Andrew M. Odlyzko, Claus P. Schnorr, Adi Shamir (editors):
Cryptography
Dagstuhl-Seminar-Report; 74 27.09.-01.10.93 (9339) ISSN 0940-1121 Copyright © 1993 by IBFI GmbH, Schloss Dagstuhl, D-66687 Wadern, Germany TeI.: +49-6871 - 2458 Fax: +49-6871 - 5942 Das Internationale Begegnungs- und Forschungszentrum für Informatik (IBFI) ist eine gemein- nützige GmbH. Sie veranstaltet regelmäßig wissenschaftliche Seminare, welche nach Antrag der Tagungsleiter und Begutachtung durch das wissenschaftliche Direktorium mit persönlich eingeladenen Gästen durchgeführt werden. Verantwortlich für das Programm ist das Wissenschaftliche Direktorium: Prof. Dr. Thomas Beth., Prof. Dr.-Ing. Jose Encarnacao, Prof. Dr. Hans Hagen, Dr. Michael Laska, Prof. Dr. Thomas Lengauer, Prof. Dr. Wolfgang Thomas, Prof. Dr. Reinhard Wilhelm (wissenschaftlicher Direktor) Gesellschafter: Universität des Saarlandes, Universität Kaiserslautern, Universität Karlsruhe, Gesellschaft für Informatik e.V., Bonn Träger: Die Bundesländer Saarland und Rheinland-Pfalz Bezugsadresse: Geschäftsstelle Schloss Dagstuhl Universität des Saarlandes Postfach 15 11 50 D-66041 Saarbrücken, Germany TeI.: +49 -681 - 302 - 4396 Fax: +49 -681 - 302 - 4397 e-mail: [email protected] Report
on the First Dagstuhl Seminar on
Cryptography
September 27 October 1, 1993
The First Dagstuhl Seminar on Cryptography was organized by Andrew M. Odlyzko (Murray Hill), Claus P. Schnorr (Frankfurt) and Adi Shamir (Tel Aviv). The 38 partic- ipants came from 12 countries. Unfortunately Andrew Odlyzko fell ill shortly before the meeting and could not attend. The 31 lectures covered a broad range of actual research in cryptography dealing with new cryptographic systems and their cryptanalysis. New schemes have been presented for public key signatures, key distribution, key sharing, authentication and cryptographic hashing. Some talks were given about various aspects of number theory like lattice re- duction and factorization. Other talks studied cryptographic problems in the framework of coding and information theory. Adi Shamir proposed in an off schedule discussion an encryption scheme for pictures. It later on has been visualized on some nice slides by Antoine J oux.
N Reporter: Carsten Rossner Schedule
Monday, 27.09.1993 Morning session. Chair: Jacques Stern
9.15 - 9.30 CLAUS P. SCHNORR Opening 9.30 9.55 MICHAEL BURMESTER: A Practical and Efficient Conference Key Distri- bution System as Secure as Diffie Hellmann :: 6 10.00 10.50 HARALD NIEDERREITER: Factorization Algorithms for Polynomials over Fi- nite Fields, A Progress Report ...... 6 11.20 11.50 LEONID BASSALYGO: A Lower Bound of Probability of Substitution for Authentication Codes without Secrecy ...... .6 Afternoon session. Chair: Arjen K. Lenstra
15.30 16.20 FRANCOIS MORAIN: Computing the Number of Points on an Elliptic Curve mod p : Practical Considerations ...... 7 16.30 17.15 ANTOINE JOUX: Parallel Lattice Reduction (LLL): How to derive a Reduction Algorithm, Uniting the Speed up of Schnorr and the Parallelisation of Villard ...... 7 17.25 17.55 CARSTEN RÖSSNER: A Stable Algorithm for Integer Relations ...... 7
Tuesday, 28.09.1993 Morning session. Chair: Kevin McCurley
9.00 9.45 CLAUS P. SCHNORR: Parallel FFT-Hashing ...... 8 9.50 10.20 MONI NAOR: Broadcast Encryption ...... 8 10.50 11.20 JOAN DAEMEN: A New Approach towards Block Cipher Design. 8 11.25 11.45 MICHAEL PORTZ: Interconnection Networks in Cryptography . . . . . 9 Afternoon session. Chair: Moti Yung
14.30 15.15 GILLES BRASSARD: Privacy Ampli cation ...... 9 15.20 16.05 UELI M. MAURER: The Right Definition of Secret Key Rate ...... 10 16.30 17.00 ODED GOLDREICH: Using Error correcting Codes to Enhance the Se- curity of Signature Schemes ...... 10 17.05 17.25 VALERI I. KORJIK: The In uence of Real Random Sequence Generator on the Capacity of the Wire Tap Channel . . . . 11 17.30 18.00 NIELS FERGUSON: Designated Con rmer Signatures ...... 11 Wednesday, 29.09.1993 Morning session. Chair: Ueli M. Maurer
9.00 9.50 ADI SHAMIR: Cryptographic Applications of Birational Map pings ...... 11 9.55 10.45 JACQUES STERN: Attacks against Birational Signatures ...... 12 11.15 12.05 CLAUDECREPEAU: Proving Security of Quantum Cryptographic Pro- tocols ...... 12
Thursday, 30.09.1993
Morning session. Chair: Michael Burmester
9.00 9.30 ARJEN K. LENSTRA: QS + >NFS ...... .13 9.35 10.05 SCOTT A. VANSTONE: The Knapsack Problem in Cryptography ...... 13 10.10 10.40 KEVIN MCCURLEY: A Hacker s View of Cryptography ...... 13 11.10 - 11.40 TSUTOMUMATSUMOTO: A New Approach to Key Sharing ...... 14 11.45 12.05 HANS-JOACHIM KNOBLOCH: Veri able Secret Sharing ...... .14
Afternoon session. Chair: Gilles Brassard
15.00 15.40 ELI BIHAM: On Matsui s Linear Cryptanalysis ...... .15 15.45 - 16.15 KAZUO OHTA: Differential Attack on MessageAuthentication 15 16.45 17.15 MOTI YUNG: Eavesdropping Games ...... 15 17.20 17.50 ERNST M. GABIDULIN: How to avoid the Sidelnikov Shestakov Attack against the Niederreiter System ...... 16
Friday, 01.10.1993