Table of contents

  • This session has been presented May 20, 2022.

Description

  • Speaker

    Clémence Bouvier - INRIA

New symmetric primitives are being designed to be run in abstract settings such as Multi-Party Computations (MPC) or Zero-Knowledge (ZK) proof systems. More particularly, these protocols have highlighted the need to minimize the number of multiplications performed by the primitive in large finite fields.<br/> As the number of such primitives grows, it is important to better understand the properties of their underlying operations. Then, we will investigate the Algebraic Degree of MiMC, one of the first such block ciphers. It is composed of many iterations of a simple round function, consisting of an addition and of a low-degree power permutation applied to the full state, usually the cube over a large field with characteristic 2. In particular, we will provide some precise guarantee on the Algebraic Degree of this cipher, and then on the minimal complexity for Integral attacks.<br/> Moving on to the designer's point of view, we will also introduce a family of ZK-friendly Hash Functions, based on what we have called a Flystel construction: a new variant of the Butterfly structure. One of the most innovating aspect of this design compared to those already offered in the above context is its reliance on the CCZ-equivalence of the permutation to a simpler one.<br/> lien: https://univ-rennes1-fr.zoom.us/j/97066341266?pwd=RUthOFV5cm1uT0ZCQVh6QUcrb1drQT09

Next sessions

  • Séminaire C2 à INRIA Paris

    • January 16, 2026 (10:00 - 17:00)

    • INRIA Paris

    Emmanuel Thomé et Pierrick Gaudry Rachelle Heim Boissier Épiphane Nouetowa Dung Bui Plus d'infos sur https://seminaire-c2.inria.fr/ 

  • Attacking the Supersingular Isogeny Problem: From the Delfs–Galbraith algorithm to oriented graphs

    • January 23, 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Arthur Herlédan Le Merdy - COSIC, KU Leuven

    The threat of quantum computers motivates the introduction of new hard problems for cryptography.One promising candidate is the Isogeny problem: given two elliptic curves, compute a “nice’’ map between them, called an isogeny.In this talk, we study classical attacks on this problem, specialised to supersingular elliptic curves, on which the security of current isogeny-based cryptography relies. In[…]

    • Cryptography

Show previous sessions
Page top