Theta functions and applications in cryptography Fonctions thêta et applications en cryptographie

60 pages

English

Theta functions and applications in cryptography Fonctions thêta et applications en cryptographie

Anjo - Damien Robert

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

60 pages

English

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

A propos
Informations
Extrait

Description

ThetafunctionsandapplicationsincryptographyFonctionsthêtaetapplicationsencryptographieThèsed’informatique1DamienRobert1Caramelteam,NancyUniversités,CNRS,INRIANancyGrandEst21/07/2010(Nancy)Outline1 Public-keycryptography2 Abelianvarieties3 Thetafunctions4 Pairings5 Isogenies6 PerspectivesDamienRobert (Caramel,LORIA) Thetafunctionsandcryptography 21/07/2010(Nancy) 2/40Public-keycryptographyOutline1 Public-keycryptography2 Abelianvarieties3 Thetafunctions4 Pairings5 Isogenies6 PerspectivesDamienRobert (Caramel,LORIA) Thetafunctionsandcryptography 21/07/2010(Nancy) 3/40Public-keycryptography Public-keysystemsA briefhistoryofpublic-keycryptographySecret-keycryptography:Vigenère(1553),Onetimepad(1917),AES(NIST,2001).Public-keycryptography:Diffie–Hellmankeyexchange(1976).RSA(1978):multiplication/factorisation.∗ElGamal:exponentiation/discretelogarithminG =F .qECC/HECC(1985):discretelogarithminG = A(F ).qLattices,NTRU(1996),IdealLattices(2006):perturbatealatticepoint/ClosestVectorProblem,BoundedDistanceDecoding.Polynomialsystems,HFE(1996):evaluatingpolynomials/findingroots.Coding-basedcryptography,McEliece(1978):Matrix.vector/decodingalinearcode.⇒ Encryption,Signature(+PseudoRandomNumberGenerator,ZeroKnowledge).Pairing-basedcryptography(2000–2001).Homomorphiccryptography(2009).DamienRobert (Caramel,LORIA) Thetafunctionsandcryptography 21/07/2010(Nancy) 4/40Public-keycryptography Public-keysystemsRSA versus(H)ECCSecurityRSA ...

Informations

Publié par	Anjo
Nombre de lectures	15
Langue	English

Extrait

eta functions and applications in cryptography Fonctions thêta et applications en cryptographie èse d’informatique



Damien Robert



Caramel team, Nancy Universités, CNRS, INRIA Nancy Grand Est

// (Nancy)

maraC(trAIROL,leDabeRoenmipyotdnrcyhrgpatafu)Theonsancti



Pairings



eta functions



Perspectives



Isogenies

/



Abelian varieties

Public-key cryptography



naN()yc//

Outline

l,meRILOThA)afettcnusnoicdnatpyrDmaeiRnbore(taCar

Outline

Perspectives



Isogenies



Pairings



eta functions



Abelian varieties

//hpygoar

Public-key cryptography





/ncy)(NablPuhyrgpapyotyerccik-

-cilcyekbuPyPphliubptryraogysyskec-msteptrydcanyphraogfatehT)Asnoitcnu

Abrief history of public-key cryptography

Public-key cryptography: Diﬃe–Hellman key exchange (). RSA ():multiplication/factorisation. ElGamal:exponentiation/discrete logarithminG=F∗ q. ECC/HECC():discrete logarithminG=A(Fq). Lattices, NTRU (), Ideal Lattices ():perturbate a lattice point/Closest Vector Problem, Bounded Distance Decoding. Polynomial systems, HFE ():evaluating polynomials/ﬁnding roots. Coding-based cryptography, McEliece ():Matrix.vector/decoding a linear code. ⇒Encryption, Signature (+Pseudo Random Number Generator, Zero Knowledge).

Secret-key cryptography: Vigenère (), One time pad (), AES (NIST, ).

/

Pairing-based cryptography(–). Homomorphic cryptography ().

//cn)y(aNert(Caramel,LORIDmaeiRnbo

/

RSAversus (H)ECC

Factorisation of a -bit RSA modulus [Kle+]. Currently: attempt to attack a -bit Koblitz elliptic curve.

