AtheCrypt 2016
Athens Cryptography Day



Athens Cryptography Day 2016


Monday, January 11, 2016, Athens
National Technical University of Athens
Room: Multimedia Amphitheater of the Central Library of N.T.U.A.

Athens Cryptography Day is an annual event.
Its purpose is to give the opportunity to graduate students in Greece to observe talks of researchers from all areas of Theoretical Cryptography.

Dimitris Karakostas
Aggelos Kiayias
Louiza Papachristodoulou
Yiannis Tselekounis
Thomas Zacharias
Dionysis Zindros

Program has changed! Please check the updated version in the "Program" section!


Stathis Zachos
Aris Pagourtzis
Aggelos Kiayias
Antonis Antonopoulos
Zeta Avarikioti

Previous AtheCrypts

AtheCrypt 2015
AtheCrypt 2014
AtheCrypt 2013


There are no registration fees. However, participants should register for administrative purposes, by filling the following registration form:

Registration is closed!



PDF Version    (expand ↓)

(*Click on the arrow icon to view talk details.)

9:30 - 10:00 Registration - Opening
10:00 - 10:45 Online Template Attacks on Elliptic Curves    Go to Abstract
Louiza Papachristodoulou, iCIS, RU Nijmegen
Abstract: The use of elliptic curves for asymmetric cryptography was introduced by Miller and Koblitz in 1985. Due to patent restrictions and the mathematical complexity of the relevant cryptographic operations, the wide deployment of elliptic curve cryptography (ECC) in real-world applications was postponed until the mid 2000's. The main advantage of using ECC over other public-key crypotsystems, such as RSA, is the memory and key-length requirements; two important factors for the practical implementation of cryptographic protocols in embedded devices. ECC is nowadays implemented in many broadly used cryptographic libraries, such as OpenSSL, mbedTLS and libecc. Recent side-channel attacks (SCA) on elliptic curve algorithms have shown that the security of these cryptosystems is a matter of serious concern. Side-channel attacks exploit various physical leakages of secret information or instructions from cryptographic devices and they constitute a constant threat for cryptographic implementations. In this talk, after introducing some basic principles of side-channel attacks, we are going to present a practical SCA on elliptic curves. Our methodology offers a generic attack framework with minimal assumptions for the attacker model, which is applicable to various forms of curves (Weierstrass, Edwards and Montgomery curves) and implementations. As a proof of concept, we attack the doubling operation in the double-and-add-always scalar multiplication algorithm.
10:45 - 11:30 Non-malleable codes in the split-state model    
Yiannis Tselekounis, University of Athens
11:30 - 12:00 Break
12:00 - 12:45 The importance of the human factor in the security of voting protocols    Go to Abstract
Thomas Zacharias, University of Athens
Abstract: The security analysis of the novel e-voting system DEMOS (Kiayias, Zacharias, and Zhang - 2015) shows that the level of end-to-end verifiabiliy that DEMOS achieves directly depends on the rate of honest voters that participate in the auditing procedure. Motivated by this result, we performed a study of the voters' auditing behaviour as a parameter of the end-to-end verifiability of the well-established e-voting system Helios. We were led to an interesting conclusion regarding e-voting security: ensuring that a sufficient number of participants follow a well-defined set of admissible behaviours, is of equal importance with the protection of the system infrastructure. In this presentation, we take discussion a step further by putting some thinking cap on how the above ideas apply to any voting protocol where the human participation consists of non-trivial actions (i.e., people are not modelled as dummy parties that forward their inputs or are only responsible for protecting their secret states in an on/off approach). We focus on the apparent trade-off between (i) encouraging direct human involvement via active participation and (ii) the increase in the security risk that stems from the amplified human factor. Protocol designers aware of this fact, face a strategic dilemma: should they prevent security threats by putting trust to the administrators or share responsibility to people while keeping the promise of their proper training?
12:45 - 14:00 Lunch Break
14:00 - 15:00 Fair and Robust Multi­-Party Computation using a Global Transaction Ledger    Go to Abstract
Aggelos Kiayias, University of Athens
Abstract: Classical results on secure multi-party computation (MPC) imply that fully secure computation, including fairness (either all parties get output or none) and robustness (output delivery is guaranteed), is impossible unless a majority of the parties is honest. Recently, cryptocurrencies like Bitcoin where utilized to leverage the fairness loss in MPC against a dishonest majority. The idea is that when the protocol aborts in an unfair manner (i.e., after the adversary receives output) then honest parties get compensated by the adversarially controlled parties. Our contribution is three-fold. First, we put forth a new formal model of secure MPC with compensation and we show how the introduction of suitable ledger and synchronization functionalities makes it possible to express completely such protocols using standard interactive Turing machines (ITM) circumventing the need for the use of extra features that are outside the standard model as in previous works. Second, our model, is expressed in the universal composition setting with global setup and is equipped with a composition theorem that enables the design of protocols that compose safely with each other and within larger environments where other protocols with compensation take place; a composition theorem for MPC protocols with compensation was not known before. Third, we introduce the first robust MPC protocol with compensation, i.e., an MPC protocol where not only fairness is guaranteed (via compensation) but additionally the protocol is guaranteed to deliver output to the parties that get engaged and therefore the adversary, after an initial round of deposits, is not even able to mount a denial of service attack without having to suffer a monetary penalty. Importantly, our robust MPC protocol requires only a {\em constant } number of (coin-transfer and communication) rounds.
Joint work with Hong-Sheng Zhou and Vasilis Zikas.
15:00 - 15:10 Break
15:10 - 15:55 Monero: An untraceable unlinkable bitcoin alternative    Go to Abstract
Dionysis Zindros, National Technical University of Athens
Abstract: Bitcoin has proved to be the first widely successful decentralized cryptocurrency since its creation in 2009. However, forensic analysis of the blockchain has allowed analysts to deanonymize bitcoin keys, often in an automated manner. These techniques also allow legal authorities to taint coins, harming bitcoin's fungibility. Monero is a separate blockchain cryptocurrency with a codebase created from scratch based on the CryptoNote papers. It offers transaction unlinkability and untraceability through two primary mechanisms: First, the disassociation of public receiving addresses from blockchain information; and second, the use of ring signatures to create sender anonymity sets. In this talk, I will present these features of monero and discuss how they achieve the claimed properties.

