Description
New symmetric primitives are being designed to be run in abstract settings such as Multi-Party Computations (MPC) or Zero-Knowledge (ZK) proof systems. More particularly, these protocols have highlighted the need to minimize the number of multiplications performed by the primitive in large finite fields.<br/> As the number of such primitives grows, it is important to better understand the properties of their underlying operations. Then, we will investigate the Algebraic Degree of MiMC, one of the first such block ciphers. It is composed of many iterations of a simple round function, consisting of an addition and of a low-degree power permutation applied to the full state, usually the cube over a large field with characteristic 2. In particular, we will provide some precise guarantee on the Algebraic Degree of this cipher, and then on the minimal complexity for Integral attacks.<br/> Moving on to the designer's point of view, we will also introduce a family of ZK-friendly Hash Functions, based on what we have called a Flystel construction: a new variant of the Butterfly structure. One of the most innovating aspect of this design compared to those already offered in the above context is its reliance on the CCZ-equivalence of the permutation to a simpler one.<br/> lien: https://univ-rennes1-fr.zoom.us/j/97066341266?pwd=RUthOFV5cm1uT0ZCQVh6QUcrb1drQT09
Next sessions
-
Endomorphisms via Splittings
Speaker : Min-Yi Shen - No Affiliation
One of the fundamental hardness assumptions underlying isogeny-based cryptography is the problem of finding a non-trivial endomorphism of a given supersingular elliptic curve. In this talk, we show that the problem is related to the problem of finding a splitting of a principally polarised superspecial abelian surface. In particular, we provide formal security reductions and a proof-of-concept[…]-
Cryptography
-