum**

Correlations and Operator AlgebrasLIM, Seongan **Ewha Womans University, Korea**November 28(Mon.) 15:20-16:00 Session 5 :

**Public Key Authentication in Postquantum PKC**MOODY, Dustin **NIST, USA**November 28(Mon.) 10:00-10:50 Session 1 :

**The NIST Post-Quantum Cryptography Standardization Process**NGUYEN, Phong **Inria and CNRS/JFLI and**

the University of Tokyo, FranceNovember 29(Tue.) 09:20-10:10 Session 7 :

**Lattice Enumeration Revisited**PARK, KyoungSoo **KAIST, Korea**November 29(Tue.) 14:40-15:20 Session 11 :

**High-Performance Cryptographic Operations on General-Purpose Processors**SONG, Fang **University of Portland State, USA**November 29(Tue.) 17:20–18:00 Session 14 :

**Quantum Computing and Post-Quantum Cryptography**TAKAGI, Tsuyoshi **Kyushu University, Japan**November 28(Mon.) 13:30-14:20 Session 3 :

**Computational Problems in Post-Quantum Cryptography**XIANG, Hong **Chongqing Univeristy, China**November 28(Mon.) 16:00-16:40 Session 6 :

**The Recent PQC Research Activities in China**