Peter Schwabe (樂岩)
Office Address at MPI-SP: Max Planck Institute for Security and Privacy Universitätsstraße 142 Room SM-O-501 44799 Bochum Germany |
Office Address at Radboud University: Radboud University – iCIS Toernooiveld 212 Room 3.10 6525 EC Nijmegen The Netherlands |
Phone: +31243652031
E-Mail: peter@cryptojedi.org
Twitter: @cryptojedi
Mastodon: @cryptojedi@ruhr.social
ORCID: 0000-0002-1310-0997
GPG-Key: 0102EF4B,
Fingerprint: B89A 4D09 23CC D56C 3539 7613 77D2 DD66 0102 EF4B
Google scholar page
About Me
I'm a scientific director at the
Max Planck Institute for Security and Privacy and
a part-time professor (hoogleraar) for cryptographic engineering in the
Digital Security Group at
Radboud University.
From October 2018 until December 2023, I have been
working on the project EPOQUE – Engineering post-quantum cryptography
funded by the European Commission through an ERC Starting grant.
Until November 2012 I was a postdoc in the
Research Center for Information Technology Innovation
and the
Institute of Information Science of
Academia Sinica.
Before that, I was postdoc in the
Department of Electrical Engineering of
National Taiwan University within the
Intel-NTU Connected Context Computing Center.
Before that, I was a postdoc in the
Institute of Information Science at
Academia Sinica.
Before that, I was a Ph.D. student in the
Department of Mathematics and Computer Science at
Eindhoven University of Technology.
In January 2011, I completed my Ph.D. at Eindhoven University of Technology in the Coding and Cryptology Group under the supervision of Tanja Lange and Daniel J. Bernstein.
In 2006, I finished my Diplom in computer science at RWTH Aachen University at the Institute for Theoretical Information Technology under the supervision of Rudolf Mathar and Michael Naehrig.
I am an elected member of the IACR Board of Directors; a member of the IACR CHES Steering Committee and liason to the IACR Board of Directors; a member of the IACR RWC Steering Committee; a member of the organizing committee of the annual Workshop on High-Assurance Crypto Software; and a member of the scientific committee of the annual Summerschool on Real-World Crypto and Privacy.
I'm a member of the advisory boards of Bitmark Inc., PQShield, Neutrality, and SciEngines.
Current and former Ph.D. Students
Current
- Sabrina Manickam (co-supervising together with Yuval Yarom)
- Noemi Terzo
- Amin Abdulrahman
- Aaron Kaiser
- Vincent Hwang (黃柏文)
- Kai-Chun Ning (寗凱竣)
- Miguel Quaresma (co-supervising together with Gilles Barthe)
- Ruben Gonzalez, second supervisor; first supervisor is Karl Jonas at Hochschule Bonn-Rhein-Sieg
- Amber Sprenkels
Former
- Basavesh Ammanaghatta Shivakumar (co-supervised together with Gilles Barthe); graduated in September 2024.
- Marcel Fourné (co-supervised together with Yasemin Acar and Gilles Barthe); graduated in January 2024.
- Thom Wiggers (co-supervised together with Douglas Stebila); graduated in January 2024.
- Pol Van Aubel, second supervisor; first supervisor is Erik Poll, graduated in September 2023.
- Fabio Campos, second supervisor; first supervisor is Steffen Reith at Hochschule RheinMain, graduated in September 2023.
- Denisa Greconici
- Matthias Kannwischer, graduated in April 2022.
- Benoît Viguier (co-supervised together with Joan Daemen, Herman Geuvers, and Freek Wiedijk); graduated in December 2021.
- Ko Stoffelen (co-supervised together with Joan Daemen); graduated in June 2022.
- Joost Rijneveld, graduated in November 2019.
- Erdem Alkım, graduated in May 2017. second supervisor; first supervisor was Urfat Nuriyev from Ege University, Izmir, Turkey
Current and former Postdocs
Current
Former
- Tiago Oliveira
- Monika Trimoska
- Łukasz Chmielewski
- Simona Samardjiska
- Bas Westerbaan
Theses
-
Ph.D. thesis: High-Speed Cryptography and Cryptanalysis, Eindhoven University of Technology, The Netherlands, 2011.
For the thesis and related software please refer to my separate Ph.D. thesis website. - Diplomarbeit: Effiziente Implementierung von Elliptischen und Hyperelliptischen Kurven für Anwendungen in der Kryptographie, RWTH Aachen University, Germany, 2006. [ps]
Publications
-
José Bacelar Almeida, Santiago Arranz Olmos, Manuel Barbosa, Gilles Barthe, François Dupressoir,
Benjamin Grégoire, Vincent Laporte, Jean-Christophe Léchenet, Cameron Low,
Tiago Oliveira, Hugo Pacheco, Miguel Quaresma, Peter Schwabe, and Pierre-Yves Strub:
Formally verifying Kyber – Episode V: Machine-checked IND-CCA security and correctness of ML-KEM in EasyCrypt.
Advances in Cryptology – CRYPTO 2024, Lecture Notes in Computer Science, Springer-Verlag (2024). To appear. Date: 2024-05-29. [pdf] [bibtex] -
Gilles Barthe, Marcel Böhme, Sunjay Cauligi, Chitchanok Chuengsatiansup, Daniel Genkin, Marco Guarnieri, David Mateos Romero, Peter Schwabe, David Wu, and Yuval Yarom:
Testing side-channel security of cryptographic implementations against future microarchitectures.
2024 ACM SIGSAC Conference on Computer and Communications Security, CCS'24, ACM (2024), to appear.
Date: 2022-08-12 [pdf] [bibtex] -
Manuel Barbosa, Deirdre Connolly, João Diogo Duarte, Aaron Kaiser, Peter Schwabe, Karolin Varner, and Bas Westerbaan:
X-Wing: The Hybrid KEM You’ve Been Looking For.
IACR Communications in Cryptology, Volume 1, Issue 1, IACR (2024), 22 pages.
Date: 2024-04-15 [pdf] [bibtex]
Supersedes: 2024-02-11 [pdf] -
Fabio Campos, Jorge Chavez-Saab, Jesús-Javier Chi-Domínguez, Michael Meyer, Krijn Reijnders, Francisco Rodríguez-Henríquez, Peter Schwabe, and Thom Wiggers:
On the Practicality of Post-Quantum TLS Using Large-Parameter CSIDH.
IACR Communications in Cryptology, Volume 1, Issue 1, IACR (2024), 26 pages.
Date: 2024-04-09 [pdf] [bibtex] [more]
Supersedes: 2023-05-30 [pdf] -
Marcel Fourné, Daniel De Almeida Braga, Jan Jancar, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, and Yasemin Acar:
"These results must be false": A usability evaluation of constant-time analysis tools.
Proceedings of the 33rd USENIX Security Symposium, USENIX Association (2024), to appear.
Date: 2024-03-05 [pdf] [bibtex] -
Santiago Arranz Olmos, Gilles Barthe, Ruben Gonzalez, Benjamin Grégoire, Vincent Laporte, Jean-Christophe Léchenet,
Tiago Oliveira, and Peter Schwabe:
High-assurance zeroization.
Transactions on Cryptographic Hardware and Embedded Systems, Volume 2024-1, Ruhr University Bochum (2023), pp 375–397.
Date: 2023-11-05 [pdf] [bibtex] -
Phillip Gajland, Bor de Kock, Miguel Quaresma, Giulio Malavolta, and Peter Schwabe:
Swoosh: Practical Lattice-Based Non-Interactive Key Exchange.
Proceedings of the 33rd USENIX Security Symposium, USENIX Association (2024), to appear.
Date: 2023-10-23 [pdf] [bibtex] [more]
Supersedes: 2023-02-23 [pdf] -
Joël Alwen, Dominik Hartmann, Eike Kiltz, Marta Mularczyk, and Peter Schwabe:
Post-Quantum Multi-Recipient Public Key Encryption.
2023 ACM SIGSAC Conference on Computer and Communications Security, CCS'23, ACM (2023), pp 1108–11227.
Date: 2022-08-12 [pdf] [bibtex] [more] -
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Benjamin Grégoire, Vincent Laporte, Jean-Christophe Léchenet,
Tiago Oliveira, Hugo Pacheco, Miguel Quaresma, Peter Schwabe, Antoine Séré, and Pierre-Yves Strub:
Formally verifying Kyber – Episode IV: Implementation Correctness.
Transactions on Cryptographic Hardware and Embedded Systems, Volume 2023-3, Ruhr University Bochum (2023), pp 164–193.
Date: 2023-04-24 [pdf] [bibtex] [more]
Supersedes: 2023-02-17 [pdf] -
Zhiyuan Zhang, Gilles Barthe, Chitchanok Chuengsatiansup, Peter Schwabe, and Yuval Yarom:
Ultimate SLH: Taking Speculative Load Hardening to the Next Level.
Proceedings of the 32nd USENIX Security Symposium, USENIX Association (2023), pp 7125–7142.
Date: 2023-04-30 [pdf] [bibtex]
Supersedes: 2022-06-05 [pdf] -
Basavesh Ammanaghatta Shivakumar, Gilles Barthe, Benjamin Grégoire, Vincent Laporte,
Tiago Oliveira, Swarn Priya, Peter Schwabe, and Lucas Tabary-Maujean:
Typing High-Speed Cryptography against Spectre v1.
2023 IEEE Symposium on Security and Privacy (SP), IEEE (2023), pp 1094–1111.
Date: 2022-09-25 [pdf] [bibtex]
-
Basavesh Ammanaghatta Shivakumar, Jack Barnes, Gilles Barthe, Sunjay Cauligi, Chitchanok Chuengsatiansup, Daniel Genkin, Sioli O'Connell, Peter Schwabe, Rui Qi Sim, and Yuval Yarom:
Spectre Declassified: Reading from the Right Place at the Wrong Time.
