Current students

Subscribe to Current students
Friday, March 27, 2026 3:30 pm - 4:30 pm EDT (GMT -04:00)

Tutte Colloquium -Therese Biedl-Planar graph drawing, meet MSOL

Speaker: Therese Biedl
Affiliation: University of Waterloo
Location: MC 5501

Abstract: It is well-known that every planar graph has a planar drawing with straight-line segments, even if vertices are restricted to lie on a grid with linear coordinates.  In this talk, we will study the question of finding planar graph drawings where the height H of the grid is as small as possible.   Dujmovic et al gave an FPT-algorithm that finds the minimum height.  However, it is not particularly adaptable to closely related problems, such as finding rectilinear drawings of minimum height.    We therefore study a new and completely different approach to test whether a graph has a drawing of height H.     Since such graphs have pathwidth O(H), a natural approach is to appeal to Courcelle's theorem.  This requires phrasing the problem in so-called monadic second-order logic (MSOL), but MSOL supports neither arbitrarily large integers nor permutations, making it difficult to use for graph drawing problems.   In this talk, we show that with some detours we can phrase the question of whether G has a straight-line drawing of height H in a radically different way ("no face has a fish") that can be easily expressed in MSOL.

(Joint work with Ignaz Rutter)
Friday, March 27, 2026 10:30 am - 11:30 am EDT (GMT -04:00)

Crypto Reading Group - Mohammad Hajiabadi-Challenges in Realizing CCA in Advanced Encryption Schemes

Speaker:

 Mohammad Hajiabadi
Affiliation: University of Waterloo
Location: MC 6029

Abstract:CCA security is a fundamental notion in cryptography. There are standard techniques to generically achieve CCA security for all-or-nothing type public-key encryption schemes, such as heuristic approaches based on Fujisaki–Okamoto, or constructions in the standard model using tools like hinting PRGs. However, in more advanced settings, such as functional encryption or threshold encryption, these generic approaches break down. Moreover, defining CCA security in these settings is itself non-trivial and leads to subtle definitional challenges.

In this talk, I will discuss these issues, highlight the key obstacles, and present several open problems, along with possible directions for addressing them.
Thursday, March 26, 2026 2:30 pm - 3:30 pm EDT (GMT -04:00)

Algebraic and enumerative combinatorics seminar - Ian George-Enumerating Convex Sets in Posets

Speaker: Ian George
Affiliation: University of Waterloo
Location: MC 5417

Abstract: Causal Set Theory (CST) is a theory of quantum gravity where spacetime is taken to be a locally finite poset, called a causal set.  A central problem in CST is to determine physically relevant properties from the purely combinatorial information of the causal set.  In 2014 Glaser and Surya demonstrated that the distribution of interval sizes of a causal set sprinkled into a region of Minkowski space contains information about the dimension of the underlying spacetime.  In 2026 Surya showed that this distribution can be used to define a “closeness” function on causal sets that distinguishes by dimension and global topology.  In this talk we present work motivated by these results which investigates the more general notion of convex sets, instead of intervals, of a poset.  First, we will introduce a generating polynomial for convex sets in a finite poset and explore some of its properties.  We will then show that this polynomial is a complete invariant for the family of series-parallel posets.  Lastly, we discuss early results on the utility of this polynomial in CST.  The pre-seminar will introduce relevant background on CST.

There will be a pre-seminar presenting relevant background at the beginning graduate level starting at 1:30pm.

Monday, March 23, 2026 11:30 am - 12:30 pm EDT (GMT -04:00)

Algebraic Graph Theory-Zhaochen Ding-A construction of multicovers of a cycle

Speaker: Zhaochen Ding
Affiliation:

University of Primorska
Location: Please contact Sabrina Lato for Zoom link.

Abstract: Praeger-Xu graphs are a family of multicovers of cycles, known for some of their surprising properties. A fundamental observation is that these graphs can be constructed from De Bruijn graphs. In this presentation, we will generalize the definition of De Bruijn graphs to create a broader family of multicovers. Finally, we will compute the automorphism group and show some applications of our constructions. This is a joint work with Ci Xuan Wu.

