Recently, the synergy between artificial intelligence (AI) and security has gained increasing prominence and significance. This evolution naturally arises from the need to enhance security with greater efficiency. Among the many areas of security benefiting from AI's integration, cryptography stands as a notable field. We are already witnessing the application of AI techniques to address several problems in cryptography, such as enhancing defenses against implementation attacks and hardware Trojans, and investigating attacks on Physical Unclonable Functions (PUFs). Beyond AI's contributions to cryptography, it is also possible to identify the use of cryptography to solve security and privacy issues in AI systems as an emerging and pivotal subject. The mounting frequency of AI system attacks urges us to explore potential research avenues involving cryptographic strategies to counteract these threats. Our objective is to convene experts from both academic and industrial backgrounds, each contributing to diverse facets of cryptography and AI, to facilitate knowledge exchange and foster collaborative efforts. Of particular interest is the exploration of the transferability of techniques across different cryptographic applications and the strengthening of AI security mechanisms. Furthermore, we will delve into recent developments, including those stemming from previous AICrypt events, to provide insights into the evolving landscape of this field.
Download the Call for Papers
Authors interested to give a contributed talk in this workshop are invited to submit an extended abstract of at most 2 pages (excluding references) using Easychair.
The topics of the workshop encompass all aspects concerning the intersection of AI and cryptography, including but not limited to:
We encourage researchers working on all aspects of AI and cryptography to take the opportunity and use AICrypt to share their work and participate in discussions. The authors are invited to submit an extended abstract using the EasyChair submission system.
Submitted abstracts for contributed talks will be reviewed by the workshop organizers for suitability and interest to the AICrypt audience. There are no formal proceedings published in this workshop, thus authors can submit extended abstracts related to works submitted or recently published in other venues, or work in progress that they plan to submit elsewhere.
The authors of accepted papers will be invited to submit an extended version of paper to appear (after a new round of reviewing) in a post-proceedings volume to be published by Springer.
Every accepted submission must have at least one author registered for the workshop. All submitted abstracts must follow the original LNCS format with a page limit of up to 2 pages (excluding references). The abstracts should be submitted electronically in PDF format.
EXTENDED submission deadline!
Abstract submission deadline: APR 15, 2024
previously APR 5, 2024
Notification to authors: APR 19, 2024
Workshop date: May 26, 2024
Workshop registration goes through the Eurocrypt registration process. Check this page for further information.
COSIC, KU Leuven, Belgium
Weizmann Institute of Science, Rehovot, Israel
In this talk I will describe how to plant novel types of backdoors in any facial recognition model based on the popular architecture of deep Siamese neural networks, by mathematically changing a small fraction of its weights (i.e., without using any additional training or optimization). These backdoors force the system to err only on specific persons which are preselected by the attacker. For example, we show how such a backdoored system can take any two images of a particular person and decide that they represent different persons (an anonymity attack), or take any two images of a particular pair of persons and decide that they represent the same person (a confusion attack), with almost no effect on the correctness of its decisions for other persons. Uniquely, we show that multiple backdoors can be independently installed by multiple attackers who may not be aware of each other's existence with almost no interference.
Joint work with Irad Zehavi and Roee Nitzan.
Adi Shamir is an Israeli cryptographer and inventor. He is a co-inventor of the Rivest–Shamir–Adleman (RSA) algorithm (along with Ron Rivest and Len Adleman), a co-inventor of the Feige–Fiat–Shamir identification scheme (along with Uriel Feige and Amos Fiat), one of the inventors of differential cryptanalysis and has made numerous contributions to the fields of cryptography and computer science. In 2002, he won the Turing Award, together with Rivest and Adleman, in recognition of his contributions to cryptography. He now works at the faculty of Mathematics and Computer Science at the Weizmann Institute of Science.
Google & Columbia University, New York, USA
TBA