Matthias J.
Kannwischer

Info

I'm a postdoc at the Institute of Information Science of Academia Sinica, Taipei, Taiwan.
Before that, I was at the Max Planck Institute for Security and Privacy, Bochum, Germany.
Before that, I was at the Digital Security group at Radboud University, Nijmegen, The Netherlands.
Before that, I was at the University of Surrey, Guildford, United Kingdom.

In 2022, I obtained my PhD from Radboud University, Nijmegen, The Netherlands under the supervision of Peter Schwabe and Bo-Yin Yang. My dissertation on Polynomial Multiplication for Post-Quantum Cryptography is available here.
In 2017, I obtained my MSc in IT Security from TU Darmstadt under the supervision of Juliane Krämer and Denis Butin. My master thesis is available here.

I'm part of the UOV and MAYO teams working on submissions to the NIST PQC digital signature on-ramp. I have also been co-submitter of the Rainbow (RIP) signature scheme which was a finalist in the NIST PQC project.

Research Interests

• Post-Quantum Cryptography
• Efficient implementation
• Side-channel and fault attacks

Publications

• Indocrypt'22Hybrid scalar/vector implementations of Keccak and SPHINCS+ on AArch64, Hanno Becker, and Matthias J. Kannwischer, Indocrypt 2022
  [paper|preprint20220919|code|slides]
• IWSEC'22Efficient Multiplication of Somewhat Small Integers using Number-Theoretic Transforms, Hanno Becker, Vincent Hwang, Matthias J. Kannwischer, Lorenz Panny, and Bo-Yin Yang, IWSEC 2022 (Best Paper Award)
  [paper|preprint20220406|slides]
• SSR'22Improving Software Quality in Cryptography Standardization Projects, Matthias J. Kannwischer, Peter Schwabe, Douglas Stebila, and Thom Wiggers, Security Standardisation Research Conference 2022
  [paper|preprint20220314|code|slides]
• ACNS'22Faster Kyber and Dilithium on the Cortex-M4, Amin Abdulrahman, Vincent Hwang, Matthias J. Kannwischer, and Amber Sprenkels, ACNS 2022
  [paper|preprint20220131|code]
• TCHES'22Neon NTT: Faster Dilithium, Kyber, and Saber on Cortex-A72 and Apple M1, Hanno Becker, Vincent Hwang, Matthias J. Kannwischer, Bo-Yin Yang, and Shang-Yi Yang, IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) 2022 Issue 1
  [paper|preprint20210726|code]
• TCHES'22Multi-moduli NTTs for Saber on Cortex-M3 and Cortex-M4, Amin Abdulrahman, Jiun-Peng Chen, Yu-Jia Chen, Vincent Hwang, Matthias J. Kannwischer, Bo-Yin Yang, IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) 2022 Issue 1
  [paper|preprint20210725|code]
• PQCrypto'21Verifying Post-Quantum Signatures in 8 KiB of RAM, Ruben Gonzalez, Andreas Hülsing, Matthias J. Kannwischer, Juliane Krämer, Tanja Lange, Marc Stöttinger, Elisabeth Waitz, Thom Wiggers, and Bo-Yin Yang, PQCrypto 2021
  [paper|code]
• TCHES'21Rainbow on Cortex-M4, Tung Chou, Matthias J. Kannwischer, and Bo-Yin Yang, IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) 2021 Issue 4
  [paper|preprint20210421|code|shortslides|longslides|talk]
• TCHES'21 NTT Multiplication for NTT-unfriendly Rings, Chi-Ming Marvin Chung, Vincent Hwang, Matthias J. Kannwischer, Gregor Seiler, Cheng-Jhih Shih, Bo-Yin Yang, IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) 2021 Issue 2 (Best Artifact Award)
  [paper|preprint20201110|code|slides|talk]
• TCHES'21 Compact Dilithium Implementations on Cortex-M3 and Cortex-M4, Denisa O. C. Greconici, Matthias J. Kannwischer, Amber Sprenkels, IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) 2021 Issue 1
  [paper|code|slides|talk|poster]
• FDTC'20 Trouble at the CSIDH: Protecting CSIDH with Dummy-Operations against Fault Injection Attacks, Fabio Campos, Matthias J. Kannwischer, Michael Meyer, Hiroshi Onuki, and Marc Stöttinger, FDTC 2020
  [paper|code|slides|talk]
• TCHES'20 Single-Trace Attacks on Keccak, Matthias J. Kannwischer, Peter Pessl, and Robert Primas, IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) 2020 Issue 3
  [paper|code|slides|talk]
• Africacrypt'19 Memory-Efficient High-Speed Implementation of Kyber on Cortex-M4, Leon Botros, Matthias J. Kannwischer, and Peter Schwabe, Africacrypt 2019
  [paper|slides|code]
• ACNS'19 Faster multiplication in ℤ_2^m[x] on Cortex-M4 to speed up NIST PQC candidates, Matthias J. Kannwischer, Joost Rijneveld, and Peter Schwabe, ACNS 2019 (Best Student Paper Award)
  [paper|preprint20181019|slides|code]
• COSADE'18 Differential Power Analysis of XMSS and SPHINCS, Matthias J. Kannwischer, Aymeric Genêt, Denis Butin, Juliane Krämer, and Johannes Buchmann, COSADE 2018: 168-188
  [paper|slides]

