Sunday, 2.5.1999

12.00 - 20.00 Registration

15.30 – 19.00 E-mail Lounge

19.30 - 21.30 Welcome Cocktail

Monday, 3.5.1999

08.00 – 17.00 Registration

15.30 – 19.00 E-mail Lounge

09.00 - 09.10 Opening Remarks

Morning sessions

Cryptanalysis I (chair: Jacques Stern)

• 09.10-09.35 Cryptanalysis of RSA with Private Key d < N^0.292
  Dan Boneh and Glenn Durfee (Stanford University)
• 09.35 - 10.00 Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials Eli Biham, Alex Biryukov (Technion), and Adi Shamir (Weizmann Institute of Science

Hash Functions (chair: Jean-Jacques Quisquater)

• 10.00 - 10.25 Software Performance of Universal Hash Functions
  Wim Nevelsteen and Bart Preneel (Universiteit Leuven)

Foundations I (chair: Claus Schnorr)

• 10.55 - 11.20 Computationally Private Information Retrieval with Polylogarithmic Communication Christian Cachin (IBM Zurich), Silvio Micali (MIT), and Markus Stadler (Crypto AG)
• 11.20 - 11.45 On the (Im)possibility of Basing Oblivious Transfer and Bit Commitment on Weakened Security Assumptions Ivan Damgard (University of Aarhus), Joe Kilian (NEC Research Institute), and Louis Salvail (University of Aarhus)
• 11.45 - 12.10 Conditional Oblivious Transfer and Timed-Release Encryption Giovanni Di Crescenzo (University of California San Diego), Rafail Ostrovsky, and Sivaramakrishnan Rajagopalan (Bellcore)

Afternoon sessions

Public Key (chair: Paul Van Oorschot)

• 14.00 - 14.25 An Efficient Threshold Public Key Cryptosystem Secure Against Adaptive Chosen Ciphertext Attack Ran Canetti (IBM T.J. Watson) and Shafi Goldwasser (MIT)
• 14.25 - 14.50 Proving in Zero-Knowledge that a Number is the Product of Two Safe Primes Jan Camenisch (University of Aarhus) and Markus Michels (Entrust Technologies Europe)
• 14.50 - 15.15 Secure Hash-and-Sign Signatures without the Random Oracle
  Rosario Gennaro, Shai Halevi, and Tal Rabin (IBM T.J. Watson)

• 15.45 - 16.10 A Note on the Limits of Collusion-Resistant Watermarks
  Funda Ergun (Bell Laboratories), Joe Kilian (NEC Research Institute), and Ravi Kumar (IBM Almaden)
• 16.10 - 16.35 Coin-Based Anonymous Fingerprinting
  Birgit Pfitzmann and Ahmad-Reza Sadeghi (Universitat des Saarlandes)

Tuesday, 4.5.1999

8.00 – 15.00 E-mail Lounge

Morning sessions

Elliptic Curves (chair: Willi Meier)

• 9.00 - 9.25 On the Performance of Hyperelliptic Cryptosystems
  Nigel Smart (Hewlett-Packard Laboratories)
• 9.25 - 9.50 Fast Elliptic Curve Algorithm Combining Frobenius Map and Table Reference to Adapt to Higher Characteristic Tetsutaro Kobayashi, Hikaru Morita, Kunio Kobayashi, and Fumitaka Hoshino (NTT Laboratories)
• 9.50 - 10.15 Comparing the MOV and FR Reductions in Elliptic Curve Cryptography Ryuichi Harasawa, Junji Shikata, Joe Suzuki (Osaka University), and Hideki Imai (University of Tokyo)

New Schemes (chair: Dan Boneh)

• 10.45 - 11.10 Unbalanced Oil and Vinegar Signature Schemes
  Aviad Kipnis (NDS Technologies), Jacques Patarin, and Louis Goubin (Bull SmartCards and Terminals)
• 11.10 - 11.35 Public-Key Cryptosystems Based on Composite Degree Residuosity Classes Pascal Paillier (Gemplus)
• 11.35 - 12.00 New Public Key Cryptosystems based on the Dependent--RSA Problems David Pointcheval (Ecole Normale Superieure)

