FSE 2017
March 5-8, 2017
Tokyo, Japan
24th International Conference on Fast Software Encryption
Fast Software Encryption 2017


All technical sessions and coffee breaks take place in the Hall D7 at Tokyo International Forum.
Lunch is available in the Hall D5.

All talks are 20 minutes including questions unless indicated otherwise.

A pdf version of the program is available here.

Sunday 5 March 2017

  • 18:00 - 20:00: Welcome Reception and Registration
    at the Lounge (G Block, 7th floor) at Tokyo International Forum (5-minute walk from Tokyo Station, or 1-minute walk from Yurakucho Station).

Monday 6 March 2017

  • 9:00 -: Registration
  • 9:50 - 10:00: Welcome Remarks
(Chair: Jian Guo)

Session I - Cryptanalysis: Hash functions 10:00 - 11:00

  • Cryptanalysis of Haraka
    Jérémy Jean
  • New techniques for trail bounds and application to differential trails in Keccak
    Silvia Mella, Joan Daemen, Gilles Van Assche
  • SymSum: Symmetric-Sum Distinguishers Against Round Reduced SHA3
    Dhiman Saha, Sukhendu Kuila, Dipanwita Roy Chowdhury
  • 11:00 - 11:30: Coffee Break
(Chair: María Naya-Plasencia)

Session II - Invited Talk I 11:30 - 12:30

  • Innovations in permutation-based encryption and/or authentication
    Imagine there's no block ciphers, it's easy if you try:-)

    Joan Daemen
    Radboud University, Netherlands and STMicroelectronics, Belgium
    Abstract in pdf
  • 12:30 - 13:45: Lunch Break
(Chair: Christina Boura)

Session III - Building blocks13:45 - 15:35

  • Lightweight Diffusion Layer: Importance of Toeplitz Matrices
    Sumanta Sarkar, Habeeb Syed
  • Direct construction of quasi-involutory recursive-like MDS matrices from 2-cyclic codes
    Victor Cauchois, Pierre Loidreau, Nabil Merkiche
  • Design of Lightweight Linear Diffusion Layers from Near-MDS Matrices
    Chaoyun Li, Qingju Wang
  • Exponential S-Boxes: a Link Between the S-Boxes of BelT and Kuznyechik/Streebog
    Léo Perrin, Aleksei Udovenko
  • A Note on 5-bit Quadratic Permutations' Classification (short talk: 10 minutes)
    Dusan Bozilov, Begül Bilgin, Haci Ali Sahin
  • Analysis of Software Countermeasures for Whitebox Encryption
    Subhadeep Banik, Andrey Bogdanov; Takanori Isobe; Martin Bjerregaard Jepsen
  • 15:35 - 16:05: Coffee Break
(Chair: Lei Wang)

Session IV - Cryptanalysis: Block ciphers16:05 - 17:45

  • Multiset-Algebraic Cryptanalysis of Reduced Kuznyechik, Khazad, and secret SPNs
    Alex Biryukov, Dmitry Khovratovich, Léo Perrin
  • Practical Key-Recovery Attack on MANTIS5
    Christoph Dobraunig, Maria Eichlseder, Daniel Kales, Florian Mendel
  • Chosen-Key Distinguishers on 12-Round Feistel-SP and 11-Round Collision Attacks on Its Hashing Modes
    Xiaoyang Dong, Xiaoyun Wang
  • Meet-in-the-Middle Attacks on Classes of Contracting and Expanding Feistel Constructions
    Jian Guo, Jérémy Jean, Ivica Nikolic, Yu Sasaki
  • Subspace Trail Cryptanalysis and its Applications to AES
    Lorenzo Grassi, Christian Rechberger, Sondre Rønjom

Tuesday 7 March 2017

  • 9:00 -: Registration
(Chair: Thomas Peyrin)

Session V - New designs9:30 - 10:50

  • Haraka v2 Efficient Short-Input Hashing for Post-Quantum Applications
    Stefan Kölbl, Martin M. Lauridsen, Florian Mendel, Christian Rechberger
  • The Qarma Block Cipher Family
    Roberto Avanzi
  • LIZARD - A Lightweight Stream Cipher for Power-constrained Devices
    Matthias Hamann, Matthias Krause, Willi Meier
  • On Ciphers that Continuously Access the Non-Volatile Key
    Vasily Mikhalev, Frederik Armknecht, Christian Müller
  • 10:50 - 11:20: Coffee Break
(Chair: Bart Preneel)

Session VI - Invited Talk II 11:20 - 12:20

  • Design, Analysis and Promotion of (Lightweight) Block Ciphers
    Shiho Moriai
    NICT, Japan
    Abstract in pdf
  • 12:20 - 13:35: Lunch Break
(Chair: Gaëtan Leurent)

