Table of contents

  • This session has been presented May 24, 2019.

Description

  • Speaker

    Alice Pellet-Mary - ENS de Lyon

Finding a short non zero vector in an Euclidean lattice is a well-studied problem which has proven useful to construct many cryptographic primitives. The current best asymptotic algorithm to find a relatively short vector in an arbitrary lattice is the BKZ algorithm. This algorithm recovers a vector which is at most $2^{n^{\alpha}}$ times larger than the shortest non zero vector in time $2^{n^{1-\alpha}}$ for any $\alpha$ between 0 and 1.<br/> In order to gain in efficiency, it is sometimes interesting to use structured lattices instead of general lattices. An example of such structured lattices are ideal lattices. One may then wonder whether, on the security front, it is easier to find short vectors in a structured lattice or not. Until 2016, there was no known algorithm which would perform better on ideal lattices than the BKZ algorithm (either classically or quantumly). In 2016 and 2017, Cramer-Ducas-Peikert-Regev and Cramer-Ducas-Wesolowski proposed a quantum algorithm that finds a $2^{\sqrt n}$ approximation of the shortest non zero vector in polynomial time. However, the BKZ algorithm remained the best algorithm in the classical setting or for approximation factor smaller than $2^{\sqrt n}$ in the quantum setting.<br/> In this talk, I will present an algorithm that extends the one of Cramer et al. and improves upon the BKZ algorithm for ideal lattices, both quantumly and classically. This algorithm is heuristic and non uniform (i.e., it requires an exponential time pre-processing).<br/> lien: http://desktop.visio.renater.fr/scopia?ID=723420***3028&autojoin

Next sessions

  • Dual attacks in code-based (and lattice-based) cryptography

    • September 19, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Charles Meyer-Hilfiger - Inria Rennes

    The hardness of the decoding problem and its generalization, the learning with errors problem, are respectively at the heart of the security of the Post-Quantum code-based scheme HQC and the lattice-based scheme Kyber. Both schemes are to be/now NIST standards. These problems have been actively studied for decades, and the complexity of the state-of-the-art algorithms to solve them is crucially[…]

    • Cryptography

  • Présentations des nouveaux doctorants Capsule

    • October 03, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Alisée Lafontaine et Mathias Boucher - INRIA Rennes

    2 nouveaux doctorants arrivent dans l'équipe Capsule et présenteront leurs thématiques de recherche. Alisée Lafontaine, encadrée par André Schrottenloher, présentera son stage de M2: "Quantum rebound attacks on double-block length hash functions"  Mathias Boucher, encadré par Yixin Shen, parlera des algorithmes quantiques et des réseaux euclidiens.  

  • Design of fast AES-based Universal Hash Functions and MACs

    • October 10, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Augustin Bariant - ANSSI

    Ultra-fast AES round-based software cryptographic authentication/encryption primitives have recently seen important developments, fuelled by the authenticated encryption competition CAESAR and the prospect of future high-profile applications such as post-5G telecommunication technology security standards. In particular, Universal Hash Functions (UHF) are crucial primitives used as core components[…]

    • Cryptography

  • Lie algebras and the security of cryptosystems based on classical varieties in disguise

    • November 07, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Mingjie Chen - KU Leuven

    In 2006, de Graaf et al. proposed a strategy based on Lie algebras for finding a linear transformation in the projective linear group that connects two linearly equivalent projective varieties defined over the rational numbers. Their method succeeds for several families of “classical” varieties, such as Veronese varieties, which are known to have large automorphism groups.   In this talk, we[…]

    • Cryptography

  • Some applications of linear programming to Dilithium

    • November 14, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Paco AZEVEDO OLIVEIRA - Thales & UVSQ

    Dilithium is a signature algorithm, considered post-quantum, and recently standardized under the name ML-DSA by NIST. Due to its security and performance, it is recommended in most use cases.   During this presentation, I will outline the main ideas behind two studies, conducted in collaboration with Andersson Calle-Vierra, Benoît Cogliati, and Louis Goubin, which provide a better understanding of[…]
Show previous sessions
Page top