17.00 – 20.00 E-mail Lounge

Wednesday, 5.5.1999

8.00 – 17.00 E-mail Lounge

Morning sessions

Block Ciphers (chair: Lars Knudsen)

• 9.00 - 9.25 Resistance Against General Iterated Attacks
  Serge Vaudenay (Ecole Normale Superieure)
• 9.25 - 9.50 XOR and non-XOR Differential Probabilities
  Philip Hawkes (Qualcomm International) and Luke O'Connor (IBM Zurich)
• 9.50 - 10.15 S-boxes with Controllable Nonlinearity
  Jung Hee Cheon, Sungtaek Chee, and Choonsik Park (ETRI)

Distributed Cryptography (chair: Carlo Blundo)

• 10.45 - 11.10 Secure Distributed Key Generation for Discrete-Log Based Cryptosystems Rosario Gennaro (IBM T.J. Watson), Stanislaw Jarecki (MIT), Hugo Krawczyk (Technion), and Tal Rabin (IBM T.J. Watson)
• 11.10 - 11.35 Efficient Multiparty Computations Secure Against an Adaptive Adversary Ronald Cramer (ETH Zurich), Ivan Damgard, Stefan Dziembowski (Aarhus University), Martin Hirt (ETH Zurich), and Tal Rabin (IBM T.J. Watson)
• 11.35 - 12.00 Distributed Pseudo-Random Functions and KDCs
  Moni Naor, Benny Pinkas, and Omer Reingold (Weizmann Institute of Science)

Afternoon sessions

Cryptanalysis II (chair: Eli Biham)

• 14.00 - 14.25 Improved Fast Correlation Attacks on Stream Ciphers via Convolutional Codes Thomas Johansson and Fredrik Jonsson (Lund University)
• 14.25 - 14.50 Cryptanalysis of An Identification Scheme Based on The Permuted Perceptron Problem Lars R. Knudsen (University of Bergen) and Willi Meier (FH-Aargau)

Tools from Related Areas (chair Victor Shoup)

• 15.20 - 15.45 An Analysis of Exponentiation Based on Formal Languages
  Luke O'Connor (IBM Zurich Research)
• 15.45 -16.10 Dealing Necessary and Sufficient Numbers of Cards for Sharing a One-bit Secret Key Takaaki Mizuki, Hiroki Shizuya, and Takao Nishizeki (Tohoku University)

IACR Business Meeting (at about five)

19.30 Banquet (Municipal House)

Thursday, 6.5.1999

8.00 – 15.00 E-mail Lounge

Morning sessions

Foundations II (chair: Claude Crepeau)

• 9.00 - 9.25 Lower Bounds for Oblivvious Transfer Reductions Yevgeniy Dodis and Silvio Micali (MIT)
• 9.25 -9.50 On the Concurrent Composition of Zero-Knowledge Proofs
  Ransom Richardson (Groove Networks) and Joe Kilian (NEC Research Institute)
• 9.50 - 10.15 Pseudorandom Function Tribe Ensembles Based on One-Way Permutations: Improvements and Applications Marc Fischlin (Universitat Frankfurt)

Broadcast and Multicast (chair: Yuliang Zheng)

• 10.45 - 11.10 Secure Communication in Broadcast Channels: the Answer to Franklin and Wright's Question Yongge Wang and Yvo Desmedt (University of Wisconsin)
• 11.10 - 11.35 Efficient Communication-Storage Tradeoffs for Multicast Encryption
  Ran Canetti (IBM T. J. Watson), Tal Malkin (MIT), and Kobbi Nissim (Weizmann Institute of Science)
• 11.35 - 11.50 Final remarks

12.00 - 14.00 Lunch