Table of contents

  • This session has been presented September 30, 2016.

Description

  • Speaker

    Pierrick Méaux - ENS Paris

Fully Homomorphic Encryption is a powerful cryptographic construction, enabling to securely compute all functions on encrypted data, and decrypt the result of the function applied on the real data.<br/> This construction allows to securely delegate computation, which is a very important property with the increasing of the Cloud computing. Many client-server applications are appearing, all needing the computation delegating property of FHE, with different notions of security and cost. The client-server frameworks usually considered a client with small storage and computation possibilities and a cloud powerful for both. The client wants to delegate his computation with small computation and communication cost, which directly leads to Symmetric Encryption. As the frameworks considerate two types of encryption, we study the links and differences between them. Efficiency and security are not studied the same way, on one hand a SE scheme is evaluated relatively to its practical speed, storage cost and concrete cryptanalysis. On the other hand FHE is more a theoretic construction, evaluated relatively to its security assumptions and homomorphic capacities. To combine these two approaches, we need to study the different costs and efficiency implications from one type to the other. Our approach is to consider a particular family of FHE and adapt a SE scheme to build a framework efficient relatively to both metrics. Part of the study is to analyze the previous symmetric constructions relatively to this framework, more specifically figure out the error growth implied in the homomorphic decryption of the SE scheme. As minimizing this factor is not linked with SE efficiency, we have to considerate all kinds of SE constructions and find the properties suitable for FHE. First, with block-cipher constructions we can focus on the number of iterations, on the circuit depth and on the chaining mode used. Then stream-cipher constructions allow to study the error growth depending on the number of outputted bits. Finally the existent constructions of both families are not optimized nor totally suitable for our framework, leading us to the next step. This study enables us to compare the different alternatives and to conclude on properties to conserve or discard. We select some properties of known SE schemes behaving well with the FHE scheme consideration and study their compatibilities. Choosing the good characteristics for the SE-FHE framework gives us the starting point for a future optimal design.

Next sessions

  • Lie algebras and the security of cryptosystems based on classical varieties in disguise

    • November 07, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Mingjie Chen - KU Leuven

    In 2006, de Graaf et al. proposed a strategy based on Lie algebras for finding a linear transformation in the projective linear group that connects two linearly equivalent projective varieties defined over the rational numbers. Their method succeeds for several families of “classical” varieties, such as Veronese varieties, which are known to have large automorphism groups.   In this talk, we[…]

    • Cryptography

  • Some applications of linear programming to Dilithium

    • November 14, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Paco AZEVEDO OLIVEIRA - Thales & UVSQ

    Dilithium is a signature algorithm, considered post-quantum, and recently standardized under the name ML-DSA by NIST. Due to its security and performance, it is recommended in most use cases.   During this presentation, I will outline the main ideas behind two studies, conducted in collaboration with Andersson Calle-Vierra, Benoît Cogliati, and Louis Goubin, which provide a better understanding of[…]

  • Wagner’s Algorithm Provably Runs in Subexponential Time for SIS^∞

    • November 21, 2025 (13:45 - 14:45)

    • Salle Guernesey à l'ISTIC

    Speaker : Johanna Loyer - Inria Saclay

    At CRYPTO 2015, Kirchner and Fouque claimed that a carefully tuned variant of the Blum-Kalai-Wasserman (BKW) algorithm (JACM 2003) should solve the Learning with Errors problem (LWE) in slightly subexponential time for modulus q = poly(n) and narrow error distribution, when given enough LWE samples. Taking a modular view, one may regard BKW as a combination of Wagner’s algorithm (CRYPTO 2002), run[…]

    • Cryptography

  • CryptoVerif: a computationally-sound security protocol verifier

    • November 28, 2025 (13:45 - 14:45)

    • Batiment 32B salle 12

    Speaker : Bruno Blanchet - Inria

    CryptoVerif is a security protocol verifier sound in the computational model of cryptography. It produces proofs by sequences of games, like those done manually by cryptographers. It has an automatic proof strategy and can also be guided by the user. It provides a generic method for specifying security assumptions on many cryptographic primitives, and can prove secrecy, authentication, and[…]

    • Cryptography

  • Structured-Seed Local Pseudorandom Generators and their Applications

    • December 05, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Nikolas Melissaris - IRIF

    We introduce structured‑seed local pseudorandom generators (SSL-PRGs), pseudorandom generators whose seed is drawn from an efficiently sampleable, structured distribution rather than uniformly. This seemingly modest relaxation turns out to capture many known applications of local PRGs, yet it can be realized from a broader family of hardness assumptions. Our main technical contribution is a[…]

    • Cryptography

Show previous sessions
Page top