2023 IEEE Symposium on Security and Privacy (SP), IEEE (2023), pp 1753–1770.
Date: 2022-04-03 [pdf] [bibtex]
-
Lejla Batina, Łukasz Chmielewski, Björn Haase, Niels Samwel, and Peter Schwabe:
SoK: SCA-secure ECC in software – mission impossible?
Transactions on Cryptographic Hardware and Embedded Systems, Volume 2023-1, Ruhr University Bochum (2023), pp 557–589.
Date: 2022-11-04 [pdf] [bibtex] [more]
Supersedes: 2021-09-27 [pdf] -
Gilles Barthe, Adrien Koutsos, Solène Mirliaz, David Pichardie, and Peter Schwabe:
Semantic foundations for cost analysis of pipeline-optimized programs.
Static Analysis, Lecture Notes in Computer Science 13790, Springer-Verlag (2022), pp 372–396.
Date: 2022-09-16 [pdf] [bibtex] -
Yawning Angel, Benjamin Dowling, Andreas Hülsing, Peter Schwabe, and Florian Weber:
Post Quantum Noise.
2022 ACM SIGSAC Conference on Computer and Communications Security, CCS'22, ACM (2022), pp 97–109.
Date: 2022-05-19 [pdf] [bibtex]
-
Matthias J. Kannwischer, Peter Schwabe, Douglas Stebila, and Thom Wiggers:
Improving Software Quality in Cryptography Standardization Projects.
2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp 19–30.
Date: 2022-04-13 [pdf] [bibtex] -
Jan Jancar, Marcel Fourné, Daniel De Almeida Braga, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, and Yasemin Acar:
"They’re not that hard to mitigate": What Cryptographic Library Developers Think About Timing Attacks.
2022 IEEE Symposium on Security and Privacy (SP), IEEE (2022), pp 632–649.
Date: 2021-12-16 [pdf] [bibtex] -
Peter Schwabe, Douglas Stebila, and Thom Wiggers:
More efficient post-quantum KEMTLS with pre-distributed public keys.
Computer Security – ESORICS 2021, Lecture Notes in Computer Science 12972, Springer-Verlag (2021), pp 3–22.
Date: 2022-03-15 [pdf] [bibtex] [more]
Supersedes: 2021-06-09 [pdf], -
Peter Schwabe, Benoît Viguier, Timmy Weerwag, and Freek Wiedijk:
A Coq proof of the correctness of X25519 in TweetNaCl.
34th IEEE Computer Security Foundations Symposium (CSF), IEEE (2021), pp 1–16.
Date: 2021-02-08 [pdf] [bibtex] -
Gilles Barthe, Sunjay Cauligi, Benjamin Gregoire, Adrien Koutsos, Kevin Liao, Tiago Oliveira, Swarn Priya, Tamara Rezk, and Peter Schwabe:
High-assurance Cryptography Software in the Spectre Era.
2021 IEEE Symposium on Security and Privacy (SP), IEEE (2021), pp 1884–1901.
Date: 2021-01-15 [pdf] [bibtex] -
Andreas Hülsing, Kai-Chun Ning, Peter Schwabe, Florian Weber, and Philip R. Zimmermann:
Post-quantum WireGuard.
2021 IEEE Symposium on Security and Privacy (SP), IEEE (2021), pp 304–321.
Date: 2021-06-16 [pdf] [bibtex] [more]
Supersedes: 2020-04-03 [pdf], -
Peter Schwabe, Douglas Stebila, and Thom Wiggers:
Post-quantum TLS without handshake signatures.
2020 ACM SIGSAC Conference on Computer and Communications Security, CCS'20, ACM (2020), pp 1461–1480.
Date: 2022-01-03 [pdf] [bibtex] [more]
Supersedes: 2021-04-21 [pdf], supersedes: 2020-09-29 [pdf], supersedes: 2020-08-26 [pdf], supersedes: 2020-05-07 [pdf] -
Peter Schwabe and Daan Sprenkels:
The complete cost of cofactor h=1.
Progress in Cryptology – INDOCRYPT 2019, Lecture Notes in Computer Science 11898, Springer-Verlag (2019), pp 375–397.
Date: 2019-10-11 [pdf] [bibtex] [more]
-
Daniel J. Bernstein, Andreas Hülsing, Stefan Kölbl, Ruben Niederhagen, Joost Rijneveld, and Peter Schwabe:
The SPHINCS+ signature framework.
2019 ACM SIGSAC Conference on Computer and Communications Security, CCS'19, ACM (2019), pp 2129–2146.
Date: 2019-09-23 [pdf] [bibtex] -
Matthias J. Kannwischer, Joost Rijneveld, Peter Schwabe, and Ko Stoffelen:
pqm4: Testing and Benchmarking NIST PQC on ARM Cortex-M4.
Workshop Record of the Second PQC Standardization Conference.
Date: 2019-07-21 [pdf] [bibtex] [more] -
Leon Botros, Matthias Kannwischer, and Peter Schwabe:
Memory-Efficient High-Speed Implementation of Kyber on Cortex-M4.
Progress in Cryptology – Africacrypt 2019, Lecture Notes in Computer Science 11627, Springer-Verlag (2019), pp 209–228.
Date: 2019-05-13 [pdf] [bibtex] -
Matthias Kannwischer, Joost Rijneveld, and Peter Schwabe:
Faster multiplication in ℤ2m[x] on Cortex-M4 to speed up NIST PQC candidates.
Applied Cryptography and Network Security, Lecture Notes in Computer Science 11464, Springer-Verlag (2019), pp 281–301
Date: 2019-04-09 [pdf] [bibtex]
Supersedes: 2018-10-19 [pdf] -
Ebo van der Laan, Erik Poll, Joost Rijneveld, Joeri de Ruiter, Peter Schwabe, and Jan Verschuren:
Is Java Card ready for hash-based signatures?
Advances in Information and Computer Security – IWSEC 2018, Lecture Notes in Computer Science 11049, Springer-Verlag (2018), pp 127–142.
Date: 2018-06-14 [pdf] [bibtex] [more]
-
Benjamin Grégoire, Kostas Papagiannopoulos, Peter Schwabe, and Ko Stoffelen:
Vectorizing higher-order masking.
Constructive Side-Channel Analysis and Secure Design, Lecture Notes in Computer Science 10815, Springer-Verlag (2018), pp 23–43
Date: 2018-04-06 [pdf] [bibtex] [more (external link)]
-
Ming-Shing Chen, Andreas Hülsing, Joost Rijneveld, Simona Samardjiska, and Peter Schwabe:
SOFIA: MQ-based signatures in the QROM.
Public Key Cryptography – PKC 2018, Lecture Notes in Computer Science 10770, Springer-Verlag (2018), pp 1–17.
Date: 2017-07-17 [pdf] [bibtex] -
Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, Peter Schwabe, Gregor Seiler, and Damien Stehlé:
CRYSTALS – Dilithium: Digital Signatures from Module Lattices.
Transactions on Cryptographic Hardware and Embedded Systems, Volume 2018-1, Ruhr University Bochum (2018), pp 238–268.
Date: 2017-06-27 [pdf] [bibtex] -
Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Peter Schwabe, Gregor Seiler, and Damien Stehlé:
CRYSTALS – Kyber: a CCA-secure module-lattice-based KEM.
2018 IEEE European Symposium on Security and Privacy (EuroS&P), IEEE (2018), pp 353–367.
Date: 2018-07-16 [pdf] [bibtex] [more]
Supersedes: 2018-02-26 [pdf] Supersedes: 2017-06-27 [pdf] -
Daniel J. Bernstein, Stefan Kölbl, Stefan Lucks, Pedro Maat Costa Massolino, Florian Mendel, Kashif Nawaz,
Tobias Schneider, Peter Schwabe, François-Xavier Standaert, Yosuke Todo, and Benoît Viguier:
Gimli: a cross-platform permutation.
Cryptographic Hardware and Embedded Systems – CHES 2017, Lecture Notes in Computer Science 10529, Springer-Verlag (2017), pp 299–320.
Date: 2017-06-27 [pdf] [bibtex] [more] -
Andreas Hülsing, Joost Rijneveld, John Schanck, and Peter Schwabe:
High-speed key encapsulation from NTRU.
Cryptographic Hardware and Embedded Systems – CHES 2017, Lecture Notes in Computer Science 10529, Springer-Verlag (2017), pp 232–252.
Date: 2017-08-28 [pdf] [bibtex] [more]
Supersedes: 2017-06-27 [pdf] -
Erick Nascimento, Łukasz Chmielewski, David Oswald, and Peter Schwabe:
Attacking embedded ECC implementations through cmov side channels.
Selected Areas in Cryptology – SAC 2016, Lecture Notes in Computer Science 10532, Springer-Verlag (2017), pp 99–119.
Date: 2016-07-18 [pdf] [bibtex] -
Peter Schwabe and Bas Westerbaan:
Solving binary MQ with Grover's algorithm.
Security, Privacy, and Applied Cryptography Engineering, Lecture Notes in Computer Science 10076, Springer-Verlag (2016), pp 303–322.
Date: 2017-11-30 [pdf] [bibtex]
Supersedes: 2017-10-23 [pdf], Supersedes: 2016-09-01 [pdf]. -
Ming-Shing Chen, Andreas Hülsing, Joost Rijneveld, Simona Samardjiska, and Peter Schwabe:
From 5-pass MQ-based identification to MQ-based signatures.
