Spring 2026 Crypto Day

March 26, 2026April 28, 2026 kaptchukLeave a comment

After a ~~short~~ couple year hiatus, DC Area Crypto Day is Back!!

Date: Friday, May 1st
Time: 10:00-4:00 ET
Location: University of Maryland, Brendan Iribe Center, IRB-5105.
Zoom link: contact kaptchuk at umd dot edu
Parking: Here, for $4 / hour. More information here.
Shuttle: from College Park Metro. Take a left out of the fare gates and climb the stairs. Look for the 104 Shuttle bus (there are signs for it), and exit at the Glenn L. Martin Wind Tunnel stop. Alternatively, the walk is ~20ish minutes
Lunch: We will provide light breakfast and coffee and lunch. If you have particular dietary restrictions, please email kaptchuk at umd dot and we will try our best to accomodate you. The earlier you reach out the better

Schedule (Tentitive):

Time	Speaker/Event
10:00-10:30	Welcome/Light breakfast (provided)
10:30-11:30	Aditya Hegde (JHU)
11:30-12:30	Natalie Lang (UMD)
12:30-2:00	Lunch (provided)
2:00-3:00	Saba Eskandarian (UNC)
3:00-4:00	Varun Madathil (Yale)

Speakers:

Aditya Hegde

Title: Client-Server Homomorphic Secret Sharing in the CRS Model

Abstract: Homomorphic secret sharing (HSS) is a distributed analogue of fully homomorphic encryption (FHE) where clients secret-share their inputs among two (or more) servers, who then non-interactively compute additive shares of the function output. Unlike FHE, HSS enables a distributed form of homomorphic computation from a broader set of cryptographic assumptions.

All known multi-client HSS schemes require a correlated setup that is used by the clients to share their inputs. In contrast, multi-client delegation of computation using only a CRS has been known from assumptions that imply FHE since the introduction of multi-key FHE (Lopez-Alt et al., STOC 2012).

We close this gap by providing the first construction of client-server HSS in the CRS only model from DDH, DCR, and more. Our constructions subsume all existing variants of group-based HSS schemes, including public-key HSS (Boyle et al., Crypto 2016), succinct HSS (Abram et al., Eurocrypt 2024), and multi-key HSS (Couteau et al., Eurocrypt 2025), and their applications.

This is joint work with Damiano Abram, Geoffroy Couteau, Lalita Devadas, Abhishek Jain, Lawrence Roy, and Sacha Servan-Schreiber.

Natalie Lang

Title: On the Privacy Aspects of Compression

Abstract: In this talk, I will discuss an unexpected aspect of compression: beyond reducing communication and storage costs, it inherently conceals information and can thereby serve as a tool for enhancing privacy and security. I will illustrate this perspective through two examples from different federated learning settings.

Saba Eskandarian

Title: Abuse Reporting Protocols for Private Messaging

Abstract: Users expect the ability to report abuse as a standard feature on private messaging applications. Unfortunately, deployed verifiable abuse reporting schemes are brittle, relying on platform access to user metadata and having the moderator in-the-loop for message delivery. Solutions that remove these restrictions incur multiple orders of magnitude higher performance costs on both the client and the server.

This talk will first explore how to minimize abuse reporting costs for these challenging settings, showing some settings where we can reduce costs to nearly match deployed schemes, and showing fundamental performance barriers in others.

Next, we will focus on the setting of third party moderation, where the moderator is not in the loop for message delivery. Allowing third parties to serve as moderators broadens the tools available to platforms that cannot (or choose not to) deploy a large in-house moderation apparatus. Here we will demonstrate new schemes that extend platforms’ and users’ policy and enforcement options compared to existing approaches while simultaneously lowering performance costs compared to prior work.

This talk is based on joint work with Matthew Gregoire, Margaret Pierce, Gabriel Schell, and Jade Keegan.

