Description
Quasi-cyclic moderate density parity check (QC-MDPC) codes allow the design of McEliece-like public-key encryption schemes with compact keys and a security that provably reduces to hard decoding problems for quasi-cyclic codes. Because of these features, QC-MDPC have attracted a lot of interest from the cryptographic community. In particular, the BIKE suite of key exchange mechanisms has been selected to the second round of the NIST call for standardization of quantum safe cryptographic primitives.<br/> To reach IND-CCA security, it is necessary to prove that the decoding failure rate (DFR) is negligible. Getting a formal proof of a low DFR is a difficult task. Instead, we propose to ensure this low DFR under some additional security assumption on the decoder. This assumption relates to the asymptotic behavior of the decoder and is supported by several other works. We thus evaluate a decoder by simulation and extrapolate its DFR under the decoder security assumption. Using standard techniques from communication systems, we can evaluate the confidence in our extrapolation.<br/> The construction of a set of weak keys, in the sense that they have a higher DFR, has been exhibited in a recent work [Drucker, Gueron, Kostic 2019]. We observe that these keys are related to the key recovery reaction attack of [Guo, Johansson, Stankovski 2016] by the fact that they have an atypical "spectrum". From this observation, we can generalize the construction by directly generating keys with an atypical spectrum. Using combinatorics to count these weak keys and applying our methodology to evaluate the DFR, we prove that they do not affect the security of the scheme.<br/> lien: http://desktop.visio.renater.fr/scopia?ID=723203***9541&autojoin
Prochains exposés
-
Présentations des nouveaux doctorants Capsule
Orateur : Alisée Lafontaine et Mathias Boucher - INRIA Rennes
2 nouveaux doctorants arrivent dans l'équipe Capsule et présenteront leurs thématiques de recherche. Alisée Lafontaine, encadrée par André Schrottenloher, présentera son stage de M2: "Quantum rebound attacks on double-block length hash functions" Mathias Boucher, encadré par Yixin Shen, parlera des algorithmes quantiques et des réseaux euclidiens. -
Design of fast AES-based Universal Hash Functions and MACs
Orateur : Augustin Bariant - ANSSI
Ultra-fast AES round-based software cryptographic authentication/encryption primitives have recently seen important developments, fuelled by the authenticated encryption competition CAESAR and the prospect of future high-profile applications such as post-5G telecommunication technology security standards. In particular, Universal Hash Functions (UHF) are crucial primitives used as core components[…]-
Cryptography
-
-
Lie algebras and the security of cryptosystems based on classical varieties in disguise
Orateur : Mingjie Chen - KU Leuven
In 2006, de Graaf et al. proposed a strategy based on Lie algebras for finding a linear transformation in the projective linear group that connects two linearly equivalent projective varieties defined over the rational numbers. Their method succeeds for several families of “classical” varieties, such as Veronese varieties, which are known to have large automorphism groups. In this talk, we[…]-
Cryptography
-
-
Some applications of linear programming to Dilithium
Orateur : Paco AZEVEDO OLIVEIRA - Thales & UVSQ
Dilithium is a signature algorithm, considered post-quantum, and recently standardized under the name ML-DSA by NIST. Due to its security and performance, it is recommended in most use cases. During this presentation, I will outline the main ideas behind two studies, conducted in collaboration with Andersson Calle-Vierra, Benoît Cogliati, and Louis Goubin, which provide a better understanding of[…]