Filtrer par type de contenu
Sélectionnez un ou plusieurs filtres. Ce choix permettra de recharger la page pour afficher les résultats filtrés.
722 résultats
-
-
Séminaire
-
Cryptographie
On Rejection Sampling in Lyubashevsky's Signature Scheme
Orateur : Julien Devevey - ENS de Lyon
Lyubashevsky’s signatures are based on the Fiat-Shamir with aborts paradigm, whose central ingredient is the use of rejection sampling to transform (secret-key-dependent) signature samples into samples from a secret-key-independent distribution. The choice of these two underly- ing distributions is part of the rejection sampling strategy, and various instantiations have been considered up to this[…] -
-
-
Séminaire
-
Cryptographie
Syndrome Decoding in the Head – Shorter Signatures from Zero-Knowledge proofs
Orateur : Thibauld Feneuil - CryptoExperts et Sorbonne Université
In this talk, I will present a new zero-knowledge proof of knowledge for the syndrome decoding (SD) problem on random linear codes. Instead of using permutations like most of the existing protocols, we rely on the MPC-in-the-head paradigm in which we reduce the task of proving the low Hamming weight of the SD solution to proving some relations between specific polynomials. Specifically, we propose[…] -
-
-
Séminaire
-
Cryptographie
Elliptic curves for SNARKs
Orateur : Youssef El Housni - LIX
At CANS’20, El Housni and Guillevic introduced a new 2-chain of pairing-friendly elliptic curves for recursive zero-knowledge Succinct Non-interactive ARguments of Knowledge (zk-SNARKs) made of the former BLS12-377 curve (a Barreto–Lynn–Scott curve over a 377- bit prime field) and the new BW6-761 curve (a Brezing–Weng curve of embedding degree 6 over a 761-bit prime field). First we generalise the[…] -
-
-
Séminaire
-
Cryptographie
New Representations of the AES Key Schedule
Orateur : Clara Pernot - INRIA Paris
In this talk we present a new representation of the AES key schedule, with some implications to the security of AES-based schemes. In particular, we show that the AES-128 key schedule can be split into four independent parallel computations operating on 32 bits chunks, up to linear transformation. Surprisingly, this property has not been described in the literature after more than 20 years of[…] -
-
-
Séminaire
-
Cryptographie
Comparing the difficulty of factorization and discrete logarithm: a 240-digit experiment
Orateur : Emmanuel Thomé - INRIA Nancy
We report on two new records: the factorization of RSA-240, a 795-bit number, and a discrete logarithm computation over a 795-bit prime field. Previous records were the factorization of RSA-768 in 2009 and a 768-bit discrete logarithm computation in 2016. Our two computations at the 795-bit level were done using the same hardware and software, and show that computing a discrete logarithm is not[…] -
-
-
Séminaire
-
Cryptographie
Soutenance de thèse: Autour de la sécurité des messageries instantanées: des solutions pour des applications multi-appareils et les communications de groupe.
Orateur : Céline Duguey - DGA-Rennes
Les applications de messagerie instantanée sécurisée, telles WhatsApp ou Signal, sont devenues incontournables pour nos communications quotidiennes.<br/> Elles apportent une sécurité caractérisée notamment par le chiffrement de bout en bout, la confidentialité persistante ou encore la sécurité après compromission. Mais ces propriétés sont généralement limitées aux communications deux à deux. L[…] -