Varun Madathil

Title: Efficient Secure Aggregation for Federated Learning

Abstract: Federated Learning (FL) trains a global model by having each selected device push only its model update to a central server, keeping raw data local. However, those updates can still leak sensitive information unless the server learns only their sum. A naïve approach is to run a generic secure‑multiparty sum, but off‑the‑shelf protocols require several rounds of interaction and even direct client‑to‑client communication – often infeasible in FL, where mobile devices are intermittently online and can drop out at any moment, and cannot be expected to interact with each other.

In this talk, I will review the secure‑aggregation problem in the context of FL and explain why naïve solutions fail by focusing on constraints unique to the FL setting.

I will then present Tacita, a single‑server protocol that satisfies these FL‑specific constraints while retaining provable security. Tacita uses an external committee (needed to prevent residual leakage) to aid in secure aggregation and offers:

One‑shot execution: every client and every committee member sends exactly one message.
Constant‑size communication per client, independent of the round’s cohort of clients or committee size.
Robust aggregation despite client or committee dropout.

These properties are enabled by two new primitives: (i) succinct multi‑key linearly homomorphic threshold signatures (MKLHTS) for verifiable input soundness with a single aggregate signature, and (ii) a homomorphic variant of Silent Threshold Encryption (CRYPTO ’24).

Fall 2021 Crypto Day

October 25, 2021November 4, 2021 DC-Area Crypto DayLeave a comment

Date: Friday, November 5th
Location: University of Maryland, Brendan Iribe Center, IRB-4105. Masks are required to be worn inside.
Zoom link: contact aandreea at umd dot edu or giorgos at umd dot edu.
Parking: Here, for $3 / hour. More information here.
Shuttle: from College Park Metro. Take a right out of the fare gates and climb the stairs. Look for the 104 Shuttle bus (there are signs for it), and exit at the Glenn L. Martin Wind Tunnel stop.
Time: 9:30-16:30 EST.
Lunch: Look here. (Vigilante Coffee is a good place for coffee.)

Program:

09:30 – 10:00 Welcome breakfast
10:00 – 10:40 Alexander Bienstock (in person): What is the Exact Security of the Signal Protocol?
10:50 – 10:30 Ian Miers (in person): Fuzzy message detection
11:40 – 12:20 Justin Thaler (virtual): Linear-time SNARKs
12:30 – 14:00 Lunch (on your own)
14:00 – 14:40 Austin Theriault (in person): Fighting Fake News in Encrypted Messaging with the Fuzzy Anonymous Complaint Tally System (FACTS)
14:50 – 15:30 Zhengzhong Jin (virtual): SNARGs for P from LWE
15:40 – 16:20 Mariana Raykova (virtual): On the (in)security of ROS

Continue reading “Fall 2021 Crypto Day” →

Fall 2019 Crypto Day

November 8, 2019November 18, 2019 DC-Area Crypto DayLeave a comment

Date: Friday, November 22nd
Location: George Washington University, Science and Engineering, B1270
Metro: Foggy Bottom (Further directions below.)
Time: 9:30-4:30

Program (subject to change):

9:30-10:00AM: Welcome breakfast
10:00 – 10:45AM: Dana Dachman-Soled: Limits to Non-Malleability
11AM-11:45PM: Mohammad Zaheri:
Exploring Differential Obliviousness
11:45PM-12:30PM: Seung Geol Choi:
Differentially-Private Multi-Party Sketching for Large-Scale Statistics
12:30 – 2PM: Lunch (on your own)
2pm-2:45PM: Yashvanth Kondi:
Threshold ECDSA from ECDSA Assumptions
2:45-3:30PM: Yifan Song:
Communication-Efficient Unconditional MPC with Honest Majority
3:45-4:30PM: Matt Green: TBA

Directions: There are two building entrances on 22nd St. close to Eye and H Streets, respectively. See a university map:
https://www.gwu.edu/sites/www.gwu.edu/files/downloads/FoggyBottomCampusMap_ADM-1617-1_UpdatedJuly2016.pdf

By Car: There is visitor parking in the building at $23 maximum for the day. Parking entrance is on H St, between 22nd and 23rd, on the left if approaching from 23rd. For details, see: https://transportation.gwu.edu/visitors

By Metro: The workshop is 2 blocks from the Foggy Bottom Metro Station, which is on the Blue / Orange / Silver Metro lines. The Metro Station has only one exit, on 23rd and Eye (I) Streets.

