CRYPTO: Day 2
First, I’d like to thank my co-authors (Omkant Pandey and Ananth Raghunathan) for preparing and delivering two excellent talks this morning. It is due to their decision to step up to the plate that I get to do the fun stuff like blogging from the conference.
The big topic of the afternoon session were multilinear maps. Even writing this gives me goosebumps—just a year ago I would doubt they existed, let alone be subject of three different papers at CRYPTO 2013 with non-overlapping sets of authors. I hope that we’ll cover the subject in more details some day, but suffices to say that expectations are running high. If pairing-based cryptography has vastly enriched the set of tools available to cryptographers, the potential of multilinear maps is yet to be fully grasped. A first candidate proposal for multilinear maps due to Sanjam Garg, Craig Gentry, and Shai Halevi was published on eprint in October 2012, presented at Eurocrypt 2013 in May (winning the best paper award), and already generated a flurry of activity and exciting work.
The main event of the day, and some would say, of the entire conference is the rump session. Tradition has it that on Tuesday evening cryptographers
gather around campfire assemble for a session of short talks, some humorous, some less so, well lubricated with wine and beer. Tonight’s event, run by Dan Bernstein with his iron fist and a loud squeaker, consisted of 28 talks, mostly no longer than five minutes. That included two musical numbers (plus an encore) featuring two guitars, a keyboard, and a backing vocal section. More serious talks were brief summaries of works that have recently been published or will appear in non-IACR conferences. Cryptanalytic results are always guaranteed attention (original collision-finding attacks on MD4 and MD5 were announced at the rump session of CRYPTO’04, to standing ovation). This year is no exception: several factoring results of weak RSA keys from Nadia Heninger, symmetric-key cryptanalysis from Adi Shamir, “RC4 is finally dead” out of Royal Holloway (University of London) plus Dan Bernstein.
In a more unusual rump session talk, Moti Yung came out with passionate defense of the current conference system, jumpstarting the conversation that is likely to consume most of the business meeting tomorrow. The fairly radical proposal is to transition to, roughly speaking, the “VLDB” format where the primary publication venue would be the Proceedings of IACR, with several conferences layered on top. Some on-line discussion is already ongoing, and it is an easy guess that more arguments will follow, culminating with an association-wide ballot measure. After that my crystal ball gets cloudy—even after talking to a fair number of people at the conference, I hesitate to guess which way the voting would go if it were held today. Usually, facing a dramatic change people opt for the status quo. Cryptographers, always a nonconformist bunch, just might go the other way.