AtheCrypt 2017
Athens Cryptography Day

### Athens Cryptography Day 2017

Tuesday, January 10, 2017, Athens
National Technical University of Athens
Room: Multimedia Amphitheater of the Central Library of N.T.U.A.

Athens Cryptography Day is an annual event.
Its purpose is to give the opportunity to graduate students in Greece to observe talks of researchers from all areas of Theoretical Cryptography.

AtheCrypt will start an hour later, due to the snow!

Preliminary Program is announced in the program section.

Speakers:
K. Chalkias
D. Karakostas
O. Thyfronitis Litos
A. Pagourtzis
L. Papachristodoulou
E. Sarafianou

#### Organization

Stathis Zachos
Aris Pagourtzis
Aggelos Kiayias
Antonis Antonopoulos
Giannis Papaioannou

## Register

There are no registration fees. However, participants should register for administrative purposes, by filling the following registration form:

Electonic Registration is closed! You can register at AtheCrypt's front desk.

Hello

## Preliminary Program

AtheCrypt will start an hour later, due to the snow!

(*Click on the arrow icon to view talk details.)

 9:30 - 10:00 Registration - Opening 10:00 - 10:45 Saferandom: Self-Verifiable Raffles from Stock Market values and Bitcoin blocks     Konstantinos Chalkias, Newcrypt Abstract: Unlike conventional lotteries using ping pong balls or electronic raffles where a randomization algorithm runs internally at a safe hardware infrastructure, public data that is very difficult to be a-priori predicted has been proposed as an undeniable source of randomness. Some examples of open data sets that can be used as random beacons include a) the aggregated closing prices of the stocks that comprise an index in the stock market b) weather conditions such as temperature, wind and humidity at a certain time in the major world capitals c) official flight landing times at biggest airports and d) the next block in a proof-of-work blockchain, like Bitcoin. Saferandom is a decentralized, self-verifiable method for conducting raffles, which is tamper-proof and can be verified by anyone from the comfort of his/her home. The protocol also benefits from the blockchain's inherent support for data ownership proof, document time-stamping and content integrity resulting to a complete infrastructure that supports secure raffles and transparent statistical sampling. 10:45 - 11:30 Laconic Receiver Oblivious Transfer And its Applications     Antigoni Polychroniadou, Aarhus University Abstract: In this talk, we will introduce a novel technique for secure computation over large inputs. Based on the Decisional Diffie-Hellman (DDH) assumption​, we provide a new Oblivious Transfer (OT) protocol with a laconic receiver. In particular, the laconic OT allows a receiver to commit to a large input $D$ (of length $m$) via a short message. Subsequently, a single short message by a sender allows the receiver to learn $s_{D_i}$ , where $s_{0}$ , $s_{1}$ and $i \in [m]$ are dynamically chosen by the sender. All prior constructions of OT required the receiver message to grow with $m$. Such an OT is apt for realizing secure computation over large data. More specifically, we show applications of laconic OT to non-interactive secure computation and homomorphic encryption for RAM programs. 11:30 - 12:00 Break 12:00 - 12:45 Residue Number System as a Side-Channel Attack Countermeasure for ECC     Louiza Papachristodoulou, iCIS, RU Nijmegen Abstract: Elliptic Curve Cryptography operations rely heavily on the strong security of scalar multiplication. However, this operation is vulnerable to side-channel (SCA) and fault injection (FA) attacks. The use of alternative arithmetic systems like Residue Number System (RNS) for all scalar multiplication underline operations has been proposed as an efficient countermeasure approach for the above attacks. In RNS, a number is represented as a set of smaller numbers, where each one is the result of the modular reduction with a given moduli basis. Under certain requirements, a number can be uniquely transformed from the integers to the RNS domain (and vice versa) and all arithmetic operations can be performed in RNS. This representation provides an inherent SCA and FA resistance to many attacks and can be further enhanced by additional RNS arithmetic manipulations or more traditional algorithmic countermeasures. In this presentation, I am going to show the potentials of RNS as an SCA and FA countermeasure, provide a description of RNS based SCA and FA resistance means through appropriate scalar multiplication algorithmic variations and present some practical results from an implementation on an ARM Cortex A7 processor. 