Key length comparison between RSA and ECC

     

Security (bits level)

RSA

ECC

     

     

Pybuil-ceksysyetmsilbuPryyckec-phraogpt//(Nancy)nacdyrtpgoarhpyThA)afetctunnsio(trearaC,lemIROLDnRobamie

ographyDkeycryptPbuil-capgrhycrintoypragomhtircsileteyrcdnasnhpargotpetThA)RIioctunaf(taCbore,lOLaremienRDam)y/

Discrete logarithm

Exponentiation:O(logp). DLP:O(√p)(in a generic group). ̃ G=Fp∗: sub-exponential attacks. ⇒Findsecuregroups witheﬃcient law,compact representation.

Deﬁnition (DLP) LetG=⟨⟩be a cyclic group of prime order. Letx∈Nandh=x.ediscrete logarithmlog(h)isx.

ab=(b)a=(a)b.

Protocol [Diﬃe–Hellman Key Exchange] Alice sendsaBob sendsb, the common key is ,

y//(Nanc

hyapgrtoypcrnd)ycnaN(//

e(,)ab c=e(b,c)a=e(c,a)b=e(a,b)c∈G.

Identity-based cryptography [BF]. Short signature [BLS]. One way tripartite Diﬃe–Hellman [Jou]. Self-blindable credential certiﬁcates [Ver]. Attribute based cryptography [SW]. Broadcast encryption [Goy+].

Deﬁnition Apairingis a bilinear applicatione∶G×G→G.

Tripartite Diﬃe–Helman

Alice sendsa, Bob sendsb, Charlie sendsc.e common key is

Pairing-based cryptography

/neimeboRaDel,LORIArt(CaramcnitnoasT)ehatufrgotpyrcnimhtirahyapublic-keycryptogarhpDysirctelegoP

ieamobnRt(erraCaDesleaibAeiitvnra

Perspectives

Outline

eta functions



Abelian varieties



Isogenies



Pairings



//phyogra

Public-key cryptography





/cn)y(aNafetThA)RILOl,metpyrcdnasnoitcnu

⇒UseG=A(k)withk=Fqfor the DLP. ⇒Pairing-based cryptography with theWeilorTatepairing. (Only available on abelian varieties.)

(aNcn)y/

Abelian varieties

Abelian variety =pointson a projective space (locus of homogeneous polynomials) + an abelian group law given byrational functions.

Deﬁnition AnAbelian varietyis a complete connected group variety over a base ﬁeldk.

raogyph//tcnusnoicdnatpyrraCat(erobnRieamfatehT)AIROL,lemDsruevebAiravnailacsJieetfcnoiaob

ibnafoucitseaJocianvarieAbelesrvrt(CRobemienDaT)ehROAIleL,ramacrndsaontincfuta//yhpargotpycy)/(Nan

Elliptic curves

P+Q=−R=(xR,−yR) λ=yQ−yP xQ−xP xR=λ−xP−xQ yR=yP+λ(xR−xP)

Deﬁnition (cark≠, ) E∶y=x+ax+b. a+b≠ . An elliptic curve is a plane curve of genus . Elliptic curves = Abelian varieties of dimension .

Dam

Mumford coordinates:D=(u,v)⇒u=∏(x−xi),v(xi)=yi. Cantor algorithm:addition law.

k D=(Pi−P∞)k⩽, symmetricPi≠Pj i=

Divisor: formal sumD=∑niPi,Pi∈C(k). degD=∑ni.

y)ncNa

Jacobian ofC= Divisors of degree  modulo principal divisors = Abelian variety of dimension. Divisor classD⇒uniquerepresentative (Riemann–Roch):

Principal divisor:∑P∈C(k)vP(f).P;f∈k(C).

C∶y=f(x), hyperelliptic curve of genus. (degf=−)

Jacobian of hyperelliptic curves

/arhpy//(ctionsandcryptogOL,l)AIRtehTnufanRieerobCat(meravnaieiralebAvrsebianofcutiesJaco

Univers
Ebooks
Livres audio
Presse
Podcasts
BD
Documents

Theta functions and applications in cryptography Fonctions thêta et applications en cryptographie

YouScribe

Le catalogue

Le service

Les conditions