This is an archive
(replace .gov by .rip)

Crypto Reading Club

Project Overview


The Computer Security Division hosts Crypto Reading Club talks to foster research and collaboration in cryptography.


Wednesday (bi-weekly), 10:00am-12:00pm (Eastern Time), unless noted otherwise.

Building 222, Room B341
Gaithersburg, MD 20899
NIST Visitor Information
Email List:

Meeting reminders will be sent to subscribers of the Crypto Reading Club List.

To be added to the list and/or give a talk, please contact Morris J. Dworkin or Meltem Sönmez Turan.


Upcoming Talks 

Date Speaker Title
January 27, 2021
Luís Brandão Notes about some multi-party threshold schemes

Previous Talks


Date Speaker Title
January 13, 2021
Noah Waller, NIST Robocalling: STIRRED AND SHAKEN! - An Investigation of Calling Displays on Trust and Answer Rates
Date Speaker Title
December 16, 2020
Carl Miller, NIST The Impossibility of Efficient Quantum Weak Coin-Flipping
December 2, 2020
Xavier Bonnetain, University of Waterloo
Samuel Jaques, University of Oxford
Quantum Period Finding against Symmetric Primitives in Practice
July 29, 2020
Lauren De Meyer, KU Leuven Design of Symmetric Primitives in the World of Physical Attacks
January 29, 2020 Meltem Sönmez Turan, NIST Back to Basics: A tutorial on Boolean functions
Date Speaker Title
December 18, 2019 Justin Thaler, Georgetown University Interactive Proofs and Zero-Knowledge
November 20, 2019 John Kelsey Pyramid—A New Hash-Based Signature Scheme
October 23, 2019 Arka Rai Choudhuri
Johns Hopkins University
Finding a Nash Equilibrium is No Easier than Breaking Fiat-Shamir
July 31, 2019 IBM Blockchain Group Blockchain in practice: Permissions, security, and real-world use cases
June 19, 2019 Jintai Ding Cryptanalysis of Lifted Unbalanced Oil Vinegar
(Joint work with Jintai Ding, Kurt Schmidt, Zheng Zhang, Joshua Deaton)
June 5, 2019 Claude Crépeau Practical Relativistic Zero-Knowledge Proofs for NP
April 24, 2019 John Kelsey TMPS: Ticket Mediated Password Strengthening
April 10, 2019 Daniel Apon Non-Interactive Zero Knowledge from (Standard) Learning With Errors -- NIZKs from LWE
March 27, 2019 Angela Robinson Towards efficient post-quantum zero knowledge proofs
March 13, 2019 Reham Almukhlifi Linear Cryptanalysis of SIMON 32/64
February 13, 2019 Foteini Baldimtsi Moving off the blockchain: a payment hub for fast, anonymous off-chain Bitcoin payments
Date Speaker Title
December 19, 2018 Daniel Apon A Brief Introduction to Oblivious RAM
November 7, 2018 Muthuramakrishnan (Muthu) Venkitasubramaniam Zero-Knowledge Proofs: Recent progress and an update on the standardization effort
October 24, 2018 John Kelsey The NIST Beacon Format: An Exercise in Limiting the Power of a TTP
October 10, 2018 Kerry McKay Authentication and Key Establishment – a Primer
August 29, 2018 John Kelsey Hash-based Signatures
July 18, 2018 Luís Brandao Threshold Schemes for Cryptographic Techniques --- a step towards standardization?
June 20, 2018 Dr. Frank Taylor and Dr. Sean Weaver Cryptol and it’s associated Software Analysis Workbench (SAW)
June 6, 2018 Kerry McKay Security vs. Performance in TLS
May 23, 2018 Nicole Seese Exploring the Utility of the PAQ4 Data Compressor for Min-Entropy Estimation
April 25, 2018 John Kelsey Random Numbers, Entropy Sources, and You
February 28, 2018 Sweta Mishra On the Design of Password Hashing Scheme
January 31, 2018 Kerry McKay Backdoors, Front Doors, and Side Doors - Oh my!
January 17, 2018 Huijing Gong On the Leakage Resilience of Ideal-Lattice Based Public Key Encryption