Continue reading “Fall 2019 Crypto Day” →

Fall 2019 Cryptoday

September 17, 2019November 5, 2019 DC-Area Crypto DayLeave a comment

Date: Oct 4th, 2019, Friday

Location: Room E4229 (da Vinci room),
College of Engineering East Hall, VCU
401 W. Main Street, VA 23284
(Please see below for directions and parking instructions. )

Program (subject to change):

9:30am – 10:00am: Breakfast
10:00am – 10:45am: Thang Dinh (VCU): BackPackers: A New Network Paradigm for Secure and High-performance Blockchains
10:45am – 11:00am: coffee break
11am – 11:45am: Arkady Yerukhimovich (GWU): Stormy: Statistics in Tor by Measuring Securely
11:45am – 12:30pm: Arka Rai Choudhuri (JHU): Round Optimal Secure Multiparty Computation from Minimal Assumptions
12:30pm – 1:45pm: Lunch (on your own)
1:45pm – 2:30pm: Qiang Tang (NJIT): Correcting Subverted Random Oracles
2:30pm – 3:00pm: coffee break
3:00pm – 3:45pm: David Wu (UVA): Watermarking PRFs from Lattices: Stronger Security via Extractable PRFs

Continue reading →

Spring 2019 Crypto Day

March 13, 2019April 12, 2019 DC-Area Crypto DayLeave a comment

Thank you for attending Spring 2019 Crypto Day 🙂

Date: Thursday, April 11th
Location: National Institute of Standards and Technology (NIST).
Administration Building/Heritage Room
(There are signs pointing from the front door of the Admin
building to Heritage Room; 1 minute walk.)
Parking: Instructions here. Map location for visitor’s center here.
Shuttle: From Shady Grove Metro, meet the NIST shuttle at the east side of
the Shady Grove Metro Station at 15 and 45 minutes past the hour.
The NIST shuttle will stop at “Bus Bay C.”
Arriving via Uber/Lyft: Ride to NIST’s front gate — 100 Bureau Dr.,
Gaithersburg, Maryland — and drop off in the Visitor Center
parking lot. The NIST shuttle arrives at the front gate at :25 and :55
past the hour, and (if you are checked in already) you can board it
to ride to the Administration Building (where Heritage Room is).
Checking in: [If you received a Pass via email, please print it and skip
this step.] All visitors should plan to stop at the Visitor’s Center
(next to the front gate of NIST at 100 Bureau Dr.) to receive their
visitor’s badge for the day. Please leave ample time for this process
(at least 5-10 minutes). Note that visitors arriving via the Metro
Shuttle will need to disembark in order to receive their badge. (You
may then ask for walking directions to the Admin building;
10 minute walk.)
Time: 9:30-4:30
Lunch: NIST cafeteria (opens at 7:30am, closes at 3:00pm)

(Alternative informational website: NIST Event Page )

Program:

9:30am – 10:00am: Breakfast in the cafeteria
10:00am – 10:45am: David Wu (UVA)
10:45am – 11:00am: coffee break
11am – 11:45am: Shuhong Gao (Clemson)
11:45am – 12:30pm: Alessandra Scafuro (NC State)
12:30pm – 1:45pm: Lunch at NIST cafeteria
1:45pm – 2:30pm: Foteini Baldimtsi (George Mason)
2:30pm – 3:00pm: coffee break
3:00pm – 3:45pm: Mohammad Mahmoody (UVA)
3:45pm – 4:30pm: John Kelsey (NIST)

Continue reading “Spring 2019 Crypto Day” →

Fall 2018 Crypto Day

November 20, 2018December 13, 2018 DC-Area Crypto DayLeave a comment

Date: Thursday, December 13th
Location: University of Maryland, A.V. Williams Building, 4172.
Parking: Here, for $3 / hour.
Shuttle: from College Park Metro. Take a left out of the fare gates. Look for the 104 Shuttle bus, and exit at the first stop on campus.
Time: 10:00-4:30
Lunch: Look here. (Vigilante Coffee is a good place for coffee.)

