Description
In this talk I will introduce a new kind of attack on cryptosystems which can be represented by an (unknown) low degree polynomial with tweakable public variables such as a plaintext or IV and fixed secret variables such as a key. Its complexity is exponential in the degree but only polynomial in the key size, and it was successfully applied to several concrete schemes. In particular, for Trivium with 672 initialization rounds, it reduces the complexity of the best known attack from a barely practical 2^{55} to a trivial 2^{19}, which can recover the full key in less than a second on a single PC.
Prochains exposés
-
Schéma de signature à clé publique : Frobénius-UOV
Orateur : Gilles Macario-Rat - Orange
L'exposé présente un schéma de signature à clé publique post-quantique inspiré du schéma UOV et introduisant un nouvel outil : les formes de Frobénius. L'accent est mis sur le rôle et les propriétés des formes de Frobénius dans ce nouveau schéma : la simplicité de description, la facilité de mise en oeuvre et le gain inédit sur les tailles de signature et de clé qui bat RSA-2048 au niveau de[…] -
Cryptanalysis of full BEANIE
Orateur : Xavier Bonnetain - Inria
BEANIE is a tweakable block cipher recently published at ToSC aiming for memory encryption of microcontroller units. In line with this goal, it handles small plaintexts of only 32 bits and has a low latency. In this paper, we propose the first third-party analysis of the two variants of BEANIE. By carefully leveraging structural properties of the cipher and taking advantage of its distinctive[…]-
Cryptography
-
Symmetrical primitive
-