2nd Workshop on Advanced Cryptography

Applications and Standards

Saturday August 15, 2020

Located Online, Event affiliated to Crypto 2020

General Information

Saturday August 15, 2020

Event affiliated to Crypto 2020 -

Located Online - registration is open


Tancrède Lepoint (Google) & Daniel Benarroch (QEDIT)


The past decade has witnessed the first successful deployments of encrypted computing, multiparty computation, and cryptographic zero-knowledge proofs as privacy preserving technologies. In order to enable the mainstream use of these technologies and educate application developers, several community based standardization groups have been created (,, and standard organizations (ISO, NIST) are already considering how to standardize these advanced cryptographic techniques.

The Advanced Cryptography Applications and Standardization workshop serves to bring together the industry, academia and standardization bodies around the adoption and usability of privacy-enhancing advanced cryptographic schemes. It aims to highlight the importance and challenges of deploying these techniques in real-world applications, as well as of standardizing these complex cryptographic protocols.

The second edition of the workshop focuses on both applications of and standards on zero-knowledge proofs, fully homomorphic encryption and threshold cryptography. The workshop features a keynote by Luís Brandão (NIST) who will update the community with NIST’s views on standardization of these technologies.


All times are Eastern Daylight Time (EDT)

First Session - Standardization (10h - 11h30):

  • 10:00 - Luís T.A.N. Brandão (NIST) - Toward Criteria for Standardization of Multi-Party Threshold Schemes for Cryptographic Primitives

  • 10:30 - Kim Laine (Microsoft Research) - Standardizing Fully Homomorphic Encryption

  • 10:50 - Yael Kalai (Microsoft, MIT) - Update and vision of the ZKProof standardization effort

  • 11:10 - Alexandra Wood (Harvard University) - Integrating Legal and Technical Reasoning for Privacy Analysis

Break (11h30 - 12h)

Second Session - Applications I (12h - 13h30):

  • 12:00 - Alex Davidson (Cloudflare) - Privacy Pass: Standardizing Anonymous Authorization for the Internet

  • 12:20 - Anthony Miyaguchi (Mozilla) - Firefox Origin Telemetry with Prio

  • 12:40 - Jonathan Rouach (QEDIT) - Deploying Privacy-Enhancing Techniques for Data Collaboration

  • 13:00 - Sergey Gorbunov (University of Waterloo) - Towards a Path for Adoption of Advanced Cryptographic Primitives

Break (13h30 - 14h00)

Third Session - Applications II (14h - 15h)

  • 14:00 - Payman Mohassel and Subodh Iyengar (Facebook) - Privacy Preserving Technology in Practice

  • 14:20 - Dave Archer (Galois), Omer Shlomovits (ZenGo), Erica Portnoy (EFF) -
    Fireside Chat: a conversation on the latest trends of advanced cryptography and the challenges to deployment

Speakers and Abstracts

Luís T.A.N. Brandão (NIST) - Toward Criteria for Standardization of Multi-Party Threshold Schemes for Cryptographic Primitives

  • Bio: Luís Brandão is at NIST as Foreign Guest Researcher (Contractor, employed by Strativia), working with the Cryptographic Technology Group, Computer Security Division, in various projects: circuit complexity, privacy enhancing cryptography; interoperable randomness beacons; threshold cryptography.

  • Abstract: The Threshold Cryptography project at NIST has been exploring the potential for standardization of threshold schemes for NIST-approved cryptographic primitives, such as signing, encryption, decryption and key-generation. The use of the terms “standards” and “standardization” is not intended to imply a goal to develop “Federal Information Processing Standards” publications; the set of results may, for example, also include guidelines and recommendations. The project, as presented in the recent publication NISTIR 8214A, is planned in two tracks: single-device and multi-party. In this talk, focused on the multi-party track, I will give an update of the path being developed by the project, and a vision for its future. The talk will also cover the topic of developing criteria for potential calls for contributions. This also constitutes an invitation for stakeholders to collaborate in the process, in an open and transparent way.

Kim Laine (Microsoft Research) - Standardizing Fully Homomorphic Encryption effort

  • Bio: Kim Laine is a Principal Researcher in the Cryptography and Privacy Research Group at Microsoft Research, Redmond. He leads the development of the homomorphic encryption library Microsoft SEAL and is a co-founder and steering committee member of

  • Abstract: Within the past 10 years a massive research effort has transformed a theoretical possibility of (fully) homomorphic encryption into a new significant subfield of cryptography. As of today, applied topics such as new libraries, algorithmic improvements, hardware acceleration, and automated optimizations having become regular in homomorphic encryption publications. Increased interest in using homomorphic encryption also raised questions about standardization. As a response, was created following a workshop organized at Microsoft in 2017, and since then the group has hosted multiple workshops, produced a community standard for secure parameter selection, and created white-papers aimed at different audiences. In this talk I present background and motivations for homomorphic encryption standardization, what has been done already, and what the next steps will be.