Advances in Cryptology – ASIACRYPT 2016, Lecture Notes in Computer Science 10032, Springer-Verlag (2016), pp 135–165.
Date: 2016-12-01 [pdf] [bibtex]
Supersedes: 2016-09-13 [pdf], supersedes: 2016-07-15 [pdf] -
Erdem Alkim, Philipp Jakubeit, and Peter Schwabe:
NewHope on ARM Cortex-M
Security, Privacy, and Applied Cryptography Engineering, Lecture Notes in Computer Science 10076, Springer-Verlag (2016), pp 332–349.
Date: 2016-09-01 [pdf] [bibtex]
Supersedes: 2016-08-03 [pdf], -
Erdem Alkim, Léo Ducas, Thomas Pöppelmann, and Peter Schwabe:
Post-quantum key exchange – a new hope.
Proceedings of the 25th USENIX Security Symposium, USENIX Association (2016), pp 327–343.
Date: 2019-07-10 [pdf] [bibtex] [more]
Supersedes: 2017-12-12 [pdf], supersedes: 2016-11-19 [pdf], supersedes: 2016-08-03 [pdf], supersedes: 2016-03-28 [pdf], supersedes: 2015-12-07 [pdf], supersedes: 2015-11-10 [pdf], supersedes: 2015-11-05 [pdf] -
Peter Schwabe and Ko Stoffelen:
All the AES you need on Cortex-M3 and M4.
Selected Areas in Cryptology – SAC 2016, Lecture Notes in Computer Science 10532, Springer-Verlag (2017), pp 180–194.
Date: 2016-10-19 [pdf] [bibtex]
Supersedes: 2016-07-18 [pdf] -
Joost Renes, Peter Schwabe, Benjamin Smith, and Lejla Batina:
μKummer: efficient hyperelliptic signatures and key exchange on microcontrollers.
Cryptographic Hardware and Embedded Systems – CHES 2016, Lecture Notes in Computer Science 9813, Springer-Verlag (2016), pp 301–320.
Date: 2017-01-26 [pdf] [bibtex]
Supersedes: 2016-07-19 [pdf], supersedes: 2016-04-07 [pdf] -
Anna Krasnova, Moritz Neikes, and Peter Schwabe:
Footprint scheduling for Dining-Cryptographer networks.
Financial Cryptography and Data Security, Lecture Notes in Computer Science 9603, Springer-Verlag (2017). pp 385–402.
Date: 2015-12-18 [pdf] [bibtex] -
Andreas Hülsing, Joost Rijneveld, and Peter Schwabe:
ARMed SPHINCS – Computing a 41KB signature in 16KB of RAM.
Public Key Cryptography – PKC 2016, Lecture Notes in Computer Science 9614, Springer-Verlag (2016), pp 446–470.
Date: 2016-02-03 [pdf] [bibtex]
Supersedes: 2015-10-27 [pdf] -
Michael Hutter, Jürgen Schilling, Peter Schwabe, and Wolfgang Wieser:
NaCl's crypto_box in hardware.
Cryptographic Hardware and Embedded Systems – CHES 2015, Lecture Notes in Computer Science 9293, Springer-Verlag (2015), pp 81–101.
Date: 2015-06-16 [pdf] [bibtex] [more] -
Michael Düll, Björn Haase, Gesine Hinterwälder, Michael Hutter, Christof Paar, Ana Helena Sánchez, and Peter Schwabe:
High-speed Curve25519 on 8-bit, 16-bit, and 32-bit microcontrollers.
Designs, Codes and Cryptography, Volume 77, Issue 2, Springer-Verlag (2015), pp 493–514.
Date: 2015-04-17 [pdf] [bibtex] [more]
-
Daniel J. Bernstein, Daira Hopwood, Andreas Hülsing, Tanja Lange, Ruben Niederhagen, Louiza Papachristodoulou, Michael Schneider, Peter Schwabe, and Zooko Wilcox-O'Hearn:
SPHINCS: practical stateless hash-based signatures.
Advances in Cryptology – EUROCRYPT 2015, Part I,, Lecture Notes in Computer Science 9056, Springer-Verlag (2015). pp 368–397.
Date: 2015-02-02 [pdf] [bibtex] [more]
Supersedes: 2014-10-01 [pdf] -
Michael Hutter and Peter Schwabe:
Multiprecision multiplication on AVR revisited.
Journal of Cryptographic Engineering, Volume 5, Issue 3, Springer-Verlag (2015), pp 201–214.
Date: 2015-01-01 [pdf] [bibtex] [more]
Supersedes: 2014-07-15 [pdf], supersedes: 2014-07-31 [pdf] -
Gesine Hinterwälder, Amir Moradi, Michael Hutter, Peter Schwabe, and Christof Paar:
Full size high security ECC implementation on MSP430 microcontrollers
Progress in Cryptology – LATINCRYPT 2014, Lecture Notes in Computer Science 8895, Springer-Verlag (2015), pp 31–47.
Date: 2014-10-01 [pdf] [bibtex] -
Özgür Dagdelen, Rachid El Bansarkhani, Florian Göpfert, Tim Güneysu, Tobias Oder, Thomas Pöppelmann , Ana Helena Sánchez, and Peter Schwabe:
High-Speed Signatures from Standard Lattices.
Progress in Cryptology – LATINCRYPT 2014, Lecture Notes in Computer Science 8895, Springer-Verlag (2015), pp 84–103.
Date: 2014-09-04 [pdf] [bibtex] -
Daniel J. Bernstein, Bernard van Gastel, Wesley Janssen, Tanja Lange, Peter Schwabe, and Sjaak Smetsers:
TweetNaCl: A crypto library in 100 tweets.
Progress in Cryptology – LATINCRYPT 2014, Lecture Notes in Computer Science 8895, Springer-Verlag (2015), pp 64–83.
Date: 2014-09-17 [pdf] [bibtex] [more]
Supersedes: 2013-12-29[pdf] -
Lejla Batina, Łukasz Chmielewski, Louiza Papachristodoulou, Peter Schwabe, and Michael Tunstall:
Online Template Attacks.
Full version: Journal of Cryptographic Engineering, Volume 9, Issue 1, Springer-Verlag (2017), pp 21–36.
Short version: Progress in Cryptology – INDOCRYPT 2014, Lecture Notes in Computer Science 8885, Springer Verlag (2014), pp 21–36.
Date: 2017-08-12 [pdf] [bibtex]
Supersedes: 2014-09-22[pdf] -
Daniel J. Bernstein, Chitchanok Chuengsatiansup, Tanja Lange, and Peter Schwabe:
Kummer strikes back: new DH speed records.
Advances in Cryptology – ASIACRYPT 2014, Lecture Notes in Computer Science 8873, Springer-Verlag (2014), pp 317–337.
Date: 2014-10-28 [pdf] [bibtex]
Supersedes: 2014-02-18 [pdf] -
Yu-Fang Chen, Chang-Hong Hsu, Hsin-Hung Lin, Peter Schwabe, Ming-Hsien Tsai, Bow-Yaw Wang, Bo-Yin Yang, and Shang-Yi Yang:
Verifying Curve25519 Software.
2014 ACM SIGSAC Conference on Computer and Communications Security, CCS'14, ACM (2014), pp 299–309.
Date: 2014-08-24 [pdf] [bibtex]
Supersedes: 2014-04-28 [pdf] -
Chitchanok Chuengsatiansup, Michael Naehrig, Pance Ribarski, and Peter Schwabe:
PandA: Pairings and Arithmetic.
Pairing-Based Cryptography – Pairing 2013, Lecture Notes in Computer Science 8365, Springer-Verlag (2014), pp. 229–250.
Date: 2013-12-04 [pdf] [bibtex] -
Keith Alexander, Daniel J. Bernstein, Timo Kasper, Tanja Lange, and Peter Schwabe:
Spyin' NSA.
Journal of Craptology, volume 9 (invited paper).
Date: 2013-08-23 [pdf] [bibtex] -
Daniel J. Bernstein, Tung Chou, and Peter Schwabe:
McBits: fast constant-time code-based cryptography.
Cryptographic Hardware and Embedded Systems – CHES 2013, Lecture Notes in Computer Science 8086, Springer-Verlag (2013), pp 250–272.
Date: 2013-06-16 [pdf] [bibtex] -
Tim Güneysu, Tobias Oder, Thomas Pöppelmann, and Peter Schwabe:
Software speed records for lattice-based signatures.
Post-Quantum Cryptography, Lecture Notes in Computer Science 7932, Springer-Verlag (2013), pp 67–82.
Date: 2013-03-28 [pdf] [bibtex] [more] -
Michael Hutter and Peter Schwabe:
NaCl on 8-bit AVR Microcontrollers.
Progress in Cryptology – AFRICACRYPT 2013, Lecture Notes in Computer Science 7918, Springer-Verlag (2013), pp 156–172.
Date: 2013-05-14 [pdf] [bibtex] [more]
Supersedes: 2013-02-20 [pdf] -
Severin Holzer-Graf, Thomas Krinninger, Martin Pernull, Martin Schläffer,
Peter Schwabe, David Seywald, and Wolfgang Wieser:
Efficient Vector Implementations of AES-based Designs: A Case Study and New Implemenations for Grøstl.
Topics in Cryptology – CT-RSA 2013, Lecture Notes in Computer Science 7779, Springer-Verlag (2013), pp 145–161.
Date: 2012-11-19 [pdf] [bibtex]
Supersedes: 2012-10-06 [pdf] -
Daniel J. Bernstein, Tanja Lange, and Peter Schwabe:
The security impact of a new cryptographic library.
