Sommaire

  • Cet exposé a été présenté le 07 mars 2014.

Description

  • Orateur

    özgür Dagdelen - Darmstadt University

We initiate the study of a novel class of group-theoretic intractability problems. Inspired by the theory of learning in presence of errors [Regev, STOC'05] we ask if noise in the exponent amplifies intractability. We put forth the notion of Learning with Errors in the Exponent (LWEE) and rather surprisingly show that various attractive properties known to ex- clusively hold for lattices carry over. Most notably are worst-case hardness and post-quantum resistance. In fact, LWEE's "diprosopus" is due to the reducibility to two seemingly orthogonal assumptions: Learning with errors and the representation problem [Brands, Crypto'93]. For suitable parameter choices one obtains double-hard assumptions superposing properties from each individual assumption. The argument holds in the classical and quantum model of computation, and makes LWEE an appealing provisioner of strong security and robustness guarantees. We give the very first construction of a semantically secure public-key encryption system in the standard model. The heart of our construction is an "error recovery" technique to tame the crucial propagation of noise in the exponent which is of independent interest.

Prochains exposés

  • Wagner’s Algorithm Provably Runs in Subexponential Time for SIS^∞

    • 21 novembre 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Johanna Loyer - Inria Saclay

    At CRYPTO 2015, Kirchner and Fouque claimed that a carefully tuned variant of the Blum-Kalai-Wasserman (BKW) algorithm (JACM 2003) should solve the Learning with Errors problem (LWE) in slightly subexponential time for modulus q = poly(n) and narrow error distribution, when given enough LWE samples. Taking a modular view, one may regard BKW as a combination of Wagner’s algorithm (CRYPTO 2002), run[…]

    • Cryptography

  • CryptoVerif: a computationally-sound security protocol verifier

    • 28 novembre 2025 (13:45 - 14:45)

    • Batiment 32B salle 12

    Orateur : Bruno Blanchet - Inria

    CryptoVerif is a security protocol verifier sound in the computational model of cryptography. It produces proofs by sequences of games, like those done manually by cryptographers. It has an automatic proof strategy and can also be guided by the user. It provides a generic method for specifying security assumptions on many cryptographic primitives, and can prove secrecy, authentication, and[…]

    • Cryptography

  • Structured-Seed Local Pseudorandom Generators and their Applications

    • 05 décembre 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Nikolas Melissaris - IRIF

    We introduce structured‑seed local pseudorandom generators (SSL-PRGs), pseudorandom generators whose seed is drawn from an efficiently sampleable, structured distribution rather than uniformly. This seemingly modest relaxation turns out to capture many known applications of local PRGs, yet it can be realized from a broader family of hardness assumptions. Our main technical contribution is a[…]

    • Cryptography

  • Predicting Module-Lattice Reduction

    • 19 décembre 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Paola de Perthuis - CWI

    Is module-lattice reduction better than unstructured lattice reduction? This question was highlighted as `Q8' in the Kyber NIST standardization submission (Avanzi et al., 2021), as potentially affecting the concrete security of Kyber and other module-lattice-based schemes. Foundational works on module-lattice reduction (Lee, Pellet-Mary, Stehlé, and Wallet, ASIACRYPT 2019; Mukherjee and Stephens[…]

    • Cryptography

Voir les exposés passés
Haut de page