From wittlin@impan.gov.pl Tue Oct 08 18:10:53 2002 Date: Mon, 7 Oct 2002 10:37:46 +0200 (CEST) From: Aleksander WITTLIN To: stork-info@esat.kuleuven.ac.be Professor Dr. Bart Preneel, K.U. Leuven STORK co-ordinator Dear Professor Preneel, Professor Hans Dobbertin informed us about the STORK initiative, and on behalf of the Institute of Mathematics of the Polish Academy of Sciences and of the Cryptology Group of the Military Technical Academy in Warsaw I would like to express our interest. Therefore, we would like to contribute to the ongoing discussion, and to take part in your workshop in November. Cryptology research has been only recently re-initiated in academia in Poland after fall of the communism, and both, our experience and contributions are by necessity still very limited. On the other hand, the Institute, as the main research centre of pure and applied mathematics at this part of Europe and other research institutions are actively making up for lost time. Of great help are our traditional links with mathematicians in Western Europe, US, Canada, and Australia. Thanks to recently awarded to the Institute by EU status of the Centre of Excellence we are also able, within the cryptology research package, to expand and widen our contacts with European colleagues. It gave new and important impetus in studies concerning public key cryptography, and infrastructures, in particular elliptic curve cryptography and studies of hyperelliptic curves. At the same time the Military Technical Academy is dynamically developing, in collaboration with colleagues in Belgium and Israel, studies of symmetrical ciphers, various aspects of the cryptoanalysis, and basic aspects of cipher design and analysis. As a part of our efforts to expand research in Poland , and at the same time to popularise cryptology in the society we shall organize the next Eurocrypt Conference in Warsaw in May 2003.Fast changes in Polish economy stimulates demand for qualified data security experts. Moreover, recently introduced in Poland Electronic Signature Law shall, in the long run, increase demands for cryptology literacy and expertise at various state and private institutions and professional organisations. Therefore, we consider as one of our important tasks, to popularise cryptology, and to increase data security "literacy". As part of these efforts we consider to prepare a standard cryptology education CV for universities and equivalent higher education institutions. Since there was very little time and information to prepare a formal "position paper" for STORK meeting I shall limit myself to a few points, which we consider important in view of published objectives, in particular these seen from our, above drawn perspective. Sincerely Yours, Dr. Aleksander Wittlin Cryptology Section Institute of Mathematics Polish Academy of Sciences Warsaw, Poland Institute of Mathematics, Polish Academy of Sciences, Our (by all means very preliminary, and not yet really thought through) views on the priorities: 1. Foundations: All aspects of "difficult mathematical problems", in particular these related to the theory of elliptic curves and new methods of factorisation. Both theoretical, and practical (a choice of suitable quantum systems) studies of quantum computing for number theory applications. 2. Design and analysis: New tools to design, and analyse stream ciphers, tools to design and analyse hash functions, new (cheap and reliable) sources of randomness, practical designs based on quantum telecommunication. 3. Applications: Reliable and verifiable "open system" solutions for citizens and industry. New tools and techniques for privacy protection. Development of new, non-obtrusive, reliable personal identification techniques. Studies of possible competitive, practical, and safe alternatives to hierarchical PKI infrastructures. Techniques to design, build, and verify embedded crypto-based solutions (based on cell phones, Pas, car-built computers and alike devices). 4. Legal and regulatory aspects: Better coordination of national legislations concerning various aspects of electronic trade, electronic signatures, and privacy protection. In particular Europe-wide standard and encryption techniques for protection of medical, and insurance data should be developed, and popularised. If possible, also introduced. Effort should be undertaken for general improvement of crypto literacy of citizens. In particular some elements of crypto should be included Europe-wide into school programs, and a proposed CV for European MSc in cryptology should be considered and if possible prepared. (At least in former Eastern Europe) a massive effort to improve crypto literacy among legislators, lawyers (in particular judges), and (math, informatics) teachers should be undertaken.