Preprints and Technical Reports

• Jan 2023Oil and Vinegar: Modern Parameters and Implementations, Ward Beullens, Ming-Shing Chen, Shih-Hao Hung, Matthias J. Kannwischer, Bo-Yuan Peng, Cheng-Jhih Shih, and Bo-Yin Yang
  [paper|code]
• Jan 2022First-Order Masked Kyber on ARM Cortex-M4, Daniel Heinz, Matthias J. Kannwischer, Georg Land, Thomas Pöppelmann, Peter Schwabe, and Amber Sprenkels
  [paper|code]
• 2020Rainbow - 3rd Round Submission, Jintai Ding, Ming-Shing Chen, Matthias J. Kannwischer, Jacques Patarin, Albrecht Petzoldt, Dieter Schmidt, and Bo-Yin Yang
  [spec|code]
• NISTPQC'19 pqm4: Testing and Benchmarking NISTPQC on ARM Cortex-M4, Matthias J. Kannwischer, Joost Rijneveld, Peter Schwabe, and Ko Stoffelen, Second NIST PQC Standardization Conference
  [paper|slides|code]
• Kangacrypt'18 Practical Fault Injection Attacks on SPHINCS, Aymeric Genêt, Matthias J. Kannwischer, Hervé Pelletier, and Andrew McLauchlan, Kangacrypt 2018
  [paper|preprint20180710|slides]

Software

• PQClean Clean implementations of NISTPQC candidates [code]
• pqm4 Testing and benchmarking framework for PQC on the ARM Cortex-M4 [code]

Reviewing

• 2023 Editorial board of the IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) 2023
• Rump Session Co-Chair at Asiacrypt 2022 together with Ngoc Khanh Nguyen
• Reviewer for IEEE Symposium on Security and Privacy 2023
• 2022 Artifact review committee for IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) 2022
• Program committee for PQCifris 2022
• Reviewer for TCHES 2022, IEEE Transactions on Circuits and Systems I (TCAS1), IEEE Transactions on Computers (TC), SCN 2022, ACM Transactions on Privacy and Security (TOPS), Journal of Cryptographic Engineering (JCEN), and CANS 2022
• 2021 Reviewer for TCHES 2021 and ACNS 2021
• 2020 Reviewer for AsiaCCS 2020, IEEE Transactions on Circuits and Systems I (TCAS1), and SPACE 2020
• 2019 Reviewer for EuroS&P 2019, CARDIS 2019, and IEEE Transactions on Circuits and Systems I (TCAS1)
• 2018 Reviewer for ESORICS 2018, Kangacrypt 2018, and Indocrypt 2018

