Search the Dagstuhl Website
Looking for information on the websites of the individual seminars? - Then please:
Not found what you are looking for? - Some of our services have separate websites, each with its own search option. Please check the following list:
Schloss Dagstuhl - LZI - Logo
Schloss Dagstuhl Services
Within this website:
External resources:
  • DOOR (for registering your stay at Dagstuhl)
  • DOSA (for proposing future Dagstuhl Seminars or Dagstuhl Perspectives Workshops)
Within this website:
External resources:
Within this website:
External resources:
  • the dblp Computer Science Bibliography

Dagstuhl Seminar 09311

Classical and Quantum Information Assurance Foundations and Practice

( Jul 26 – Jul 31, 2009 )

(Click in the middle of the image to enlarge)

Please use the following short url to reference this page:



From 26 July 2009 to 31 July 2009, the Dagstuhl Seminar 09311 ``Classical and Quantum Information Assurance Foundations and Practice'' was held in Schloss Dagstuhl--Leibniz Center for Informatics. The workshop was intended to explore the latest developments and discuss the open issues in the theory and practice of classical and quantum information assurance. A further goal of the workshop was to bring together practitioners from both the classical and the quantum information assurance communities. To date, with a few exceptions, these two communities seem to have existed largely separately and in a state of mutual ignorance. It is clear however that there is great potential for synergy and cross-fertilization between and this we sought to stimulate and facilitate.

The program included tutorials from both communities aimed at bringing members of the the other camp up to speed:

  • Intro to modern cryptography (Bart Preneel)
  • Intro to provable security (Kenny Paterson)
  • Intro to the modelling and formal analysis of cryptographic protocols (Peter Ryan)
  • Intro to the theory of quantum cryptography (Charles Bennett)
  • Towards quantum key distribution with testable assumptions: a tutorial (Hoi-Kwong Lo)
  • Introduction to Universal Composability (Dominique Unruh)
  • Practical aspects of QKD (Gregoire Ribordy)

The workshop generated simulating and at times heated debates on the merits and demerits of quantum cryptography. A participant from the conventional cryptography community claimed that quantum cryptography is essentially useless in practice because of its high cost, low key rate, short distance, limited applications and the need to distribute the initial authentication key material. Moreover, his view was that quantum cryptography is not an effective counter-measure against the threat of quantum computing. He believed that public key cryptographic systems such as NTRU and McEliece could be used, if a quantum computer were ever built in future.

The quantum community countered as follows. First, there is a need for top secret long-term security and quantum cryptography can never reduce security. Second, to break a quantum cryptographic system, one needs to eavesdrop today because there is no classical transcript for a quantum communication. This means an eavesdropper has to invest in quantum technologies in order to eavesdrop. Third, current technological limitations of quantum cryptography such as key rate and distance may be overcome in future. For instance, quantum repeaters could, in principle, extend the distance of quantum cryptography arbitrarily. Fourth, the cost of the quantum cryptographic systems may be absorbed through savings in multiplexing of optical channel in telecom fibers. Fifth, since few quantum people are working on breaking NTRU or McEliece crypto-systems these days, the security of those systems against quantum attacks is largely unknown.

Perhaps, a more balanced view to take is that it is important to explore future cryptographic infra-structure. Quantum cryptography, while probably not the only solution, may well play a part in such a future infra-structure.

During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. Links to extended abstracts or full papers are provided, where available.

  • Romain Alléaume (ENS Telecommunications - Paris, FR)
  • Michael Ben-Or (The Hebrew University of Jerusalem, IL) [dblp]
  • Charles H. Bennett (IBM TJ Watson Research Center, US)
  • Daniel J. Bernstein (University of Illinois - Chicago, US) [dblp]
  • Gilles Brassard (University of Montréal, CA)
  • Samuel L. Braunstein (University of York, GB)
  • Nadish De Silva (University of Toronto, CA)
  • Yvo Desmedt (Univ. College London, GB)
  • Jens Groth (Univ. College London, GB) [dblp]
  • Lawrence Ioannou (University of Cambridge, GB)
  • Masato Koashi (Osaka University, JP)
  • Tanja Lange (TU Eindhoven, NL) [dblp]
  • Debbie Leung (University of Waterloo, CA)
  • Hoi-Kwong Lo (University of Toronto, CA)
  • Norbert Lütkenhaus (University of Waterloo, CA)
  • Xiongfeng Ma (University of Waterloo, CA)
  • Michele Mosca (University of Waterloo, CA) [dblp]
  • Kenneth G. Paterson (Royal Holloway University of London, GB) [dblp]
  • Dusko Pavlovic (University of Oxford, GB) [dblp]
  • Bart Preneel (KU Leuven, BE) [dblp]
  • Bing Qi (University of Toronto, CA)
  • Li Qian (University of Toronto, CA)
  • Gregoire Ribordy (id Quantique SA - Carouge, CH)
  • Peter Y. A. Ryan (University of Luxembourg, LU) [dblp]
  • Rüdiger Schack (Royal Holloway University of London, GB)
  • Christian Schaffner (CWI - Amsterdam, NL) [dblp]
  • Kiyoshi Tamaki (NTT - Kanagawa, JP)
  • Alain Tapp (University of Montréal, CA)
  • Wolfgang Tittel (University of Calgary, CA)
  • Dominique Unruh (Universität des Saarlandes, DE) [dblp]
  • Harald Weinfurter (LMU München, DE)

  • security
  • cryptography
  • verification
  • logic

  • classical and quantum cryptography and computation