599 résultats
-
Learning With Errors and Extrapolated Dihedral Cosets Problem
Orateur : Weiqiang Wen - ENS de Lyon
The hardness of the learning with errors (LWE) problem is one of the most fruitful resources of modern cryptography. In particular, it is one of the most prominent candidates for secure post-quantum cryptography. Understanding its quantum complexity is therefore an important goal. We show that under quantum polynomial time reductions, LWE is equivalent to a relaxed version of the dihedral coset[…] -
Horizontal isogeny graphs of ordinary abelian varieties and the discrete logarithm problem
Orateur : Benjamin WESOLOWSKI - École Polytechnique Federale de Lausanne
An isogeny graph is a graph whose vertices are abelian varieties (typically elliptic curves, or Jacobians of genus 2 hyperelliptic curves) and whose edges are isogenies between them. Such a graph is "horizontal" if all the abelian varieties have the same endomorphism ring. We study the connectivity and the expander properties of these graphs. We use these results, together with a recent[…] -
When Good Components Go Bad: Formally Secure CompilationDespite Dynamic Compromise
Orateur : Catalin Hritcu (Inria Paris)
We propose a new formal criterion for secure compilation, providing strong end-to-end security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion is the first to model dynamic compromise in a system of mutually distrustful components running with least privilege. Each component is protected from all the others until it becomes[…] -
Breaking and fixing HB+DB: A Short Tale of Provable vs Experimental Security and Lightweight Designs
Orateur : Ioana Boureanu (University of Surrey)
HB+ is a well-know authentication scheme purposely designed to be lightweight. However, HB+ is vulnerable to a key-recovery, man-in-the-middle (MiM) attack dubbed GRS. To this end, at WiSec2015, the HB+DB protocol added a distance-bounding dimension to HB+, which was experimentally shown to counteract the GRS attack.In this talk, we will exhibit however a number of security flaws in the HB+DB[…] -
Protocoles de PIR fondés sur des designs transversaux
Orateur : julien lavauzelle - INRIA X
Les protocoles de PIR (Private Information Retrieval) permettent à un utilisateur de récupérer des entrées d'une base de donnée externalisée, sans révéler d'information sur les entrées désirées. Si plusieurs serveurs sont utilisés pour le stockage, et s'ils ne coopèrent pas, une confidentialité inconditionnelle peut être atteinte grâce à des encodages spécifiques de la base de[…] -
Short McEliece key from algebraic geometry codes with automorphism
Orateur : elise barelli - INRIA Saclay
In 1978, McEliece introduced a public key encryption scheme based on linear codes and suggested to use classical Goppa codes, ie: subfield subcodes of algebraic geometric (AG) codes built on a curve of genus 0. This proposition remains secure and in order to have a generalization of classical Goppa codes, in 1996, H. Janwa and O. Moreno suggested to use subfield subcode of AG codes, which we call[…]