All sessions will be held at the 2nd Conference Hall on the 3rd floor in the H.S.S. Building (人文社會科學館) of Academia Sinica.
| 8:00–9:00 | Registration |
| 9:00–9:10 | Opening Remarks |
| Session 1: CCA Security (Chair: Yuval Ishai) |
| 9:10–9:30 |
Trading Plaintext-Awareness for Simulatability to Achieve Chosen Ciphertext Security |
| Takahiro Matsuda, Goichiro Hanaoka |
| 9:30–9:50 |
Chosen-Ciphertext Security from Subset Sum |
| Sebastian Faust, Daniel Masny, Daniele Venturi |
| 9:50–10:10 |
On the Hardness of Proving CCA-Security of Signed ElGamal |
| David Bernhard, Marc Fischlin, Bogdan Warinschi |
| 10:10–10:30 |
CCA-Secure Keyed-Fully Homomorphic Encryption |
| Junzuo Lai, Robert H. Deng, Changshe Ma, Kouichi Sakurai, Jian Weng |
| 10:30–10:50 |
On the Key Dependent Message Security of the Fujisaki-Okamoto Constructions |
| Fuyuki Kitagawa, Takahiro Matsuda, Goichiro Hanaoka, Keisuke Tanaka |
| 10:50–11:20 | Coffee break |
| Session 2: Identity-Based Encryption (Chair: Giuseppe Persiano) |
| 11:20–11:40 |
Identity-Based Cryptosystems and Quadratic Residuosity |
| Marc Joye |
| 11:40–12:00 |
Identity-based Hierarchical Key-insulated Encryption without Random Oracles |
| Yohei Watanabe, Junji Shikata |
| 12:00–13:00 | Invited Talk I: The Many Faces of Garbled Circuits |
| Vinod Vaikuntanathan |
| 13:00–14:30 | Lunch – Recreation Hall at H.S.S. Building |
| Session 3: Signatures I (Benoît Libert) |
| 14:30–14:50 |
Attribute-Based Signatures for Circuits from Bilinear Map |
| Yusuke Sakai, Nuttapong Attrapadung, Goichiro Hanaoka |
| 14:50–15:10 |
Efficient Unlinkable Sanitizable Signatures from Signatures with Re-Randomizable Keys |
| Nils Fleischhacker, Johannes Krupp, Giulio Malavolta, Jonas Schneider, Dominique Schröder, Mark Simkin |
| 15:10–15:30 |
Fault-Tolerant Aggregate Signatures |
| Gunnar Hartung, Björn Kaidel, Alexander Koch, Jessica Koch, Andy Rupp |
| 15:30–15:50 |
Delegatable Functional Signatures |
| Michael Backes, Sebastian Meiser, Dominique Schröder |
| 15:50–16:20 | Coffee break |
| Session 4: Signatures II (Chair: Tung Chou) |
| 16:20–16:40 |
Mitigating Multi-Target Attacks in Hash-based Signatures |
| Andreas Hülsing, Joost Rijneveld, Fang Song |
| 16:40–17:00 |
Nearly Optimal Verifiable Data Streaming |
| Johannes Krupp, Dominique Schröder, Mark Simkin, Dario Fiore, Giuseppe Ateniese, Stefan Nuernberger |
| 17:00–17:20 |
ARMed SPHINCS – Computing a 41KB signature in 16KB of RAM |
| Andreas Hülsing, Joost Rijneveld, Peter Schwabe |
| Session 5: Functional Encryption (Chair: Dominique Schroeder) |
| 9:10–9:30 |
Extended Nested Dual System Groups, Revisited |
| Junqing Gong, Jie Chen, Xiaolei Dong, Zhenfu Cao, Shaohua Tang |
| 9:30–9:50 |
Functional Encryption for Inner Product with Full Function Privacy |
| Pratish Datta, Ratna Dutta, Sourav Mukhopadhyay |
| 9:50–10:10 |
Deniable Functional Encryption |
| Angelo de Caro, Vincenzo Iovino, Adam O'Neill |
| 10:10–10:40 | Coffee break |
| Session 6: Cryptanalysis |