Progress in Cryptology – LATINCRYPT 2012, Lecture Notes in Computer Science 7533, Springer-Verlag (2012), pp 159–176.
Date: 2012-07-25 [pdf] [bibtex] [more]
Supersedes: 2011-12-01 [pdf] -
Daniel J. Bernstein and Peter Schwabe:
NEON crypto.
Cryptographic Hardware and Embedded Systems – CHES 2012, Lecture Notes in Computer Science 7428, Springer-Verlag (2012), pp 320–339.
Date: 2012-03-20 [pdf] [bibtex] [more] -
Peter Schwabe, Bo-Yin Yang, and Shang-Yi Yang:
SHA-3 on ARM11 processors.
Progress in Cryptology – AFRICACRYPT 2012, Lecture Notes in Computer Science 7374, Springer Verlag (2012), pp 324–341.
Date: 2012-04-22 [pdf] [bibtex] [more]
Supersedes: 2011-11-25 [pdf] -
Peter Schwabe:
Graphics Processing Units.
Chapter in Secure Smart Embedded Devices: Platforms and Applications. Springer-Verlag (2014).
Date: 2013-03-10 [pdf] [bibtex]
The final publication will be available at www.springerlink.com. -
Daniel J. Bernstein, Hsieh-Chung Chen, Chen-Mou Cheng, Tanja Lange, Ruben Niederhagen, Peter Schwabe, and Bo-Yin Yang:
Usable assembly language for GPUs: a success story.
Workshop record of Special-Purpose Hardware for Attacking Cryptographic Systems – SHARCS 2012, pp. 169–178.
Date: 2012-03-13 [pdf] [bibtex] -
Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang:
High-speed high-security signatures.
Full version: Journal of Cryptographic Engineering, Volume 2, Issue 2, Springer-Verlag (2012), pp 77–89.
Short version: Cryptographic Hardware and Embedded Systems – CHES 2011. Lecture Notes in Computer Science 6917, Springer-Verlag (2011), pp 124–142.
Date: 2011-09-26 [pdf] [bibtex] [more]
Supersedes: 2011-07-05[pdf] -
Daniel J. Bernstein, Tanja Lange, Christiane Peters, and Peter Schwabe:
Really fast syndrome-based hashing.
Progress in Cryptology – AFRICACRYPT 2011, Lecture Notes in Computer Science 6737, Springer-Verlag (2011), pp 134–152.
Date: 2011-05-08 [pdf] [bibtex]
[more]
Supersedes: 2011-02-14 [pdf] -
Daniel J. Bernstein, Tanja Lange, Christiane Peters, and Peter Schwabe:
Faster 2-regular information-set decoding.
Coding and Cryptology, Lecture Notes in Computer Science 6639, Springer Verlag (2011), pp 81–98.
Date: 2011-03-09 [pdf] [bibtex] -
Daniel J. Bernstein, Tanja Lange, and Peter Schwabe:
On the correct use of the negation map in the Pollard rho method.
Public Key Cryptography – PKC 2011, Lecture Notes in Computer Science 6571, Springer-Verlag (2011), pp 128–146.
Date: 2011-01-02 [pdf] [bibtex]
-
Daniel J. Bernstein, Hsieh-Chung Chen, Chen-Mou Cheng, Tanja Lange, Ruben Niederhagen, Peter Schwabe, and Bo-Yin Yang:
ECC2K-130 on NVIDIA GPUs.
Progress in Cryptology – INDOCRYPT 2010, Lecture Notes in Computer Science 6498, Springer Verlag (2010), pp 328–346.
Date: 2012-01-02 [pdf] [bibtex]
-
Michael Naehrig, Ruben Niederhagen, and Peter Schwabe:
New software speed records for cryptographic pairings.
Progress in Cryptology – LATINCRYPT 2010, Lecture Notes in Computer Science 6212, Springer-Verlag (2010), pp. 109–123.
Date: 2010-07-14 [pdf] [bibtex] [more]
Supersedes: 2010-05-28 [pdf], supersedes: 2010-04-06 [pdf]
Caution: The software as described in versions 2010-05-28 and 2010-04-06 of the paper has a bug related to the choice of curve parameters. This also affects the version in the Latincrypt 2010 proceedings. A corrected version of the software is available and the bug is corrected from version 2010-07-14 of the paper. -
Joppe W. Bos, Thorsten Kleinjung, Ruben Niederhagen, and Peter Schwabe:
ECC2K-130 on Cell CPUs.
Progress in Cryptology – AFRICACRYPT 2010, Lecture Notes in Computer Science 6055, Springer Verlag (2010), pp 225–242.
Date: 2010-02-28 [pdf] [bibtex]
Supersedes: 2010-02-12 [pdf] -
Daniel J. Bernstein, Tanja Lange, Ruben Niederhagen, Christiane Peters, and Peter Schwabe:
FSBday: Implementing Wagner's generalized birthday attack against the SHA-3 round-1 candidate FSB.
Progress in Cryptology – INDOCRYPT 2009, Lecture Notes in Computer Science 5922, Springer Verlag (2009), pp 18–38.
Date: 2011-09-27 [pdf] [bibtex] [more]
Supersedes: 2009-09-24 [pdf], supersedes: 2009-09-01 [pdf], supersedes: 2009-06-17 [pdf] -
Daniel V. Bailey, Brian Baldwin, Lejla Batina, Daniel J. Bernstein, Peter Birkner, Joppe W. Bos, Gauthier van Damme,
Giacomo de Meulenaer, Junfeng Fan, Tim Güneysu, Frank Gürkaynak, Thorsten Kleinjung, Tanja Lange, Nele Mentens,
Christof Paar, Francesco Regazzoni, Peter Schwabe, and Leif Uhsadel:
The Certicom Challenges ECC2-X.
Workshop Record of SHARCS'09: Special-purpose Hardware for Attacking Cryptographic Systems, pp 51–82.
Date: 2009-09-17 [pdf] [bibtex] -
Michael Naehrig, Christiane Peters, and Peter Schwabe:
SHA-2 will soon retire - The SHA-3 Song.
Journal of Craptology, volume 7 (invited paper).
Date: 2009-06-22 [pdf] [bibtex] [more] -
Emilia Käsper and Peter Schwabe:
Faster and Timing-Attack Resistant AES-GCM.
Cryptographic Hardware and Embedded Systems – CHES 2009, Lecture Notes in Computer Science 5745, Springer-Verlag (2009), pp 3–33.
Date: 2009-06-16 [pdf] [bibtex] [more]
Supersedes: 2009-03-19 [pdf] -
David Kammler, Diandian Zhang, Peter Schwabe, Hanno Scharwaechter, Markus Langenberg,
Dominik Auras, Gerd Ascheid, and Rudolf Mathar:
Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves.
Cryptographic Hardware and Embedded Systems – CHES 2009, Lecture Notes in Computer Science 5745, Springer-Verlag (2009), pp 254–271.
Date: 2009-07-14 [pdf] [bibtex]
See also full version of the paper by David Kammler, Diandian Zhang, Peter Schwabe, Hanno Scharwaechter, Markus Langenberg, Dominik Auras, Rainer Leupers, Gerd Ascheid, Rudolf Mathar, and Heinrich Meyr: [pdf]
Supersedes: 2009-03-31 [pdf], supersedes: 2009-02-05 [pdf] -
Neil Costigan and Peter Schwabe:
Fast elliptic-curve cryptography on the Cell Broadband Engine.
Progress in Cryptology – AFRICACRYPT 2009, Lecture Notes in Computer Science 5580, Springer-Verlag (2009), pp 368–385.
Date: 2009-03-31 [pdf] [bibtex] [more]
Supersedes: 2009-01-21 [pdf], supersedes: 2009-01-07 [pdf] -
Daniel J. Bernstein and Peter Schwabe:
New AES software speed records.
Progress in Cryptology – INDOCRYPT 2008, Lecture Notes in Computer Science 5365, Springer-Verlag (2008), pp 322–336.
Date: 2008-09-26 [pdf] [bibtex] [more]
Supersedes: 2008-09-08 [pdf] -
Michael Naehrig, Paulo S. L. M. Barreto and Peter Schwabe:
On compressible pairings and their computation.
Progress in Cryptology – AFRICACRYPT 2008, Lecture Notes in Computer Science 5023, Springer-Verlag (2008), pp. 371–388.
[pdf] [bibtex] [more]
Technical Reports and Preprints
-
Amin Abdulrahman, Felix Oberhansl, Hoang Nguyen Hien Pham, Jade Philipoom, Peter Schwabe, Tobias Stelzer, and Andreas Zankl:
Towards ML-KEM & ML-DSA on OpenTitan.
Date: 2024-07-24 [pdf] [bibtex] -
Santiago Arranz Olmos, Gilles Barthe, Chitchanok Chuengsatiansup,
Benjamin Grégoire, Vincent Laporte,
Tiago Oliveira, Peter Schwabe, Yuval Yarom, and Zhiyuan Zhang:
Protecting cryptographic code against Spectre-RSB (and, in fact, all known Spectre variants).
Date: 2024-07-02 [pdf] [bibtex]
-
Manuel Barbosa and Peter Schwabe:
Kyber terminates.
Date: 2023-05-16 [pdf] [bibtex] -
Daniel Heinz, Matthias J. Kannwischer, Georg Land, Thomas Pöppelmann, Peter Schwabe, and Amber Sprenkels:
First-Order Masked Kyber on ARM Cortex-M4.
Date: 2023-12-11 [pdf] [bibtex] [more]
Supersedes: 2022-01-17 [pdf] -
Erdem Alkim, Léo Ducas, Thomas Pöppelmann, and Peter Schwabe:
NewHope without reconciliation.
