Helger Lipmaa

#QIP2026 is coming to Riga in less than a week!
Very excited to find my university (pictured) at the epicenter of a global academic event.

PSA: Pack some *really* warm clothing - we've got a real winter this time ❄️

By an ex student (Behzad)

=== FOR trend summary (up/down counts across changed conferences) === FOR up down net 4608 4 0 4 4604 2 1 1 4605 0 1 -1 4607 0 1 -1 4602 1 3 -2 4612 1 4 -3 4606 1 5 -4 4613 2 13 -11

New ICORE conference rankings are out. Theory, logic and formal methods seem to have been heavily penalised. I vibe coded an analysis of, for each Field of Research (FOR), how many associated venues increased or decreased in rank. Here's the summary. FOR 4613 had 13 venues decrease their rank! 1/2

What is wild to me is the defense, BY THE NEURIPS BOARD, that fabricated citations do not mean "the content of the papers themselves [is] necessarily invalidated"

It does. It very much does. What do you think citing other work is for? What do you think writing a paper is for? What do you *think*?

In 1943, Norwegian author Knut Hamsun gave his Nobel Prize to Joseph Goebbels. So history _does_ repeat itself.

that's an interesting experiment (as a cryptographer, i am of course worried by adversarial authors)

what do you mean by slow month? Christmas means no committee meetings.

This sounds really cool

New year, new pairing

3a didn't take long

Super exciting work from Ziyi and Eylon! They construct the first SNARG for NP in the *plain* model (no random oracle) using *only* (subexponential) LWE!
Perhaps most surprisingly, the SNARG is one (very clever) instantiation of the classical Killian-Micali construction!

YouTube video by Quanta Magazine The Biggest Breakthroughs in Mathematics: 2025

It was a big year for mathematics. youtu.be/hRpcWpAeWng

Your quarterly reminder to submit a paper to Communications in Cryptology...

cic.iacr.org

It is Diamond Open Access (readers and authors do not pay) and it contains all your new cool cryptographic research.

Next deadline for submission is Feb 2nd.

2 tons of vegemite?

Reviewers should also state if LLMs are permitted to be used, be coauthors, or main authors of the reviewed papers

Ask the LLM to ignore the spam folder

as those of a toddler, yes

The entries of rebuttal that correspond to personal attacks will only be visible to the reviewers after your papers has been rejected

The rebuttal only has to correct technical misunderstandings and not resort to personal attacks

There's only one house so ugly...

Cryptographers Show That AI Protections Will Always Have Holes | Quanta Magazine Large language models such as ChatGPT come with filters to keep certain info from getting out. A new mathematical argument shows that systems like this can never be completely safe.

If you swap each letter in “bomb” with the next letter in the alphabet, you’ll get “cpnc.” Recently, scientists showed that and other methods can bypass filters on LLMs like Gemini, DeepSeek and Grok. @peterha2l.bsky.social reports: www.quantamagazine.org/cryptographe...

Abstract. We prove that SVP_(p) is NP-hard to approximate within a factor of 2^(log^(1 − ε)n), for all constants ε > 0 and p > 2, under standard deterministic Karp reductions. This result is also the first proof that SVP_(p) is NP-hard in a finite ℓ_(p) norm. Hardness for SVP_(p) with p finite was previously only known if NP ⊈ RP, and under that assumption, hardness of approximation was only known for all constant factors. As a corollary to our main theorem, we show that under the Sliding Scale Conjecture, SVP_(p) is NP-hard to approximate within a small polynomial factor, for all constants p > 2. Our proof techniques are surprisingly elementary; we reduce from a regularized PCP instance directly to the shortest vector problem by using simple gadgets related to Vandermonde matrices and Hadamard matrices.

SVP_(p) is Deterministically NP-Hard for all p > 2, Even to Approximate Within a Factor of 2^(log^(1 − ε)n) (Isaac M Hair, Amit Sahai) ia.cr/2025/2181

how many of them are virtual? Those should not really count...

Abstract. Hash-based succinct non-interactive arguments (SNARGs) are a widely studied and deployed class of proof systems. The security of practical hash-based SNARGs relies on two combinatorial parameters of its underlying linear code 𝒞: a distance-preservation error ε(𝒞, δ) and the list size |Λ(𝒞, δ)| (both parametrized by a proximity parameter δ). Optimistically, one might hope that these parameters are bounded all the way to the capacity regime: when the proximity parameter δ approaches the minimum distance of the code δ(𝒞). Perhaps too optimistically, several deployed hash-based SNARGs indeed operate in this regime, and initiatives such as the Ethereum Proximity Prize investigate to which extent soundness is preserved in this setting. We present a minimal toy protocol whose analysis captures most of the complexity of state-of-the-art hash-based SNARGs, and present a generic attack whose success probability depends on the list size |Λ(𝒞, δ)|. Further, we investigate the common settings when the code 𝒞 is an extension code over a field 𝔽 of a base code 𝒞_(𝔹) over a small base field 𝔹. In this setting, we show that classical combinatorial lower bounds on the list-size of the code yields strong attacks that affect the regimes in which hash-based SNARGs operate in practice.

Image showing part 2 of abstract.

Small-field hash-based SNARGs are less sound than conjectured (Giacomo Fenzi, Antonio Sanso) ia.cr/2025/2197

I've been going over the responses to the survey from IACR members about publishing and conferences, and I keep coming back to the fact that I think there should be _fewer_ conferences and _more_ journals. This coupling of talks to papers is not healthy.

i think you will now be famous only because of this picture and nothing else you did in your life

(By ... an exstudent, Shuto)

Cryptographers Held an Election. They Can’t Decrypt the Results.

Look, ma, we are in the News www.nytimes.com/2025/11/21/w...

by ex-student (Hamid)

Publishing and communicating research in AI/ML is fundamentally broken Why researchers should care, and four proposals for how to fix it

While I can understand how some reviewers in cryptography research are frustrated with the process, I cannot imagine how bad it is in machine learning. ncfrey.substack.com/p/publishing...