Talks and Posters

• 15 Dec 2022 Hybrid scalar/vector implementations of Keccak and SPHINCS+ on AArch64 PQC Seminar, Academia Sinica, Taipei, Taiwan [slides]
• 12 Dec 2022 Tutorial: Implementing Kyber and Dilithium SPACE 2022, Jaipur, India (Invited Talk) [slides]
• 12 Dec 2022 Hybrid scalar/vector implementations of Keccak and SPHINCS+ on AArch64 Indocrypt 2022, Kolkata, India [slides]
• 05 Dec 2022 Implementing the NIST PQC standards on microcontrollers PQC Standardization & Migration Workshop, Asiacrypt 2022, Taipei, Taiwan (Invited Talk) [slides]
• 01 Dec 2022 Implementing Kyber and Dilithium ICISC 2022, Seoul, Korea (Invited Talk) [slides]
• 14 Sep 2022 Efficient Multiplication of Somewhat Small Integers using Number-Theoretic Transforms University of Bristol Crypto Seminar, Bristol, UK [slides]
• 31 Aug 2022 Efficient Multiplication of Somewhat Small Integers using Number-Theoretic Transforms IWSEC 2022, Tokyo, Japan [slides]
  Joint talk with Lorenz Panny
• 15 Jul 2022 Implementations of Lattice-based Cryptography Postquantum Crypto Minischool, Taipei, Taiwan [slides]
• 06 Jun 2022 Improving Software Quality in Cryptography Standardization Projects Security Standardisation Research Conference 2022, Genoa, Italy [slides]
• 18 May 2022 Intro to Lattice-based Cryptography - Part 2: Signatures and Implementations RheinMain University of Applied Sciences, Wiesbaden, Germany [slides]
• 11 May 2022 Intro to Lattice-based Cryptography - Part 1: Key Encapsulation Mechanisms RheinMain University of Applied Sciences, Wiesbaden, Germany [slides]
• 04 Apr 2022 PhD Defense: Polynomial Multiplication for Post-Quantum Cryptography, Radboud University, The Netherlands, Nijmegen [slides|thesis]
• 11 Mar 2022 Introduction to Arm Cortex-M4 and Arm Neon, National Taiwan University, Taipei, Taiwan [slides]
• 01 Feb 2022 PQM4 and Lattice Crypto on Cortex-M4, Post-Quantum Cryptography for Embedded Systems 2022, Lorentz Center (Online) [slides]

---

• 05 Nov 2021 Lattice-based Cryptography on Microcontrollers, University of Bristol Crypto Seminar, Bristol, UK (Online) [slides]
• 11 Oct 2021 PQM4: NIST PQC Round 3 Results on the Cortex-M4, PQC Migration & Agility Forum, VMware Research [slides]
• 17 Sep 2021 Rainbow on Cortex-M4, CHES 2021 [longslides|shortslides]
• 07 Jun 2021 pqm4: NISTPQC Round 3 Results on the Cortex-M4, Third PQC Standardization Conference [slides]
• 07 Jun 2021 Rainbow on Cortex-M4, Third PQC Standardization Conference [slides]
• 16 Apr 2021 Introduction to Cortex-{M4,A7,A53,A72}, National Taiwan University, Taipei, Taiwan [slides]
• 27 Jan 2021 Post-Quantum Cryptography, NATO LCMG Workshop [slides]

---

• 11 May 2020 An Introduction to the Cortex-M4, Academia Sinica, Taipei, Taiwan [slides]

---

• 27 Sep 2019 Embedded Post-Quantum Crypto: pqm4 and Kyber on Cortex-M4, DS Lunch Colloquium, Radboud University, Nijmegen, The Netherlands [slides]
• 24 Aug 2019 pqm4: Testing and Benchmarking NISTPQC on ARM Cortex-M4, Second PQC Standardization Conference, Santa Barbara, USA [slides]
• 10 Jul 2019 Memory-Efficient High-Speed Implementation of Kyber on Cortex-M4, Africacrypt 2019, Rabat, Morocco [slides]
• 06 Jun 2019 Faster multiplication in ℤ_2^m[x] on Cortex-M4 to speed up NIST PQC candidates, ACNS 2019, Bogota, Colombia [slides]
• 02 May 2019 pqm4: Benchmarking PQC on the Cortex-M4, NIST, Gaithersburg, USA [slides]
• 14/15 Mar 2019 Introduction to Post-Quantum Cryptography, DHBW Stuttgart, Stuttgart, Germany [slides|handoutslides]
• 07 Jan 2019 Faster multiplication in ℤ_2^m[x] on Cortex-M4 to speed up NIST PQC candidates, Cryptography Research Inc., San Francisco, USA [slides]