Date: 2017-11-08 [pdf] [bibtex]
Supersedes: 2016-12-17 [pdf] -
Erdem Alkim, Nina Bindel, Johannes Buchmann, Özgür Dagdelen, and Peter Schwabe:
TESLA: Tightly-secure efficient signatures from standard lattices.
Date: 2016-10-05 [pdf] [bibtex] [more]
Supersedes: 2016-08-02 [pdf]
Note: Gus Gutoski and Chris Peikert independently informed us about a mistake in the security reduction from LWE to TESLA. This mistake does not, as far as we can tell, lead to any attack against TESLA. Moreover, the (non-tight) security reduction given by Bai and Galbraith still holds. The proof is fixed (at the expense of different parameters with much worse performance) in the paper Revisiting TESLA in the quantum random oracle model by Erdem Alkim, Nina Bindel, Johannes Buchmann, Özgür Dagdelen, Edward Eaton, Gus Gutoski, Juliane Krämer, and Filip Pawlega, which was published at PQCRYPTO 2017. -
Daniel J. Bernstein, Susanne Engels, Tanja Lange, Ruben Niederhagen, Christof Paar, Peter Schwabe, and Ralf Zimmermann:
Faster elliptic-curve discrete logarithms on FPGAs.
Date: 2016-12-12 [pdf] [bibtex]
Supersedes: 2016-08-06 [pdf], supersedes: 2016-04-14 [pdf] -
Daniel J. Bernstein, Simon Josefsson, Tanja Lange, Peter Schwabe, and Bo-Yin Yang:
EdDSA for more curves.
Date: 2015-07-04 [pdf] [bibtex]
-
Julien Schmaltz and Peter Schwabe:
Verification of optimised 48-bit multiplications on AVR.
Date: 2015-06-09 [pdf] [bibtex] -
Elif Bilge Kavun, Martin M. Lauridsen, Gregor Leander, Christian Rechberger, Peter Schwabe, and Tolga Yalçın:
Prøst v1.1.
Submission to the CAESAR competition.
Date: 2015-01-14 [pdf] [bibtex] -
Daniel J. Bernstein, Tanja Lange, and Peter Schwabe.
Improved Networking and Cryptography Library.
Deliverable 2.5 of the EU FP7 project Computer Aided Cryptography Engineering (CACE). 2011.
Date: 2011-02-21 [pdf] [bibtex]
-
Daniel V. Bailey, Lejla Batina, Daniel J. Bernstein, Peter Birkner, Joppe W. Bos,
Hsieh-Chung Chen, Chen-Mou Cheng, Gauthier Van Damme, Giacomo de Meulenaer,
Luis Julian Dominguez Perez, Junfeng Fan, Tim Güneysu, Frank Gürkaynak, Thorsten Kleinjung,
Tanja Lange, Nele Mentens, Ruben Niederhagen, Christof Paar, Francesco Regazzoni,
Peter Schwabe, Leif Uhsadel, Anthony Van Herrewege, and Bo-Yin Yang:
Breaking ECC2K-130.
Date: 2009-11-06 [pdf] [bibtex]
Standardization Efforts
CRYSTALS–Kyber (selected for standardization by NIST in July 2022)
-
Roberto Avanzi, Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Peter Schwabe, Gregor Seiler, and Damien Stehlé:
CRYSTALS–Kyber: algorithm specification and supporting documentation (version 3.02).
Round-3 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2021-08-04 [pdf] [bibtex]
Supersedes: 2021-01-31 (version 3.01) [pdf], supersedes: 2020-10-01 (version 3.0, original round-3 submission) [pdf]. -
Roberto Avanzi, Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Peter Schwabe, Gregor Seiler, and Damien Stehlé:
CRYSTALS–Kyber: algorithm specification and supporting documentation (version 2.0).
Round-2 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2019-04-01 [pdf] [bibtex] -
Roberto Avanzi, Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Peter Schwabe, Gregor Seiler, and Damien Stehlé:
CRYSTALS–Kyber: algorithm specification and supporting documentation.
Round-1 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2017-11-30 [pdf] [bibtex] -
Peter Schwabe and Bas Westerbaan:
Kyber Post-Quantum KEM.
IETF Internet draft draft-cfrg-schwabe-kyber. - See also the CRYSTALS–Kyber website.
CRYSTALS–Dilithium (selected for standardization by NIST in July 2022)
-
Shi Bai, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, Peter Schwabe, Gregor Seiler, and Damien Stehlé:
CRYSTALS–Dilithium: algorithm specification and supporting documentation (Version 3.1).
Round-3 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2021-02-08 [pdf] [bibtex]
Supersedes: 2020-10-01 (original round-3 submission) [pdf]. -
Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, Peter Schwabe, Gregor Seiler, and Damien Stehlé:
CRYSTALS–Dilithium: algorithm specification and supporting documentation.
Round-2 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2019-03-30 [pdf] [bibtex] -
Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, Peter Schwabe, Gregor Seiler, and Damien Stehlé:
CRYSTALS–Dilithium: algorithm specification and supporting documentation.
Round-1 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2017-11-30 [pdf] [bibtex] - See also the CRYSTALS–Dilithium website.
SPHINCS+ (selected for standardization by NIST in July 2022)
-
Jean-Philippe Aumasson, Daniel J. Bernstein, Ward Beullens, Christoph Dobraunig, Maria Eichlseder, Scott Fluhrer, Stefan-Lukas Gazdag,
Andreas Hülsing, Panos Kampanakis, Stefan Kölbl, Tanja Lange, Martin M. Lauridsen,
Florian Mendel, Ruben Niederhagen, Christian Rechberger, Joost Rijneveld, Peter Schwabe, and Bas Westerbaan:
SPHINCS+: Submission to the NIST post-quantum project, v3.1.
Round-3 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2022-06-10 [pdf] [bibtex]
Supersedes: 2020-10-01 (v3, original round-3 submission) [pdf]. -
Jean-Philippe Aumasson, Daniel J. Bernstein, Christoph Dobraunig, Maria Eichlseder, Scott Fluhrer, Stefan-Lukas Gazdag,
Andreas Hülsing, Panos Kampanakis, Stefan Kölbl, Tanja Lange, Martin M. Lauridsen,
Florian Mendel, Ruben Niederhagen, Christian Rechberger, Joost Rijneveld, and Peter Schwabe:
SPHINCS+: Submission to the NIST post-quantum project.
Round-2 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2019-03-14 [pdf] [bibtex] -
Daniel J. Bernstein, Christoph Dobraunig, Maria Eichlseder, Scott Fluhrer, Stefan-Lukasz Gazdag,
Andreas Hülsing, Panos Kampanakis, Stefan Kölbl, Tanja Lange, Martin M. Lauridsen,
Florian Mendel, Ruben Niederhagen, Christian Rechberger, Joost Rijneveld, and Peter Schwabe:
SPHINCS+: Submission to the NIST post-quantum project.
Round-1 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2017-11-30 [pdf] [bibtex] - See also the SPHINCS+ website.
NTRU (NTRU-HRSS-KEM in round 1, merged with NTRUEncrypt for NIST PQC rounds 2 and 3)
-
Cong Chen, Oussama Danba, Jeffrey Hoffstein, Andreas Hulsing, Joost Rijneveld, John M. Schanck, Peter Schwabe, William Whyte, Zhenfei Zhang, Tsunekazu Saito, Takashi Yamakawa, Keita Xagawa:
NTRU: Algorithm Specifications and Supporting Documentation.
Round-3 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2020-09-30 [pdf] [bibtex] -
Cong Chen, Oussama Danba, Jeffrey Hoffstein, Andreas Hülsing, Joost Rijneveld, John M. Schanck, Peter Schwabe, William Whyte, and Zhenfei Zhang:
NTRU: Algorithm Specifications and Supporting Documentation.
Round-2 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2019-03-30 [pdf] [bibtex] -
Andreas Hülsing, Joost Rijneveld, John M. Schanck, and Peter Schwabe:
NTRU-HRSS-KEM: Algorithm Specifications and Supporting Documentation.
Round-1 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2017-11-30 [pdf] [bibtex] - See also the NTRU website.
Classic McEliece (merged with NTS-KEM from NIST PQC round 3; resigned from the team early in round 4)
-
Martin R. Albrecht, Daniel J. Bernstein, Tung Chou, Carlos Cid, Jan Gilcher, Tanja Lange, Varun Maram, Ingo von Maurich, Rafael Misoczki, Ruben Niederhagen,
Kenneth G. Paterson, Edoardo Persichetti, Christiane Peters, Peter Schwabe, Nicolas Sendrier, Jakub Szefer, Cen Jung Tjhai, Martin Tomlinson, and Wen Wang:
Classic McEliece: conservative code-based cryptography.
Round-3 submission to the NIST Post-Quantum Cryptography Standardization Project..
Date: 2020-10-10 [pdf] [bibtex] -
Daniel J. Bernstein, Tung Chou, Tanja Lange, Ingo von Maurich, Rafael Misoczki, Ruben Niederhagen,
Edoardo Persichetti, Christiane Peters, Peter Schwabe, Nicolas Sendrier, Jakub Szefer, and Wen Wang:
Classic McEliece: conservative code-based cryptography.
Round-2 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2019-03-31 [pdf] [bibtex] -
Daniel J. Bernstein, Tung Chou, Tanja Lange, Ingo von Maurich, Rafael Misoczki, Ruben Niederhagen,
Edoardo Persichetti, Christiane Peters, Peter Schwabe, Nicolas Sendrier, Jakub Szefer, and Wen Wang:
Classic McEliece: conservative code-based cryptography.
