Sommaire

  • Cet exposé a été présenté le 22 septembre 2006.

Description

  • Orateur

    Hervé Chabanne - Sagem

At the Asiacrypt 2003 conference, Billet and Gilbert introduce a block cipher, which, to quote them, has the following paradoxical property: it is computationally easy to derive many equivalent distinct descriptions of the same instance of the block cipher; but it is computationally difficult, given one or even up to k of them, to recover the socalled meta-key from which they were derived, or to find any additional equivalent description, or more generally to forge any new untraceable description of the same instance of the block cipher. They exploit this property to introduce the first traceable block cipher. Their construction relies on the Isomorphism of Polynomials (IP) problem. At Eurocrypt 2006, Faugere and Perret show how to break this scheme by algebraic attack. We here strengthen the original traceable block cipher against this attack by concealing the underlying IP problems. Our modifications are such that our description of the block cipher now does not give the expected results all the time and parallel executions are used to obtain the correct value.<br/> (this work was done with Julien Bringer and Emmanuelle Dottax and will be presented - in part - at CMS'2006)

Prochains exposés

  • Some applications of linear programming to Dilithium

    • 14 novembre 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Paco AZEVEDO OLIVEIRA - Thales & UVSQ

    Dilithium is a signature algorithm, considered post-quantum, and recently standardized under the name ML-DSA by NIST. Due to its security and performance, it is recommended in most use cases.   During this presentation, I will outline the main ideas behind two studies, conducted in collaboration with Andersson Calle-Vierra, Benoît Cogliati, and Louis Goubin, which provide a better understanding of[…]

  • Wagner’s Algorithm Provably Runs in Subexponential Time for SIS^∞

    • 21 novembre 2025 (13:45 - 14:45)

    • Salle Guernesey à l'ISTIC

    Orateur : Johanna Loyer - Inria Saclay

    At CRYPTO 2015, Kirchner and Fouque claimed that a carefully tuned variant of the Blum-Kalai-Wasserman (BKW) algorithm (JACM 2003) should solve the Learning with Errors problem (LWE) in slightly subexponential time for modulus q = poly(n) and narrow error distribution, when given enough LWE samples. Taking a modular view, one may regard BKW as a combination of Wagner’s algorithm (CRYPTO 2002), run[…]

    • Cryptography

  • CryptoVerif: a computationally-sound security protocol verifier

    • 28 novembre 2025 (13:45 - 14:45)

    • Batiment 32B salle 12

    Orateur : Bruno Blanchet - Inria

    CryptoVerif is a security protocol verifier sound in the computational model of cryptography. It produces proofs by sequences of games, like those done manually by cryptographers. It has an automatic proof strategy and can also be guided by the user. It provides a generic method for specifying security assumptions on many cryptographic primitives, and can prove secrecy, authentication, and[…]

    • Cryptography

  • Structured-Seed Local Pseudorandom Generators and their Applications

    • 05 décembre 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Nikolas Melissaris - IRIF

    We introduce structured‑seed local pseudorandom generators (SSL-PRGs), pseudorandom generators whose seed is drawn from an efficiently sampleable, structured distribution rather than uniformly. This seemingly modest relaxation turns out to capture many known applications of local PRGs, yet it can be realized from a broader family of hardness assumptions. Our main technical contribution is a[…]

    • Cryptography

Voir les exposés passés
Haut de page