Program (subject to change):

9:30-10:00AM: Welcome breakfast
10:00 – 10:45AM: Babis Papamanthou
11AM-11:45PM: Gilad Asharov
11:45PM-12:30PM: Prabhanjan Ananth
12:30 – 2PM: Lunch (on your own)
2pm-2:45PM: Phi Hung Le
2:45-3:30PM: Marcella Hastings
3:45-4:30PM: Erica Blum

Continue reading “Fall 2018 Crypto Day” →

Summer 2018 Crypto Day

April 20, 2018May 10, 2018 DC-Area Crypto DayLeave a comment

Date: Friday, May 25th
Location: George Mason University, 4201 Volgenau School of Engineering.
Parking: $15 Parking. Or $8 Parking, which requires creating an account.
Shuttle: from Vienna Metro station (Metro to Sandy Creek).
Time: 9-5

Program (subject to change):

9-9:40AM: Welcome breakfast
9:40-11AM: Aria Shahverdi.
- Title: On the Leakage Resilience of Ideal-Lattice Based Public Key Encryption.
11AM-12:20PM: Hong-Sheng Zhou.
- Title: How to mimic Nakamoto’s design via proof-of-stake.
12:20PM-2PM: Lunch (on your own)
2pm-3:20pm: Mohammad Hajiabadi.
- Title: Trapdoor Functions From the Computational Diffie-Hellman Assumption
3:20-4:40pm: Mohammad Zaheri.
- Title: On Instantiability of RSA-OAEP and Variants

Continue reading “Summer 2018 Crypto Day” →

3rd DC-AREA CRYPTO DAY

April 25, 2016May 5, 2016 DC-Area Crypto DayLeave a comment

Our next Crypto Day will be May 6th at Georgetown. We will hold in it in room 155 of the business school building; see here for directions. Please find the abstract of the talks below. The plan is to allocate 1 hour 20 minutes for each talk, with the talk itself to an hour, and then there can be 20 minutes (hopefully lively) questions/discussion. In terms of getting to Georgetown, check out the GUTS bus. Otherwise, the closest metro stop is probably Foggy Bottom.

Preliminary schedule:

9-9:40AM: Welcome breakfast

9:40-11AM Mukul

11AM-12:20PM Mohammad

12:20PM-2PM Lunch (on your own)

2pm-3:20pm Paul

3:20-4:40pm George

Non-Malleable Codes for Bounded Depth, Bounded Fan-in Circuits

Mukul R. Kulkarni

Non-malleable codes are a relaxation of error correcting codes, for settings in which privacy, but not necessarily correctness, is desired. Instead of requiring that after modification—i.e. tampering—of the codeword, the original message can always be recovered, non-malleable codes allow a different message to be recovered, as long as the recovered message is unrelated to the original message. This relaxation potentially allows for the construction of coding schemes for rich classes of tampering classes, beyond what can be done for error correcting codes. In applications, non-malleable codes are used to encode the memory of a device, and thus protect against (certain classes) of adversarial tampering.

Dziembowski et al. [ITCS 2010] introduced the notion of non-malleable codes and since then, constructing such codes has been a highly active area of research. Unfortunately, nearly all previous results consider only “compartmentalized” tampering classes, wherein a codeword is split into blocks and the attacker is assumed to tamper with different blocks of codeword independently of each other.