Round-1 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2017-11-29 [pdf] [bibtex] - See also the Classic McEliece website.
NewHope
-
Martin R. Albrecht, Erdem Alkim, Roberto Avanzi, Joppe Bos, Léo Ducas, Emmanuela Orsini, Valery Osheter,
Kenneth G. Paterson, Guy Peer, Antonio de la Piedra, Thomas Pöppelmann, Peter Schwabe, Nigel P. Smart, and Douglas Stebila:
NewHope: algorithm specification and supporting documentation.
Round-2 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2019-03-15 [pdf] [bibtex] -
Erdem Alkim, Roberto Avanzi, Joppe Bos, Léo Ducas, Antonio de la Piedra, Thomas Pöppelmann, Peter Schwabe, and Douglas Stebila:
NewHope: algorithm specification and supporting documentation.
Round-1 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2017-11-28 [pdf] [bibtex] - See also the NewHope website.
MQDSS
-
Ming-Shing Chen, Andreas Hülsing, Joost Rijneveld, Simona Samardjiska, and Peter Schwabe:
MQDSS specifications (version 2.1).
Round-2 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2020-04-14 [pdf] [bibtex]
Supersedes: 2019-03-15 (version 2.0, original round-2 submission) [pdf], -
Ming-Shing Chen, Andreas Hülsing, Joost Rijneveld, Simona Samardjiska, and Peter Schwabe:
MQDSS specifications (version 1.1).
Round-1 submission to the NIST Post-Quantum Cryptography Standardization Project.
Date: 2018-08-31 [pdf] [bibtex]
Supersedes: 2017-11-29 (version 1.0, original round-1 submission) [pdf], - See also the MQDSS website.
Gimli
-
Daniel J. Bernstein, Stefan Kölbl, Stefan Lucks, Pedro Maat Costa Massolino, Florian Mendel, Kashif Nawaz,
Tobias Schneider, Peter Schwabe, François-Xavier Standaert, Yosuke Todo, and Benoît Viguier:
Gimli 20190927.
Round-2 Submission to the NIST Lightweight Cryptography Standardization Project.
Date: 2019-09-27 [pdf] [bibtex] -
Daniel J. Bernstein, Stefan Kölbl, Stefan Lucks, Pedro Maat Costa Massolino, Florian Mendel, Kashif Nawaz,
Tobias Schneider, Peter Schwabe, François-Xavier Standaert, Yosuke Todo, and Benoît Viguier:
Gimli 20190329.
Round-1 Submission to the NIST Lightweight Cryptography Standardization Project.
Date: 2019-03-29 [pdf] [bibtex] - See also the Gimli website.
KEMTLS
-
Sofía Celi, Peter Schwabe, Douglas Stebila, Nick Sullivan, and Thom Wiggers:
KEM-based Authentication for TLS 1.3.
IETF Internet draft draft-celi-wiggers-tls-authkem.
Talks
- Slides from my talk Kyber – Implementation aspects, 2024-08-01 at the The Cornell, Maryland, Max Planck Pre-doctoral Research School in Computer Science (CMMRS 2024), Saarbrücken, Germany.
- Slides from my talk Kyber – Design, 2024-08-01 at the The Cornell, Maryland, Max Planck Pre-doctoral Research School in Computer Science (CMMRS 2024), Saarbrücken, Germany.
- Slides from my talk Formosa Crypto – High-assurance crypto in practice, 2024-02-20 at QSMC, Taipei, Taiwan (given remotely).
- Slides from my invited talk High-assurance crypto in practice – Challenges and recent results, 2023-09-11 at CHES 2023, Prague, Czech Republic.
- Slides from my invited talk Post-Quantum Crypto Software – Embedded and High-Assurance, 2023-06-28 at the 10th International VDI Conference – Cyber Security for Vehicles, Frankfurt, Germany.
- Slides from my talk Kyber, 2023-03-26 at Real World PQC, Tokyo, Japan.
-
Slides from my talk NIST PQC: Ein Blick zurück und in die Zukunft,
2023-02-21 at the Gesellschaft für Informatik (in German, slides in English).
See also the video on youtube. - Slides from my talk High-assurance crypto, 2023-01-30 at the IACR School on Applied Cryptography, Bangkok, Thailand. [Exercises] [Exercise solutions]
- Slides from my talk Formosa Crypto, 2022-12-05 at the PQC Standardization & Migration Workshop, Taipei, Taiwan.
- Slides from my talk CRYSTALS-Kyber, 2022-11-29 at the Fourth NIST PQC Standardization Conference, virtual.
- Slides from my talk Engineering high-assurance crypto software, 2022-09-30 at the 2022 Graz Security Week, Graz, Austria.
- Slides from my invited talk 6 years of NIST PQC – looking back and ahead, 2022-09-29 at PQCRYPTO 2022 (virtual event).
- Slides from my talk Post-quantum key encapsulation: Kyber, 2022-08-31 at IPAS Tech Sharing.
- Slides from my talk NIST PQC, Kyber, and beyond, 2022-08-10 at Infineon, San Jose, USA.
- Slides from my talk Engineering post-quantum cryptography, 2022-05-04 at the post-COINS spring school, Oslo, Norway.
- Slides from my talk Introduction to lattice-based KEMs, 2022-05-04 at the post-COINS spring school, Oslo, Norway. [Exercises] [Exercise solutions]
- Slides from my tutorial talk An introduction to hash-based signatures, 2021-12-13 at SPACE 2021 (virtual event). [Exercises] [Exercise solutions]
- Slides from my talk An introduction to hash-based signatures, 2021-12-07 at the 1st MSCR Cryptography School (CRYPTOS 2021) (virtual event).
- Slides from my talk An introduction to lattice-based KEMs, 2021-12-07 at the 1st MSCR Cryptography School (CRYPTOS 2021) (virtual event).
-
Slides from my talk My personal experience with the NIST PQC "competition",
2021-11-18 at the KpqC workshop of the Affiliated Institute of ETRI, South Korea (given remotely).
See also the video on youtube. - Slides from my talk Post-quantum WireGuard, 2021-10-25 at ZITiS (given remotely).
- Slides from my talk Crypto protocols for the post-quantum era: PQ-WireGuard and KEMTLS, 2021-09-09 in the CRC Seminar Series of TII (given remotely).
- Slides from my tutorial talk An introduction to lattice-based KEMs, 2020-12-17 at SPACE 2020 (virtual event). [Exercises] [Exercise solutions]
- Slides from my talk Hash-based signatures – from Lamport to SPHINCS+, 2020-11-18 at the Indian Workshop on Post-Quantum Cryptography (virtual event).
- Slides from my talk The transition to post-quantum cryptography: challenge and chance, 2020-11-14 at ICITDA 2020 (virtual event).
- Slides from my talk Optimizing crypto on embedded microcontrollers, 2020-10-04 in the PQEmbed workshop (virtual event).
- Slides from my talk Post-quantum crypto on embedded microcontrollers, 2019-12-04 as a CASA Distinguished Lecture, Ruhr-University Bochum, Germany.
- Slides from my talk The transition to post-quantum crypto, 2019-11-19 for alumni of Radboud University, The Netherlands.
- Slides from my talk Post-quantum crypto on ARM Cortex-M, 2019-11-11 at CARDIS 2019, Prague, Czech Republic.
- Slides from my talk The transition to post-quantum cryptography, 2019-10-15 in the cyber security seminar at TU Delft, The Netherlands.
- Slides from my talk Engineering lattice-based cryptography, 2019-09-30 at ASCrypto 2019, Santiago, Chile.
- Slides from my talk Implementing post-quantum cryptography on embedded microcontrollers, 2019-09-17 at the 2019 Graz Security Week, Graz, Austria.
- Slides from my talk The NIST post-quantum project, 2019-09-04 at the NERD Summer School 2019, Aachen, Germany.
- Slides from my talk CRYSTALS-Kyber, 2019-08-23 at the Second NIST PQC Conference, Santa Barbara, USA.
- Slides from my talk On implementation issues of post-quantum cryptography, 2019-06-13 at the Central European Conference on Cryptology, Telč, Czech Republic.
- Slides from my talk Post-quantum crypto on ARM Cortex M, 2019-01-23 in the Security and Cryptography Group of Microsoft Research, Redmond, USA.
- Slides from my talk Optimizing crypto on embedded microcontrollers, 2018-12-10 in the seminar of Australian Summer School on Embedded Cryptography Adelaide, Australia.
- Slides from my talk Implementing post-quantum cryptography, 2018-06-28 in the PQCRYPTO Mini-School Taipei, Taiwan.
- Slides from my talk Hash-based signatures, 2018-06-28 in the PQCRYPTO Mini-School Taipei, Taiwan.
- Slides from my talk CRYSTALS-Kyber, 2018-04-12 at the First NIST PQC Conference, Fort Lauderdale, USA.
- Slides from my talk The transition to post-quantum cryptography, 2018-02-19 in the seminar of Inria Nancy, France.
- Slides from my talk CRYSTALS – Kyber and Dilithium, 2018-02-07 in the Cryptography Seminar at the Mathematical Institute of the University of Oxford, Oxford, UK.
- Slides from my talk Implementing post-quantum crypto, 2018-02-01 at the Combined event on Post-Quantum Cryptography, Tenerife, Spain.
- Slides from my talk Post-quantum crypto on μc, 2017-12-12 at the Colloquium on Hardware Security at Continental, Frankfurt, Germany.
- Slides from my talk Long-term security for the IoT?, 2017-11-06 at the Workshop on Cryptography for the Internet of Things and Cloud 2017, Bochum, Germany.