Date Speaker Title
December 20, 2017 Albrecht Petzoldt Improved Cryptanalysis of HFEv- via Projection
November 8, 2017 Morrie Dworkin Discussion of Vanhoef/Piessens Paper:  "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
October 25, 2017 Nicky Mouha The Iterated Random Function Problem
October 11, 2017 Daniel Apon Cryptanalysis of Indistinguishability Obfuscations of Circuits over GGH13​​
September 13, 2017 Peter Mell Cloud Computing - A Historical Perspective on NIST Contributions​
August 16, 2017 Michael Davidson Smart Contract Security
August 2, 2017 Pavol Zajac On the explicit reduction between MQ and decoding problems
July 19, 2017 Meltem Sonmez-Turan and Cagdas Calik The Multiplicative Complexity of Boolean Functions 
May 24, 2017 Jintai Ding RLWE-based authentication and key reuse for RLWE-based key exchanges
May 10, 2017 Yehuda Lindell and Avner Mor An Introduction to Secure Multiparty Computation with Applications to Key Protection
April 26, 2017 Kerry McKay On the Practical (In-)Security of 64-bit Block Ciphers
April 12, 2017 Qiang Tang _Cliptography: Post-Snowden Cryptography_
March 29, 2017 Nicky Mouha - The first public collision on SHA-1
March 15, 2017 Betul Durak Breaking the FF3 Format Preserving Encryption Standard over Small Domains
March 1, 2017 David Kravitz ABC Blocks: Auditable Blockchain Communications for Securing User and Device Authentication and Authorization
Feb. 1, 2017 Moses Liskov Accessible Protocol Analysis with the CPSA Tool
Date Speaker Title
Dec. 7, 2016 Liqun Chen Anonymous Attestation
Nov. 23, 2016 Nicky Mouha Simpira v2: A Family of Efficient Permutations Using the AES Round Function
Nov. 9, 2016 Ray Perlner Cost analysis of hash collisions: Will quantum computers make SHARCS obsolete
Oct. 26, 2016 Nicky Mouha Insights from the NIST Lightweight Cryptography Workshop 2016
Oct. 12, 2016 Marco Bucci A Fully-Digital Chaos-Based Random Bit Generatory
Sep. 28, 2016 Carl Miller Generating true randomness from quantum measurements
Sep. 14, 2016 Charles Bennett Public randomness: harvesting it, using it, and making it trustworthy
Aug. 31, 2016 Cagdas Calik A Survey on Timed-release Crypto and Crypto Puzzles
Aug. 3, 2016 Daniel Smith-Tone Multivariate Cryptography with “Big” Algebraic Structures
June 22, 2016 Dmitry Cousin Uniformity and Entropies
June 8, 2016 Ray Perlner Key Recovery Attack on the Cubic ABC Simple Matrix Multivariate Encryption Scheme
May 25, 2016 Rene Peralta Epsilon-biased Ddistributions, What They Are, How We Construct Them, What Are They Good For
Apr. 28, 2016 Ludovic Lescieux Laser technologies for IC security evaluation
Apr. 13, 2016 Angelos Stavrou Leveraging Blockchain-based protocols in IoT systems
Mar. 30, 2016 Francois Dupressoir Verified Security Proofs for Cryptographic Standards -- SHA3”
Mar. 16, 2016 Aishwarya Thiruvengadam 10-Round Feistel is Indifferentiable from an Ideal Cipher
Feb. 3, 2016 Dustin Moody Post-Quantum Cryptography
Jan. 20, 2016 Sharon Keller Cryptographic Algorithm Validation Program
Jan. 15, 2016 Jean-Phillippe Aumasson Password Hashing Competition
Jan. 13, 2016 Jacob Alperin Sheriff Lattice-based cryptography
Date Speaker Title
December 23, 2015 Rene Peralta Random thoughts about randomness, primality, and covering arrays
December 9, 2015 Meltem Sonmez Turan, Magnus Find Multiplicative Complexity
October 14, 2015 Morrie Dworkin Chosen-ciphertext attack to XEX
September 30, 2015 Adam L. Young The Drunk Motorcyclist Protocol for Anonymous Communication
September 16, 2015 Kerry McKay Not all Exports are Good for the Economy: FREAK and Logjam Attacks
September 2, 2015 David McGrew Robustness and Transparency in Cryptography
August 5, 2015 Kerry McKay and Meltem Sonmez Turan Short talks on papers on CRYPTO15
July 22, 2015 Young-Hoon Park Multicast for mobile networks
June 24, 2015 Magnus Gausdal Find On Computing the Multiplicative Complexity
June 10, 2015 Bryan Ford Decentralizing Authorities into Scalable Strongest-Link Cothorities
May 27, 2015 Daniel Smith-Tone Polynomial rings and finite fields
May 13, 2015 Dustin Moody Breaking the Japanese Codes in World War II
April 29, 2015 Christine Task Addressing the Problem of Privacy-preserving Social Network Analysis
April 15, 2015 Dmitry Cousin Why Neural Network Models and What They Can Do?
March 18, 2015 Kerry McKay Intro to Machine Learning for Cryptologist
March 4, 2015 Carl Miller and Yaoyun Shi Quantum Random Number Generation
February 4, 2015 Christine Task Publishing Sensitive Data Safely with Differential Privacy
January 21, 2015 Morrie Dworkin The Riddle of the Labyrinth
January 7, 2015 Meltem Sonmez Turan How Random is your RNG
Date Speaker Title
December 10, 2014 Gedare Bloom MORPH: an FPGA SoC to Defend Against Hardware Trojans
November 12, 2014 Mike Gault and Ken Zatyko Keyless Signature Infrastructure
October 29, 2014 Kerry McKay The block cipher Present
October 15, 2014 Adam O’Neill Relaxed Cryptography for Application-Driven Security
Septemeber 17, 2014 Matt Robshaw UHF RFID, Security, and Future Directions
August 6, 2014 Meltem Sonmez Turan, Ray Perlner, Allen Roginsky, Apostol Vassilev Crypto Small Talks II
July 28, 2014 Magnus Gausdal Find The Relationship Between Multiplicative Complexity and Nonlinearity
July 23, 2014 Yi-Kai Liu, Kerry McKay, Dustin Moody, John Kelsey Crypto Small Talks I
June 25, 2014 Morrie Dworkin The Riddle of the Labyrinth
June 11, 2014 Meltem Sonmez Turan Honeywords: Making Password-Cracking Detectable
May 28, 2014 Ray Perlner Optimizing Information Set Decoding Algorithms to Attack Cyclosymmetric MDPC Codes
