Table of contents

  • This session has been presented October 17, 2025 (13:45 - 14:45).

Description

  • Speaker

    Shibam Ghosh - Inria

The partial-sums technique introduced by Ferguson et al. (2000) achieved a 6‑round AES attack with time complexity 2^{52} S‑box evaluations, a benchmark that has stood since. In 2014, Todo and Aoki proposed a comparable approach based on the Fast Fourier Transform (FFT). 

In this talk, I will show how to combine partial sums with FFT to get "the best of both worlds". The resulting attack on 6‑round AES has a complexity of about 2^{46.4} additions, and I will outline how to implement it efficiently. A proof-of-concept implementation achieves a speedup of more than 32x over the previous best result, setting a new practical record for 6‑round AES after nearly 25 years.

Practical infos

Next sessions

  • Séminaire C2 à INRIA Paris

    • January 16, 2026 (10:00 - 17:00)

    • INRIA Paris

    Emmanuel Thomé et Pierrick Gaudry Rachelle Heim Boissier Épiphane Nouetowa Dung Bui Plus d'infos sur https://seminaire-c2.inria.fr/ 

  • Attacking the Supersingular Isogeny Problem: From the Delfs–Galbraith algorithm to oriented graphs

    • January 23, 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Arthur Herlédan Le Merdy - COSIC, KU Leuven

    The threat of quantum computers motivates the introduction of new hard problems for cryptography.One promising candidate is the Isogeny problem: given two elliptic curves, compute a “nice’’ map between them, called an isogeny.In this talk, we study classical attacks on this problem, specialised to supersingular elliptic curves, on which the security of current isogeny-based cryptography relies. In[…]

    • Cryptography

Show previous sessions
Page top