- Slides from my talk Optimizing crypto on embedded microcontrollers, 2017-08-30 at the COINS Summerschool, Metochi (Lesbos), Greece. [Software examples and exercises].
- Slides from my talk Two approaches to verifying high-speed ECC software, 2017-04-29 at the Models and Tools for Security Analysis and Proofs workshop, Paris, France.
-
Slides from my talk From NewHope to Kyber,
2017-04-11 in the Prosecco Seminar at Inria Paris, France;
and similarly
2017-04-07 at Ege University in Izmir, Turkey [slides];
2017-01-17 at the Computer Science Department of the Cinvestav, Mexico [slides];
2017-01-13 at Rambus Security in San Francisco, USA [slides]; and
2017-01-12 in the "Beers and Breakage" seminar at Facebook, Palo Alto, USA. [slides]
- Slides from my talk Post-quantum cryptography, 2017-03-22 at the award ceremony for the Dutch Prize for ICT Research, Amersfoort, The Netherlands.
- Slides from my talk Post-quantum key exchange – a new hope, 2016-08-10 at USENIX Security 2016, Austin, USA.
-
Slides from my talk Post-quantum cryptography,
2016-08-04 at Noisebridge, San Francisco, USA.
See also the video on youtube. - Slides from my talk High-assurance crypto software, 2016-06-22 at the Central European Conference on Cryptology, Piešťany, Slovakia.
- Slides from my talk Timing Attacks and Countermeasures, 2016-06-10 at the Summer School on real-world crypto and privacy, Šibenik, Crotia.
-
Slides from my talk Open Access,
2016-06-07 at the Summer School on real-world crypto and privacy, Šibenik, Crotia.
See also the PhD Comics "Open Access Explained" video on Youtube. -
Slides from my talk Post-quantum key exchange – a new hope,
2016-04-14 at the monthly lattice meeting at University of Lyon, France.
- Slides from my talk Post-Quantum Cryptography, 2015-12-03 at Santacrypt 2015 in Prague, Czech Republic.
- Slides from my talk Verifying ECC software, 2015-09-29 at ECC 2015 in Bordeaux, France.
- Slides from my talk PandA: Pairings and Arithmetic, 2015-06-02 at the SIAM Conference on Applied Algebraic Geometry – AG'15.
- Slides from my talk Software implementation of (H)ECC, 2015-06-02 at the Summer School on real-world crypto and privacy, Šibenik, Crotia.
- Slides from my talk Introduction to software implementations, 2015-06-02 at the Summer School on real-world crypto and privacy, Šibenik, Crotia.
- Slides from the joint talk SPHINCS: practical stateless hash-based signatures by Andreas Hülsing and me, 2015-04-28 at Eurocrypt 2015, Sofia, Bulgaria.
-
Slides from my talk Eliminating Timing Side-Channels. A Tutorial.
2015-01-18 at ShmooCon 2015, Washington DC, USA.
See also the video on youtube. - Slides from my talk Vectorized implementations of post-quantum crypto, 2015-01-12 at DIMACS Workshop on The Mathematics of Post-Quantum Cryptography, Rutgers University, USA.
- Slides from my invited tutorial talk Multiprecision arithmetic (from primary school to Asiacrypt), 2014-10-20 at SPACE 2014, Pune, India.
- Slides from my talk TweetNaCl: A crypto library in 100 tweets, 2014-09-18 at Latincrypt 2014, Florianópolis, Brazil.
- Slides from my talk Fast symmetric crypto on embedded CPUs, 2014-06-05 at the Summer School on Design and security of cryptographic algorithms and devices for real-world applications, Šibenik, Crotia.
- Slides from my talk Verifying crypto – many questions and the beginning of an answer, 2014-05-20 in the Brouwer Seminar, Radboud University Nijmegen, Netherlands.
- Slides from my talk McBits: Fast code-based cryptography, 2013-12-17 at the IMA Conference on Cryptography and Coding, Oxford, England.
-
Slides from my tutorial talk Efficient implementation of finite-field arithmetic,
2013-11-22 at Pairing 2013, Beijing, China, and similarly
2013-09-11 at the ECC 2013 summer school, Leuven, Belgium. - Slides from my talk You vs. the NSA – Why everybody needs high-security crypto, 2013-10-21 at the Semana da Computação, Universidade Federal de Santa Catarina, Florianópolis, Brazil.
- Slides from my talk Efficient software implementation of post-quantum cryptography, 2013-10-20 at ASCrypto 2013, Florianópolis, Brazil.
- Slides from my talk Scalar multiplication algorithms, 2013-09-11 at the ECC 2013 summer school, Leuven, Belgium.
- Slides from my talk Who is afraid of vectors?, 2013-08-26 in the Crypto Group of Microsoft Research, Redmond, USA.
- Slides from my talk A word of warning, 2013-08-22 in the rump session of CHES 2013, Santa Barbara, USA. [software]
- Slides from the joint talk NaCl on 8-bit AVR microcontrollers by Michael Hutter and me, 2013-06-24 at Africacrypt 2013, Cairo, Egypt.
- Slides from my talk NaCl: Cryptography for the Internet, 2013-01-21 at the research retreat Internet crypto, Tenerife, Spain.
- Slides from my talk Constructive and destructive implementations of elliptic-curve arithmetic, 2012-10-30 at ECC 2012 in Querétaro, Mexico.
- Slides from my talk The security impact of a new cryptographic library, 2012-10-09 at Latincrypt 2012 in Santiago, Chile.
- Slides from my presentation NEON crypto, 2012-09-11 at CHES 2012 in Leuven, Belgium.
- Slides from my presentation High-Performance Cryptography in Software, 2012-09-03 in the ECRYPT Summerschool on Challenges in Security Engineering in Bochum, Germany, and similarly 2012-10-15 at the Advanced Programming Seminar at University of Illinois at Chicago.
- Slides from my presentation SHA-3 on ARM11 processors, 2012-07-12 at Africacrypt 2012 in Ifrane, Morocco.
- Slides from my presentation The NaCl library, 2012-07-12 in the rump session of Africacrypt 2012 in Ifrane, Morocco.
-
Slides from my presentation How to use the negation map in the Pollard rho method,
2012-03-09 in the EiPSI Crypto Working Group.
The slides are basically the same as the ones I used for the talk
How to use the negation map in the Pollard rho method, 2011-06-16 in the crypto seminar of the Laboratoire PRiSM at Université de Versailles Saint-Quentin-en-Yvelines. -
Slides from my presentation EdDSA signatures and Ed25519,
2012-02-20 in the Coding Theory and Cryptography Seminar at the
University of Basel.
Subsets of these slides I used in the talks
EdDSA signatures and Ed25519, 2012-03-20 at CARAMEL group, INRIA Nancy,
High-speed high-security signatures, 2011-09-29 at CHES 2011 in Nara, Japan, and
High-speed high-security signatures, 2011-09-14 in the EiPSI seminar at Eindhoven University of Technology. - Slides from my presentation High-Speed Cryptography, 2011-10-24 in the Graduate Seminar of National Taiwan University.
- Slides from my presentation Fun things to do with your mobile phone, 2011-09-30 in the rump session of CHES 2011 in Nara, Japan.
- Slides from my presentation High-speed high-security signatures, 2011-09-29 at CHES 2011 in Nara, Japan.
- Slides from my presentation High-speed high-security signatures, 2011-09-14 in the EiPSI seminar at Eindhoven University of Technology.
- Slides from my talk Really fast syndrome-based hashing, 2011-07-05 at Africacrypt 2011.
- Slides from my talk On the correct use of the negation map in the Pollard rho method, 2010-10-18 in the rump session of ECC 2010 in Redmond, USA.
- Slides from my talk New software speed records for cryptographic pairings, 2010-08-09 at Latincrypt 2010 in Puebla, Mexico.
- Slides from my talk New software speed records for cryptographic pairings, 2010-07-08 in the HGI Colloquium at Ruhr Universität Bochum.
-
Slides from my talk Breaking ECC2K-130, 2010-05-20 in the
Obersemiar Computer Security
at B-IT Bonn.
Subsets of these slides I used for the talks
ECC2K-130 on Cell processors, 2010-05-05, at Africacrypt 2010,
Breaking ECC2K-130 on Cell processors and GPUs, 2010-04-14 in the Workshop on Computer Security and Cryptography at CRM Montréal, and
Breaking ECC2K-130 (on Cell CPUs and NVIDIA GPUs), 2010-03-21 at CARAMEL group, INRIA Nancy. - Slides from my talk How do deal with annoying questions from Dan, 2010-05-04 at the rump session of Africacrypt 2010.
- Slides from my talk NaCl – Networking and Cryptography library, 2009-12-04 at the SPAN meeting at TU Eindhoven and code examples I used in the talk: enc-auth-openssl.c, enc-auth-nacl.c.
- Slides from my talk AES-GCM plus rapide et résistant aux attaques temporelles, 2009-11-13 in the séminaire de cryptographie at Université de Rennes 1.
- Slides from the joint talk FSBday: Implementing Wagner's Generalized Birthday Attack against the round-1 SHA-3 Candidate FSB by Christiane Peters and me, 2009-09-10 at SHARCS 2009.
- Slides from the joint talk The Certicom Challenges ECC2-X by Daniel V. Bailey, Daniel J. Bernstein, Frank Gurkaynak, Tanja Lange and me, 2009-09-09 at SHARCS 2009.
- Slides from my talk Fast elliptic-curve cryptography on the Cell Broadband Engine, 2009-06-24 at Africacrypt 2009 and similarly 2009-05-20 at the COSIC seminar at KU Leuven.