May 14, 2014 Dustin Moody Elliptic Curves: Efficiency, Security, and Standards
April 30, 2014 Vadim Lyubashevsky Lattice Based Cryptography
April 16, 2014 Kerry McKay I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis
April 2, 2014 Dr. Jintai Ding Post-Quantum Cryptography - Multivariate Public Key Cryptography
March 19, 2014 Dr. Tromer, Josh Kanner and Dr. Sasson Moving to a New Paradigm of Trust in Continuous Monitoring of Cloud Computing
March 5, 2014 Rene Peralta NIST Randomness Beacon
Feb 19, 2014 John Kelsey Tor Users Get Routed
Date Speaker Title
Nov 13, 2013 Morrie Dworkin How to Share a Secret
Oct 30, 2013 Kerry A. McKay Introduction and Analysis of Geometric and Polygram Substitution Ciphers
Sept 18, 2013 Santanu Sarkar Cryptanalysis of RSA Variants and Implicit Factorization
Sept 4, 2013 Kyle J. Bunch The Use of Homomorphic Encryption Combined with Configurable Computing for Implementing Information Barriers in a Future Inspection Regime
Aug 7, 2013 Cagdas Calik Nonlinearity Computation for Sparse Boolean Functions
July 24, 2013 Sean Weaver Cryptol
July 10, 2013 John Kelsey Discussion on Bitcoin
June 12, 2013 Kerry McKay Discussion on TLS
May 22, 2013 David McGrew Hash-based Signatures
May 15, 2013 Dustin Moody Fully Homomorphic Encryption
April 17, 2103 Kerry McKay Decrypting Classical Cipher Text Using Markov Chain Monte Carlo
March 20, 2013 Morris J. Dworkin and Meltem Sonmez Turan Tutorial on Differential Cryptanalysis
March 6, 2103 Kerem Varici Differential Analysis of the LED Block Cipher
Jan. 13, 2013 Ray Perlner A Chosen-Ciphertext Attack on the Cipher Block Chaining (CBC) Mode
Jan. 9, 2103 Rene Peralta Four Measures of Nonlinearity
Date Speaker Title
Dec. 12, 2012 Stefan Lucks, Meltem Sonmez Turan and Morrie Dworkin Authenticated Encryption
Nov. 28, 2012 Santanu Sarkar Side Channel Attack to Actual Cryptanalysis: Breaking CRT-RSA with Low Weight Decryption Exponents
Nov. 7, 2012 Stefan Lucks Key Stretching, Memory Consumption, and the Pebbling Game
Oct. 31, 2012 Oscar Garcia-Morchon Towards Fully Collusion-Resistant ID-based Establishment of Pairwise Keys
Oct. 17, 2012 Ketan Mehta OPACITY and PLAID Authentication Protocols
Oct. 3, 2012 Stephen Jordan Classical and Quantum Circuit Obfuscation with Braids
Sept. 19, 2012 Meltem Sonmez Turan Efficient Dissection of Composite Problems, with Applications to Cryptanalysis, Knapsacks, and Combinatorial Search Problems (Crypto 2012 Best Paper by I. Dinur, O. Dunkelman, N. Keller, A. Shamir)
Aug. 9, 2012 Morrie Dworkin Any Finite Subgroup of the Multiplicative Group of a Field is Cyclic
July 25, 2012 Arnab Roy Big data - WEBINAR
July 11, 2012 Peter Mell Overview on Big Data and its Security Implications
June 27, 2012 Luís Brandão 1-output 2-party Secure Function Evaluation with Malicious Parties
May 30, 2012 Daniel Smith-Tone Differential Properties of MPKCs with Multiple Variable Types
May 16, 2012 Arnab Roy Relatively-Sound NIZKs and Password-Based Key-Exchange
May 9, 2012 Lars Jonas Andersson System on Card
April 18, 2012 Quynh Dang Randomized Hashing
March 7, 2012 Ray Perlner On Error Correcting Code and Cryptographic Schemes Based on Coding Theory
Feb. 21, 2012 Dr. Anna Lysyanskaya Authentication without Identification
Feb. 8, 2012 Lily Chen Security in Mobility
Jan. 25, 2012 John Kelsey Order Preserving Encryption (OPE)
Jan. 8, 2012 Ismet Sahin Random Lines Global Optimization Algorithm
Date Speaker Title
Sept. 22, 2011 Wayne Patterson The Cryptology of Baseball
Sept. 14, 2011 Filip Zagorski An Absentee Voting System
Aug. 3, 2011 Yi-Kai Liu Quantum Algorithms for Algebraic Problems
July 13, 2011 Errol Markland Jr. Implementing Cryptographic Algorithms
June 29, 2011 John Kelsey Side Channel Attacks
May 18, 2011 Cathy Tilton Using Biometrics for Authentications
May 11, 2011 Poorvi Vora Paperless Independently-Verifiable Voting
April 27, 2011 Tyler Shields Dirty Little Secrets: Mobile Apps Invading Your Privacy - WEBINAR
April 20, 2011 Rick Kuhn and Raghu Kacker Combinatorial Testing
April 6, 2011 Meltem Sonmez Turan Distance Bounding Protocols
Feb. 23, 2011 Sheila Frankel Security in IPv6
Feb. 9, 2011 Serge Egelman It's All About The Benjamins: An empirical study on incentivizing users to ignore security advice
Jan. 26, 2011 Rene Peralta Selective-Disclosure Envelopes: Construction and Applications
Date Speaker Title
Dec. 15, 2010 Souradyuti Paul Mode of Operations of SHA-2 candidates
Dec. 1, 2010 John Kelsey Understanding scam victims: seven principles for systems security and The psychology of scams: Provoking and committing errors of judgment papers
Nov. 3, 2010 Lily Chen Tunneled Authentication
Oct. 6, 2010 Meltem Sonmez Turan Cryptographic Key Derivation from Passwords
Sept. 22, 2010 Dustin Moody Verheul’s Theorem and the Security of Pairing-based Cryptography
July 28, 2010 Mridul Nandi Security Notions and Some Popular Examples of Multi party Protocols
July 7, 2010 Allen Roginsky Distribution of Prime Numbers
June 16, 2010 Elaine Barker Transition of Cryptographic Algorithms and Key Length
May 5, 2010 Francesca Slade Classification of Peer Production: The Identification of Malfeasance on Collaborative Online Systems
April 21, 2010 John Kelsey Fuzzy Extractors
April 7, 2010 Kerry McKay Pseudo-linear Statistical Distinguishers for Block Ciphers
March 24, 2010 Annabelle Lee Smart Grid and Related Security Issues
March 10, 2010 Lily Chen Authenticated Key Establishment in Practice
Feb. 24, 2010 Bill MacGregor Chip and Pin Attack
Jan. 27, 2010 Mridul Nandi Zero Knowledge Proofs


