LCD2025

Cong Ling, Liz Quaglia and Christian Weinert are organising the next London Crypto Day 2025, which will be on Friday 21st November 2025.

Register here!

The event will be held at Imperial College London (Room 611, Department of EEE).

We are excited to announce the speakers, titles and abstracts for LCD25:

• Naomi Farley (Thales UK)

What are the challenges of migrating to PQC?

Though Post Quantum Cryptography (PQC) algorithms are being standardised by NIST, migrating to these is far from trivial, particularly in constrained, embedded platforms. This talk thus describes several of the challenges when trying to migrate systems to PQC, informed by ongoing PQC migration efforts within Thales.

• Daniel Gardham (University of Surrey) (TBA)

• Kris Kwiatkowski (PQShield)

Post-Quantum Cryptography in Practice: Migration Strategies for Constrained and Embedded Systems
This talk examines the practical aspects of migrating cryptographic modules to post-quantum cryptography (PQC), focusing on the adoption of PQC algorithms standardized by NIST. It discusses key challenges in achieving interoperability across internet protocols and highlights how migration efforts must balance implementation complexity, efficiency, and infrastructure costs. Particular focus is given to constrained environments such as IoT and edge devices, where limited compute, memory, and energy resources demand tailored design strategies. The talk also outlines common pitfalls in PQC adoption and provides guidance on addressing the specific needs of embedded environments. Attendees will gain practical insights into integrating PQC into cryptographic modules while managing real-world constraints and deployment considerations.

• Ela Lee (Angoka)

Identity, privacy, and barriers to privacy technology

In this talk I will be exploring digital identity, age-verification checks and privacy.  I’ll explain how zero-knowledge proofs can be utilised so other identifiable information from a digital ID is not revealed to third parties.  I’ll also explain the fuller context of verifying not only data on a credential but the actual user, and the architecture and trust relationships this requires.

I’ll then discuss the issue that these technologies are not currently set to become the standard approach for age-verification.  I will draw on my own experiences moving from academia into industry on the difficulty of making unintuitive technologies marketable.  I’ll also look at examples of how cryptography is presented to the public, and the role this plays in the lack of public awareness of privacy technology.

• Sujoy Sinha Roy (Graz University of Technology)

From FHE to ZKPs: Custom Hardware for Next-Generation Cryptography                                                                              

Fully Homomorphic Encryption (FHE) and Zero-Knowledge Proofs (ZKPs) promise transformative security and privacy capabilities, but their computational demands have hindered practical adoption. This talk explores how custom hardware can unlock orders-of-magnitude performance gains for these advanced cryptographic primitives. We present recent results in accelerating FHE and ZKP protocols through hardware–algorithm co-design, enabling efficiencies far beyond those achievable with multicore CPUs or GPUs.

• Yiannis Tselekounis (Royal Holloway, University of London)

Guarding the Signal: Secure Messaging with Reverse Firewalls

Secure messaging protocols allow users to communicate asynchronously over untrusted channels with strong guarantees of privacy, authenticity, forward secrecy, and post-compromise security. However, traditional security analyses of these protocols assume complete trust in the hardware and software of honest participants, overlooking a significant class of real-world threats known as subversion attacks. These attacks alter cryptographic algorithms to compromise security, by exfiltrating secrets or creating vulnerabilities that are often undetected. The notion of reverse firewalls (EC'15), aims at protecting against subversion attacks by introducing a third party, called a "reverse firewall" (RF), which sits between a party and the outside world and modifies its outgoing and incoming messages in a way such that, even if the party's machine has been corrupted (in a way that maintains functionality), security is still preserved. Importantly, the firewall shares no private information with the parties, and parties put no more trust in the firewall than they do in the communication channel. In this work, we address the existing gap in secure messaging and subversion attacks by presenting several key contributions:  1) We design the first subversion-resilient secure messaging protocol based on the model of RF. Our protocol is based on the Signal protocol---the current state-of-the-art in two-party secure messaging, though it lacks subversion resilience---and achieves subversion resilience with only constant overhead over Signal. 2) We develop a subversion-resilient version of the X3DH protocol in the RF model. X3DH is a core component that facilitates secure initial key agreement in Signal's protocol. 3) We introduce and formalize the notion of Continuous Key Agreement with Tamper Detection, an essential concept for subversion-resilient secure messaging. Our notion enables parties to continuously agree on keys, even in the presence of active adversaries capable of partially tampering with the key exchange transcript. We present a construction of our notion and prove its subversion resilience in the model of RF.