Sommaire

  • Cet exposé a été présenté le 07 mars 2025 (13:45 - 14:45).

Description

  • Orateur

    Agathe Beaugrand - Institut de Mathématiques de Bordeaux

The CL encryption scheme, proposed in 2015 by Castagnos and Laguillaumie, is a linearly homomorphic encryption scheme, based on class groups of imaginary quadratic fields. The specificity of these groups is that their order is hard to compute, which means it can be considered unknown. This particularity, while being key in the security of the scheme, brings technical challenges in working with CL, especially in the design of zero-knowledge protocols. 

 

To overcome these difficulties, we define a new notion of soundness, called soundness with partial extractability, that is especially suited to the CL framework. Thanks to partial extractability, we design efficient zero-knowledge proofs and arguments for different CL-related statements. In this talk, after motivating the necessity of efficient protocols in the CL context, I will introduce this new notion and present a batched proof of correct encryption.

Infos pratiques

Prochains exposés

  • Encryption homomorphe sans bruit à l'aide de groupes

    • 26 juin 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Pierre Guillot - Ravel Technologies (dispo Université de Strasbourg, IRMA)

    Je vais rappeler les travaux de Nuida et Ostrovski sur l'utilisation des groupes pour l'élaboration de schémas cryptographiques homomorphes. Je vais présenter nos travaux qui fournissent des encodages à la fois plus efficaces et plus généraux, et qui déterminent exactement quels groupes peuvent être utilisés.   Puis je vais discuter GRAFHEN, un protocole qui utilise ces idées. Je dirai juste[…]

    • Cryptography

  • MIKE: An efficient and compact NIKE Based on a Commutative Monoidal Action 

    • 03 juillet 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Jonathan Komada Eriksen - COSIC, KU Leuven

    Robert recently described a powerful correspondence between certain (Hermitian) modules and (polarized) abelian varieties, which simultaneously generalizes both the class-group action underlying protocols such as CSIDH, and the Deuring correspondence, underlying protocols such as SQIsign. Using this correspondence, he also proposed how to construct a post-quantum NIKE, called MIKE, which, at a[…]

    • Cryptography

Voir les exposés passés
Haut de page