L'école d'été aura lieu à Atlanthal, un hôtel situé à Anglet, près de Biarritz.

Du 17 au 21 juin 2024, nous vous accueillerons pour la première école d'été du projet PQ-TLS.

Prix de l'école : 600 euros TTC (pension complète)

Les présentations se dérouleront en anglais.

Pour toute information complémentaire, veuillez contacter : marilou.gaborel@irisa.fr

Le célèbre « cadenas » qui apparaît dans la barre des navigateurs web quand on visite des sites dont l’adresse est précédée de « https » repose sur des primitives cryptographiques qui ne résisteraient pas à un ordinateur quantique. Ce projet intégré se donne pour objectif de développer en 5 ans des primitives post-quantiques dans un prototype de « cadenas post-quantique » qui sera implémenté dans un navigateur open source. L’évolution des standards cryptographiques a déjà débuté, le choix de nouvelles primitives va être fait rapidement, et la transition se fera dans les quelques prochaines années. L’objectif est de jouer un rôle moteur dans cette évolution et de faire en sorte que les acteurs français de la cryptographie post-quantique, déjà fortement impliqués, soient en mesure de peser sur les standards cryptographiques des décennies à venir.

Alice Pellet--Mary - CNRS - Institut de Mathématique de Bordeaux

https://apelletm.pages.math.cnrs.fr/page-perso/

Title : Introduction to lattice-based cryptography

Abstract: These two talks will give an introduction to some topics about lattice-based cryptography. We will review some basic results about lattices, and see how they can be used to construct encryption schemes and signature schemes. We will also discuss about cryptographic lattice problems, such as LWE and NTRU. Finally, we will mention some NIST candidates, such as Kyber and Falcon.

Charlie Jacomme - Inria Nancy

https://charlie.jacomme.fr/

Title: Formal verification of cryptographuc protocols - how it works, what does formal guarantees even mean and why do we want that ?

Abstract: In this presentation, we will present why and how we try to increase our confidence in the security of cryptographic protocols by using formal methods, and notably using computer-aided verification. We will give a broad understanding of the main ideas behind verification tools such as CryptoVerif, ProVerif, Squirrel and Tamarin, notably touching on the challenges posed for them by the post-quantum setting. Finally, we will give a concrete example with a case study of the recently deployed PQXDH, a post-quantum variant of the initial key-exchange for the Signal Messenger application.

Matthieu Rivain - Cryptoexperts (https://www.cryptoexperts.com/)

https://www.matthieurivain.com/

Title: Zero-Knowledge Proofs & Post-Quantum Signatures from MPC in the Head

Abstract: The MPC-in-the-Head (MPCitH) paradigm builds zero-knowledge proofs from multi-party computation (MPC) protocols. MPCitH techniques are especially effective for small circuits such as those arising in (post-quantum) signature schemes. This was first demonstrated by the Picnic signature scheme, submitted to the NIST PQC process in 2017. In the recent NIST call for additional post-quantum signatures, 9 candidates out of the 40 selected for the first round rely on MPCitH techniques. This two-part presentation aims to provide a comprehensive introduction to the MPC-in the-Head paradigm, highlight recent advances in the field, and explore some specific post-quantum signature constructions.

Brice Minaud - Inria - ENS Paris

https://www.di.ens.fr/brice.minaud/

Title: Multivariate cryptography

Abstract: Multivariate cryptography is a technique to build post-quantum cryptography. It has received less attention than other major approaches, but paradoxically, it also has the highest number of submissions to the NIST standardization process for additional post-quantum signatures (according to the NIST's classification). This calls for additional research. In this presentation, I will endeavor to present multivariate cryptography, including constructions, reductions, attacks, and open problems.

Loïc Masure - CNRS - LIRMM

https://www.linkedin.com/in/loicmasure/

Title: Side-channel Analysis of cryptographic implementations : evaluation and counter-measures

Abstract: Since the seminal works of Paul Kocher in the late 90s, implementations of cryptographic primitives are known to be the attack vector providing perhaps the most efficient way to break an implementation. In a nutshell, it consists in leveraging some physical measurements of the device running the implementation. Through a divide-and-conquer approach, side-channel analysis often makes the attack complexity linear with the key size. That is why it is crucial to take this threat into account in the design and the implementation of (post-quantum) cryptography.

The goal of this presentation is to raise awareness of cryptographers on side-channel analysis, and to provide them some tools to evaluate and mitigate this threat. To this end, we will successively play the role of a malicious adversary, a security evaluator, and a cryptographic designer.

1. First half

1. Presentation and demonstration of side-channel attacks (malicious adversary)
2. Methodology to evaluate the threat (security evaluator)
1. Second half

1. Masking : a universal counter-measure against SCA (cryptographic designer)
2. What about post-quantum ? The specifics and open problems of SCA & masking against PQC.

Nicolas Sendrier - Inria Paris

https://www.rocq.inria.fr/secret/Nicolas.Sendrier/index.php

Title; Error-correcting codes

Abstract: Coming soon

Xavier Bonnetain - Inria Paris

https://who.rocq.inria.fr/Xavier.Bonnetain/

Title; Quantum computing & cryptanalysis

Abstract: Coming soon

Luca De Feo

https://defeo.lu/

Title: Isogeny-based Cryptography

Abstract:
Isogenies are groupe morphisms of elliptic curves. Isogeny-based Cryptography is an extension of Elliptic Curve Cryptography whose security is based on the difficulty of finding isogenies between elliptic curves. Unlike the elliptic discrete logarithm problem, the isogeny search problem is believed to resist to quantum attacks and is this used as a foundation of post-quantum cryptography.

This lecture will review the different families of isogeny-based schemes, explain the recent progress, and give context on the ongoing standardization efforts.