Table of contents

  • This session has been presented February 09, 2024.

Description

  • Speaker

    André Schrottenloher - IRISA

The Quantum Fourier Transform is a fundamental tool in quantum cryptanalysis, not only as the building block of Shor's algorithm, but also in attacks against symmetric cryptosystems. Indeed, hidden shift algorithms such as Simon's (FOCS 1994), which rely on the QFT, have been used to obtain attacks on some very specific block cipher structures. The Fourier Transform is also used in classical cryptanalysis, for example in FFT-based linear key-recovery attacks introduced by Collard et al. (ICISC 2007). Whether such techniques can be adapted to the quantum setting has remained so far an open question. In this talk, we will present a new framework for quantum linear key-recovery attacks using the QFT. These attacks loosely follow the classical method of Collard et al., but adapt it to the quantum setting. Classically, the FFT-based attack needs to compute a statistic (experimental correlation) which is higher for a good key guess, and lower for wrong guesses. The quantum attack encodes this statistic in the amplitudes of a quantum state. On some conditions, this can be used to devise new quantum key-recovery attacks which may be applicable to a broader class of ciphers.

Next sessions

  • Encryption homomorphe sans bruit à l'aide de groupes

    • June 26, 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Pierre Guillot - Ravel Technologies (dispo Université de Strasbourg, IRMA)

    Je vais rappeler les travaux de Nuida et Ostrovski sur l'utilisation des groupes pour l'élaboration de schémas cryptographiques homomorphes. Je vais présenter nos travaux qui fournissent des encodages à la fois plus efficaces et plus généraux, et qui déterminent exactement quels groupes peuvent être utilisés.   Puis je vais discuter GRAFHEN, un protocole qui utilise ces idées. Je dirai juste[…]

    • Cryptography

  • MIKE: An efficient and compact NIKE Based on a Commutative Monoidal Action 

    • July 03, 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Jonathan Komada Eriksen - COSIC, KU Leuven

    Robert recently described a powerful correspondence between certain (Hermitian) modules and (polarized) abelian varieties, which simultaneously generalizes both the class-group action underlying protocols such as CSIDH, and the Deuring correspondence, underlying protocols such as SQIsign. Using this correspondence, he also proposed how to construct a post-quantum NIKE, called MIKE, which, at a[…]

    • Cryptography

Show previous sessions
Page top