| 09:00 – 09:25 | registration |
| 09:25 – 09:30 | opening (Tanja Lange) |
| Invited talk (chair: Tsuyoshi Takagi) |
| 09:30 – 10:30 | Jaya Baloo |
| | EU Quantum Flagship (slides) |
| 10:30 – 11:00 | coffee break |
| Security models (chair: Peter Schwabe) |
| 11:00 – 11:25 | Bart Mennink and Alan Szepieniec |
| XOR of PRPs in a Quantum World (slides) |
| 11:25 – 11:50 | Nina Bindel, Udyani Herath, Matthew McKague, and Douglas Stebila |
| Transitioning to a Quantum-Resistant Public Key Infrastructure (slides) |
| 11:50 – 12:15 | Tommaso Gagliardoni, Nikolaos P. Karvelas, and Stefan Katzenbeisser |
| ORAMs in a Quantum World (slides) |
| 12:15 – 13:30 | lunch break |
| Code-based crypto I (chair: Rainer Steinwandt) |
| 13:30 – 13:55 | Pierre Loidreau |
| A new rank metric codes based encryption scheme (slides) |
| 13:55 – 14:20 | Jean-Christophe Deneuville, Philippe Gaborit, and Gilles Zémor |
| Ouroboros: a simple, secure and efficient key exchange protocol based on coding theory (slides) |
| 14:20 – 14:45 | Yusuke Yoshida, Kirill Morozov, Keisuke Tanaka |
| CCA2 Key-Privacy for Code-Based Encryption in the Standard Model (slides) |
| 14:45 – 15:15 | coffee break |
| Isogeny-based crypto (chair: Chen-Mou Cheng) |
| 15:15 – 15:40 | Alexandre Gélin and Benjamin Wesolowski |
| Loop-abort faults on supersingular isogeny cryptosystems (slides) |
| 15:40 – 16:05 | Yan Bo Ti |
| Fault attack on Supersingular Isogeny Cryptosystems (slides) |
| 16:10 – 17:30 | Recent results session (chair: Wouter Castryck) |
| |
Hash-based crypto:
Lattice-based crypto:
Code-based crypto:
Multivariate crypto:
|
| 17:30 – | Reception |
| Invited talk (chair: Tanja Lange) |
| 09:00 – 10:00 | Lieven Vandersypen |
| A "spins-inside" quantum computer (slides) |
| 10:00 – 10:30 | coffee break |
| Lattice-based crypto I (chair: Ruben Niederhagen) |
| 10:30 – 10:55 | Charles Bouillaguet, Claire Delaplace, Pierre-Alain Fouque, and Paul Kirchner |
| Fast Lattice-Based Encryption: Stretching SPRING (sldes) |
| 10:55 – 11:20 | Erdem Alkim, Nina Bindel, Johannes Buchmann, Özgür Dagdelen, Edward Eaton, Gus Gutoski, Juliane Krämer, and Filip Pawlega |
| Revisiting TESLA in the quantum random oracle model (slides) |
| Code-based crypto II (chair: Nicolas Sendrier) |
| 11:20 – 11:45 | Tomáš Fabšič, Viliam Hromada, Paul Stankovski, Pavol Zajac, Qian Guo, and Thomas Johansson |
| A Reaction Attack on the QC-LDPC McEliece Cryptosystem (slides) |
| 11:45 – 12:10 | Ghazal Kachigar and Jean-Pierre Tillich |
| Quantum Information Set Decoding Algorithms (slides) |
| 12:10 – 13:30 | lunch break |
| | Multivariate crypto I (chair: Simona Samardjiska) |
| 13:30 – 13:55 | Albrecht Petzoldt, Ming-Shing Chen, Jintai Ding, and Bo-Yin Yang |
| MHFEv - An Efficient Multivariate Signature Scheme (slides) |
| 13:55 – 14:20 | Alan Szepieniec, Ward Beullens, and Bart Preneel |
| MQ Signatures for PKI (slides) |
| 14:20 – 14:45 | Ryann Cartor and Daniel Smith-Tone |
| An Updated Security Analysis of PFLASH (slides) |
| 14:45 – 15:15 | coffee break |
| Quantum Algorithms (chair: Stacey Jeffery) |
| 15:15 – 15:40 | Daniel J. Bernstein, Nadia Heninger, Paul Lou, and Luke Valenta |
| Post-quantum RSA (slides) |
| 15:40 – 16:05 | Daniel J. Bernstein, Jean-François Biasse, and Michele Mosca |
| A low-resource quantum factoring algorithm (slides) |
| 16:05 – 16:30 | Martin Ekerå and Johan Håstad |
| Quantum Algorithms for Computing Short Discrete Logarithms and Factoring RSA Integers (slides) |
| 16:30 – 17:00 | NIST Q&A session |
| Daniel Smith-Tone, Ray Perlner, and Dustin Moody (slides for opening statment) |
| 18:00 – | Reception and dinner in Museum Speelklok |
| | (Reception and visit of exhibition at 18:00, dinner at 19:00) |
| Invited talk (chair: Andreas Hülsing) |
| 09:00 – 10:00 | Vadim Lyubashevsky |
| Standardizing Lattice Crypto and Beyond (slides) |
| 10:00 – 10:30 | coffee break |
| Lattice-based crypto II (chair: Daniel J. Bernstein) |
| 10:30 – 10:55 | Boru Gong and Yunlei Zhao |
| Cryptanalysis of RLWE-Based One-Pass Authenticated Key Exchange (slides) |
| 10:55 – 11:20 | Florian Göpfert, Christine van Vredendaal, and Thomas Wunderer |
| A Hybrid Lattice Basis Reduction and Quantum Search Attack on LWE (slides) |
| | Multivariate crypto II (chair: Bo-Yin Yang) |
| 11:20 – 11:45 | Dustin Moody, Ray Perlner, and Daniel Smith-Tone |
| Improved Attacks for Characteristic-2 Parameters of the Cubic ABC Simple Matrix Encryption Scheme (slides) |
| 11:45 – 12:10 | Jeremy Vates and Daniel Smith-Tone |
| Key Recovery Attack for All Parameters of HFE- (slides) |
| 12:10 – 12:35 | Daniel Cabarcas, Daniel Smith-Tone, and Javier A. Verbel |
| Practical Key Recovery Attack for ZHFE (slides) |
| 12:35 – 12:45 | closing remarks (slides announcing PQCrypto 2018) |
| 12:45 – 14:00 | lunch break |
