Symmetric Cryptography

Motivation

In recent years, the field of Symmetric Cryptography has greatly advanced.

The cryptanalysis of cryptographic hash functions made a quantum leap in 2004/2005, followed by the ongoing SHA-3 competition for a new hash function standard. The outcome of the eSTREAM project has been a portfolio of stream ciphers, and many attacks. And, beginning with 2009, researchers developed new ways to attack the full-round AES block cipher faster than by exhaustive search. In the area of complex cryptosystems and cryptographic protocols, a theory of practice-oriented provable security has been rapidly evolving. Based on certain assumptions, such as the security of an underlying block cipher, the idea is to formally specify the security requirements a cryptosystem or a protocol must satisfy, and then to formally prove that these requirements are met.

The aim of the seminar is to bring together leading experts and exceptionally talented junior researchers working in the field. Most of the participants are expected to give presentations on their current research. The schedule will ensure ample time for discussions and ad hoc sessions without talks prepared in advance of the seminar. We plan to hold one or two “brainstorming” or “rump” sessions, to discuss unfinished ideas, to present very recent results (perhaps found during the course of the seminar), and to reflect the current state of symmetric cryptography in general. The seminar will concentrate on the design and analysis of

• symmetric primitives (block ciphers, stream ciphers, hash functions), as well as
• complex cryptosystems and cryptographic protocols based on symmetric primitives.

We plan to discuss in detail the design and analysis of symmetric cryptographic primitives. Further, we want to address the design and analysis of complex symmetric cryptosystems, concentrating on their provable security.

At the discussions during the Dagstuhl Seminar on Symmetric Cryptography in 2009, participants agreed “that the research community would benefit from establishing a culture of tool reuse, by animating researchers to share not only their ideas, but also the software they developed for the purpose of analyzing cryptosystems”. The issue of how to go ahead with sharing tools will be another topic for the seminar.