15:55 - 16:05 Break
16:05 - 17:00 Probabilistic attacks against compressed encrypted protocols    Go to Abstract
Dimitris Karakostas, National Technical University of Athens
Abstract: Every modern system relies on compression and encryption, for performance optimization and data security respectively. This work investigates attacks on compressed encrypted protocols, such as HTTP over TLS. A new property of cryptosystems is proposed, Indistinguishability under Partially Chosen Plaintext Attack (IND-PCPA), along with an attack model that utilizes it. In order to bypass obstacles of real-world systems, statistical methods are employed, that improve performance and validity of the attack. Experiments were conducted on massively popular systems, using a Python framework that was implemented for the purpose of this paper. Experimental results, in lab environment, revealed that those systems are not IND-PCPA, demonstrating vulnerabilities regarding certain types of secrets. Finally, we propose novel techniques, that could lead to complete mitigation of similar attacks.
17:10 End


AtheCrypt2016 will take place in the Multimedia Amphitheater of the National Technical University of Athens, located in the basement of the building of NTUA's Central Library. See the map below:

You can arrive at the Central Library by various ways:

By public transport:

The easiest way is by taking the Blue Metro line and getting off at the "ΚΑΤΕΧΑΚΗ" station. Then take the bus 242, get off at stop "ΘΥΡΩΡΕΙΟ" and walk 5 minutes towards the Central Library.
Another option is to take the bus 140 from the "ΚΑΤΕΧΑΚΗ" metro station and get off at stop "ΠΟΛΥΤΕΧΝΕΙΟΥΠΟΛΗ". Then get into the campus and walk 10 minutes towards the Central Library.

By car:

You can use this google map to get directions from Alimou-Katechaki Avenue.