511 results
-
On the (In)Security of IPsec in MAC-then-Encrypt Configurations.
Speaker : Jean Paul Degabriele - Royal Holloway, University of London
IPsec allows a huge amount of flexibility in the ways in which its component cryptographic mechanisms can be combined to build a secure communications service. This may be good for supporting different security requirements but is potentially bad for security. We demonstrate the reality of this by describing efficient, plaintext-recovering attacks against all configurations of IPsec in which[…] -
Towards Automatic Verification of Security Proofs for
Speaker : Marion Daubrignard - Verimag
Providing security proofs instead of arguing lack of existing relevant attacks is a quite new approach when it comes to cryptography. In the last thirty years, a lot of work has been done to formalize security of systems and prove of the achievement of security criteria. It has resulted in the design of a great number of proofs under various hypotheses. Though a step in the right direction, these[…] -
On Ideal Lattices and Learning with Errors Over Rings
Speaker : Vadim Lyubashevsky - ENS
The "learning with errors'' (LWE) problem is to distinguish random linear equations, which have been perturbed by a small amount of noise, from truly uniform ones. The problem has been shown to be as hard as worst-case lattice problems, and in recent years it has served as the foundation for a plethora of cryptographic applications. Unfortunately, these applications are rather[…] -
Utilisation des symétries pour la résolution du problème de
Speaker : Louise Huot - LIP6
Récemment Diem et Gaudry ont introduit indépendemment une méthode de résolution du DLP sur les courbes elliptiques définies sur un corps fini non premier K, de degré d'extension n > 1 sur le corps de base k. Cet algorithme repose sur le principe général du calcul d'indice. Une étape cruciale de cet algorithme nécessite de décomposer des points de la courbe E(K) selon une base de[…] -
Analysis of BKZ
Speaker : Xavier Pujol - ENS Lyon
Strong lattice reduction is the key element for most attacks against lattice-based cryptosystems. Between the strongest but impractical HKZ reduction and the weak but fast LLL reduction, there have been several attempts to find efficient trade-offs. Among them, the BKZ algorithm introduced by Schnorr and Euchner in 1991 seems to achieve the best time/quality compromise in practice. However, no[…] -
Cryptanalysis of FCSR-based stream ciphers
Speaker : Martin Hell - Lunds University
Feedback with carry shift registers (FCSRs) can be seen as an alternative to LFSRs in stream cipher designs. Since the state is nonlinearly updated, the stream cipher +can be made more resistant to certain attacks than if LFSRs are used. In this talk I will give an overview of FCSR-based stream ciphers and discuss potential +weaknesses. One particular weakness has been exploited to mount efficient[…]