In our work, we consider a natural, non-compartmentalized class of tampering functions. Specifically, we present non-malleable codes secure against tampering functions that can be represented by bounded depth, bounded fan-in circuits. More generally, our scheme is resilient against “local” tampering functions wherein any output bit is dependent on at most n^{\delta} bits, where n is the total number of bits in the codeword and 0 \leq \delta < 1 is a constant. Notably this function class includes NC^0.

Bio: Mukul R. Kulkarni is a doctoral student at the University of Maryland, College Park studying under the guidance of Dr. Dana Dachman-Soled. His research interests involve Tamper Resilient Cryptography.

Lower-Bounds on Assumptions behind Indistinguishability Obfuscation

Mohammad Mahmoody

In this talk, we first show that basing IO on a variety of assumptions (e.g., trapdoor permutations, bi-linear maps, etc) in a weakly black-box way is as hard as basing public-key encryption on one-way functions (in a non-black-box way). The latter has remained as one of the most challenging open questions in cryptography. Then, by combining our results with a recent result of Brakerski, Brzuska, and Fleischhacker, we rule out any fully black-box construction of IO from the same set of primitives assuming the existence of one-way functions and that the polynomial-hierarchy does not collapse.

Based on joint works with Ameer Mohammed, Soheil Nematihaji, Rafael Pass, and abhi shelat.

Bio: Mohammad Mahmoody is an assistant professor at the Univ of Virginia. He got his PhD from Princeton in 2010 under supervision of Boaz Barak and then spent a few years in Rafael Pass’s crypto group at Cornell before joining UVa in 2013.

New Inference Attacks on Order-Preserving and Order-Revealing Encryption

Paul Grubbs

Order-preserving Encryption (OPE) has, of late, received a great deal of attention from the research community and from industry. It has proven to be an enormously useful tool in areas like cloud security and encrypted databases. However, for most plaintext distributions of practical interest very little is known about the concrete security of OPE. In this talk, I will describe some new cryptanalytic attacks on OPE and order-revealing encryption. I will also motivate stronger adversarial models and present new attacks in those settings. Finally, I will present experimental results of implementing the attacks on several data sets. Our results show that the concrete security of OPE and ORE is very low in some settings, and that more work is needed to understand the consequences (and hopefully, the limits) of inference attacks against encryption schemes that leak order. Joint work with Kevin Sekniqi, Muhammad Naveed, and Tom Ristenpart.

Bio: Paul Grubbs is a PhD student in Computer Science at Cornell University and Cornell Tech, working on the theory and practice of cryptography. Currently he is interested in property-preserving encryption, searchable encryption, and applied crypto. Before starting his PhD, he worked for two and a half years as a cryptography engineer at Skyhigh Networks, a cloud security startup in Campbell, CA.

Accessing Data while Preserving Privacy

Georgios Kellaris

We initiate a formal research of the privacy-efficiency tradeoff of secure database systems. Such systems, such as CryptDB and Cipher-base, try to mitigate the high costs of full-fledged cryptographic solutions by relaxing the security guarantees they provide. We provide abstract models that capture the basic properties of these systems and identify their fundamental leakage channels. These models allow performing a generic and implementation independent investigation of the inherent tradeoffs between security and efficiency. In particular, this modeling allows us in some cases to devise generic reconstruction attacks where the server learns the secret attributes of every record stored in the database, pointing to inherent limitations of these models.

We present a new model of differentially private storage where differential privacy is preserved even against an attacker that controls the data and the queries made to it. We give a generic construction of differentially private storage that combines ORAM and differentially private sanitizers. We also provide efficient constructions and lower bounds for some specific query sets. We have implemented some of our algorithms, and report on their efficiency.Joint work with Georgios Kellaris, George Kollios, Kobbi Nissim, and Adam O’Neill.

