Search by date:
1998
|
1999
|
2000
|
2001
|
2002
|
2003
|
2004
|
2005
|
2006
|
2007
|
2008
|
2009
|
2010
|
2011
|
2012
| Forthcoming
If you wish to be informed about our seminars by email,
please contact Iwen Coisel or François-Xavier Standaert .
Seminars for the year 2006
January 2006
January 19, 11:00 - La Cryptographie Multivariable Probabiliste
by Jacques Patarin
| Date: | January 19, 2006 - 11:00 |
| Location: | Auditoire Euler, 002, Euler Building (near Maxwell Building)
Avenue Georges Lemaître, 4-6 - 1348 Louvain-la-Neuve |
| Abstract: | Généralement un algorithme de cryptographie multivariable est constitué d'un schéma de base auquel on ajoute des "perturbations" pour en renforcer la sécurité (et même parfois pour éviter qu'il existe une attaque polynomiale). On ne connaît qu'un petit nombre de perturbations : +, -, V ,
F, PI (de Ding) par exemple. Dans cet exposé nous allons voir que l'on peut étendre la cryptographie multivariable au cas probabiliste : non plus 100 % des équations doivent être satisfaites, mais un nombre beaucoup plus grand
que pour des essais aléatoires. On a alors bien plus de perturbations possibles. Nous allons présenter divers schémas que l'on peut alors construire ainsi que leurs performances. Ceci ouvre un nouvel espace, assez vaste, de nouveaux schémas de signature à clé publique.
Travail en commun avec Aline Gouget |
| Link: | |
February 2006
February 01, 11:00 - Understanding Cache Attack
by Cédric Lauradoux
| Date: | February 01, 2006 - 11:00 |
| Location: | Auditoire Euler, 002, Euler Building (near Maxwell Building)
Avenue Georges Lemaître, 4-6 - 1348 Louvain-la-Neuve |
| Abstract: | Recently a lot of works have investigated the possibility to exploit the cache memories to mount side channel attacks against encryption system on superscalar processors. In a first part, I will show some simple ways to evaluate the impact of cache memory on a process execution. The effects of cache memories on processor performance have been well studied by the micro-architecture community. The reference documents in the study of cache memory are the works of Hill. We have tried to unify those works and cache miss attacks. As a result, I will present a classification of the known cache miss attacks according to the 3C of Hill. The second part of my talk will be devoted to the AES study case. Wewill show the impact of the overall micro-architecture of a processor on the AES cache attacks.The possibilities to defeat cache miss attacks are numerous. For instance, we can use compensation loop to average the timing of the AES. But the overhead induced by this solution is too important (indeed we reach the Worst Case Execution Time). I will present a countermeasure very similar to masking that can defeat all known cache attacks against the AES with a low overhead (<5%).
Joint work with Anne Canteaut and Andre Seznec
|
| Link: | |
February 09, 11:00 - A public key traitor tracing scheme secure against adaptive chosen ciphertext attack
by ChongHee KIM
| Date: | February 09, 2006 - 11:00 |
| Location: | Auditoire Euler, 002, Euler Building (near Maxwell Building)
Avenue Georges Lemaître, 4-6 - 1348 Louvain-la-Neuve |
| Abstract: | A broadcast encryption scheme enables a center to send encrypted data toa large group of users over an insecure channel, where only legitimate users can decrypt the data. The set of legitimate users is dynamically changing, so it should be possible to prevent some revoked users from decrypting the data. The broadcast encryption scheme has numerous applications, such as pay-TV systems,the distribution of copyrighted materials, internet multicasting of video,music, magazines, and so on. Broadcast encryption schemes can be divided into many categories. Among them, we are mostly interested in public key based schemes. Public key based broadcast encryption schemes are also divided into several categories, such as a traitor tracing scheme, a revoke scheme, a trace and revoke scheme, and so on.
An encryption scheme secure against adaptive chosen ciphertext attack is a very powerful cryptographic primitive. It is essential in designing protocols that are secure against active adversaries. Therefore, we proposed new public key broadcast encryption schemes secure against adaptive chosen ciphertext
attack.
|
| Link: | |
March 2006
March 15, 11:00 - An overview on aggregate signature schemes
by Javier Herranz
| Date: | March 15, 2006 - 11:00 |
| Location: | Auditoire Euler, 002, Euler Building (near Maxwell Building)
Avenue Georges Lemaître, 4-6 - 1348 Louvain-la-Neuve |
| Abstract: | In this talk we will deal with aggregate signature schemes, which
transform $n$ different signatures on different messages into an aggregate
signature, in such a way that both the length of the resulting signature and
the cost of verifying it are reduced with respect to those of the $n$
initial signatures. We will see some examples constructed from well-known
signature schemes in the PKI-scenario: RSA, Schnorr, BLS. After that, we
will move to the Identity-Based scenario, to see the problems when trying to
achieve constant-length aggregation with existing signature schemes. We will
explain a partial solution to this problem.