Date Speaker Title
Dec. 2, 2009 Allen Roginsky Authenticated Key Establishment
Nov. 4, 2009 Mridul Nandi Primes is in P
Oct. 21, 2009 Allen Roginsky Introduction to Bloom Filters
Oct. 7, 2009 Meltem Sonmez Turan Introduction to Feedback Shift Registers
Sept. 9, 2009 Souradyuti Paul AES Related-Key Attacks
Aug. 11, 2009 Allen Roginsky Discrete Logarithm Problem (DLP) and Reduction of DLP over an Elliptic Curve
July 29, 2009 Mridul Nandi Security Preserved Padding Methods on MD Hash
July 8, 2009 Radia Perlman Privacy-Preserving DRM
June 17, 2009 Mridul Nandi Survey on Twenty years of Attack on RSA
June 3, 2009 John Kelsey Preimage Attacks on JH
May 6, 2009 Souradyuti Paul Cryptanalysis of Shavite and EnRupt
April 22, 2009 Souradyuti Paul Cryptanalysis on MD6 and CubeHash
April 8, 2009 Ray Perlner Quantum Resistant Public Key Cryptography
March 25, 2009 Lily Chen Trusted Platform Technologies
March 11, 2009 Rene Peralta Circuits in Crypto Applications
Jan. 28, 2009 Mridul Nandi Fast and Secure CBC Type MAC Algorithms
Jan. 24, 2009 Souradyuti Paul Hash Cryptanalysis


