BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Laboratoire de Mathématiques de Versailles - ECPv6.15.20//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:Laboratoire de Mathématiques de Versailles
X-ORIGINAL-URL:https://lmv.math.cnrs.fr
X-WR-CALDESC:Évènements pour Laboratoire de Mathématiques de Versailles
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:Europe/Paris
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20250330T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20251026T010000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20260329T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20261025T010000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20270328T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20271031T010000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=Europe/Paris:20260306T110000
DTEND;TZID=Europe/Paris:20260306T120000
DTSTAMP:20260420T083056
CREATED:20260210T224800Z
LAST-MODIFIED:20260302T090259Z
UID:14798-1772794800-1772798400@lmv.math.cnrs.fr
SUMMARY:CRYPTO - Pierrick Dartois - A tale of groups and rabbits: efficient 4-dimensional isogeny computations for cryptographic group actions
DESCRIPTION:A tale of groups and rabbits: efficient 4-dimensional isogeny computations for cryptographic group actions \nIn the transition to post-quantum cryptography\, cryptographic group actions can offer a modularity close to pre-quantum discrete logarithm problems. Not only can this modularity be used for basic primitives (e.g. key exchange\, signatures)\, but also for advanced constructions\, including threshold schemes for secure multi-party computation that will be proposed to the next NIST call. \nIn this talk\, we present how such cryptographic group actions can be instantiated and computed with supersingular isogenies. With standard isogeny computation techniques\, it was only possible to efficiently compute the action of some particular group elements generating the whole group. This limitation could restrict some cryptographic applications where random group elements were used. The (qt-)Pegasis algorithm (Practical Effective class Group Action uSIng 4-dimensional isogenieS) has been introduced last year to overcome this limitation. Following a more and more popular approach in isogeny-based cryptography since the downfall of SIKE (Supersingular Isogeny Key Encapsulation)\, (qt-)Pegasis relies on the computation of a 4-dimensional isogeny. \nThe (qt-)Pegasis algorithm also motivated further research on the efficient computation of 4-dimensional isogenies in order to make it practical and provide an efficient C implementation. We shall conclude the talk with a presentation of recent improvements of 4-dimensional isogeny computation algorithms involving mysterious rabbit-shaped graphs. »
URL:https://lmv.math.cnrs.fr/evenenement/crypto-pierrick-dartois/
LOCATION:Bâtiment Fermat\, salle 4205
CATEGORIES:Séminaire CRYPTO
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=Europe/Paris:20260312T100000
DTEND;TZID=Europe/Paris:20260312T110000
DTSTAMP:20260420T083056
CREATED:20260210T224623Z
LAST-MODIFIED:20260313T083009Z
UID:14794-1773309600-1773313200@lmv.math.cnrs.fr
SUMMARY:CRYPTO : Paola de Perthuis (CWI) - Predicting Module-Lattice Reduction
DESCRIPTION:Is module-lattice reduction better than unstructured lattice reduction\nThis question was highlighted `Q8′ in the Kyber NIST standardization submission (Avanzi et al.\, 2021)\, as potentially affecting the concrete security of Kyber and other module-lattice based schemes. Foundational works on module-lattice reduction (Lee\, Pellet-Mary\, Stehlé\, and Wallet\, ASIACRYPT 2019; Mukherjee and Stephens-Davidowitz\, CRYPTO 2020) confirmed the existence of such modulevariants of LLL and block-reduction algorithms\, but focus only on provable worst-case asymptotic behavior.\nIn this work\, we present a concrete average-case analysis of module-lattice reduction. Specifically\, we address the question of the expected slope after running module-BKZ\, and pinpoint the discriminant \(\Delta_K\) of the number field at hand as the main quantity driving this slope. We convert this back into a gain or loss on the blocksize \(\beta\): module-BKZ in a number field \(K\) of degree \(d\) requires an SVP oracle of dimension \(\beta + \log(|\Delta_K| / d^d)\beta /(d\log \beta) + o(\beta / \log \beta)\) to reach the same slope as unstructured BKZ with blocksize \(\beta\). This asymptotic summary hides further terms that we predict concretely using experimentally verified heuristics. Incidentally\, we provide the first open-source implementation of module-BKZ for some cyclotomic fields.\nFor power-of-two cyclotomic fields\, we have \(|\Delta_K| = d^d\)\, and conclude that module-BKZ requires a blocksize larger than its unstructured counterpart by \(d-1+o(1)\). On the contrary\, for all other cyclotomic fields we have \(|\Delta_K| < d^d\)\, so module-BKZ provides a sublinear \(\Theta(\beta/\log \beta)\) gain on the required blocksize\, yielding a subexponential speedup of \(\exp(\Theta(\beta/\log \beta))\) \nhttps://eprint.iacr.org/2025/1904
URL:https://lmv.math.cnrs.fr/evenenement/crypto-paola-de-perthuis/
LOCATION:Bâtiment Fermat\, salle 4205
CATEGORIES:Séminaire CRYPTO
END:VEVENT
END:VCALENDAR