Colloquium Joan Daemen – Monday, July 9, 2018
Symmetric Crypto 2.0
Abstract: Imagine there’s no block ciphers, it’s easy if you try:-) A (cryptographic) permutation can be thought of as a block cipher (like AES or DES) without a key (or with a fixed key if you prefer). During the SHA-3 competition it became clear that permutation-based hashing, e.g., by using the sponge construction, is superior to block-cipher based hashing (as in MD5, SHA-1 and SHA-2). By including a key in the sponge input, it can readily be used for message authentication (MAC) and by exploiting the arbitrarily long sponge output even for stream encryption. The duplex variant of sponge widens the spectrum to, among other, authenticated encryption and reseedable pseudorandom generation and was adopted by a dozen submissions to the CAESAR competition for authenticated ciphers. The disadvantage of the sponge and duplex constructions is that they are inherently serial. To address this, we introduced a fully parallel counterpart of the sponge, called Farfalle and propose a brand new permutation called Xoodoo. Clearly, there is a lot going on in permutation-based crypto and this talk will get you up to date.
Joan Daemen is full Professor symmetric cryptography at Radboud University and is also affiliated to STmicroelectronics as a security architect. He works in symmetric cryptography and is best known for the design of Rijndael together with Vincent Rijmen and the conception of sponge functions and Keccak, together with Guido Bertoni, Gilles Van Assche and Michaël Peeters. The former won the AES contest in 2000 and the latter won the SHA-3 contest in 2012. His current research interests include permutation-based symmetric cryptography and secure implementations.