Sommaire

  • Cet exposé a été présenté le 30 septembre 2016.

Description

  • Orateur

    Pierrick Méaux - ENS Paris

Fully Homomorphic Encryption is a powerful cryptographic construction, enabling to securely compute all functions on encrypted data, and decrypt the result of the function applied on the real data.<br/> This construction allows to securely delegate computation, which is a very important property with the increasing of the Cloud computing. Many client-server applications are appearing, all needing the computation delegating property of FHE, with different notions of security and cost. The client-server frameworks usually considered a client with small storage and computation possibilities and a cloud powerful for both. The client wants to delegate his computation with small computation and communication cost, which directly leads to Symmetric Encryption. As the frameworks considerate two types of encryption, we study the links and differences between them. Efficiency and security are not studied the same way, on one hand a SE scheme is evaluated relatively to its practical speed, storage cost and concrete cryptanalysis. On the other hand FHE is more a theoretic construction, evaluated relatively to its security assumptions and homomorphic capacities. To combine these two approaches, we need to study the different costs and efficiency implications from one type to the other. Our approach is to consider a particular family of FHE and adapt a SE scheme to build a framework efficient relatively to both metrics. Part of the study is to analyze the previous symmetric constructions relatively to this framework, more specifically figure out the error growth implied in the homomorphic decryption of the SE scheme. As minimizing this factor is not linked with SE efficiency, we have to considerate all kinds of SE constructions and find the properties suitable for FHE. First, with block-cipher constructions we can focus on the number of iterations, on the circuit depth and on the chaining mode used. Then stream-cipher constructions allow to study the error growth depending on the number of outputted bits. Finally the existent constructions of both families are not optimized nor totally suitable for our framework, leading us to the next step. This study enables us to compare the different alternatives and to conclude on properties to conserve or discard. We select some properties of known SE schemes behaving well with the FHE scheme consideration and study their compatibilities. Choosing the good characteristics for the SE-FHE framework gives us the starting point for a future optimal design.

Prochains exposés

  • Attacks and Remedies for Randomness in AI: Cryptanalysis of PHILOX and THREEFRY

    • 13 mars 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Yevhen Perehuda - Ruhr-University Bochum

    In this work, we address the critical yet understudied question of the security of the most widely deployed pseudorandom number generators (PRNGs) in AI applications. We show that these generators are vulnerable to practical and low-cost attacks. With this in mind, we conduct an extensive survey of randomness usage in current applications to understand the efficiency requirements imposed in[…]

    • Cryptography

  • Lightweight (AND, XOR) Implementations of Large-Degree S-boxes

    • 20 mars 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Marie Bolzer - LORIA

    The problem of finding a minimal circuit to implement a given function is one of the oldest in electronics. In cryptography, the focus is on small functions, especially on S-boxes which are classically the only non-linear functions in iterated block ciphers. In this work, we propose new ad-hoc automatic tools to look for lightweight implementations of non-linear functions on up to 5 variables for[…]

    • Cryptography

    • Symmetrical primitive

    • Implementation of cryptographic algorithm

  • Algorithms for post-quantum commutative group actions

    • 27 mars 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Marc Houben - Inria Bordeaux

    At the historical foundation of isogeny-based cryptography lies a scheme known as CRS; a key exchange protocol based on class group actions on elliptic curves. Along with more efficient variants, such as CSIDH, this framework has emerged as a powerful building block for the construction of advanced post-quantum cryptographic primitives. Unfortunately, all protocols in this line of work are[…]

  • Journées C2: pas de séminaire

    • 03 avril 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

  • Endomorphisms via Splittings

    • 10 avril 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Min-Yi Shen - No Affiliation

    One of the fundamental hardness assumptions underlying isogeny-based cryptography is the problem of finding a non-trivial endomorphism of a given supersingular elliptic curve. In this talk, we show that the problem is related to the problem of finding a splitting of a principally polarised superspecial abelian surface. In particular, we provide formal security reductions and a proof-of-concept[…]

    • Cryptography

Voir les exposés passés
Haut de page