BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Drupal iCal API//EN X-WR-CALNAME:Events items teaser X-WR-TIMEZONE:America/Toronto BEGIN:VTIMEZONE TZID:America/Toronto X-LIC-LOCATION:America/Toronto BEGIN:DAYLIGHT TZNAME:EDT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 DTSTART:20260308T070000 END:DAYLIGHT BEGIN:STANDARD TZNAME:EST TZOFFSETFROM:-0400 TZOFFSETTO:-0500 DTSTART:20251102T060000 END:STANDARD END:VTIMEZONE BEGIN:VEVENT UID:6a21f173d42d1 DTSTART;TZID=America/Toronto:20260612T153000 SEQUENCE:0 TRANSP:TRANSPARENT DTEND;TZID=America/Toronto:20260612T163000 URL:https://uwaterloo.ca/combinatorics-and-optimization/events/tutte-colloq uium-douglas-stebila-adding-functionality-post SUMMARY:Tutte Colloquium -Douglas Stebila-Adding functionality to post-quan tum\ncryptography with variants of the Fujisaki-Okamoto transform CLASS:PUBLIC DESCRIPTION:SPEAKER:\n Douglas Stebila\n\nAFFILIATION:\n University of Wate rloo\n\nLOCATION:\n MC 5501\n\nABSTRACT: The Fujisaki-Okamoto (FO) transf orm is a fundamental\nbuilding block in new post-quantum cryptography stan dards like NIST's\nML-KEM\, where it is used to convert a weakly secure pu blic key\nencryption scheme into a key encapsulation mechanism (KEM) secur e\nagainst active attackers. In this talk\, we'll explore two approaches\n to add extra security and functionality to post-quantum KEMs by\nenhancing the FO transform. First\, we see how a birthday-style\ncollision argument lets an attacker who collects many ciphertexts\nhalve the security of the FrodoKEM and HQC standards\, and how\nextending the FO transform with pub lic salts thwarts this multi-target\nattack. Second\, we turn to implement ation flaws: for 19 months\, HQC's\nreference implementation effectively s kipped a security-critical\nverification step\, yet basic correctness test s still passed. We show\nhow the principle of \"verifiable verification\"\ , via an extension of\nthe FO transform\, ties security to functionality\, so that an\nimplementation which that skips it visibly breaks. DTSTAMP:20260604T214315Z END:VEVENT END:VCALENDAR