Yael Kalai (Microsoft, MIT) - Update and vision of the ZKProof standardization effort

  • Bio: Yael Tauman Kalai is a principal researcher in Microsoft Research and an associate adjunct professor of computer science at MIT. Yael got her PhD at MIT, where her thesis has been recognized with the George M. Sprowls PhD thesis award (2006). She got her MSc from Weizmann institute, where her thesis was recognized with the outstanding master's thesis prize (2001). She got her BSc from Hebrew University, where she won the Summa Cum Laude award.

  • Abstract:

Alexandra Wood (Harvard University) - Integrating Legal and Technical Reasoning for Privacy Analysis

  • Bio: Alexandra Wood is a fellow at the Berkman Klein Center for Internet & Society at Harvard University and a senior researcher collaborating with the Harvard Privacy Tools Project. Her research explores new and existing regulatory frameworks for data privacy and their relationship to approaches to privacy emerging from other fields. She also contributes to the development of new legal instruments, analytical frameworks, and policy recommendations to better support the sharing and use of research data while preserving privacy, utility, transparency, and accountability.

  • Abstract: Notions of privacy embedded in many regulatory frameworks are limited in scope, have been shown not to provide an adequate level of privacy in practice, and do not withstand rigorous, formal mathematical scrutiny. For example, information privacy laws often treat privacy risk as a binary notion and do not recognize the inherent risk in all uses and releases of information. Formal mathematical models of privacy deal with issues that the law does not explicitly recognize, such as threats from multiple releases of personal information over time and the need to quantify a bound on privacy risk. This talk presents approaches to overcoming the substantial conceptual gaps between legal and technical approaches to privacy and thereby providing a rigorous foundation for future privacy practice. Such approaches can be used to demonstrate that a privacy technology like differential privacy satisfies a particular regulatory standard of privacy protection. They can also inform the design of new regulations that provide strong privacy protection, by addressing gaps in current regulatory frameworks and supporting the implementation of new formal mathematical approaches to privacy protection. Integrating legal and technical reasoning can help ensure that future approaches to privacy regulation are based on concepts that are inherently consistent and meaningful from both legal and technical points of view.

Alex Davidson (Cloudflare) - Privacy Pass: Standardizing Anonymous Authorization for the Internet

  • Bio: Alex Davidson is a cryptography engineer in the Research Team at Cloudflare. He leads Cloudflare's integration and implementation of the Privacy Pass protocol, and related cryptographic functionalities. He completed his PhD in constructing cryptographic protocols and functionalities at Royal Holloway, University of London in 2019.

  • Abstract: Privacy Pass is a protocol designed to provide users with lightweight, anonymous tokens for authorizing themselves with Internet services. This talk will discuss the recent formation of an IETF working group tasked with specifying the Privacy Pass protocol, and the surrounding ecosystem and applications. We will highlight the work that has already been done, as well as the open technical and architectural challenges that are yet to be solved.

Anthony Miyaguchi (Mozilla) - Firefox Origin Telemetry with Prio

  • Bio: Anthony is a data engineer working on Mozilla's Data Platform.

  • Abstract: Origin Telemetry is a mechanism to measure aggregate page-level statistics using Prio, a privacy-preserving data collection system developed by Stanford researchers and deployed in Firefox. Servers participating in the aggregation scheme learn nothing about client level data if at least one server is honest. We will discuss some of the desirable properties of Prio for understanding Enhanced Tracking Protection and the challenges in building a data pipeline for multi-party computation. We will also share some of the results while validating our deployment of Prio through two experiments: one which collects known Telemetry data and one which collects new data on the application of Firefox’s blocklists across the web.

Jonathan Rouach (QEDIT) - Deploying Privacy-Enhancing Techniques for Data Collaboration

  • Bio: Jonathan S. Rouach is the co-founder and CEO of QEDIT, helping enterprises leverage their data using Privacy Enhancing Techniques such as Zero-Knowledge Proofs. Before that, he co-founded a blockchain security company (sold to Digital Asset Holding), co-founded the Israeli Bitcoin Association , and co-founded Bits of Gold LTD, the leading Bitcoin exchange in Israel. Jonathan is an Electrical-Engineer from the Technion, served as an analyst in the Israeli Intelligence.

