599 results
-
On Ideal Lattices and Learning with Errors Over Rings
Speaker : Vadim Lyubashevsky - ENS
The "learning with errors'' (LWE) problem is to distinguish random linear equations, which have been perturbed by a small amount of noise, from truly uniform ones. The problem has been shown to be as hard as worst-case lattice problems, and in recent years it has served as the foundation for a plethora of cryptographic applications. Unfortunately, these applications are rather[…] -
Utilisation des symétries pour la résolution du problème de
Speaker : Louise Huot - LIP6
Récemment Diem et Gaudry ont introduit indépendemment une méthode de résolution du DLP sur les courbes elliptiques définies sur un corps fini non premier K, de degré d'extension n > 1 sur le corps de base k. Cet algorithme repose sur le principe général du calcul d'indice. Une étape cruciale de cet algorithme nécessite de décomposer des points de la courbe E(K) selon une base de[…] -
Analysis of BKZ
Speaker : Xavier Pujol - ENS Lyon
Strong lattice reduction is the key element for most attacks against lattice-based cryptosystems. Between the strongest but impractical HKZ reduction and the weak but fast LLL reduction, there have been several attempts to find efficient trade-offs. Among them, the BKZ algorithm introduced by Schnorr and Euchner in 1991 seems to achieve the best time/quality compromise in practice. However, no[…] -
Cryptanalysis of FCSR-based stream ciphers
Speaker : Martin Hell - Lunds University
Feedback with carry shift registers (FCSRs) can be seen as an alternative to LFSRs in stream cipher designs. Since the state is nonlinearly updated, the stream cipher +can be made more resistant to certain attacks than if LFSRs are used. In this talk I will give an overview of FCSR-based stream ciphers and discuss potential +weaknesses. One particular weakness has been exploited to mount efficient[…] -
L1 a new quasi-linear LLL algorithm
Speaker : Andy Novocin - ENS Lyon
The LLL lattice reduction algorithm of 1982 has proven to be useful in a wide variety of fields. It can be used to approximately solve computationally difficult lattice-based problems, such as the shortest vector problem, in polynomial time. We present a new algorithm for lattice reduction which is the first algorithm to have a complexity bound which is both polynomial and quasi-linear bound in[…] -
Cryptographic Approach to Private Social Clouds
Speaker : Marc Manulis - Technische Universität Darmstadt
Users increasingly rely on the ``social cloud'' for storing and sharing personal information, for establishing new contacts, and for interacting with their friends and colleagues. Even though social media platforms may differ in the target audience, in the nature of collected and disseminated information, and in services offered to the users, there are several building blocks that enable[…]