20 research outputs found
Usability of structured lattices for a post-quantum cryptography: practical computations, and a study of some real Kummer extensions
Lattice-based cryptography is an excellent candidate for post-quantum cryptography, i.e. cryptosystems which are resistant to attacks run on quantum computers. For efficiency reason, most of the constructions explored nowadays are based on structured lattices, such as module lattices or ideal lattices. The security of most constructions can be related to the hardness of retrieving a short element in such lattices, and one does not know yet to what extent these additional structures weaken the cryptosystems. A related problem â which is an extension of a classical problem in computational number theory â called the Short Principal Ideal Problem (or SPIP), consists of finding a short generator of a principal ideal. Its assumed hardness has been used to build some cryptographic schemes. However it has been shown to be solvable in quantum polynomial time over cyclotomic fields, through an attack which uses the Log-unit lattice of the field considered. Later, practical results showed that multiquadratic fields were also weak to this strategy.
The main general question that we study in this thesis is To what extent can structured lattices be used to build a post-quantum cryptography
Efficient randomized regular modular exponentiation using combined Montgomery and Barrett multiplications
Copyright 2016 by SCITEPRESS - Science and Technology Publications, Lda. All rights reserved.Cryptographic operations performed on an embedded device are vulnerable to side channel analysis and particularly to differential and correlation power analysis. The basic protection against such attacks is to randomize the data all along the cryptographic computations. In this paper we present a modular multiplication algorithm which can be used for randomization. We show that we can use it to randomize the modular exponentiation of the RSA cryptosystem. The proposed randomization is free of computation and induces a level of randomization from 210 to 215 for practical RSA modulus size
Computing -th roots in number fields
We describe several algorithms for computing -th roots of elements in a
number field , where is an odd prime-power integer. In particular we
generalize Couveignes' and Thom\'e's algorithms originally designed to compute
square-roots in the Number Field Sieve algorithm for integer factorization. Our
algorithms cover most cases of and and allow to obtain reasonable
timings even for large degree number fields and large exponents . The
complexity of our algorithms is better than general root finding algorithms and
our implementation compared well in performance to these algorithms implemented
in well-known computer algebra softwares. One important application of our
algorithms is to compute the saturation phase in the Twisted-PHS algorithm for
computing the Ideal-SVP problem over cyclotomic fields in post-quantum
cryptography.Comment: 9 pages, 4 figures. Associated experimental code provided at
https://github.com/ob3rnard/eth-root
A note on the discriminant and prime ramification of some real Kummer extensions
In this note, we establish some facts about real Kummer extensions of the form L = Q(p â m 1 ,. .. , p â mr), and L = K(p â m 1 ,. .. , p â mr) where Q(q â n 1 ,. .. , q â ns). In particular, we study the splitting of primes in L and exhibit fairly canonical and simple Q-bases of L and d L â N such that the order it generates contains d L O L
A note on the discriminant and prime ramification of some real Kummer extensions
In this note, we establish some facts about real Kummer extensions of the form L = Q(p â m 1 ,. .. , p â mr), and L = K(p â m 1 ,. .. , p â mr) where Q(q â n 1 ,. .. , q â ns). In particular, we study the splitting of primes in L and exhibit fairly canonical and simple Q-bases of L and d L â N such that the order it generates contains d L O L
ON THE SHORT PRINCIPAL IDEAL PROBLEM OVER SOME REAL KUMMER FIELDS
Several cryptosystems using structured lattices have been believed to be quantum resistant. Their security can be linked to the hardness of solving the Shortest Vector Problem over module or ideal lattices. During the past few years it has been shown that the related problem of finding a short generator of a principal ideal can be solved in quantum polynomial time over cyclotomic fields, and classical polynomial time over a range of multiquadratic and multicubic fields. Hence, it is important to study as many as possible other number fields, to improve our knowledge of the aformentioned problems. In this paper we generalise the work done over multiquadratic and multicubic fields to a larger range of real Kummer extensions of prime exponent p. Moreover, we extend the analysis by studying the Log-unit lattice over these number fields, in comparison to already studied fields
Computing roots of polynomials over number fields using complex embeddings
We explore a generic method to compute roots of polynomials over number fields through complex embeddings. We show how to use a structure of a relative extension to decode in a subfield. Additionally we describe several heuristic options to improve practical efficiency. We provide experimental data from our implementation, and compare our methods to the one implemented in \textsc{Pari/Gp}
Computing roots of polynomials over number fields using complex embeddings
We explore a generic method to compute roots of polynomials over number fields through complex embeddings. We show how to use a structure of a relative extension to decode in a subfield. Additionally we describe several heuristic options to improve practical efficiency. We provide experimental data from our implementation, and compare our methods to the one implemented in \textsc{Pari/Gp}
ON THE SHORT PRINCIPAL IDEAL PROBLEM OVER SOME REAL KUMMER FIELDS
Several cryptosystems using structured lattices have been believed to be quantum resistant. Their security can be linked to the hardness of solving the Shortest Vector Problem over module or ideal lattices. During the past few years it has been shown that the related problem of finding a short generator of a principal ideal can be solved in quantum polynomial time over cyclotomic fields, and classical polynomial time over a range of multiquadratic and multicubic fields. Hence, it is important to study as many as possible other number fields, to improve our knowledge of the aformentioned problems. In this paper we generalise the work done over multiquadratic and multicubic fields to a larger range of real Kummer extensions of prime exponent p. Moreover, we extend the analysis by studying the Log-unit lattice over these number fields, in comparison to already studied fields
Computing roots of polynomials over number fields using complex embeddings
We explore a generic method to compute roots of polynomials over number fields through complex embeddings. We show how to use a structure of a relative extension to decode in a subfield. Additionally we describe several heuristic options to improve practical efficiency. We provide experimental data from our implementation, and compare our methods to the one implemented in \textsc{Pari/Gp}