Program for Swiss Crypto Day 2025 - Halloween Edition

2025-10-31
10:00

Registration and Welcome Coffee

Get your badge and your coffee intake.

10:00 - 10:30 CM 1 2 Main Track
10:30
Tako Boris Fouotsa

PRISMO: A Quaternion Signature for Isogeny Group Actions
Isogeny-Based Cryptography

presented by Tako Boris Fouotsa

Isogeny group action based signatures are obtained from a sigma protocol with high soundness error, say 1/2 for its most basic variant. One needs to independently repeat the sigma protocol several times to reduce the soundness error to negligible. These repetitions come with a considerable efficiency and size overhead. On the other hand, quaternion isogeny-based signatures such as PRISM are dir...

more

10:30 - 11:00 CM 1 2 Main Track
11:00
Bryan Ford

Usable coercion-resistant e-voting in Votegral

presented by Bryan Ford

Online voting is convenient and flexible, but amplifies the risks of voter coercion and vote buying. Votegral’s registration component, TRIP, gives voters a kiosk in a privacy booth with which to print real and fake credentials on paper, eliminating dependence on trusted hardware in credential issuance. The voter learns and can verify in the privacy booth which credential is real, but real and ...

more

11:00 - 11:30 CM 1 2 Main Track
11:30
Cecilia Boschini

Security Amplification of Threshold Signatures in the Standard Model

presented by Cecilia Boschini

The current standardization calls for threshold signatures have highlighted the need for appropriate security notions providing security guarantees strong enough for broad application. In this talk we will focus in particular on strong unforgeability. After an overview of how such a property can be defined, we show how to extend an existing construction for single-user signatures from chameleon...

more

11:30 - 12:00 CM 1 2 Main Track
12:00

Lunch
Bon appetit

Power up for the afternoon.

12:00 - 13:30 CM 1 2 Main Track
13:30
Giulio Malavolta

How to Verify that a Small Device is Quantum, Unconditionally

presented by Giulio Malavolta

A proof of quantumness (PoQ) allows a classical verifier to efficiently test if a quantum machine is performing a computation that is infeasible for any classical machine. We propose a new approach for constructing PoQ protocols where soundness holds unconditionally assuming a bound on the memory of the prover, but otherwise no restrictions on its runtime.

Our protocols are heavily inspired...

more

13:30 - 14:00 CM 1 2 Main Track
14:00
Antonio Sanso

Breaking Poseidon with Graeffe: Root-Finding for Fun (and No Profit)

presented by Antonio Sanso

This talk explores how the Graeffe root-finding method can be used to break reduced-round instances of the Poseidon and Poseidon2 permutations over NTT-friendly prime fields. We present an algorithm that efficiently isolates single roots of the high-degree polynomials arising from these constructions, leveraging the classical Graeffe transform. Applied to bounty challenges proposed by the Ether...

more

14:00 - 14:15 CM 1 2 Main Track
14:15
Ziyi Guan

Relativized Succinct Arguments in the ROM Do Not Exist

presented by Ziyi Guan

A relativized succinct argument in the random oracle model (ROM) is a succinct argument in the ROM that can prove/verify the correctness of computations that involve queries to the random oracle. We prove that relativized succinct arguments in the ROM do not exist.

Relativized SNARGs are a powerful primitive that, e.g., can be used to obtain constructions of IVC (incrementally-verifiable co...

more

14:15 - 14:30 CM 1 2 Main Track
14:30
Michael Vergoz

Post-Quantum Hybridization: Designing Resilient Cryptographic Transitions

presented by Michael Vergoz

The transition to post-quantum cryptography (PQC) presents a dual challenge: classical algorithms (RSA, ECC) are vulnerable to future quantum attacks, yet PQC algorithms remain young, complex, and occasionally brittle, some already broken using classical methods (e.g., SIKE in 2022). In this uncertain landscape, cryptographic hybridization has emerged as a strategic and technically viable solut...

more

14:30 - 14:45 CM 1 2 Main Track
14:45
Giacomo Fenzi

Linear-Time Accumulation Schemes
-

presented by Giacomo Fenzi

Proof-carrying data (PCD) is a powerful cryptographic primitive for computational integrity in a distributed setting. State-of-the-art constructions of PCD are based on accumulation schemes (and, closely related, folding schemes). We present WARP: the first accumulation scheme with linear prover time and logarithmic verifier complexity. Our scheme is hash-based (secure in the random oracle mode...

more

14:45 - 15:00 CM 1 2 Main Track
15:00

Afternoon Break

Last coffee for the last sessions.

15:00 - 15:30 CM 1 2 Main Track
15:30
Felix Günther

Advanced KEM Concepts: (Hybrid) Obfuscation and Verifiable Decapsulation

presented by Felix Günther

Key encapsulation mechanisms (KEMs) enable shared secrets over public networks and underpin quantum-safe systems. Yet standardized schemes such as ML-KEM do not always fit protocol requirements, and secure implementations can be brittle. This talk presents two techniques to close that gap.

1) (Hybrid) Obfuscation. Some deployments require KEM public keys or ciphertexts to be indistinguishabl...

more

15:30 - 16:00 CM 1 2 Main Track
16:00
Francesca Falzon

Learning from Functionality Outputs: Private Join and Compute in the Real World

presented by Francesca Falzon

Private Join and Compute (PJC) is a two-party protocol recently proposed by Google for various use-cases, including ad conversion (Asiacrypt 2021) and which generalizes their deployed private set intersection sum (PSI-SUM) protocol (EuroS&P 2020).

PJC allows two parties, each holding a key-value database, to privately evaluate the inner product of the values whose keys lie in the intersecti...

more

16:00 - 16:30 CM 1 2 Main Track