Session VII - Authenticated Encryption: Cryptanalysis13:35 - 14:55

  • Cryptanalysis of NORX v2.0
    Colin Chaigneau, Thomas Fuhr, Henri Gilbert, Jérémy Jean, Jean-René Reinhard
  • Is AEZ v4.1 Sufficiently Resilient Against Key-Recovery Attacks?
    Colin Chaigneau, Henri Gilbert
  • Conditional Cube Attack on Round-Reduced ASCON
    Zheng Li, Xiaoyang Dong, Xiaoyun Wang
  • Cube-like Attack on Round-Reduced Initialization of Ketje Sr
    Xiaoyang Dong; Zheng Li; Xiaoyun Wang; Ling Qin
  • 14:55 - 15:25: Coffee Break
(Chair: Tetsu Iwata)

Session VIII - Security reductions15:25 - 16:45

  • Security Analysis of BLAKE2ís Modes of Operation
    Atul Luykx, Bart Mennink, Samuel Neves
  • The Exact Security of PMAC
    Peter Gaži, Krzysztof Pietrzak, Michal Rybár
  • On the Exact Security of Message Authentication using Pseudorandom Functions
    Ashwin Jha, Avradip Mandal, Mridul Nandi
  • A Fast Single-Key Two-Level Universal Hash Function
    Debrup Chakraborty, Sebati Ghosh, Palash Sarkar
  • (Chair: Carlos Cid) 16:45 - 17:45: Rump Session
    Rump session CFP is available. The deadline is Tuesday, 7 Mar, at 11am.

Wednesday 8 March 2017

  • 9:00 -: Registration
(Chair: Anne Canteaut)

Session IX - Authenticated encryption: Designs9:20 - 10:40

  • Stronger Security Variants of GCM-SIV
    Tetsu Iwata, Kazuhiko Minematsu
  • ISAP -- Towards Side-Channel Secure Authenticated Encryption
    Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Thomas Unterluggauer
  • Linking Online Misuse-Resistant Authenticated Encryption and Blockwise Attack Models
    Guillaume Endignoux, Damian Vizár
  • OleF: an Inverse-Free Online Cipher. An Online SPRP with an Optimal Inverse-Free Construction
    Ritam Bhaumik, Mridul Nandi
  • 10:40 - 11:05: Coffee Break
(Chair: Thomas Fuhr)

Session X - Cryptanalysis: Techniques11:05 - 12:25

  • Linear Cryptanalysis: Key Schedules and Tweakable Block Ciphers
    Thorsten Kranz, Gregor Leander, Friedrich Wiemer
  • Improved Parameter Estimates for Correlation and Capacity Deviates in Linear Cryptanalysis
    Céline Blondeau, Kaisa Nyberg
  • Quantum Differential and Linear Cryptanalysis
    Marc Kaplan, Gaëtan Leurent, Anthony Leverrier, María Naya-Plasencia
  • The Approximate k-List Problem
    Leif Both, Alexander May
  • 12:25 - 13:40: Lunch Break
(Chair: Kazuhiko Minematsu)

Session XI - Security Notions13:40 - 14:40

  • Security Notions for Bidirectional Channels
    Giorgia Azzurra Marson, Bertram Poettering
  • Security of Symmetric Primitives under Incorrect Usage of Keys
    Pooya Farshim, Claudio Orlandi, Razvan Rosie
  • SoK: Security Models for Pseudo-Random Number Generators
    Sylvain Ruhault
(Chair: Yu Sasaki)

Session XII - Cryptanalysis: ARX14:40 - 15:40

  • Significantly Improved Multi-bit Differentials for Reduced Round Salsa and ChaCha
    Arka Rai Choudhuri, Subhamoy Maitra
  • Rotational Cryptanalysis in the Presence of Constants
    Tomer Ashur, Yunwen Liu
  • Optimal Differential Trails in SIMON-like Ciphers
    Zhengbin Liu, Yongqiang Li, Mingsheng Wang
  • 15:40 - 16:05 Coffee Break
(Chair: Shiho Moriai)

Session XIII - Cryptanalysis: Block ciphers16:05 - 17:45

  • Invariant Subspace Attack Against Midori64 and The Resistance Criteria for S-box Designs
    Jian Guo, Jérémy Jean, Ivica Nikolic, Kexin Qiao, Yu Sasaki, Siang Meng Sim
  • Meet-in-the-Middle Attacks on Reduced-Round Midori64
    Li Lin, Wenling Wu
  • Multi-key Analysis of Tweakable Even-Mansour with Applications to Minalpher and OPP
    Zhiyuan Guo, Wenling Wu, Renzhang Liu, Liting Zhang
  • Analysis of AES, SKINNY, and Others with Constraint Programming
    Siwei Sun, David Gerault, Pascal Lafourcade, Qianqian Yang, Yosuke Todo, Kexin Qiao, Lei Hu
  • Cryptanalysis of GOST2
    Tomer Ashur, Achiya Bar-On, Orr Dunkelman

Template designed by KU Leuven - COSIC