Joux, Antoine
Overview
Works:  22 works in 87 publications in 2 languages and 1,780 library holdings 

Genres:  Conference papers and proceedings 
Roles:  Editor, Author, Thesis advisor, Opponent, 958, Other 
Publication Timeline
.
Most widely held works by
Antoine Joux
Advances in Cryptology  EUROCRYPT 2009 28th Annual International Conference on the Theory and Applications of Cryptographic
Techniques, Cologne, Germany, April 2630, 2009. Proceedings by
Antoine Joux(
)
21 editions published in 2009 in English and held by 540 WorldCat member libraries worldwide
This book constitutes the refereed proceedings of the 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009, held in Cologne, Germany, in April 2009. The 33 revised full papers presented together with 1 invited lecture were carefully reviewed and selected from 148 submissions. The papers address all current foundational, theoretical and research aspects of cryptology, cryptography, and cryptanalysis as well as advanced applications. The papers are organized in topical sections on security, proofs, and models, hash cryptanalysis, group and broadcast encryption, cryptosystems, cryptanalysis, side channels, curves, and randomness
21 editions published in 2009 in English and held by 540 WorldCat member libraries worldwide
This book constitutes the refereed proceedings of the 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009, held in Cologne, Germany, in April 2009. The 33 revised full papers presented together with 1 invited lecture were carefully reviewed and selected from 148 submissions. The papers address all current foundational, theoretical and research aspects of cryptology, cryptography, and cryptanalysis as well as advanced applications. The papers are organized in topical sections on security, proofs, and models, hash cryptanalysis, group and broadcast encryption, cryptosystems, cryptanalysis, side channels, curves, and randomness
Fast software encryption : 18th International Workshop, FSE 2011, Lyngby, Denmark, February 1316, 2011 ; revised selected
papers by
Antoine Joux(
)
12 editions published in 2011 in English and held by 439 WorldCat member libraries worldwide
This book constitutes the thoroughly refereed postconference proceedings of the 18th International Workshop on Fast Software Encryption, held in Lyngby, Denmark, in February 2011. The 22 revised full papers presented together with 1 invited lecture were carefully reviewed and selected from 106 initial submissions. The papers are organized in topical sections on differential cryptanalysis, hash functions, security and models, stream ciphers, block ciphers and modes, as well as linear and differential cryptanalysis
12 editions published in 2011 in English and held by 439 WorldCat member libraries worldwide
This book constitutes the thoroughly refereed postconference proceedings of the 18th International Workshop on Fast Software Encryption, held in Lyngby, Denmark, in February 2011. The 22 revised full papers presented together with 1 invited lecture were carefully reviewed and selected from 106 initial submissions. The papers are organized in topical sections on differential cryptanalysis, hash functions, security and models, stream ciphers, block ciphers and modes, as well as linear and differential cryptanalysis
Algorithmic cryptanalysis by
Antoine Joux(
Book
)
20 editions published in 2009 in English and held by 303 WorldCat member libraries worldwide
"Illustrating the power of algorithms, Algorithmic Cryptanalysis describes algorithmic methods with cryptographically relevant examples. Focusing on both private and publickey cryptographic algorithms, it presents each algorithm either as a textual desc
20 editions published in 2009 in English and held by 303 WorldCat member libraries worldwide
"Illustrating the power of algorithms, Algorithmic Cryptanalysis describes algorithmic methods with cryptographically relevant examples. Focusing on both private and publickey cryptographic algorithms, it presents each algorithm either as a textual desc
Selected areas in cryptography  SAC 2014 : 21st International Conference, Montreal, QC, Canada, August 1415, 2014 ; Revised
Selected Papers by
Antoine Joux(
)
10 editions published in 2014 in English and held by 282 WorldCat member libraries worldwide
This book constitutes the proceedings of the 21st International Conference on Selected Areas in Cryptography, SAC 2014, held in Montreal, QC, Canada, in August 2014. The 22 papers presented in this volume were carefully reviewed and selected from 103 submissions. There are four areas covered at each SAC conference. The three permanent areas are: design and analysis of symmetric key primitives and cryptosystems, including block and stream ciphers, hash function, MAC algorithms, cryptographic permutations, and authenticated encryption schemes; efficient implementations of symmetric and public key algorithms; mathematical and algorithmic aspects of applied cryptology. This year, the fourth area for SAC 2014 is: algorithms for cryptography, cryptanalysis and their complexity analysis