  • Abstract:

Sergey Gorbunov (University of Waterloo) - Towards a Path for Adoption of Advanced Cryptographic Primitives

  • Bio: Sergey is an Assistant Professor at the University of Waterloo (2016 - present). He is interested in building cryptographic primitives, protocols, and systems that enable new applications in untrusted and distributed environments. He received a Ph.D. from MIT, where he was a Microsoft Ph.D. fellow and MSc and BSc from UToronto. His Ph.D. dissertation was on designing cryptographic tools for the cloud using lattice-based cryptography for which he received the Sprowls Doctoral Thesis Award for best thesis in CS at MIT. He was on the founding team of Algorand where he was involved in various business and technical aspects of the company and led the cryptography group. He also spent some time at IBM T.J. Watson Research Centre.

  • Abstract: Advanced cryptography is usually developed from the top-down principle, guided by an abstract model and requirements. On the other hand, most industry solutions are deployed to solve concrete problems centered around the desire to increase the number of users or revenue. However, when a business needs a solution, cryptographic methods, which may be superior to all other approaches, are rarely picked. In this talk, we will examine the fundamental disconnect between the advanced cryptography and the engineering pipeline, and discuss how the Education, Standards, and Libraries (ESL) approach could bridge the gap. We will relate to some recent experiences trying to deploy new cryptography in blockchain technologies.

Payman Mohassel and Subodh Iyengar (Facebook) - Privacy Preserving Technology in Practice

  • Abstract: Privacy Preserving Technology (PPT) can play a major role in improving today’s privacy practices and minimizing the risk of data exposures by products and companies. In this talk we discuss the promise as well as some of the challenges involved with deploying PPT in practice. We will also review a few directions and technologies we are researching for this purpose.

  • Bio (Payman Mohassel): Payman is a manager at Facebook on the Applied Privacy Tech team. He supports a group of engineers and researchers who work on bringing privacy-preserving technology into products. He previously worked at Facebook’s blockchain team (Novi), Visa Research and Yahoo Labs. Payman received his PhD in cryptography at UC Davis in 2009, and spent 5 years as a faculty member at University of Calgary before making the switch from academia to industry.

  • Bio (Subodh Iyengar): Subodh is a software engineer at Facebook on the Applied Privacy tech team. He works on applying techniques like cryptography and differential privacy to Facebook’s products. He previously worked on Transport security, and Transport protocols, and contributed to next generation secure protocol standards like TLS 1.3 and QUIC. Prior to Facebook, he was at grad school at Stanford doing research on Transport security, ad networks, and Mobile security.

David Archer (Galois Inc.) - Panelist

  • Bio: Dr. David Archer, Principal Scientist at Galois, Inc., has over 35 years of research and development experience in computer architecture, secure computation, and data-intensive systems. Currently, Dr. Archer is Principal Investigator for projects in several Government research programs in cryptographically secure computation, communication, and other cyber security related areas. He has built extensive academic partnerships to advance practice and research in those programs. In current and past programs, his teams have contributed to fundamental and applied research in secure multi-party, garbled circuit, and homomorphic encryption based computation, secure hardware enclave computation, detection and localization of advanced persistent cyber threats, and programming languages for cyber warfare. Dr. Archer’s work applies privacy-preserving technologies to domains such as sharing sensitive data across organizational boundaries, protecting privacy for victims of sexual assault and harassment, and protecting databases of sensitive information while enabling useful analytics.
    Dr. Archer holds a PhD in Computer Science from Portland State University, and an MS in Electrical Engineering and BS in Computer Engineering from the University of Illinois at Urbana-Champaign.

Omer Shlomovits (ZenGo) - Panelist

  • Bio: Omer Shlomovits is Co-Founder at KZen Networks, a company building a key management system for consumers (ZenGo) and Co-Founder and board member of MPC Alliance, a consortium of 50 companies practicing MPC. Omer is a prolific open source contributor, writing numerous cryptographic libraries in the areas of MPC and ZK, some of them are high profile and being used by several players in the blockchain industry. In recent years, Omer helped design and review a variety of crypto-systems and protocols involving MPC/ZK/FHE. His research work is focused on threshold cryptography and blockchains.

Erica Portnoy (Electronic Frontier Foundation) - Panelist

  • Bio: Erica Portnoy is a senior staff technologist at the Electronic Frontier Foundation, where she develops the Let's Encrypt client Certbot, which makes it easy for people who run websites to turn on https and keep their users private and secure against network-based attackers. She writes and speaks about encryption in practice, including what people need from secure messaging providers and what the next generation of encryption in the cloud might look like.