| 10:40–11:00 |
Algebraic approaches for the Elliptic Curve Discrete Logarithm Problem over prime fields |
| Christophe Petit, Michiel Kosters, Ange Messeng |
| 11:00–11:20 |
Degenerate Curve Attacks |
| Samuel Neves, Mehdi Tibouchi |
| 11:20–11:40 |
Easing Coppersmith Methods using Analytic Combinatorics: Applications to Public-Key Cryptography with Weak Pseudorandomness |
| Fabrice Benhamouda, Céline Chevalier, Adrian Thillard, Damien Vergnaud |
| 11:40–12:00 |
How to Generalize RSA Cryptanalyses |
| Atsushi Takayasu, Noboru Kunihiro |
| 12:00–13:00 | Invited Talk II: Future Directions in Lattice Cryptography |
| Vadim Lyubashevsky |
| 13:00–14:30 | Lunch – Recreation Hall at H.S.S. Building |
| 14:30–18:30 | Excursion to the National Palace Museum |
| 19:30 | Banquet at the Silks Palace at the National Palace Museum |
| Session 7: Leakage-Resilient and Circularly Secure Encryption (Chair: Mehdi Tibouchi) |
| 9:10–9:30 |
Leakage-Resilient Public-Key Encryption from Obfuscation |
| Dana Dachman-Soled, S. Dov Gordon, Feng-Hao Liu, Adam O'Neill, Hong-Sheng Zhou |
| 9:30–9:50 |
On Generic Constructions of Circularly-Secure, Leakage-Resilient Public-Key Encryption Schemes |
| Mohammad Hajiabadi, Bruce M. Kapron, Venkatesh Srinivasan |
| 9:50–10:10 |
KDM-Security via Homomorphic Smooth Projective Hashing |
| Hoeteck Wee |
| 10:10–10:40 | Coffee break |
| Session 8: Primitives (Chair: Peter Schwabe) |
| 10:40–11:00 | Reducing Depth in Constrained PRFs: From Bit-Fixing to NC1 |
| Nishanth Chandran, Srinivasan Raghuraman, Dhinakaran Vinayagamurthy |
| 11:00–11:20 | Non-Malleable Functions and Their Applications |
| Yu Chen, Baodong Qin, Jiang Zhang, Yi Deng, Sherman S.M. Chow |
| 11:20–11:40 |
On Public Key Encryption from Noisy Codewords |
| Eli Ben-Sasson, Iddo Ben-Tov, Ivan Damgard, Yuval Ishai, Noga Ron-Zewi |
| 11:40–12:00 |
Non-Trivially Efficient Indistinguishability Obfuscation |
| Huijia Lin, Rafael Pass, Karn Seth, Sidharth Telang |
| 12:00–13:00 | Invited Talk III: The first 10 years of Curve25519 |
| Daniel J. Bernstein |
| 13:00–14:30 | Lunch – Recreation Hall at H.S.S. Building |
| Session 9: Protocols I (Chair: Christophe Petit) |
| 14:30–14:50 |
Asynchronous Secure Multiparty Computation in Constant Time |
| Ran Cohen |
| 14:50–15:10 | Adaptively Secure Multi-Party Computation from LWE (via Equivocal FHE) |
| Ivan Damgård, Antigoni Polychroniadou, Vanishree Rao |
| 15:10–15:30 |
Universally Composable Direct Anonymous Attestation |
| Jan Camenisch, Manu Drijvers, Anja Lehmann |
| 15:30–15:50 |
Universally Composable Authentication and Key-Exchange with Global PKI |
| Ran Canetti, Daniel Shahaf, Margarita Vald |
| 15:50–16:20 | Coffee break |
| Session 10: Protocols II (Chair: Tanja Lange) |
| 16:20–16:40 |
Very-efficient simulatable flipping of many coins into a well |
| Luís T. A. N. Brandão |
| 16:40–17:00 |
Robust Secret Sharing Schemes Against Local Adversaries |
| Allison Bishop, Valerio Pastro |
| 17:00 | Conference Adjourns |