---

• 15 Nov 2018 Building and Breaking Post-Quantum Cryptography, RheinMain University of Applied Sciences, Wiesbaden, Germany [slides|handoutslides]
• 09 Nov 2018 Faster multiplication in ℤ_2^m[x] on Cortex-M4 to speed up NIST PQC candidates, Crypto Working Group, Utrecht, The Netherlands [slides]
• 03 Sep 2018 Fast Ideal Lattice-Based KEMs on ARM Cortex-M4, School on Security & Correctness in the Internet of Things 2018 - PhD Forum, Graz, Austria [slides]
• 06 Jun 2018Breaking Lattice-Based Signatures Using Fault Injection, Surrey Centre for Cyber Security, Guildford, United Kingdom
• 24 Apr 2018Differential Power Analysis of XMSS and SPHINCS, 9th International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE), Singapore [paper|slides]
• 16 Apr 2018Differential Power Analysis of XMSS and SPHINCS, CRYPTACUS Training School - PhD Session, Ponta Delgada, Azores, Portugal [poster|pitch slides|extended abstract]
• 27 Mar 2018Differential Power Analysis and Fault Attacks on Hash-Based Signature Schemes, Radboud University, Nijmegen, The Netherlands [slides]
• 16 Mar 2018 Differential Power Analysis of XMSS and SPHINCS, DS lunch colloquium, Radboud University, Nijmegen, The Netherlands [slides]
• 16 Feb 2018NIST PQC, Secure Systems Reading Group, Surrey Centre for Cyber Security, Guildford, United Kingdom
• 25 Jan 2018 Practical Post-Quantum Cryptography for Trusted Computing, Workshop on Trusted Computing and its Applications (TCA), Surrey Centre for Cyber Security, Guildford, United Kingdom [slides]

---

• 15 Dec 2017 Practical Lattice-Based Cryptography and Kyber - a CCA-secure KEM, Secure Systems Reading Group, Surrey Centre for Cyber Security, Guildford, United Kingdom
• 21 Sep 2017 Physical Attack Vulnerability of Hash-Based Signature Schemes, CDC Oberseminar, TU Darmstadt, Germany

Teaching

• 2022 Joint lecture on Post-Quantum Cryptography with Gustavo Banegas, Fabio Campos, Michael Meyer und Steffen Reith at RheinMain University of Applied Sciences
  • Intro to Lattice-based Cryptography - Part 1: Key Encapsulation Mechanisms [slides]
  • Intro to Lattice-based Cryptography - Part 2: Signatures and Implementations [slides]
  • More info and the other parts
• Guest lecture on Arm Cortex-M4 and Arm Neon at National Taiwan University, Taipei, Taiwan [slides]

---

• 2021 Guest lecture on Cortex-{M4,A7,A53,A72} at National Taiwan University, Taipei, Taiwan [slides]
• Bachelor thesis co-supervision: Amin Abdulrahman
• Master thesis co-supervision: Jasper Haasdijk

---

• 2020 Teaching assistant for NWI-IMC039: Cryptographic Engineering taught by Lejla Batina and Peter Schwabe
  • Slides of the lecture An introduction to the Cortex M4 are available on the course website.
  • Sample code for the tutorial on How to find timing leaks in cryptographic software is available here.

---

• 2019 Teaching assistant for NWI-IPC021: Security taught by Joan Daemen and Zekeriya Erkin
• Teaching assistant for NWI-IMC039: Cryptographic Engineering taught by Lejla Batina and Peter Schwabe
• Guest lecture on Post-Quantum Cryptography at DHBW Stuttgart

---

• 2018 Teaching assistant for NWI-IPC021: Security taught by Bart Jacobs and Joan Daemen
• Guest lecture on Post-Quantum Cryptography at RheinMain University of Applied Sciences
• Teaching assistant for COMM036: Multimedia Security and Digital Forensics taught by Kaitai Liang

---

• 2017 Teaching assistant for COMM037: Information Security Managament taught by David Williams
• Bachelor thesis supervision: Felix Schabernack