10 editions published in 2014 in English and held by 282 WorldCat member libraries worldwide
This book constitutes the proceedings of the 21st International Conference on Selected Areas in Cryptography, SAC 2014, held in Montreal, QC, Canada, in August 2014. The 22 papers presented in this volume were carefully reviewed and selected from 103 submissions. There are four areas covered at each SAC conference. The three permanent areas are: design and analysis of symmetric key primitives and cryptosystems, including block and stream ciphers, hash function, MAC algorithms, cryptographic permutations, and authenticated encryption schemes; efficient implementations of symmetric and public key algorithms; mathematical and algorithmic aspects of applied cryptology. This year, the fourth area for SAC 2014 is: algorithms for cryptography, cryptanalysis and their complexity analysis
Progress in cryptology  AFRICACRYPT 2018 : 10th international conference on cryptology in Africa, Marrakesh, Morocco, May
79, 2018 : proceedings by International Conference on Cryptology in Africa(
)
4 editions published in 2018 in English and held by 160 WorldCat member libraries worldwide
This book constitutes the refereed proceedings of the 10th International Conference on the Theory and Application of Cryptographic Techniques in Africa, AFRICACRYPT 2018, held in Marrakesh, Morocco, in May 2018. The 19 papers presented in this book were carefully reviewed and selected from 54 submissions. AFRICACRYPT is a major scientific event that seeks to advance and promote the field of cryptology on the African continent. The conference has systematically drawn some excellent contributions to the field. The conference has always been organized in cooperation with the International Association for Cryptologic Research (IACR)
4 editions published in 2018 in English and held by 160 WorldCat member libraries worldwide
This book constitutes the refereed proceedings of the 10th International Conference on the Theory and Application of Cryptographic Techniques in Africa, AFRICACRYPT 2018, held in Marrakesh, Morocco, in May 2018. The 19 papers presented in this book were carefully reviewed and selected from 54 submissions. AFRICACRYPT is a major scientific event that seeks to advance and promote the field of cryptology on the African continent. The conference has systematically drawn some excellent contributions to the field. The conference has always been organized in cooperation with the International Association for Cryptologic Research (IACR)
Nouvelles méthodes mathématiques en cryptographie by
JeanMarc Couveignes(
Book
)
1 edition published in 2007 in French and held by 25 WorldCat member libraries worldwide
1 edition published in 2007 in French and held by 25 WorldCat member libraries worldwide
Improved lowdensity subset sum algorithms by
Matthijs J Coster(
)
1 edition published in 1991 in English and held by 13 WorldCat member libraries worldwide
1 edition published in 1991 in English and held by 13 WorldCat member libraries worldwide
Analyse des générateurs de nombres aléatoires dans des conditions anormales d'utilisation by
Mathilde Soucarros(
)
1 edition published in 2012 in French and held by 3 WorldCat member libraries worldwide
Random numbers have been used through the ages for games of chance, more recently for secret codes and today they are necessary to the execution of computer programs. Random number générators have now evolved from simple dices to electronic circuits and algorithms. Accordingly, the ability to distinguish between random and nonrandom numbers has become more difficult. Furthemore, whereas in the past dices were loaded in order to increase winning chances, it is now possible to influence the outcome of random number generators.In consequence, this subject is still very much an issue and has recently made the headlines. Indeed, there was talks about the PS3 game console which generates constant random numbers and redundant distribution of secret keys on the internet.This thesis presents a study of several generators as well as different means to perturb them. It shows the inherent defects of their conceptions and possible consequences of their failure when they are embedded inside security components. Moreover, this work highlights problems yet to be solved concerning the testing of random numbers and the postprocessing eliminating bias in these numbers distribution
1 edition published in 2012 in French and held by 3 WorldCat member libraries worldwide
