CT-RSA 2021 Conference Schedule,

May 17th-20th

The conference will take place entirely online. All times below are "PDT".

The conference is organised in 9 sessions, each composed of two parts: video streaming and live discussion including Q&A with paper authors and special invited guests.


Session 1 - Applied MPC

Monday, 5/17 - 9:50 AM - 10:30 AM and 10:35 AM - 11:15 AM

Chair: Charalampos Papamanthou


Secure Fast Evaluation of Iterative Methods: With an Application to Secure PageRank

Daniele Cozzo; Nigel P. Smart; Younes Talibi Alaoui

KU Leuven


Compilation of Function Representations for Secure Computing Paradigms

Karim Baghery; Cyprien Delpech de Saint Guilhem; Emmanuela Orsini; Nigel Smart; Titouan Tanguy

KU Leuven


Oblivious TLS via Multi-Party Computation

Damiano Abram; Ivan Damgård; Peter Scholl; Sven Trieflinger

Aarhus University; Aarhus University; Aarhus University; Robert Bosch GmbH


Q&A with the authors + roundtable discussion with Yehuda Lindell (Unbound) and Moti Yung (Google).



Session 2 - Cryptanalysis I

Monday, 5/17 - 11:20AM - 12:00 PM and 12:05 PM - 12:45 PM

Chair: Helena Handschuh


Noisy Simon Period Finding

Lars Schlieper; Alexander May; Jonathan Schwinger

Ruhr University Bochum


A Bunch of Broken Schemes: A Simple yet Powerful Linear Approach to Analyzing Security of Attribute-Based Encryption

Marloes Venema; Greg Alpár,

Radboud University; Open University of the Netherlands and Radboud University


Zero-Correlation Linear Cryptanalysis with Equal Treatment for Plaintexts and Tweakeys

Chao Niu; Muzhou Li; Siwei Sun; Meiqin Wang

School of Cyber Science and Technology, Shandong University, Qingdao, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Qingdao, China; School of Cyber Science and Technology, Shandong University, Qingdao, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Qingdao, China; State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, China;University of Chinese Academy of Sciences, China; School of Cyber Science and Technology, Shandong University, Qingdao, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Qingdao, China


Q&A with the authors



Session 3 - Authentication and Key Exchange

Tuesday, 5/18 - 9:20 AM - 10:00 AM and 10:05 AM - 10:45 AM

Chair: Nigel Smart


SoK: Game-based Security Models for Group Key Exchange

Bertram Poettering; Paul Rösler; Jürg Schwenk; Douglas Stebila

IBM Research Zurich; TU Darmstadt; Ruhr University Bochum; University of Waterloo


EPID with Malicious Revocation

Olivier Sanders; Jacques Traoré,

Orange Labs


Signed Diffie-Hellman Key Exchange with Tight Security

Jiaxin Pan; Chen Qian; Magnus Ringerud

Norwegian University of Science and Technology


Q&A with the authors



Session 4 - Shuffling and Friends

Tuesday, 5/18 - 10:50 AM - 11:30 AM and 11:35am AM - 12:15 PM

Chair: Steven Galbraith


Lattice-Based Proof of Shuffle and Applications to Electronic Voting

Diego F. Aranha; Carsten Baum; Kristian Gjösteen; Tjerand Silde; Thor Tunge

Aarhus University; Aarhus University; Norwegian University of Science and Technology; Norwegian University of Science and Technology; Norwegian University of Science and Technology


More Efficient Shuffle Argument from Unique Factorization

Toomas Krips; Helger Lipmaa

University of Tartu; Simula UiB


Cryptanalysis of a Dynamic Universal Accumulator over Bilinear Groups

Alex Biryukov; Aleksei Udovenko; Giuseppe Vitto

DCS and SnT, University of Luxembourg; CryptoExperts, Paris; SnT, University of Luxembourg


Q&A with the authors



Session 5 - Symmetric Design

Wednesday, 5/19 - 9:20 AM - 10:00 AM and 10:05 AM - 10:45 AM

Chair: Martijn Stam


FAN: A Lightweight Authenticated Cryptographic Algorithm

Lin Jiao; Dengguo Feng; Yonglin Hao; Xinxin Gong; Shaoyu Du

State Key Laboratory of Cryptology, Beijing


Related-Key Analysis of Generalized Feistel Networks with Expanding Round Functions

Yuqing Zhao; Wenqi Yu; Chun Guo

School of Cyber Science and Technology, Shandong University, Qingdao, Shandong, China


The Key-Dependent Message Security of Key-Alternating Feistel Ciphers

Pooya Farshim; Louiza Khati; Yannick Seurin; Damien Vergnaud

University of York; ANSSI; ANSSI; Sorbonne Université


Q& with the authors + roundtable discussion with Meltem Sonmez Turan (NIST).



