522 results

  • Supersingular isogeny Diffie-Hellman

    • October 04, 2019

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Leonardo Colo - Univesité Aix-Marseille

    Supersingular isogeny graphs have been used in the Charles–Goren–Lauter cryptographic hash function and the supersingular isogeny Diffie–Hellman (SIDH) protocole of De\,Feo and Jao. A recently proposed alternative to SIDH is the commutative supersingular isogeny Diffie–Hellman (CSIDH) protocole, in which the isogeny graph is first restricted to $\FF_p$-rational curves $E$ and $\FF_p$-rational[…]

  • Cryptanalyse algébrique de DAGS

    • September 27, 2019

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Magali Bardet - université de Rouen

    Elise Barelli et Alain Couvreur ont présenté une attaque dévastatrice sur le cryptosystème DAGS soumis au 1er tour de la compétition du NIST autour d'algorithmes de cryptographie post-quantiques. Je présenterai une explication précise de la résolution par bases de Gröbner de leur modélisation algébrique, expliquant l'efficacité de l'attaque pour les paramètres de DAGS publiés au NIST.<br/> lien:[…]

  • Unifying Leakage Models on a Renyi Day

    • September 20, 2019

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Thomas Prest - PqShield

    In the last decade, several works have focused on finding the best way to model circuit leakage in order to obtain provably secure implementations. One of the most realistic models is the noisy leakage model, introduced in (Prouff, Rivain'13) and (Duc-Dziembowski-Faust'14) together with secure constructions. These works suffer from various limitations, in particular the use of ideal leak-free[…]

  • Cocks-Pinch curves of embedding degree five to eight and optimal ate pairing computation

    • June 21, 2019

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Simon Masson - Loria, Nancy

    Recent algorithmic improvements of discrete logarithm computation in special extension fields threaten the security of pairing-friendly curves used in practice. A possible answer to this delicate situation is to propose alternative curves that are immune to these attacks, without compromising the efficiency of the pairing computation too much. We follow this direction, and focus on embedding[…]

  • Improved Veron Identification and Signature Schemes in the Rank Metric

    • June 07, 2019

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Florian Caullery - Darkmatter

    Abstract—It is notably challenging to design an efficient and secure signature scheme based on error-correcting codes. An approach to build such signature schemes is to derive it from an identification protocol through the Fiat-Shamir transform.<br/> All such protocols based on codes must be run several rounds, since each run of the protocol allows a cheating probability of either 2/3 or 1/2. The[…]

  • Approx-SVP in Ideal Lattices with Pre-processing

    • May 24, 2019

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Alice Pellet-Mary - ENS de Lyon

    Finding a short non zero vector in an Euclidean lattice is a well-studied problem which has proven useful to construct many cryptographic primitives. The current best asymptotic algorithm to find a relatively short vector in an arbitrary lattice is the BKZ algorithm. This algorithm recovers a vector which is at most $2^{n^{\alpha}}$ times larger than the shortest non zero vector in time $2^{n^{1-[…]
Page top