Ontario Cryptography Day aims to bring together the cryptography community in Ontario for a day of research talks and discussions. We hope to establish a recurring event rotating through universities in Ontario, Canada.

The event is open to academic, industry, and public sector researchers and practitioners in cryptography, but registration is required.

Friday, June 5, 2026

9:40am–4:30pm

McMaster University

CIBC Hall

Registration

Registration is now closed

Program

09:40–10:00 Registration
10:00–10:45 Sam Jaques, University of Waterloo.
Sharing Seriously Short Shamir Secrets Safely
Abstract While computers easily handle cryptographic key material all the time, real people (even experts) are notoriously bad at this. Threshold cryptography promises to help, by sharing cryptographic keys among multiple people and/or devices. Even if you drop your phone in the ocean or your laptop gets hacked, your keys should remain both safe and available for signing, decryption, or whatever else you need. A particular problem here is distributed generation of the secret key, such that no participant knows the full key at any time. Good techniques exist for discrete log keys, which are uniformly random, but keys for lattice-based schemes must be short. In this talk I will explain the nuances of this problem, previous approaches, and our solution: the structure of zero-knowledge proofs, multi-party computation, and lattices turn out to work together extremely well, allowing us to generate secret vectors smaller than any other scheme permits. This is joint work with Chelsea Komlo and Yijie Zhao.
10:45–11:15 Coffee break
11:15–12:15 Invited keynote: Rowen Shane, Freedom of the Press Foundation.
SecureDrop Protocol: Lessons Learned From a Decade of Deployment
Abstract Confidential sources are vital for investigative journalism, but the digital age makes it difficult for would-be sources to remain anonymous. How are privacy-preserving communications tools used in a whistleblowing context, and what challenges do these tools face during the transition to quantum-safe encryption?

This talk presents SecureDrop Protocol, a redesigned version of Freedom of the Press Foundation’s open-source whistleblowing platform SecureDrop that seeks to improve on both the security model and deployability of the system’s existing design. We discuss the redesign’s motivations and constraints, some of which preclude the use of existing protocols such as Signal and MLS, and present the most recent core library specification, designed in collaboration with ETH Zurich, formally modelled using Tamarin, and analyzed using a combination of formal and game-based proofs. We also touch on: ongoing pre-deployment research topics; IETF standards; cryptographic hot potatoes; the challenge and ethics of requirements-gathering with at-risk users; and what happens when your model explodes the Tamarin prover. A portion of this talk was recently presented at RWC2026.
12:15–13:45 Lunch
13:45–14:30 Leonardo Colò, University of Waterloo.
Zero-Knowledge Proofs of Isogeny Diamonds
Abstract Commutative diagrams of isogenies between supersingular elliptic curves, which we call isogeny diamonds, have become fundamental to isogeny-based cryptography for both constructive and cryptanalytic purposes. In parallel, proofs of knowledge of isogenies have been widely studied and have found many applications. In this work, we combine these two directions and introduce zero-knowledge proofs of isogeny diamonds, namely, proofs of knowledge of isogenies together with the fact that they form a commutative diagram. We present three constructions in two settings. The first, which we call the Windmill-ZKP, assumes that the prover knows only two parallel isogenies in the diamond which is relevant for multi-party computation of M-SIDH. The other two, Cube-ZKP and Kani-ZKP, assume that the prover knows all four isogenies.
14:30–15:15 Liang Xue, York University.
Robust and Trustworthy Harmful Media Detection in End-to-End Encrypted Communication
Abstract Private Hash Matching (PHM) enables harmful media detection in End-to-End Encrypted (E2EE) communication by comparing user media hashes with a server-side set of known harmful hashes, without exposing the server’s hash set or revealing unmatched user media. However, existing PHM schemes often fail to detect slightly modified media, lack efficient dynamic updates, and provide limited verifiability, which weakens transparency and public trust. In this talk, I will present VeriFPHM, a verifiable fuzzy PHM scheme for robust and trustworthy harmful content moderation. VeriFPHM uses multivariate polynomial commitments and adaptive Merkle trees to support batch verification of hash-set integrity and consistency. To enable efficient updates, it maps index-tree subtrees to Cuckoo hash buckets, allowing partial-tree updates instead of full reconstruction. To prevent over-censorship and maintain detection efficiency, we design a two-step fuzzy matching protocol. Specifically, coarse-grained matching filters out benign media using enhanced index trees with efficient bucket access, followed by distance-aware fine-grained matching using a lightweight Learning with Parity Noise (LPN)-based Vector Oblivious Linear Evaluation (VOLE) protocol. Security analysis confirms that VeriFPHM preserves the privacy of both user content and the server-side hash set. Experiments demonstrate up to 100x faster certification and significantly improved update performance, while maintaining high detection accuracy compared with state-of-the-art schemes.
15:15–15:45 Coffee break
15:45–16:30 Ziyang Jin, University of Toronto.
Non-Interactive Secure Computation with Constant Communication Overhead
Abstract We study the communication complexity of non-interactive secure computation (NISC) protocols with security against malicious adversaries. We give a general NISC protocol for any two-party function computed by a Boolean circuit C using only O(|C|λ) bits of communication, where λ is an exact security parameter. This protocol is unconditionally secure in the random oracle model, assuming a standard random OT correlations setup. Compared to Yao's semi-honest protocol, our protocol incurs only a constant communication overhead and achieves security against malicious parties with no additional interaction. Prior works achieved such constant overhead by either using a larger number of rounds or more structured correlations.

Travel

CIBC Hall: located on the 3rd floor of the MUSC building. The closest parking lots to MUSC are Parking Lot B and Parking Lot C.

Public transport: The McMaster bus terminal, located between Mary E. Keyes Residence and H. G. Thode Library, is used exclusively by GO Transit. Hamilton Street Railway (HSR) provides connecting routes with nearby stops. Additional services, including FlixBus, as well as dedicated McMaster shuttle buses, are also available.

Map

Organizers

For more information, please email jake.doliskani@mcmaster.ca.