Random numbers have been used through the ages for games of chance, more recently for secret codes and today they are necessary to the execution of computer programs. Random number générators have now evolved from simple dices to electronic circuits and algorithms. Accordingly, the ability to distinguish between random and nonrandom numbers has become more difficult. Furthemore, whereas in the past dices were loaded in order to increase winning chances, it is now possible to influence the outcome of random number generators.In consequence, this subject is still very much an issue and has recently made the headlines. Indeed, there was talks about the PS3 game console which generates constant random numbers and redundant distribution of secret keys on the internet.This thesis presents a study of several generators as well as different means to perturb them. It shows the inherent defects of their conceptions and possible consequences of their failure when they are embedded inside security components. Moreover, this work highlights problems yet to be solved concerning the testing of random numbers and the postprocessing eliminating bias in these numbers distribution
Etude de la sécurité des implémentations de couplage by
Ronan Lashermes(
Book
)
2 editions published in 2014 in English and held by 2 WorldCat member libraries worldwide
Pairings are cryptographic algorithms allowing new protocols for publickey cryptography. After a decade of research which led to a dramatic improvement of the computation speed of pairings, we focused on the security of pairing implementations.For that purpose, we evaluated the resistance to fault attacks. We have sent electromagnetic pulses in the chip computing a pairing at a precise instant. It allowed us to recover the cryptographic secret which should be protected in the computation. Our study was both theoretical and practical; we did implement actual fault attacks. Finally, we proposed countermeasures in order to protect the algorithm in the future
2 editions published in 2014 in English and held by 2 WorldCat member libraries worldwide
Pairings are cryptographic algorithms allowing new protocols for publickey cryptography. After a decade of research which led to a dramatic improvement of the computation speed of pairings, we focused on the security of pairing implementations.For that purpose, we evaluated the resistance to fault attacks. We have sent electromagnetic pulses in the chip computing a pairing at a precise instant. It allowed us to recover the cryptographic secret which should be protected in the computation. Our study was both theoretical and practical; we did implement actual fault attacks. Finally, we proposed countermeasures in order to protect the algorithm in the future
La reduction des reseaux en cryptographie by
Antoine Joux(
Book
)
2 editions published in 1993 in French and held by 2 WorldCat member libraries worldwide
2 editions published in 1993 in French and held by 2 WorldCat member libraries worldwide
Cryptanalyse des algorithmes de type EvenMansour by
Chrysanthi Mavromati(
)
1 edition published in 2017 in French and held by 1 WorldCat member library worldwide
Les algorithmes cryptographiques actuels se répartissent en deux grandes familles : les algorithmes symétriques et les algorithmes asymétriques. En 1991, S. Even et Y. Mansour ont proposé une construction simple d'un algorithme de chiffrement par blocs en utilisant une permutation aléatoire. Récemment, surtout pour répondre aux nouveaux enjeux de la cryptographie à bas coût, plusieurs algorithmes ont été proposés dont la construction est basée sur le schéma EvenMansour. Les travaux réalisés dans cette thèse ont pour objet l'analyse de ce type d'algorithmes. À cette fin, nous proposons une nouvelle attaque générique sur le schéma EvenMansour. Ensuite, afin de montrer l'importance particulière du modèle multiutilisateurs, nous appliquons cette attaque générique dans ce modèle. Ces deux attaques sur EvenMansour introduisent deux nouvelles idées algorithmiques : les chaînes parallèles et la construction d'un graphe qui illustre les liens entre les clés des utilisateurs du modèle multiutilisateurs. Finalement, basés sur ces idées, nous proposons des attaques sur les algorithmes de chiffrement par blocs DESX et PRINCE et sur le code d'authentification de message Chaskey
1 edition published in 2017 in French and held by 1 WorldCat member library worldwide
Les algorithmes cryptographiques actuels se répartissent en deux grandes familles : les algorithmes symétriques et les algorithmes asymétriques. En 1991, S. Even et Y. Mansour ont proposé une construction simple d'un algorithme de chiffrement par blocs en utilisant une permutation aléatoire. Récemment, surtout pour répondre aux nouveaux enjeux de la cryptographie à bas coût, plusieurs algorithmes ont été proposés dont la construction est basée sur le schéma EvenMansour. Les travaux réalisés dans cette thèse ont pour objet l'analyse de ce type d'algorithmes. À cette fin, nous proposons une nouvelle attaque générique sur le schéma EvenMansour. Ensuite, afin de montrer l'importance particulière du modèle multiutilisateurs, nous appliquons cette attaque générique dans ce modèle. Ces deux attaques sur EvenMansour introduisent deux nouvelles idées algorithmiques : les chaînes parallèles et la construction d'un graphe qui illustre les liens entre les clés des utilisateurs du modèle multiutilisateurs. Finalement, basés sur ces idées, nous proposons des attaques sur les algorithmes de chiffrement par blocs DESX et PRINCE et sur le code d'authentification de message Chaskey
Algorithmique des couplages et cryptographie by