12:45 - 13:30 Trust Is Risk: A Decentralized Financial Trust Platform     Orfeas Thyfronitis Litos, National Technical University of Athens Abstract: Reputation in centralized systems uses stars and review-based trust. Such systems require manual intervention and secrecy to avoid manipulation. In autonomous and open source decentralized systems this luxury is not available. Previous peer-to-peer reputation systems do not allow for financial arguments pertaining to reputation. We propose a concrete Sybil-resilient decentralized reputation system where direct trust is defined as lines-of-credit using bitcoin’s 1-of-2 multisig. We introduce a new model for bitcoin wallets in which user coins are split among trusted associates. Indirect trust is subsequently defined transitively. This enables formal game theoretic arguments pertaining to risk analysis. We prove that risk and max flows are equivalent in our model. Our system allows for concrete financial decisions on the monetary amount a pseudonymous party can be trusted with. Through algorithmic trust redistribution, the risk incurred from making a purchase from a pseudonymous party in this manner remains invariant. 13:30 - 15:00 Lunch Break 15:00 - 15:45 Reliable Communication with Limited Knowledge     Aris Pagourtzis, National Technical University of Athens Abstract: TBA 15:45 - 16:30 Location Privacy Through Private Equality Testing     Marios Magioladitis, Ionian University Abstract: We propose a practical, privacy-preserving equality testing protocol which allows two users to learn if they share the same encrypted input data. 16:30 - 17:00 Break 17:00 - 17:45 CTX: Eliminating BREACH with Context Hiding     Dimitris Karakostas, National Technical University of Athens Abstract: The BREACH attack presented at Black Hat USA 2013 has still not been mitigated, despite new developments and optimizations presented at Black Hat Asia 2016. This class of attacks presents itself in all practical web applications which use compression together with encryption and has not been fixed in even the most recent versions of TLS 1.3. In this talk, we present a generic defense method which eliminates compression-detectability features of existing protocols. We describe CTX, Context Transformation Extension, a cryptographic method which defends against BREACH, CRIME, TIME, and generally any compression side-channel attack. CTX uses context hiding in a per-origin manner to separate secrets from different origins in order to avoid cross-compressibility. We will show a demo of the defense and illustrate how it eliminates the attacks. Our implementation runs at the application layer, is opt-in, and does not require modifications to web standards or the underlying web server. 17:45 - 18:30 Productizing TLS Attacks: The Rupture API     Eva Sarafianou, National Technical University of Athens Abstract: In this presentation, we extend Rupture, a generic browser TLS side-channel attack framework that was presented in Black Hat Asia 2016, with a new, open source, usable RESTful API and web interface. We take advantage of the modularity of Rupture to create a robust RESTful API. Our API uses the existing Rupture modules - the client, injector, sniffer and backend consisting of the strategy and analyzer components - which have high expressibility so that any side-channel TLS attack such as for example all of CRIME, BREACH, POODLE, TIME, HEIST or BEAST can be implemented. We will show a demo of the RESTful API and web interface. We will configure a victim and launch a complete BREACH attack against a target in order to illustrate the automation and usability of the API and the web interface. 18:30 End

## Venue

AtheCrypt2017 will take place in the Multimedia Amphitheater of the National Technical University of Athens, located in the basement of the building of NTUA's Central Library. See the map below:

You can arrive at the Central Library by various ways:

#### By public transport:

The easiest way is by taking the Blue Metro line and getting off at the "ΚΑΤΕΧΑΚΗ" station. Then take the bus 242, get off at stop "ΘΥΡΩΡΕΙΟ" and walk 5 minutes towards the Central Library.
Another option is to take the bus 140 from the "ΚΑΤΕΧΑΚΗ" metro station and get off at stop "ΠΟΛΥΤΕΧΝΕΙΟΥΠΟΛΗ". Then get into the campus and walk 10 minutes towards the Central Library.

#### By car:

You can use this google map to get directions from Alimou-Katechaki Avenue.