Date Speaker Title
Dec. 17, 2008 Peter Mell Cloud Computing Horizons
Dec. 3, 2008 Lee Badger Virtualization Models and Security
Nov. 12, 2008 Souradyuti Paul Hash Functions
Oct. 8, 2008 Andrew Regenscheid General Overview of Cryptographic Voting Schemes
Sept. 24, 2008 Mridul Nandi MAC based on Compression Functions
Aug. 27, 2008 Allen Roginsky Signcryption
July 16, 2008 Mridul Nandi Collision-Resistant Hashing: Towards Making
March 26, 2008 John Kelsey On Hash Functions
Feb. 27, 2008 Jose A. Montenegro Secure Sealed-Bid Online Auctions Using Discreet Cryptographic Proofs
Feb. 13, 2008 Morrie Dworkin GCM Mode
Jan. 16, 2008 John Kelsey Hash functions


Date Speaker Title
August 8, 2007 John Kelsey Discussions on MD4
June 20, 2007 John Kelsey Parallel Collision Search
June 6, 2007 Allen Roginsky RSA Digital Signature and its Security
April 23, 2007 Katrin Hoeper Security Analysis of EAP Methods


Date Speaker Title
May 09, 2006 Rene Peralta Weil Pairing


Morris Dworkin

Meltem Sönmez Turan


Security and Privacy: cryptography

Created January 10, 2017, Updated January 21, 2021