Monday, March 23, 2026 12:30 pm - 1:30 pm EDT (GMT -04:00)

C&O Reading Group - Noah Weninger-A Simple $(2+\epsilon)$-Approximation for Knapsack Interdiction

Speaker:

 Noah Weninger
Affiliation: University of Waterloo
Location: MC 6029

Abstract:In the knapsack interdiction problem, there are two players and $n$ items, each with some profit, removal cost, and packing weight. First, the interdictor selects items to remove; the total removal cost must fit within the interdiction budget. Then, the follower solves a knapsack problem on the remaining items. The objective is to select an interdiction set which minimizes the follower's maximum profit. This problem is $\Sigma_2^p$-complete.


We present a $(2+\epsilon)$-approximation with running time polynomial in $n$ and $1/\epsilon$. We start by showing that after LP-relaxing the follower's knapsack, the problem becomes solvable with dynamic programming in pseudopolynomial time, and yields a 2-approximation for the original problem. We then show that this dynamic program can be rounded to get an FPTAS for the 2-approximate problem. Although there is already a PTAS known for knapsack interdiction (Chen et al, 2022), our algorithm is considerably simpler and faster: to achieve a 3-approximation, the PTAS needs running time $\Omega(n^{100})$, whereas ours is only $\tilde O(n^3)$.
Friday, March 20, 2026 10:30 am - 11:30 am EDT (GMT -04:00)

Crypto Reading Group - Pranshu Kumar-Generic Transformations for Updatable PKEs

Speaker:

 Pranshu Kumar
Affiliation: University of Waterloo
Location: MC 6029

Abstract:Updatable Public-Key Encryption (UPKE) augments the security of PKE with Forward Secrecy properties. It was originally proposed by Jost et al. (EUROCRYPT 2019) to provide security guarantees in secure messaging applications efficiently. Later, Alwen et al. (CRYPTO 2020) showed that TreeKEM, when used for Continuous Group Key Agreement (CGKA) in Message Layer Security (MLS), failed to achieve adequate security and proposed using UPKEs to modify TreeKEM. Since then, UPKEs have become a part of the Message Layer Security specification, and their security properties have been extensively studied. Alwen, Fuchsbauer, and Mularczyk (AFM, Eurocrypt’24) presented the strongest security notion to date, adding many additional properties that strengthen its security in CGKA and MLS.
Friday, March 20, 2026 3:30 pm - 4:30 pm EDT (GMT -04:00)

Tutte Colloquium -Bruno Sterner-Large smooth twins from short lattice vectors

Speaker: Bruno Sterner
Affiliation: University of Waterloo
Location: MC 5501

Abstract: We discuss the challenging problem of finding pairs of consecutive smooth integers, which we refer to as a smooth twin. In other words the largest prime factor in the twin is relatively small. This computational number theoretic problem has appeared in the context of isogeny-based cryptography whereby a select number of cryptosystems use such twins as part of their parameter setup. The challenging part to the problem is finding smooth twins whose largest prime factor is as small as possible. Prior to this work, twins of this nature have at most 74-bits which is much too small for cryptographic relevance. We bridge this gap by presenting a new method that finds significantly larger smooth twins with as small as possible smoothness bound. The idea of our algorithm is based on the well known and studied problem of finding short vectors in a well constructed lattice. We report a 196-bit smooth twin which falls in this regime as well as a few larger twins that have small (but not the smallest) smoothness bounds.

Friday, March 13, 2026 10:30 am - 11:30 am EDT (GMT -04:00)

Crypto Reading Group - Huanhuan Chen-Updatable Encryption

Speaker:

 Huanhuan Chen
Affiliation: University of Waterloo
Location: MC 6029

Abstract:Updatable encryption (UE) enables a cloud server to update ciphertexts using client-generated tokens. There are two types of UE: ciphertext-independent (c-i) and ciphertext-dependent (c-d). In terms of construction and efficiency, c-i UE utilizes a single token to update all ciphertexts. The update mechanism relies mainly on the homomorphic properties of exponentiation, which limits the efficiency of encryption and updating. Although c-d UE may seem inconvenient as it requires downloading parts of the ciphertexts during token generation, it allows for easy implementation of the Dec-then-Enc structure. This methodology significantly simplifies the construction of the update mechanism. Notably, the c-d UE scheme proposed by Boneh et al. (ASIACRYPT’20) has been reported to be 200 times faster than prior UE schemes based on DDH hardness, which is the case for most existing c-i UE schemes. Furthermore, c-d UE ensures a high level of security as the token does not reveal any information about the key, which is difficult for c-i UE to achieve. However, previous security studies on c-d UE only addressed selective security; the studies for adaptive security remain an open problem.

