Sommaire

Description

  • Orateur

    Charlotte Lefevre - Radboud University

The Ascon authenticated encryption scheme and hash function of Dobraunig et al (Journal of Cryptology 2021) were recently selected as winner of the NIST lightweight cryptography competition. The mode underlying Ascon authenticated encryption (Ascon-AE) resembles ideas of SpongeWrap, but not quite, and various works have investigated the generic security of Ascon-AE, all covering different attack scenarios and with different bounds. This work systematizes knowledge on the mode security of Ascon-AE, and fills gaps where needed. We consider six mainstream security models, all in the multi-user setting: (i) nonce-respecting security, reflecting on the existing bounds of Chakraborty et al (ASIACRYPT 2023, ACISP 2024) and Lefevre and Mennink (SAC 2024), (ii) nonce-misuse resistance, observing a non-fixable flaw in the proof of Chakraborty et al (ACISP 2024), (iii) nonce-misuse resilience, delivering missing security analysis, (iv) leakage resilience, delivering a new security analysis that supersedes the informal proof sketch (though in a different model) of Guo et al (ToSC 2020), (v) state-recovery security, expanding on the analysis of Lefevre and Mennink, and (vi) release of unverified plaintext, also delivering missing security analysis.  We also match all bounds with tight attacks (up to constant and up to reasonable assumptions). As a bonus, we systematize the knowledge on Ascon-Hash and Ascon-PRF.

Infos pratiques

  • Date

    20 juin 2025 (13:45 - 14:45)

  • Emplacement

    IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes Amphi Lebesgue
    Localiser sur Google Maps

  • Ajouter l'exposé à mon agenda

  • Video meet

    The seminar is systematically visible by videoconference

    Accèder à la visio-conférence

Prochains exposés

  • Soutenance de thèse : Cryptanalyse de schémas de cryptographie à clé publique (Cryptanalysis of public-key cryptosystems)

    • 23 mai 2025 (14:00 - 16:00)

    • Amphi P, ISTIC, bâtiment 12D

    Orateur : Paul Kirchner - IRISA

    Résumé : La cryptanalyse de schémas de cryptographie à clé publique repose sur un ensemble de techniques algorithmiques et algébriques en théorie des nombres. Dans une première partie de cette thèse, nous présentons des améliorations de l’algorithme LLL, dû à Lenstra, Lenstra et Lovasz pour réduire un réseau euclidien, c’est-à-dire réduire la norme et orthogonaliser le plus possible les vecteurs[…]

    • Cryptography

  • Oblivious Transfer from Zero-Knowledge Proofs (or how to achieve round-optimal quantum Oblivious Transfer without structure)

    • 06 juin 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Léo Colisson - Université Grenoble Alpes

    We provide a generic construction to turn any classical Zero-Knowledge (ZK) protocol into a composable oblivious transfer (OT) protocol (the protocol itself involving quantum interactions), mostly lifting the round-complexity properties and security guarantees (plain-model/statistical security/unstructured functions…) of the ZK protocol to the resulting OT protocol. Such a construction is unlikely[…]

    • Cryptography

Voir les exposés passés
Haut de page