Sorina Ionica(
Book
)
in French and held by 1 WorldCat member library worldwide
Les couplages ont été utilisés pour la première fois en cryptographie pour des attaquer le problème du logarithme discret sur la courbe elliptique. Plus tard, des nombreux schémas cryptographiques à base de couplages sont proposés. Dans cette thèse, nous proposons l'utilisation des couplages pour l'étude des volcans d'isogénies et l'utilisation des isogénies pour l'implémentation efficace des couplages. Les volcans d'isogénies sont des graphes dont les noeuds sont des courbes elliptiques et les arrêts sont des isogénies entre les courbes. Les algorithmes permettant de parcourir ces graphes ont été donnés par Kohel (1996) et par Fouquet et Morain (2001). Néanmoins, à présent, il n'est pas possible de prédire, lorsqu'on veut faire un pas sur le volcan, la direction de ce pas. Supposons que la cardinalité de la courbe est connue. Étant donné un point d'ordre l sur la courbe, nous donnons une méthode de déterminer la direction de l'isogénie dont le noyau est engendré par ce point. Notre méthode, qui comprend seulement le calcul de quelques couplages, est très efficace et donne des algorithmes rapides pour le parcours des graphes d'isogénies. Dans la deuxième partie de cette thèse, nous nous sommes interéssés au calcul du couplage sur des courbes elliptiques en forme d'Edwards. En utilisant une isogénie de degré 4, nous avons donné les premieres formules pour le calcul efficace des couplages sur les courbes d'Edwards
in French and held by 1 WorldCat member library worldwide
Les couplages ont été utilisés pour la première fois en cryptographie pour des attaquer le problème du logarithme discret sur la courbe elliptique. Plus tard, des nombreux schémas cryptographiques à base de couplages sont proposés. Dans cette thèse, nous proposons l'utilisation des couplages pour l'étude des volcans d'isogénies et l'utilisation des isogénies pour l'implémentation efficace des couplages. Les volcans d'isogénies sont des graphes dont les noeuds sont des courbes elliptiques et les arrêts sont des isogénies entre les courbes. Les algorithmes permettant de parcourir ces graphes ont été donnés par Kohel (1996) et par Fouquet et Morain (2001). Néanmoins, à présent, il n'est pas possible de prédire, lorsqu'on veut faire un pas sur le volcan, la direction de ce pas. Supposons que la cardinalité de la courbe est connue. Étant donné un point d'ordre l sur la courbe, nous donnons une méthode de déterminer la direction de l'isogénie dont le noyau est engendré par ce point. Notre méthode, qui comprend seulement le calcul de quelques couplages, est très efficace et donne des algorithmes rapides pour le parcours des graphes d'isogénies. Dans la deuxième partie de cette thèse, nous nous sommes interéssés au calcul du couplage sur des courbes elliptiques en forme d'Edwards. En utilisant une isogénie de degré 4, nous avons donné les premieres formules pour le calcul efficace des couplages sur les courbes d'Edwards
Vers une généralisation rigoureuse des méthodes de Coppersmith pour la recherche de petites racines de polynômes by
Aurélie Bauer(
Book
)
in French and held by 1 WorldCat member library worldwide
Les techniques de recherche de petites racines de polynômes par réduction de réseaux sont très largement utilisées dans les cryptanalyses de systèmes à clé publique. Dans le cas simple de polynômes univariés modulaires et bivariés sur les entiers, les méthodes de Coppersmith apportent une réponse rigoureuse. Pour un nombre de variables plus élevé, on utilise des généralisations multivariées de ces techniques. Le résultat n'est alors garanti que sous une hypothèse d'indépendance algébrique entre polynômes. Cette hypothèse n'est pas considérée comme étant problématique puisqu'elle semble être souvent vérifiée en pratique. Cette thèse fournit, pour la première fois, un contreexemple mettant en défaut l'hypothèse usuelle. Une construction est alors proposée dans le but de généraliser de façon rigoureuse les méthodes de Coppersmith. Les premières applications de cette construction à des exemples cryptographiques rééls fournissent des résultats prometteurs
in French and held by 1 WorldCat member library worldwide
Les techniques de recherche de petites racines de polynômes par réduction de réseaux sont très largement utilisées dans les cryptanalyses de systèmes à clé publique. Dans le cas simple de polynômes univariés modulaires et bivariés sur les entiers, les méthodes de Coppersmith apportent une réponse rigoureuse. Pour un nombre de variables plus élevé, on utilise des généralisations multivariées de ces techniques. Le résultat n'est alors garanti que sous une hypothèse d'indépendance algébrique entre polynômes. Cette hypothèse n'est pas considérée comme étant problématique puisqu'elle semble être souvent vérifiée en pratique. Cette thèse fournit, pour la première fois, un contreexemple mettant en défaut l'hypothèse usuelle. Une construction est alors proposée dans le but de généraliser de façon rigoureuse les méthodes de Coppersmith. Les premières applications de cette construction à des exemples cryptographiques rééls fournissent des résultats prometteurs
The representation technique application to hard problems in cryptography by
Anja Becker(
Book
)
1 edition published in 2012 in English and held by 1 WorldCat member library worldwide
The focus of this thesis is an algorithmic technique to solve the random, hard subsetsum problem and the distancedecoding problem in a random linear code. The subsetsum problem provides an alternative to other hard problems used in cryptography (e.g., factoring or the discrete logarithm problem). Its description is simple and the computation of sums of integers is an easy task. Furthermore, no polynomialtime quantum algorithm for solving general knapsacks is known. One can construct oneway functions, pseudorandom generators and privatekey encryption schemes from the hardness assumption of the averagecase problem. Also some cryptosystems based on lattice problems are provably as secure as the difficulty of the averagecase subsetsum problem. Decoding problems can be seen as a vectorial subsetsum problem. Of particular interest is the boundeddistancedecoding problem in a random code. It permits publickey encryption, digital signatures, identification schemes and hashfunctions. We present different generic algorithmic tools to solve the above problems. By use of our extended representation technique, we obtain an algorithm of exponentially lower asymptotic running time than previous approaches for the hardest case of a random subsetsum problem. We show that the technique can be applied to the domain of codebased cryptography. This results in improved informationset decoding that solves the distancedecoding problem for random linear codes. The new algorithm is asymptotically faster by an exponential factor
1 edition published in 2012 in English and held by 1 WorldCat member library worldwide
The focus of this thesis is an algorithmic technique to solve the random, hard subsetsum problem and the distancedecoding problem in a random linear code. The subsetsum problem provides an alternative to other hard problems used in cryptography (e.g., factoring or the discrete logarithm problem). Its description is simple and the computation of sums of integers is an easy task. Furthermore, no polynomialtime quantum algorithm for solving general knapsacks is known. One can construct oneway functions, pseudorandom generators and privatekey encryption schemes from the hardness assumption of the averagecase problem. Also some cryptosystems based on lattice problems are provably as secure as the difficulty of the averagecase subsetsum problem. Decoding problems can be seen as a vectorial subsetsum problem. Of particular interest is the boundeddistancedecoding problem in a random code. It permits publickey encryption, digital signatures, identification schemes and hashfunctions. We present different generic algorithmic tools to solve the above problems. By use of our extended representation technique, we obtain an algorithm of exponentially lower asymptotic running time than previous approaches for the hardest case of a random subsetsum problem. We show that the technique can be applied to the domain of codebased cryptography. This results in improved informationset decoding that solves the distancedecoding problem for random linear codes. The new algorithm is asymptotically faster by an exponential factor
Reducing number field defining polynomials: an application to class group computations(
)
1 edition published in 2016 in English and held by 1 WorldCat member library worldwide
Abstract : In this paper we describe how to compute smallest monic polynomials that define a given number field $\mathbb{K}$ . We make use of the onetoone correspondence between monic defining polynomials of $\mathbb{K}$ and algebraic integers that generate $\mathbb{K}$ . Thus, a smallest polynomial corresponds to a vector in the lattice of integers of $\mathbb{K}$ and this vector is short in some sense. The main idea is to consider weighted coordinates for the vectors of the lattice of integers of $\mathbb{K}$ . This allows us to find the desired polynomial by enumerating short vectors in these weighted lattices. In the context of the subexponential algorithm of Biasse and Fieker for computing class groups, this algorithm can be used as a precomputation step that speeds up the rest of the computation. It also widens the applicability of their faster conditional method, which requires a defining polynomial of small height, to a much larger set of number field descriptions
1 edition published in 2016 in English and held by 1 WorldCat member library worldwide
Abstract : In this paper we describe how to compute smallest monic polynomials that define a given number field $\mathbb{K}$ . We make use of the onetoone correspondence between monic defining polynomials of $\mathbb{K}$ and algebraic integers that generate $\mathbb{K}$ . Thus, a smallest polynomial corresponds to a vector in the lattice of integers of $\mathbb{K}$ and this vector is short in some sense. The main idea is to consider weighted coordinates for the vectors of the lattice of integers of $\mathbb{K}$ . This allows us to find the desired polynomial by enumerating short vectors in these weighted lattices. In the context of the subexponential algorithm of Biasse and Fieker for computing class groups, this algorithm can be used as a precomputation step that speeds up the rest of the computation. It also widens the applicability of their faster conditional method, which requires a defining polynomial of small height, to a much larger set of number field descriptions
Attaques physiques sur des algorithmes de chiffrement par flot by
Pascal Delaunay(
Book
)
1 edition published in 2011 in French and held by 1 WorldCat member library worldwide
Since 1999 and Paul Kocher's initial publication, several sidechannel attacks have been published. Most of these attacks target publickey cryptosystems and bloc ciphers but only a few of them target stream ciphers, despite being widely used on daily applications. After some remids on sidechannel attacks, linear and nonlinear feedback shift registers and fast correlation attacks, we propose at first three fast correlation attacks targetting linear feedback shift registers and using sidechannel information to improve their accuracy. Next, we present two flaws in nonlinear feedback shift registers which allow full recovery of the internal state using wellchosen sidechannel attacks. We finally use these vulnerabilities to mount two sidechannel attacks against VEST, an eSTREAM candidate, to recover partial information from the internal state
1 edition published in 2011 in French and held by 1 WorldCat member library worldwide
Since 1999 and Paul Kocher's initial publication, several sidechannel attacks have been published. Most of these attacks target publickey cryptosystems and bloc ciphers but only a few of them target stream ciphers, despite being widely used on daily applications. After some remids on sidechannel attacks, linear and nonlinear feedback shift registers and fast correlation attacks, we propose at first three fast correlation attacks targetting linear feedback shift registers and using sidechannel information to improve their accuracy. Next, we present two flaws in nonlinear feedback shift registers which allow full recovery of the internal state using wellchosen sidechannel attacks. We finally use these vulnerabilities to mount two sidechannel attacks against VEST, an eSTREAM candidate, to recover partial information from the internal state
A sieve algorithm based on overlattices(
)
1 edition published in 2014 in English and held by 1 WorldCat member library worldwide
Abstract: In this paper, we present a heuristic algorithm for solving exact, as well as approximate, shortest vector and closest vector problems on lattices. The algorithm can be seen as a modified sieving algorithm for which the vectors of the intermediate sets lie in overlattices or translated cosets of overlattices. The key idea is hence no longer to work with a single lattice but to move the problems around in a tower of related lattices. We initiate the algorithm by sampling very short vectors in an overlattice of the original lattice that admits a quasiorthonormal basis and hence an efficient enumeration of vectors of bounded norm. Taking sums of vectors in the sample, we construct short vectors in the next lattice. Finally, we obtain solution vector(s) in the initial lattice as a sum of vectors of an overlattice. The complexity analysis relies on the Gaussian heuristic. This heuristic is backed by experiments in low and high dimensions that closely reflect these estimates when solving hard lattice problems in the average case. This new approach allows us to solve not only shortest vector problems, but also closest vector problems, in lattices of dimension $\def \xmlpi #1{}\def \mathsfbi #1{\boldsymbol {\mathsf {#1}}}\let \le =\leqslant \let \leq =\leqslant \let \ge =\geqslant \let \geq =\geqslant \def \Pr {\mathit {Pr}}\def \Fr {\mathit {Fr}}\def \Rey {\mathit {Re}}n$ in time $2^{0.3774\, n}$ using memory $2^{0.2925\, n}$ . Moreover, the algorithm is straightforward to parallelize on most computer architectures
1 edition published in 2014 in English and held by 1 WorldCat member library worldwide
Abstract: In this paper, we present a heuristic algorithm for solving exact, as well as approximate, shortest vector and closest vector problems on lattices. The algorithm can be seen as a modified sieving algorithm for which the vectors of the intermediate sets lie in overlattices or translated cosets of overlattices. The key idea is hence no longer to work with a single lattice but to move the problems around in a tower of related lattices. We initiate the algorithm by sampling very short vectors in an overlattice of the original lattice that admits a quasiorthonormal basis and hence an efficient enumeration of vectors of bounded norm. Taking sums of vectors in the sample, we construct short vectors in the next lattice. Finally, we obtain solution vector(s) in the