Table of contents

  • This session has been presented May 20, 2022.

Description

  • Speaker

    Clémence Bouvier - INRIA

New symmetric primitives are being designed to be run in abstract settings such as Multi-Party Computations (MPC) or Zero-Knowledge (ZK) proof systems. More particularly, these protocols have highlighted the need to minimize the number of multiplications performed by the primitive in large finite fields.<br/> As the number of such primitives grows, it is important to better understand the properties of their underlying operations. Then, we will investigate the Algebraic Degree of MiMC, one of the first such block ciphers. It is composed of many iterations of a simple round function, consisting of an addition and of a low-degree power permutation applied to the full state, usually the cube over a large field with characteristic 2. In particular, we will provide some precise guarantee on the Algebraic Degree of this cipher, and then on the minimal complexity for Integral attacks.<br/> Moving on to the designer's point of view, we will also introduce a family of ZK-friendly Hash Functions, based on what we have called a Flystel construction: a new variant of the Butterfly structure. One of the most innovating aspect of this design compared to those already offered in the above context is its reliance on the CCZ-equivalence of the permutation to a simpler one.<br/> lien: https://univ-rennes1-fr.zoom.us/j/97066341266?pwd=RUthOFV5cm1uT0ZCQVh6QUcrb1drQT09

Next sessions

  • MIKE: An efficient and compact NIKE Based on a Commutative Monoidal Action 

    • July 03, 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Jonathan Komada Eriksen - COSIC, KU Leuven

    Robert recently described a powerful correspondence between certain (Hermitian) modules and (polarized) abelian varieties, which simultaneously generalizes both the class-group action underlying protocols such as CSIDH, and the Deuring correspondence, underlying protocols such as SQIsign. Using this correspondence, he also proposed how to construct a post-quantum NIKE, called MIKE, which, at a[…]
    • Cryptography

  • TBA

    • September 25, 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Anmoal Porwal - Technical University of Munich

    • Cryptography

    • Asymmetric primitive

Show previous sessions