We will also point out some results about efficient aggregation of
signatures with a designated verifier. Finally we will explain the
application of these schemes to obtain authenticated routing protocols. |
| Link: | |
May 2006
May 22, 14:00 - Zhuang-Zi: A New Algorithm for Solving Multivariate Polynomial Equations over a Finite Field
| Date: | May 22, 2006 - 14:00 |
| Location: | Auditoire Euler, 002, Euler Building (near Maxwell Building)
Avenue Georges Lemaître, 4-6 - 1348 Louvain-la-Neuve |
| Abstract: | In this talk, we present the Zhuang-Zi algorithm, a new method for solving multivariate polynomial equations over a finite field. The basic idea is to lift a multivariate map to become a single map and transform the problem to solve a set of multivariate equations over a small finite field into a problem to solve a set of single variable equations over a large field. We describe the algorithm and present examples, some of which cannot be solved with the fastest known algorithms |
June 2006
June 12, 09:00 - ECRYPT Summer School on Cryptographic Hardware, Side-Channel and Fault Attacks
| Date: | June 12, 2006 - 09:00 |
| Location: | Unspecified location |
| Abstract: | This summer school focuses on all aspects of cryptographic hardware systems, from implementation concerns to physical security, including side-channel and fault attacks. The school only assumes basic knowledge of electrical engineering and programming skills, but the reading of a basic cryptographic textbook is a pre-requisite. |
| Link: | http://www.dice.ucl.ac.be/crypto/sumschool.htm |
June 16, 09:00 - Recent Results on Side-Channel Resistant Designs
| Date: | June 16, 2006 - 09:00 |
| Location: | Unspecified location |
| Abstract: | SCARD (Side Channel Analysis Resistant Design) is an FP6 (6th Framework Program of the European Comission) sponsored research project (STREP) whose goal is to enhance the typical micro-chip design flow – from high level system description over register transfer layer description down to gate level net lists, and finally placement & routing of the micro-chip – in order to provide a mean for designing sidechannel resistant circuits and systems.
As part of the conclusions to the work performed during the project duration, the SCARD workshop intends to be a public divulgence by all partners that have been involved in the project, of some of the project results. |
| Link: | http://www.dice.ucl.ac.be/crypto/recscard.htm |
June 21, 15:00 - A Survey of Polynomial Basis Multiplication over GF(2^m)(Cetin Kaya Koc, Professor of Electrical and Computer)
| Date: | June 21, 2006 - 15:00 |
| Location: | Auditoire Euler, 002, Euler Building (near Maxwell Building)
Avenue Georges Lemaître, 4-6 - 1348 Louvain-la-Neuve |
| Abstract: | We describe, analyze and compare various GF(2^m) multipliers. Particularly, we investigate the standard modular multiplication, the Montgomery multiplication, and the matrix-vector multiplication techniques.
|
June 21, 16:30 - Is it wise to publish Your public RSA keys? (Jean-Pierre Seifert, University of Haifa)
| Date: | June 21, 2006 - 16:30 |
| Location: | Auditoire Euler, 002, Euler Building (near Maxwell Building)
Avenue Georges Lemaître, 4-6 - 1348 Louvain-la-Neuve |
| Abstract: | This talk presents a novel hardware attack against RSA-based
authentication of programs. Like the seminal paper from \cite{Bellcore}
it exploits the attacker's ability to arbitrarily tamper with a
computational device during its data processing.
But, contrary to \cite{Bellcore} our method targets the RSA signature
verification which processes only public data.
Surprisingly, we prove how to let the RSA verification process accept
signatures (with high probability and assuming the Riemann Hypothesis)
of arbitrary code --- signed with our own self-created private key.
While our attack is so far only theoretical, its practical feasibility
has been already implicitly confirmed, cf. \cite{BCNTW}.
In fact, through real experiments with tamper-resistant devices \cite
{ABFHS} discovered the following caveat being at the heart of our
vulnerability: the most often observed fault during RSA-computations
exposed to glitch attacks is the erroneous modification of the moduli.