initial lattice as a sum of vectors of an overlattice. The complexity analysis relies on the Gaussian heuristic. This heuristic is backed by experiments in low and high dimensions that closely reflect these estimates when solving hard lattice problems in the average case. This new approach allows us to solve not only shortest vector problems, but also closest vector problems, in lattices of dimension $\def \xmlpi #1{}\def \mathsfbi #1{\boldsymbol {\mathsf {#1}}}\let \le =\leqslant \let \leq =\leqslant \let \ge =\geqslant \let \geq =\geqslant \def \Pr {\mathit {Pr}}\def \Fr {\mathit {Fr}}\def \Rey {\mathit {Re}}n$ in time $2^{0.3774\, n}$ using memory $2^{0.2925\, n}$ . Moreover, the algorithm is straightforward to parallelize on most computer architectures
Calcul de groupes de classes d'un corps de nombres et applications à la cryptologie by
Alexandre Gélin(
)
1 edition published in 2017 in English and held by 1 WorldCat member library worldwide
In this thesis, we focus on class group computations in number fields. We start by describing an algorithm for reducing the size of a defining polynomial of a number field. There exist infinitely many polynomials that define a specific number field, with arbitrarily large coefficients, but our algorithm constructs the one that has the absolutely smallest coefficients. The advantage of knowing such a ``small'' defining polynomial is that it makes calculations in the number field easier because smaller values are involved. In addition, thanks to such a small polynomial, one can use specific algorithms that are more efficient than the general ones for class group computations. The generic algorithm to determine the structure of a class group is based on ideal reduction, where ideals are viewed as lattices. We describe and simplify the algorithm presented by Biasse and Fieker in 2014 at ANTS and provide a more thorough complexity analysis for~it. We also examine carefully the case of number fields defined by a polynomial with small coefficients. We describe an algorithm similar to the Number Field Sieve, which, depending on the field parameters, may reach the hope for complexity L(1/3). Finally, our results can be adapted to solve an associated problem: the Principal Ideal Problem. Given any basis of a principal ideal (generated by a unique element), we are able to find such a generator. As this problem, known to be hard, is the keypoint in several homomorphic cryptosystems, the slight modifications of our algorithms provide efficient attacks against these cryptographic schemes
1 edition published in 2017 in English and held by 1 WorldCat member library worldwide
In this thesis, we focus on class group computations in number fields. We start by describing an algorithm for reducing the size of a defining polynomial of a number field. There exist infinitely many polynomials that define a specific number field, with arbitrarily large coefficients, but our algorithm constructs the one that has the absolutely smallest coefficients. The advantage of knowing such a ``small'' defining polynomial is that it makes calculations in the number field easier because smaller values are involved. In addition, thanks to such a small polynomial, one can use specific algorithms that are more efficient than the general ones for class group computations. The generic algorithm to determine the structure of a class group is based on ideal reduction, where ideals are viewed as lattices. We describe and simplify the algorithm presented by Biasse and Fieker in 2014 at ANTS and provide a more thorough complexity analysis for~it. We also examine carefully the case of number fields defined by a polynomial with small coefficients. We describe an algorithm similar to the Number Field Sieve, which, depending on the field parameters, may reach the hope for complexity L(1/3). Finally, our results can be adapted to solve an associated problem: the Principal Ideal Problem. Given any basis of a principal ideal (generated by a unique element), we are able to find such a generator. As this problem, known to be hard, is the keypoint in several homomorphic cryptosystems, the slight modifications of our algorithms provide efficient attacks against these cryptographic schemes
Attaques algébriques du problème du logarithme discret sur courbes elliptiques by
Vanessa Vitse(
Book
)
1 edition published in 2011 in French and held by 1 WorldCat member library worldwide
The main subject of this Ph.D. thesis is the discrete logarithm problem on elliptic curves, which is of major interest in publickey cryptography. Several new methods for solving this problem over finite field extensions are proposed. After a complete description of the GHS transfer techniques and of the decomposition attacks introduced by Gaudry and Diem, we present variants of these methods, enlarging the range of extension fields over which the elliptic curve DLP is weak. A new approach based on a combination of cover and decomposition methods is also proposed, allowing to compute discrete logarithms on elliptic curves defined over sextic extensions whose sizes had never been reached before. An important ingredient is the use of Gröbner bases for polynomial system solving. We introduce an algorithm optimized for the algebraic cryptanalysis context, that outperforms in this setting standard algorithms
