Arrival

• All participants arrive to Tromsø on Sunday, October 5.
• On Monday, October 6, we meet at 8:45am in front of the city library and jointly take a bus to the conference venue in Skibotn.

Schedule

Time	Monday	Tuesday	Wednesday	Thursday	Friday
08:00 — 09:00		Breakfast	Breakfast	Breakfast	Breakfast
09:00 — 10:30	Arrival	Maji 2	Free time	Contributed talks + India–Norway visit	Maji 4
10:30 — 11:30		Exercises			Wrap-up
11:30 — 12:30	Lunch	Lunch	Lunch	Lunch	Lunch
12:30 — 14:00	Li 1	Romashchenko 1	Li 3	Romashchenko 3	Departure
14:00 — 14:30	Coffee	Coffee	Coffee	Coffee
14:30 — 16:00	Li 2	Romashchenko 2	Li 4	Romashchenko 4
16:00 — 17:30	Dinner	Dinner	Dinner	Dinner
17:30 — 19:00	Maji 1	Exercises	Maji 3	Exercises

• The Free time slot is variable. If there is good weather, we will seize the opportunity and go outside.

The Fall School consists of three lecture series and associated exercise sessions.

The roadmap from polynomials to quantum-safe cryptosystems

• Speaker: Chunlei Li (University of Bergen, Norway)

• Abstract: NIST in 2017 announced their post-quantum cryptography standardisation process to combat potential threats from powerful quantum computers to today’s number-theoretic techniques, like RSA and DLP, that have been used as one of the pillars for today’s Internet security. In April 2025, NIST completed their evaluation of all submissions in the last round and chose the scheme Hamming Quasi-Cyclic (HQC) as the code-based solution to protect key exchange in secure communication in the post-quantum age.

  The HQC was designed based a difficult problem related to quasi-cyclic codes, and its efficient decryption relies on Reed-Muller codes and Reed-Solomon codes. All these codes are classic algebraic codes heavily relying on basic algebraic structures, including finite fields, rings, polynomial evaluation and interpolation, etc.

  In this series of lectures, I will provide a gentle introduction to all closely relevant subjects involved in HQC, and explain how those basic ingredients in algebra were crafted together into the final design of HQC Key-Encapsulation Mechanism. The series is divided into four lectures:

  1. Quasi-cyclic codes over finite fields
  2. Reed-Solomon codes and their decoding
  3. Reed-Muller codes and their decoding
  4. A Gentle Introduction to the HQC KEM

• Exercises: Set 1, Set 2.

Lamination hulls and secure computation

• Speaker: Hemanta Maji (Purdue, USA)

• Abstract: We discuss four recent papers which link lamination hulls in convex geometry to the design of optimal cryptographic protocols. The series is divided into four lectures:

  1. Lamination Hull: Introduction
  2. Solving Systems of Linear Inequalities over Convex Sets
  3. Computing Lamination Hulls
  4. Secure Computation using Lamination Hulls

• References:

  1. S. Basu, H. Khorasgani, H. Maji, H. Nguyen: Geometry of Secure Two-party Computation
  2. S. Basu, H. Khorasgani, H. Maji, H. Nguyen: Randomized Functions with High Round Complexity
  3. S. Basu, H. Khorasgani, H. Maji, H. Nguyen: Solving Linear Inequalities over Convex Sets & its Applications to Cryptography and Hydrodynamics
  4. C. Meroni, B. Raiţă: Semialgebric rank-one convex hulls: 2x2 triangular matrices and beyond

• Exercises:

  1. Prove the properties of set operations and solutions to inequality systems we discussed in the lecure. Propositions 1—4 and Lemma C.1 in Solving Linear Inequalities over Convex Sets.
  2. Prove Propositions 7–10 in Appendix G of Solving Linear Inequalities over Convex sets. Also read Example 5.3 in Meroni–Raiţă.

Different perspectives on the notion of information: their interactions and applications

• Speaker: Andrei Romashchenko (LIRMM, France)

• Abstract: In mathematics and theoretical computer science, there are several ways to formalize our intuitive notion of the “amount of information.” We will briefly discuss two classical approaches to this problem — Shannon entropy and Kolmogorov complexity — and explore some fundamental information inequalities. We then examine how information measures relate to communication complexity: how much information must be exchanged between remote parties to jointly solve a task (such as computing a function or sampling from a distribution). Finally, we look at applications of information-theoretic techniques in cryptography with unconditional security, such as secret sharing and key agreement. The series is divided into two sessions:

  1. Session 1 + Supplementary material
  2. Session 2

• Exercises: Set 1, Set 2.

Contributed talks

• Title: Covering spiky annuli by planks

• Speaker: Julian Huddell

• Abstract: Answering Tarski’s plank problem, Bang showed in 1951 that it is impossible to cover a convex body K by planks whose total width is less than the minimal width of K. In 2003, A. Bezdek asked whether the same statement holds if one is required to cover only the annulus obtained from K by removing a homothetic copy contained within. He showed that if K is the unit square, then saving width in a plank covering is not possible, provided that the homothety factor is sufficiently small. White and Wisewell in 2006 characterized polygons that possess this property. We generalize the constructive part of their classification to a class of convex bodies which are not polytopes. This is joint work with Gergely Ambrus, Maggie Lai, Matthew Quirk, and Elias Williams.

Fall school on Geometry in Cryptography and Communication | UiT The Arctic University of Norway | 2025 | Contact: tobias.a.boege@uit.no