Bio: Georgios is currently a Post-Doctoral Fellow at CRCS, Harvard University, and at Boston University. He received his Ph.D. degree in Computer Science and Engineering from the Hong Kong University of Science and Technology (2015), under the supervision of prof. Dimitris Papadias, and with the support of the Hong Kong Ph.D. Fellowship Scheme. He holds a 4-year B.Sc. in Informatics and Telecommunications from the University of Athens (2006) and a 2-year M.Sc. degree in Digital Systems from the University of Piraeus (2008). He has worked as a researcher at the University of Piraeus in Greece, the Singapore Management University and the Nanyang Technological University in Singapore, and at Boston University. His research interests include databases and differential privacy.

2nd DC-Area Crypto Day

September 16, 2015October 30, 2015 DC-Area Crypto DayLeave a comment

DC CRYPTO DAY
FRIDAY, OCTOBER 30
JOHNS HOPKINS UNIVERSITY (HOMEWOOD CAMPUS) ∙ BALTIMORE, MD

Be sure to join us for the next DC area Crypto Day scheduled from 10:00 a.m. – 5:00 p.m. on Friday, October 30 at the Homewood Campus of Johns Hopkins University. The theme of this installment is Bitcoin.

Parking Location: South Garage
3100 Wyman Park Drive
Baltimore, MD 21211

Location of Talks: Sherwood Room, Levering Hall
– Google Maps Link
– Campus map.
*Please note that Levering Hall is building number 40 on the map and South Garage Parking is the one next to building 45 on the map.

Agenda:
10:00 AM – 11:00 AM |David Evans, University of Virginia
11:10 AM – 12:10 PM |Andrew Miller, University of Maryland
12:10 PM – 1:40 PM | Lunch
1:40 PM – 2:40 PM |Ranjit Kumaresan, Massachusetts Institute of Technology
2:50 PM – 3:50 PM |Matthew Green, Johns Hopkins University
4:00 PM – 5:00 PM | Panel discussion

Note that there is a 10:00 minute break between the talks.

Please find the titles and abstracts below.

Speaker: David Evans, University of Virginia
Title: Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Abstract: This (non-research) talk will start with a tutorial introduction to cryptocurrencies and how bitcoin works (and doesn’t work) today. We’ll touch on some of the legal, policy, and business aspects of bitcoin and discuss some potential research opportunities in cryptocurrencies.

Speaker: Andrew Miller, University of Maryland
Title: Privacy-preserving Smart Contracts
https://eprint.iacr.org/2015/675.pdf

Abstract: Existing blockchain-based cryptocurrencies such as Bitcoin and Ethereum, store all financial transactions in the clear on the blockchain. This compromises the privacy of financial transactions, which is essential in numerous applications.
Hawk is a blockchain-based smart contract system that stores encrypted transactions on the blockchain, and relies on cryptography to retain the security of the cryptocurrency. A Hawk programmer can write a private smart contract in an intuitive manner without having to implement cryptography, and our compiler automatically generates an efficient cryptographic protocol where contractual parties interact with the blockchain, using cryptographic primitives such as succinct zero-knowledge proofs.
To formally define and reason about the security of our protocols, we also formalize a new simulation-based “blockchain model” of secure computation, which is of independent interest.

Speaker: Ranjit Kumaresan, Massachusetts Institute of Technology
Title: How to Use Bitcoin to Design Fair Protocols
Abstract: I will talk about a recent line of work that integrates traditional secure computation with a formal financial framework. This line of work identifies and abstracts some key transaction functionalities offered by the Bitcoin network, and shows how to incentivize correct behavior in secure computation (and other cryptographic tasks) in a model where parties have access to such a transaction functionality.

Speaker: Matt Green, Johns Hopkins University
Title: TBD
Abstract: TBD

*Please note that lunch will not be provided, click on Crypto Conference Dining Options to check out local nearby options.

Please RSVP to Sr. Academic Program Coordinator Jessica Finkelstein at jkastne2@jhu.edu by Friday, October 23.

This DC Crypto Day is hosted by:

p.s. The first DC area crypto day was held at the University of Maryland at College Park. See here for the program and more information.