- Slides from the joint talk FSBday: Implementing Wagner's Generalized Birthday Attack against the SHA-3 Candidate FSB by Christiane Peters and me, 2009-06-16 at the INRIA Paris - Rocquencourt.
-
Slides from the joint "talk"
"A brief look at the 56 SHA-3 submissions",
by Christiane Peters,
Michael Naehrig", and me,
2009-04-28 at the rump session of
Eurocrypt 2009.
See also the Lyrics with guitar chords and the video on youtube. - Slides from the joint presentation "How fast is AES?" by Emilia Käsper and me, 2009-02-12 at the rump session of FSE 2009.
- Slides from my presentation "New AES software speed records", 2008-12-16 at Indocrypt 2008.
- Slides from my presentation "Achieving Software Speed Records with qhasm", 2008-11-12 in the EiPSI seminar at Eindhoven University of Technology.
- Slides from my presentation "Effiziente Berechnung der Tate Paarung", 2007-06-06 at the Institute for Theoretical Information Technology at RWTH Aachen University.
- Slides from my presentation "Paarungen und Identitätsbasierte Kryptographie", 2007-05-10 at the Institute for Theoretical Information Technology at RWTH Aachen University.
- Slides from my presentation "Effiziente Implementierung von elliptischen und hyperelliptischen Kurven", 2006-5-31 at the Institute for Theoretical Information Technology at RWTH Aachen University.
- Slides from my presentation "Arithmetik auf hyperelliptischen Kurven", 2005-12-14 at the Institute for Theoretical Information Technology at RWTH Aachen University.
- Slides from my seminar talk "Seitenkanalattacken gegen Kryptographie auf Elliptischen Kurven", 2005-05-17 at the Institute for Theoretical Information Technology at RWTH Aachen University and related report.
Journals
I am or was involved in the editorial board of the following journals:
- Since 2021 Associate Editor of the Journal of Computer Security.
- Member of the Editorial Board of the IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) in 2018, 2019, and 2020; in 2021 Editor-in-Chief together with Elke De Mulder.
- Member of the Editorial Board of the Proceedings of Privacy Enhancing Technology Symposium (PoPETs) in 2017,2018, and 2019.
- From 2015 to 2023, Associate Editor of the Journal of Cryptographic Engineering.
Conferences, Workshops, and Schools
I am or was member of the program committees of the following conferences, workshops, and schools:
- RWC 2025, March 26–28, 2025, Sofia, Bulgaria
- Crypto 2024, August 2024, Santa Barbara, California, USA
- Eurocrypt 2024, May 26–30, 2024, Zurich, Switzerland
- RWC 2024, March 25–27, 2024, Toronto, Canada
- SPACE 2023, December 14–17, Roorkee, India
- Latincrypt 2023, October 2–6, 2023, Quito, Ecuador
- CSF 2023, July 10–14, 2023, Dubrovnik, Croatia
- RWC 2023, March 27–29, 2023, Tokyo, Japan
- SPACE 2022, December 8–11, 2022, Jaipur, India
- CARDIS 2022, November 7–9, 2022, Birmingham, UK
- IWSEC 2022, August 31–September 2, 2022, Tokyo, Japan
- ACM CCS 2022 (Applied Cryptography Track), November 14–19, 2022, Los Angeles, USA
- Indocrypt 2021, December 12–15, 2021, Jaipur, India
- SPACE 2021, December 11–15, 2021, Kolkata/Kharagpur, India
- CARDIS 2021, November 10–12, 2021, Lübeck, Germany
- IEEE S&P 2022, May 22–26, 2022, USA
- Crypto 2021, August 16–20, 2021, Santa Barbara, California, USA
- Latincrypt 2021, October 6–8, 2021, virtual conference
- CARDIS 2020, November 18–19, 2020, virtual conference
- Indocrypt 2020, December 13–16, 2020, virtual conference
- Eurocrypt 2020, May 10–14, 2020, Zagreb, Croatia
- Indocrypt 2019, December 15–18, 2019, Hyderabad, India
- SSR 2019, November 7–8, 2019, London, UK
- CARDIS 2019, November 11–13, 2019, Prague, Czech Republic.
- Latincrypt 2019, October 2–4, 2019, Santiago, Chile (program co-chair).
- Indocrypt 2018, December 10–12, 2018, New Delhi, India
- Kangacrypt 2018, December 7–8, 2018, Adelaide, Australia
- SSR 2018, November 26–27, 2018, Darmstadt, Germany
- PROOFS 2018, September 13, Amsterdam, The Netherlands
LightSec 2018, September 10–12, 2018, Cardiff, UK(cancelled)- SAC 2018, August 15–18, 2018, Calgary, Canada
- SICHERHEIT 2018, April 25–27, 2018, Konstanz, Germany
- Africacrypt 2018, May 7–9, 2018, Marrakesh, Morocco.
- PQCRYPTO 2018, April 9–11, 2018, Fort Lauderdale, USA.
- Asiacrypt 2017, December 3–7, 2017, Hong Kong, China.
- ECC 2017, November 13–15, 2017, Nijmegen, The Netherlands (co-chair)
- ECC 2017 school, November 9–11, 2017, Nijmegen, The Netherlands (co-organizer)
- Latincrypt 2017, September 17–22, 2017, Havana, Cuba.
- PQCRYPTO 2017, June 26–28, 2017, Utrecht, The Netherlands
- CSF 2017, August 22–25, 2017, Santa Barbara, USA. (Session Chair of the session on Computer-Aided Cryptography)
- Summer School on real-world crypto and privacy, June 5–9, 2017, Šibenik, Croatia. (Co-organizer)
- HighLight, October 31–November 4, 2016, Leiden, The Netherlands (Co-organizer)
- SPEED-B, October 19–21 2016, Utrecht, The Netherlands. (Co-organizer)
- Africacrypt 2017, May 24–26 2017, Dakar, Senegal
- ICMC 2017, January 17–21, 2017, Haldia, India
- CANS 2016, November 14–16, 2016, Milan, Italy
- Asiacrypt 2016, December 4–8, 2016, Hanoi, Vietnam
- SCN 2016, August 31–September 2, 2016, Amalfi, Italy.
- Eurocrypt 2016, May 8–12, 2016, Vienna, Austria.
- Summer School on real-world crypto and privacy, June 5–10, 2016, Šibenik, Croatia. (Co-organizer)
- Africacrypt 2016, April 13–15, 2016, Fes, Morocco.
- PKC 2016, March 6–9, 2016, Taipei, Taiwan.
- Asiacrypt 2015, November 29–December 3, 2015, Auckland, New Zealand.
- WESS 2015, October 8, 2015, Amsterdam, The Netherlands.
- SPACE 2015, October 3–7, 2015, Jaipur, India (program co-chair).
- CHES 2015, September 13–16, 2015, Saint-Malo, France.
- LightSec 2015, September 11–11, 2015, Bochum, Germany.
- Latincrypt 2015, August 23–26, 2015, Guadalajara, Mexico.
- Summer School on real-world crypto and privacy, May 31–June 5, 2015, Šibenik, Croatia. (Co-organizer)
Africacrypt 2015, May 27–29, 2015, Dakar, Senegal. (cancelled and postponed to 2016)- PKC 2015, April 30–May 1, Washington DC, USA.
- WESS 2014, October 17, 2014, New Delhi, India.
- CHES 2014, September 23–26, 2014, Busan, Korea.
- Latincrypt 2014, September 17–19, 2014, Florianópolis, Brazil.
- Africacrypt 2014, May 28–30, 2014, Marrakesh, Morocco.
- Pairing 2013, Nov 22–24, 2013, Beijing, China.
- WESS 2013, September 29, 2013, Montreal, Canada.
- SAC 2013, August 14-16, 2013, Burnaby, British Columbia, Canada.
- Asiacrypt 2013, December 1–5, 2013, Bengaluru, India.
- WAIFI 2012, July 16–19, 2012, Bochum, Germany.
- Pairing 2012, May 16–18, 2012, Cologne, Germany.
- Indocrypt 2011, December 11–14, 2011, Chennai, India.
- InfoSecHiComNet 2011, October 19–22, 2011, Haldia, India.
Teaching
Courses taught at RU Nijmegen
- Engineering Cryptographic Software 2023
- Engineering Cryptographic Software 2022
- Engineering Cryptographic Software 2021
- Crypto Engineering 2021 (Part I: Software)
- Crypto Engineering 2020 (Part I: Software)
- Network Security 2019
- Hacking in C 2019
- Crypto Engineering 2019 (Part I: Software)
- Network Security 2018
- Hacking in C 2018
- Operating Systems Security 2017/18
- Network Security 2017
- Operating Systems Security 2015/16
- Network Security 2015
- Operating Systems Security 2014/15
- Network Security 2014
- Cryptographic Engineering 2014
- Research A 2013/14
- Research B 2013/14
Lecture "Security Issues in Cloud Computing", National Taiwan University, 2011/12
Whiteboard transcripts:- 2011-10-07: Introduction to Cryptography
- 2011-10-14: Modern Cryptography I – Symmetric Cryptography
- 2011-10-21: Modern Cryptography I – Symmetric Cryptography (ctd.)
- 2011-10-28: Modern Cryptography II – Asymmetric Cryptography
- Homework assignment to be handed in on December 11, 2011:
Describe where cryptographic hash functions are used. Explain for what purpose they are used and what properties of the hash function are required for the respective applications. Focus on applications that have not been dealt with in the lecture.
Remarks: This is not about finding as many applications as possible, focus on just 1-2 applications. Your essay should be about 1 page in length.