Jonas Janneck's Avatar

Jonas Janneck

@jonasjanneck.bsky.social

PhD Student in Cryptography at Ruhr University Bochum

74 Followers  |  98 Following  |  6 Posts  |  Joined: 14.02.2025
Posts Following

Posts by Jonas Janneck (@jonasjanneck.bsky.social)

Compared to a previous version, we improved the security bounds and have a meaningful result for strong unforgebaility πŸ’ͺ
We also give a security analysis of the FFO Sampler used in Falcon completing the analysis of the scheme.

02.03.2026 14:37 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
A Closer Look at Falcon Falcon is a winner of NIST’s six-year post-quantum cryptography standardisation competition. Based on the celebrated full-domain-hash framework of Gentry, Peikert and Vaikuntanathan (GPV) (STOC’08), F...

We updated our work on the first concrete security proof of the Falcon signature scheme πŸ¦…

ia.cr/2024/1769

This is joint work with Pierre-Alain, Phillip, Hubert, and @kiltz.bsky.social and will appear at Eurocrypt’26 πŸŽ‰

02.03.2026 14:37 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

The schemes are further highly practical by being as compact as the naive concatenation of two signatures.

One construction, which can be used to combine EdDSA and ML-DSA, achieves even smaller signatures than the sum of the both component schemes πŸŽ‰

27.02.2026 16:18 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

The designs allow for a simple migration without messing with the PQ component meaning:
- FIPS compliance for NIST standardized schemes βœ…
- no new PQ implementation needed πŸ’»
- no patent issues πŸ§‘β€βš–οΈ

The Bird of Prey combiners are the first achieving this requirement together with strong unforgeability!

27.02.2026 16:18 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Bird of Prey: Practical Signature Combiners Preserving Strong Unforgeability Following the announcement of the first winners of the NIST post-quantum cryptography standardization process in 2022, cryptographic protocols are now undergoing migration to the newly standardized sc...

Happy to announce that Bird of Prey is accepted at EC’26 πŸ›ΈβœοΈπŸŽ‰

eprint.iacr.org/2025/1844

The paper presents three signature combiners for PQC migration preserving strong unforgeability. They capture all broadly used classical schemes and can be used with *any* PQ signature in a black-box way!

27.02.2026 16:18 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
PrivCrypt 2026

I am co-organising (with @drl3c7er.bsky.social and Lucjan Hanzlik) a workshop on Privacy-Enhancing Cryptography in Rome on May 10 as an affiliated event to IACR Eurocrypt. Submit your best PEC-work (3-page extended abstract) for presentation by February 25th: privcryptworkshop.github.io

05.02.2026 23:26 β€” πŸ‘ 11    πŸ” 9    πŸ’¬ 1    πŸ“Œ 0
Call for Presentations Workshop on Proofs and Proof Techniques for Cryptographic Security. Affiliated with Eurocrypt 2026.

Planning your trip to Eurocrypt or looking for an excuse to still go? The reviewers did not appreciate your too involved or too elegant proofs?

Consider submitting a talk to ProTeCS (protecs-workshop.gitlab.io), an affiliated event of EC, where we celebrate proofs as independent objects of study!

30.01.2026 12:51 β€” πŸ‘ 11    πŸ” 4    πŸ’¬ 1    πŸ“Œ 2

Are you looking for a signature combiner for PQC migration?
We already have combiners/hybrids for unforgeability. But do we have combiners that also preserve strong unforgeability and all BUFF properties? Now we do:

10.10.2025 11:34 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Abstract. An Authenticated Key Encapsulation Mechanism (AKEM) combines public-key encryption and digital signatures to provide confidentiality and authenticity. AKEMs build the core of Hybrid Public Key Encryption (RFC 9180) and serve as a useful abstraction for messaging applications like the Messaging Layer Security (MLS) protocol (RFC 9420) and Signal’s X3DH protocol. To date, most existing AKEM constructions either rely on classical (non post-quantum) assumptions or on unoptimized black-box approaches leading to suboptimal efficiency. In this work, we choose a different abstraction level to combine KEMs and identification schemes more efficiently by leveraging randomness reuse. We construct a generic scheme and identify the necessary security requirements on the underlying KEM and identification scheme when reusing parts of their randomness. This allows for a concrete instantiation from isogenies based on the POKΓ‰ KEM (EUROCRYPT’25) and the SQIsignHD identification scheme (EUROCRYPT’24). To be used in our black-box construction, the identification scheme requires the more advanced security property of response non-malleability. Hence, we further show that a slight modification of SQIsignHD satisfies this notion, which might be of independent interest. Putting everything together, our final scheme yields the most compact AKEM from PQ assumptions with public keys of 366 bytes and ciphertexts of 216 bytes while fulfilling the strongest confidentiality and authenticity notions.

Abstract. An Authenticated Key Encapsulation Mechanism (AKEM) combines public-key encryption and digital signatures to provide confidentiality and authenticity. AKEMs build the core of Hybrid Public Key Encryption (RFC 9180) and serve as a useful abstraction for messaging applications like the Messaging Layer Security (MLS) protocol (RFC 9420) and Signal’s X3DH protocol. To date, most existing AKEM constructions either rely on classical (non post-quantum) assumptions or on unoptimized black-box approaches leading to suboptimal efficiency. In this work, we choose a different abstraction level to combine KEMs and identification schemes more efficiently by leveraging randomness reuse. We construct a generic scheme and identify the necessary security requirements on the underlying KEM and identification scheme when reusing parts of their randomness. This allows for a concrete instantiation from isogenies based on the POKΓ‰ KEM (EUROCRYPT’25) and the SQIsignHD identification scheme (EUROCRYPT’24). To be used in our black-box construction, the identification scheme requires the more advanced security property of response non-malleability. Hence, we further show that a slight modification of SQIsignHD satisfies this notion, which might be of independent interest. Putting everything together, our final scheme yields the most compact AKEM from PQ assumptions with public keys of 366 bytes and ciphertexts of 216 bytes while fulfilling the strongest confidentiality and authenticity notions.

Image showing part 2 of abstract.

Image showing part 2 of abstract.

Snake Mackerel: An Isogeny-Based AKEM Leveraging Randomness Reuse (Jonas Janneck, Jonas Meers, Massimo Ostuzzi, Doreen Riepel) ia.cr/2025/1474

20.08.2025 13:38 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

The preliminary program for the Cryptographic Applications Workshop (CAW) at Eurocrypt'25 is out.
#CAW focuses on the construction and analysis of cryptography built for practice.
This thread gives a quick overview; the full program and abstracts are here: caw.cryptanalysis.fun#program

18.03.2025 01:20 β€” πŸ‘ 9    πŸ” 7    πŸ’¬ 1    πŸ“Œ 1
WISC | Cluster of Excellence CASA | RUB The Women in Security and Cryptography Workshop promotes international female PhD students and outstanding female students in the field of IT security.

The 3rd edition of WISC – Women in Security and Cryptography Workshop will take place in Bochum from June 16 to 18. Already confirmed are talks by Lejla Batina, Zinaida Benenson, Shafi Goldwasser, Martina Lindorfer, and Doreen Riepel. Registration is open now! casa.rub.de/en/events/wi...

07.03.2025 04:43 β€” πŸ‘ 16    πŸ” 11    πŸ’¬ 0    πŸ“Œ 0