Table of contents

  • This session has been presented November 17, 2006.

Description

  • Speaker

    Robert Koenig - Cambridge University

The security of quantum key distribution protocols is often defined in terms of the information an adversary obtains by measuring his system. Such definitions are fundamentally flawed because of a locking property of the accessible information: Giving the adversary a single bit of information may increase the accessible information by more than one bit. We give examples of keys that are not exposure-resilient and can thus not safely be used for one-time pad encryption, even though they satisfy a measurement-based security definition. In the second part of the talk, we discuss a universally composable security definition for cryptographic keys and show how this stronger type of security can be achieved.<br/> This is joint work with Andor Bariska, Ueli Maurer and Renato Renner.

Next sessions

  • Séminaire C2 à INRIA Paris

    • January 16, 2026 (10:00 - 17:00)

    • INRIA Paris

    Emmanuel Thomé et Pierrick Gaudry Rachelle Heim Boissier Épiphane Nouetowa Dung Bui Plus d'infos sur https://seminaire-c2.inria.fr/ 

  • Attacking the Supersingular Isogeny Problem: From the Delfs–Galbraith algorithm to oriented graphs

    • January 23, 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Arthur Herlédan Le Merdy - COSIC, KU Leuven

    The threat of quantum computers motivates the introduction of new hard problems for cryptography.One promising candidate is the Isogeny problem: given two elliptic curves, compute a “nice’’ map between them, called an isogeny.In this talk, we study classical attacks on this problem, specialised to supersingular elliptic curves, on which the security of current isogeny-based cryptography relies. In[…]

    • Cryptography

Show previous sessions
Page top