Session 6 - Cryptanalysis II

Wednesday, 5/19 - 10:50 AM - 11:30 AM and 11:35 AM - 12:15 PM

Chair: Kenny Paterson


Mesh Messaging in Large-scale Protests: Breaking Bridgefy

Martin R. Albrecht; Jorge Blasco; Rikke Bjerg Jensen; Lenka Mareková

Royal Holloway, University of London


Inverse-Sybil Attacks in Automated Contact Tracing

Benedikt Auerbach; Suvradip Chakraborty; Karen Klein; Guillermo Pascual-Perez; Krzysztof Pietrzak; Michael Walter; Michelle Yeo

IST Austria


On the Effectiveness of Time Travel to Inject COVID-19 Alerts

Vincenzo Iovino; Serge Vaudenay; Martin Vuagnoux

University of Salerno; EPFL; base23


Q&A with the authors + roundtable discussion with Carmela Troncoso (EPFL).



Session 7 - Post-Quantum

Wednesday, 5/19 - 12:45 PM - 1:25 PM and 1:30 PM - 2:10 PM

Chair: Craig Costello


SoK: How (not) to Design and Implement Post-Quantum Cryptography

James Howe; Thomas Prest; Daniel Apon

PQShield; PQShield; NIST


Dual lattice attacks for closest vector problems (with preprocessing)

Thijs Laarhoven; Michael Walter

Eindhoven University of Technology; Institute of Science and Technology Austria


On the Hardness of Module-LWE with Binary Secret

Katharina Boudgoust; Corentin Jeudy; Adeline Roux-Langlois; Weiqiang Wen

Univ Rennes, CNRS, IRISA


Q&A with the authors + roundtable discussion with Kenny Paterson (ETH Zurich).



Session 8 - Cryptography in Distributed Systems

Thursday, 5/20 - 9:00 - 9:40 AM and 9:45 AM - 10:25 AM

Chair: Olivier Blazy


Multi-Party Revocation in Sovrin: Performance through Distributed Trust

Lukas Helminger; Daniel Kales; Sebastian Ramacher; Roman Walch

Graz University of Technology and Know-Center GmbH; Graz University of Technology; AIT Austrian Institute of Technology; Graz University of Technology and Know-Center GmbH


Balancing Privacy and Accountability in Blockchain Identity Management

Ivan Damgård; Chaya Ganesh; Hamidreza Khoshakhlagh; Claudio Orlandi; Luisa Siniscalchi

Aarhus University; Indian Institute of Science, Bangalore; Aarhus University; Aarhus University; Aarhus University


Non-interactive half-aggregation of EdDSA and variants of Schnorr signatures

Konstantinos Chalkias; Francois Garillot; Yashvanth Kondi; Valeria Nikolaenko

Novi and Facebook; Novi and Facebook; Northeastern University; Novi and Faceboook


Q&A with the authors + roundtable discussion with Isis Agora Lovecruft.



Session 9 - Implementation

Thursday, 5/20 - 10:30 - 11:10 AM and 11:15 AM - 11:55 AM

Chair: Lejla Batina


A Framework to Optimize Implementations of Matrices

Da Lin; Zejun Xiang; Xiangyong Zeng; Shasha Zhang

Faculty of Mathematics and Statistics, Hubei Key Laboratory of Applied Mathematics, Hubei University


Improvements to RSA key generation and CRT on embedded devices

Mike Hamburg; Mike Tunstall; Qinglai Xiao

Rambus Inc


On The Cost of ASIC Hardware Crackers: A SHA-1 Case Study

Anupam Chattopadhyay; Mustafa Khairallah; Gaetan Leurent; Zakaria Najm; Thomas Peyrin; Vesselin Velichkov

Nanyang Technological University; Nanyang Technological University; Inria, Paris; Nanyang Technological University; Nanyang Technological University; The University of Edinburgh


Q&A with the authors.