In this study, we make three significant contributions to ciphertext-dependent updatable encryption (c-d UE). Firstly, we provide stronger security notions compared to previous work, which capture adaptive security and also consider the adversary’s decryption capabilities under the adaptive corruption setting. Secondly, we propose a new c-d UE scheme that achieves the proposed security notions. The token generation technique significantly differs from the previous Dec-then-Enc structure, while still preventing key leakages. At last, we introduce a packing technique that enables the simultaneous encryption and updating of multiple messages within a single ciphertext. This technique helps alleviate the cost of c-d UE by reducing the need to download partial ciphertexts during token generation.
Thursday, March 12, 2026 2:30 pm - 3:30 pm EDT (GMT -04:00)

Algebraic & Enumerative Combinatorics - Stephan Pfannerer-Rotation-invariant web bases from hourglass plabic graphs

Speaker: Stephan Pfannerer
Affiliation: University of Waterloo
Location: MC 5417

Abstract: 

In 1995, Kuperberg introduced a remarkable collection of trivalent web bases which encode tensor invariants of U_q(sl_3). Extending these bases to general sl_r has been an open problem ever since. We present a solution to the r=4 case by introducing hourglass plabic graphs, a new generalization of Postnikov's plabic graphs. Joint work with Christian Gaetz, Oliver Pechenik, Jessica Striker and Joshua Swanson.
There will be a pre-seminar presenting relevant background at the beginning graduate level starting at 1:30pm in MC 5417.

There will be a pre-seminar presenting relevant background at the beginning graduate level starting at 1:30pm in MC 5417.

Friday, March 13, 2026 3:30 pm - 4:30 pm EDT (GMT -04:00)

Tutte Colloquium -Seunghoon Lee-Parallel Reversible Pebbling: Time-Space Tradeoffs on DAGs (with Cryptographic Motivation)

Speaker: Seunghoon Lee
Affiliation: University of Waterloo
Location: MC 5501

Abstract: The (parallel) pebbling game is a useful abstraction for analyzing the resources (e.g., space, space-time, amortized space-time) needed to evaluate a function f with a static data-dependency graph G on a (parallel) computer. The underlying question is purely combinatorial: what tradeoffs does a directed acyclic graph (DAG) force between storing intermediate values and recomputing them? This viewpoint has been particularly influential in cryptography, where many “Memory-Hard Function” (MHF) constructions can be modeled by evaluating a fixed DAG.

Classical pebbling, however, does not capture an essential constraint in quantum/reversible computation: intermediate information cannot be discarded freely, so cleanup must respect the dependency structure. While sequential reversible pebbling has been used to study space-time tradeoffs in sequential settings, it does not reflect the space-time tradeoffs for parallel quantum/reversible algorithms. To model this, we introduce the parallel reversible pebbling game and use it to analyze reversible space-time and amortized costs for important graph families, including line graphs and structured DAGs arising in MHF constructions (e.g., Argon2i and DRSample).
The talk highlights two core results: First, we give a lower bound on the reversible amortized space-time cost for a line graph, which yields a separation between classical and reversible pebbling costs, showing a super-constant (yet sub-polynomial) gap. Second, this overhead is nevertheless controlled: we show that any classical parallel pebbling can be transformed into a reversible one with only a sub-polynomial loss. This generic transformation serves as a central tool for analyzing broader graph families.
The talk will focus on the combinatorial aspects of cryptographic applications; no background in cryptography is assumed. Based on joint work with Jeremiah Blocki and Blake Holman: The Parallel Reversible Pebbling Game: Analyzing the Post-Quantum Security of iMHFs (TCC 2022), and The Impact of Reversibility on Parallel Pebbling (EUROCRYPT 2025).