1 edition published in 2011 in French and held by 1 WorldCat member library worldwide
The main subject of this Ph.D. thesis is the discrete logarithm problem on elliptic curves, which is of major interest in publickey cryptography. Several new methods for solving this problem over finite field extensions are proposed. After a complete description of the GHS transfer techniques and of the decomposition attacks introduced by Gaudry and Diem, we present variants of these methods, enlarging the range of extension fields over which the elliptic curve DLP is weak. A new approach based on a combination of cover and decomposition methods is also proposed, allowing to compute discrete logarithms on elliptic curves defined over sextic extensions whose sizes had never been reached before. An important ingredient is the use of Gröbner bases for polynomial system solving. We introduce an algorithm optimized for the algebraic cryptanalysis context, that outperforms in this setting standard algorithms
Le logarithme discret dans les corps finis by
Cécile Pierrot(
)
1 edition published in 2016 in French and held by 1 WorldCat member library worldwide
Cryptography is the study of techniques for secure communication in the presence of third parties, also called adversaries. Such techniques are detailed in cryptosystems, explaining how to securely encode and decode messages. They are designed around computational hardness assumptions related to mathematical properties, making such algorithms hard to break in practice by any adversary. These protocols are based on the computational difficulty of various problems which often come from number theory, such as integer factorization or discrete logarithms computations. This manuscript focuses on the discrete logarithm problem in finite fields and revolves around three axes.First we detail classical results about the problem without any consideration to the target group. We deal with complexity classes and some general methods that do not need any information on the group.The study of the discrete logarithm problem in finite fields starts with small characteristic ones. The aim is to present a Frobenius representation algorithm that leads to the current discrete logarithm record in characteristic 3.For medium or large characteristics finite fields, another approach is required. The multiple number field sieve reaches the best asymptotic heuristic complexities for this double range of characteristics. We also introduce the notion of nearly sparse matrices. Designing a new algorithm dedicated to explicitly give the kernel of such a matrix eases in practice the linear algebra step of any variant of the number field sieve
1 edition published in 2016 in French and held by 1 WorldCat member library worldwide
Cryptography is the study of techniques for secure communication in the presence of third parties, also called adversaries. Such techniques are detailed in cryptosystems, explaining how to securely encode and decode messages. They are designed around computational hardness assumptions related to mathematical properties, making such algorithms hard to break in practice by any adversary. These protocols are based on the computational difficulty of various problems which often come from number theory, such as integer factorization or discrete logarithms computations. This manuscript focuses on the discrete logarithm problem in finite fields and revolves around three axes.First we detail classical results about the problem without any consideration to the target group. We deal with complexity classes and some general methods that do not need any information on the group.The study of the discrete logarithm problem in finite fields starts with small characteristic ones. The aim is to present a Frobenius representation algorithm that leads to the current discrete logarithm record in characteristic 3.For medium or large characteristics finite fields, another approach is required. The multiple number field sieve reaches the best asymptotic heuristic complexities for this double range of characteristics. We also introduce the notion of nearly sparse matrices. Designing a new algorithm dedicated to explicitly give the kernel of such a matrix eases in practice the linear algebra step of any variant of the number field sieve
more
fewer
Audience Level
0 

1  
Kids  General  Special 
Related Identities
Useful Links
Associated Subjects
Algebra Algorithms Coding theory Computational complexity Computer algorithms Computer networks Computers ComputersAccess control Computer science Computer scienceMathematics Computer security Computer software Cryptography CryptographyMathematics Data encryption (Computer science) Data protection Data structures (Computer science) Data transmission systemsSecurity measures Public key cryptography