Description
The Even-Mansour (EM) encryption scheme received a lot of attention in the last couple of years due to its exceptional simplicity and tight security proofs. The original $1$-round construction was naturally generalized into $r$-round structures with one key, two alternating keys, and completely independent keys.<br/> In this talk I will describe the first key recovery attack on the one-key 3-round version of EM which is faster than exhaustive search. I will then show how to use the new cryptanalytic techniques in order to improve the best known attacks on several concrete EM-like schemes such as the block cipher LED.<br/> The talk will be mostly self-contained and intended to a wide audience. Based on joint work with Orr Dunkelman, Nathan Keller and Adi Shamir.
Prochains exposés
-
Encryption homomorphe sans bruit à l'aide de groupes
Orateur : Pierre Guillot - Ravel Technologies (dispo Université de Strasbourg, IRMA)
Je vais rappeler les travaux de Nuida et Ostrovski sur l'utilisation des groupes pour l'élaboration de schémas cryptographiques homomorphes. Je vais présenter nos travaux qui fournissent des encodages à la fois plus efficaces et plus généraux, et qui déterminent exactement quels groupes peuvent être utilisés. Puis je vais discuter GRAFHEN, un protocole qui utilise ces idées. Je dirai juste[…]-
Cryptography
-
-
MIKE: An efficient and compact NIKE Based on a Commutative Monoidal Action
Orateur : Jonathan Komada Eriksen - COSIC, KU Leuven
Robert recently described a powerful correspondence between certain (Hermitian) modules and (polarized) abelian varieties, which simultaneously generalizes both the class-group action underlying protocols such as CSIDH, and the Deuring correspondence, underlying protocols such as SQIsign. Using this correspondence, he also proposed how to construct a post-quantum NIKE, called MIKE, which, at a[…]-
Cryptography
-