Moreover, our attack relies only upon the simplest and most easiest
practically implementable fault induction method described by \cite
{BOS}. Our idea is somehow inspired by practiced methods circumventing
the FLASH Boot ROM authentication mechanism of the Xbox due to F.\
Lehner, cf. \cite{Hua}. Our attack can be interpreted as the
extrapolation of the mathematical foundation underlying those Xbox
vulnerabilities.
|
September 2006
September 12, 16:00 - The Victory of Intelligence -- David Kahn (Auditorium Barbe 92, Place Sainte-Barbe 1)
| Date: | September 12, 2006 - 16:00 |
| Location: | Unspecified location |
| Abstract: | Cryptology and secret codes have been used for thousands of years mainly by governments and military security experts. In countries, this field was even regarded as their exclusive one, not allowing citizen to use them to communicate.
However, this has not been always the case. In 1814, for example, Napoléon considered that secret codes were useless, being thus without secure medium of communication during Waterloo's battle. The lesson was not well retained and the same situation reproduced in 1870. Then the wireless telegraphy appeared with its very great facility of interception.
This talk will show how during WWI interception and analysis of encrypted messages convinced military experts that intelligence, which they initially looked as unimportant and almost useless, could help them to win victories.
Coffee, tea and biscuits will be offered after the seminar. |
| Link: | http://david-kahn.com/ |
November 2006
November 09, 16:00 - Bits and Atoms
by Neil Gershenfeld
| Date: | November 09, 2006 - 16:00 |
| Location: | Auditoire Euler, 002, Euler Building (near Maxwell Building)
Avenue Georges Lemaître, 4-6 - 1348 Louvain-la-Neuve |
| Abstract: | I will present emerging insights into the relationship between physical form and logical function: "building with logic" (error-corrected additive programmed assembly of functional systems) and "programming with math" (compiling problems posed as global goals into distributed local dynamics). Together, these provide a foundation for a digital revolution in fabrication, enabling engineering in a limit of enormous complexity. Applications will be discussed in molecular computation and manufacturing, analog logic, interdevice internetworking, conformal computing, and personal fabrication in developed and developing countries.
Prof. Neil Gershenfeld is the Director of MIT's Center for Bits and Atoms. His unique laboratory investigates the relationship between the content of information and its physical representation, from molecular quantum computers to virtuosic musical instruments. Technology from his lab has been seen and used in settings including New York's Museum of Modern Art and rural Indian villages, the White House/Smithsonian Millennium celebration and automobile safety systems, the World Economic Forum and inner-city community centers, Las Vegas shows and Sami herds. He is the author of numerous technical publications, patents, and books including "Fab," "When Things Start To Think," "The Nature of Mathematical Modeling," and "The Physics of Information Technology," has been featured in media such as The New York Times, The Economist, CNN, and the McNeil/Lehrer News Hour, and has been selected as one of the top 100 public intellectuals. Dr. Gershenfeld has a BA in Physics with High Honors from Swarthmore College, a Ph.D. from Cornell University, was a Junior Fellow of the Harvard University Society of Fellows, and a member of the research staff at Bell Labs. |
December 2006
December 19, 10:00 - New Cryptanalytic Results on IDEA (Orr Dunkelman, COSIC, KUL)
| Date: | December 19, 2006 - 10:00 |
| Location: | Room 207, Euler Building (near Maxwell Building)
Avenue Georges Lemaître, 4-6 - 1348 Louvain-la-Neuve |
| Abstract: | IDEA is a 64-bit block cipher with 128-bit keys introduced by Lai and
Massey in 1991. IDEA is one of the most widely used block ciphers, due to
its inclusion in several cryptographic packages, such as PGP and SSH. The
cryptographic strength of IDEA relies on a combination of three incompatible group operations - XOR, addition and modular multiplication. Since its introduction in 1991, IDEA has withstood extensive cryptanalytic effort, but no attack was found on the full variant of the cipher.
In this talk we go over past attempts at cryptanalysis of IDEA, and describe sevreal new results:
- The first known non-trivial relation that involves all the three operations of IDEA.
- A linear attack on 5-round IDEA that uses 2^{19} known plaintexts and
has a time complexity of 2^{103} encryptions.
- A related-key linear attack on 7.5-round IDEA that uses 2^{43.5} known
plaintexts and jas a time complexity equivalent to 2^{115.1} encryptions.
This is a joint work with Eli Biham and Nathan Keller. |
| Link: | http://vipe.technion.ac.il/~orrd/me/ |
See also:
