Sommaire

  • Cet exposé a été présenté le 16 mai 2025 (13:45 - 14:45).

Description

  • Orateur

    Florette Martinez - Université Picardie Jules Verne

Résumé : Le générateur sac-à-dos, présenté en 1985 est un générateur pseudo aléatoire annoncé sécurisé qui combine un générateur pseudo aléatoire non sécurisé et un problème dur. Une erreur de design repérée en 2011 permet à W. Meier et S. Knellwolf de retrouver une partie du secret mais les explications théoriques et heuristiques sont partielles. Dans cet exposé, je vais présenter une nouvelle attaque contre ce générateur qui exploite la même faiblesse que l'attaque de 2011 mais qui met à jour, de manière beaucoup plus directe, le lien entre le problème à résoudre et les réseaux euclidiens. Grâce à cette meilleure compréhension, la nouvelle attaque retrouve une plus grande partie du secret et sur une plus grande plage de paramètres, pour un coût similaire.

Abstract: The knapsack generator, presented in 1985, is a pseudorandom generator announced as secure, that combines an insecure pseudorandom generator and a hard problem. A design error identified in 2011 allowed W. Meier and S. Knellwolf to recover part of the secret, but the theoretical and heuristic explanations are partial. In this talk, I will present a new attack against this generator that exploits the same weakness as the 2011 attack but that reveals, in a much more direct way, the link between the problem to be solved and Euclidean lattices. Thanks to this better understanding, the new attack recovers a larger part of the secret and on a larger range of parameters, for a similar cost.

Infos pratiques

Prochains exposés

  • Dual attacks in code-based (and lattice-based) cryptography

    • 19 septembre 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Charles Meyer-Hilfiger - Inria Rennes

    The hardness of the decoding problem and its generalization, the learning with errors problem, are respectively at the heart of the security of the Post-Quantum code-based scheme HQC and the lattice-based scheme Kyber. Both schemes are to be/now NIST standards. These problems have been actively studied for decades, and the complexity of the state-of-the-art algorithms to solve them is crucially[…]

    • Cryptography

  • Design of fast AES-based Universal Hash Functions and MACs

    • 10 octobre 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Augustin Bariant - ANSSI

    Ultra-fast AES round-based software cryptographic authentication/encryption primitives have recently seen important developments, fuelled by the authenticated encryption competition CAESAR and the prospect of future high-profile applications such as post-5G telecommunication technology security standards. In particular, Universal Hash Functions (UHF) are crucial primitives used as core components[…]

    • Cryptography

  • Lie algebras and the security of cryptosystems based on classical varieties in disguise

    • 07 novembre 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Mingjie Chen - KU Leuven

    In 2006, de Graaf et al. proposed a strategy based on Lie algebras for finding a linear transformation in the projective linear group that connects two linearly equivalent projective varieties defined over the rational numbers. Their method succeeds for several families of “classical” varieties, such as Veronese varieties, which are known to have large automorphism groups.   In this talk, we[…]

    • Cryptography

Voir les exposés passés
Haut de page