On the p-adic stability of the FGLM algorithm

Nowadays, many strategies to solve polynomial systems use the computation of a Gröbner basis for the graded reverse lexicographical ordering, followed by a change of ordering algorithm to obtain a Gröbner basis for the lexicographical ordering. The change of ordering algorithm is crucial for these strategies. We study the p-adic stability of the main change of ordering algorithm, FGLM. We show that FGLM is stable and give explicit upper bound on the loss of precision occuring in its execution. The variant of FGLM designed to pass from the grevlex ordering to a Gröbner basis in shape position is also stable. Our study relies on the application of Smith Normal Form computations for linear algebra

Safe-Error Analysis of Post-Quantum Cryptography Mechanisms

International audienceThe NIST selection process for standardizing Post-Quantum Cryptography Mechanisms is currently running. Many papers already studied their theoretical security, but the resistance in deployed device has not been much investigated so far. In particular, fault attack is a serious threat for algorithms implemented in embedded devices. One particularly powerful technique is to used safe-error attacks. Such attacks exploit the fact that a specific fault may or may not lead to a faulty output depending on a secret value. In this paper, we investigate the resistance of various Post-Quantum candidates algorithms against such attacks

Exploitation du graphe de dépendance d'AOSP à des fins de sécurité

International audienceContrairement aux GNU autotools, le système de build Soong, développé par Google, se prête plus favorablement à l'analyse de l'interdépendance des cibles de compilations. Utilisées à des fins de sécurité, ces relations de dépendances permettent d'évaluer la propagation d'une vulnérabilités et les composants affectés à travers un graphe, appelé graphe de dépendance unifié. Appliqué à l'Android Open Source Project, la construction et l'exploitation de ce graphe permettent de savoir quelles sont les cibles issues d'un fichier. Ces travaux présentent les problématiques techniques liées au calcul de ce graphe et le potentiel offert par son exploitation

Sub-cubic Change of Ordering for Gröner Basis: A Probabilistic Approach

International audienceThe usual algorithm to solve polynomial systems using Gröbner bases consists of two steps: first computing the DRL Gröbner basis using the F5 algorithm then computing the LEX Gröbner basis using a change of ordering algorithm. When the Bézout bound is reached, the bottleneck of the total solving process is the change of ordering step. For 20 years, thanks to the FGLM algorithm the complexity of change of ordering is known to be cubic in the number of solutions of the system to solve. We show that, in the generic case or up to a generic linear change of variables, the multiplicative structure of the quotient ring can be computed with no arithmetic operation. Moreover, given this multiplicative structure we propose a change of ordering algorithm for Shape Position ideals whose complexity is polynomial in the number of solutions with exponent ω where 2 ≤ ω < 2.3727 is the exponent in the complexity of multiplying two dense matrices. As a consequence, we propose a new Las Vegas algorithm for solving polynomial systems with a finite number of solutions by using Gröbner basis for which the change of ordering step has a sub-cubic (i.e. with exponent ω) complexity and whose total complexity is dominated by the complexity of the F5 algorithm. In practice we obtain significant speedups for various polynomial systems by a factor up to 1500 for specific cases and we are now able to tackle some instances that were intractable

Factoring N=prqsN=p^r q^s for Large rr and ss

International audienceBoneh et al. showed at Crypto 99 that moduli of the form N = p^r q can be factored in polynomial time when r ≃ log(p). Their algorithm is based on Coppersmith’s technique for finding small roots of polynomial equations. In this paper we show that N = p^r q^s can also be factored in polynomial time when r or s is at least (log p)^3; therefore we identify a new class of integers that can be efficiently factored.We also generalize our algorithm to moduli with k prime factors N = \prod_{i=1}^k p_i^{r_i} ; we show that a non-trivial factor of N can be extracted in polynomial-time if one of the exponents r_i is large enough

Contribution à la Résolution Algébrique et Applications en Cryptologie

Dans ce document je présente ma contibution à la résolution algébrique et les applications cryptologiques qui en découlent. L'axe principal est celui de l'utilisation des strucutres intrinsèques des problèmes donnés en entrée pour développer des algorithmes efficaces de résolution.Cette contribution est divisée en trois thèmes différents : la théorie de Galois effective, la résolution d'équations modulaires et l'étude de la résolution des systèmes polynomiaux.Les applications qui en découlent relèvent essentiellement de la cryptologie asymétrique et plus particulièrement sur celle reposant sur des problèmes issus de la théorie des nombres

Introduction à la Théorie de Galois Effective

National audienc

Multi-modular Algorithm for Computing the Splitting Field of a Polynomial

International audienceLet f be a univariate monic integral polynomial of degree n and let (α1, ..., αn) be an n-tuple of its roots in an algebraic closure Q of Q. Obtaining an algebraic representation of the splitting field Q(α1, ..., αn) of f is a question of first importance in effective Galois theory. For instance, it allows us to manipulate symbolically the roots of f. In this paper, we propose a new method based on multi-modular strategy. Actually, we provide algorithms for this task which return a triangular set encoding the splitting ideal of f. We examine the ability/practicality of the method by experiments on a real computer and study its complexity