lattice based public key cryptosystems d j bernstein nist
play

Lattice-based public-key cryptosystems D. J. Bernstein NIST - PDF document

Dec 23, 2022 •11 likes •1.97k views

1 Lattice-based public-key cryptosystems D. J. Bernstein NIST post-quantum competition: 69 submissions in first round, from hundreds of people. (+13 submissions that NIST declared incomplete or improper.) 22 signature-system submissions. 5

  1. 13 sage: def invertmodprime(f,p): ....: Fp = Integers(p) ....: Fpx = Zx.change_ring(Fp) ....: T = Fpx.quotient(x^n-1) ....: return Zx(lift(1/T(f))) ....: sage:

  2. 13 sage: def invertmodprime(f,p): ....: Fp = Integers(p) ....: Fpx = Zx.change_ring(Fp) ....: T = Fpx.quotient(x^n-1) ....: return Zx(lift(1/T(f))) ....: sage: n = 7 sage:

  3. 13 sage: def invertmodprime(f,p): ....: Fp = Integers(p) ....: Fpx = Zx.change_ring(Fp) ....: T = Fpx.quotient(x^n-1) ....: return Zx(lift(1/T(f))) ....: sage: n = 7 sage: f = randompoly() sage:

  4. 13 sage: def invertmodprime(f,p): ....: Fp = Integers(p) ....: Fpx = Zx.change_ring(Fp) ....: T = Fpx.quotient(x^n-1) ....: return Zx(lift(1/T(f))) ....: sage: n = 7 sage: f = randompoly() sage: f3 = invertmodprime(f,3) sage:

  5. 13 sage: def invertmodprime(f,p): ....: Fp = Integers(p) ....: Fpx = Zx.change_ring(Fp) ....: T = Fpx.quotient(x^n-1) ....: return Zx(lift(1/T(f))) ....: sage: n = 7 sage: f = randompoly() sage: f3 = invertmodprime(f,3) sage: convolution(f,f3) 6*x^6 + 6*x^5 + 3*x^4 + 3*x^3 + 3*x^2 + 3*x + 4 sage:

  6. 14 def invertmodpowerof2(f,q): assert q.is_power_of(2) g = invertmodprime(f,2) M = balancedmod C = convolution while True: r = M(C(g,f),q) if r == 1: return g g = M(C(g,2-r),q) Exercise: Figure out how invertmodpowerof2 works. Hint: Compare r to previous r .

  7. 15 sage: n = 7 sage: q = 256 sage:

  8. 15 sage: n = 7 sage: q = 256 sage: f = randompoly() sage:

  9. 15 sage: n = 7 sage: q = 256 sage: f = randompoly() sage: f -x^6 - x^4 + x^2 + x - 1 sage:

  10. 15 sage: n = 7 sage: q = 256 sage: f = randompoly() sage: f -x^6 - x^4 + x^2 + x - 1 sage: g = invertmodpowerof2(f,q) sage:

  11. 15 sage: n = 7 sage: q = 256 sage: f = randompoly() sage: f -x^6 - x^4 + x^2 + x - 1 sage: g = invertmodpowerof2(f,q) sage: g 47*x^6 + 126*x^5 - 54*x^4 - 87*x^3 - 36*x^2 - 58*x + 61 sage:

  12. 15 sage: n = 7 sage: q = 256 sage: f = randompoly() sage: f -x^6 - x^4 + x^2 + x - 1 sage: g = invertmodpowerof2(f,q) sage: g 47*x^6 + 126*x^5 - 54*x^4 - 87*x^3 - 36*x^2 - 58*x + 61 sage: convolution(f,g) -256*x^5 - 256*x^4 + 256*x + 257 sage:

  13. 15 sage: n = 7 sage: q = 256 sage: f = randompoly() sage: f -x^6 - x^4 + x^2 + x - 1 sage: g = invertmodpowerof2(f,q) sage: g 47*x^6 + 126*x^5 - 54*x^4 - 87*x^3 - 36*x^2 - 58*x + 61 sage: convolution(f,g) -256*x^5 - 256*x^4 + 256*x + 257 sage: balancedmod(_,q) 1 sage:

  14. 16 NTRU key generation Parameters: n , positive integer (e.g., 701); q , power of 2 (e.g., 4096).

  15. 16 NTRU key generation Parameters: n , positive integer (e.g., 701); q , power of 2 (e.g., 4096). Secret key: random n -coeff polynomial a ; random n -coeff polynomial d ; all coefficients in {− 1 ; 0 ; 1 } .

  16. 16 NTRU key generation Parameters: n , positive integer (e.g., 701); q , power of 2 (e.g., 4096). Secret key: random n -coeff polynomial a ; random n -coeff polynomial d ; all coefficients in {− 1 ; 0 ; 1 } . Require d invertible mod q . Require d invertible mod 3.

  17. 16 NTRU key generation Parameters: n , positive integer (e.g., 701); q , power of 2 (e.g., 4096). Secret key: random n -coeff polynomial a ; random n -coeff polynomial d ; all coefficients in {− 1 ; 0 ; 1 } . Require d invertible mod q . Require d invertible mod 3. Public key: A = 3 a=d in the ring R q = ( Z =q )[ x ] = ( x n − 1).

  18. 17 def keypair(): while True: try: d = randompoly() d3 = invertmodprime(d,3) dq = invertmodpowerof2(d,q) break except: pass a = randompoly() publickey = balancedmod(3 * convolution(a,dq),q) secretkey = d,d3 return publickey,secretkey

  19. 18 sage: A,secretkey = keypair() sage:

  20. 18 sage: A,secretkey = keypair() sage: A -126*x^6 - 31*x^5 - 118*x^4 - 33*x^3 + 73*x^2 - 16*x + 7 sage:

  21. 18 sage: A,secretkey = keypair() sage: A -126*x^6 - 31*x^5 - 118*x^4 - 33*x^3 + 73*x^2 - 16*x + 7 sage: d,d3 = secretkey sage:

  22. 18 sage: A,secretkey = keypair() sage: A -126*x^6 - 31*x^5 - 118*x^4 - 33*x^3 + 73*x^2 - 16*x + 7 sage: d,d3 = secretkey sage: d -x^6 + x^5 - x^4 + x^3 - 1 sage:

  23. 18 sage: A,secretkey = keypair() sage: A -126*x^6 - 31*x^5 - 118*x^4 - 33*x^3 + 73*x^2 - 16*x + 7 sage: d,d3 = secretkey sage: d -x^6 + x^5 - x^4 + x^3 - 1 sage: convolution(d,A) -3*x^6 + 253*x^5 + 253*x^3 - 253*x^2 - 3*x - 3 sage:

  24. 18 sage: A,secretkey = keypair() sage: A -126*x^6 - 31*x^5 - 118*x^4 - 33*x^3 + 73*x^2 - 16*x + 7 sage: d,d3 = secretkey sage: d -x^6 + x^5 - x^4 + x^3 - 1 sage: convolution(d,A) -3*x^6 + 253*x^5 + 253*x^3 - 253*x^2 - 3*x - 3 sage: balancedmod(_,q) -3*x^6 - 3*x^5 - 3*x^3 + 3*x^2 - 3*x - 3 sage:

  25. 19 NTRU encryption One more parameter: w , positive integer (e.g., 467).

  26. 19 NTRU encryption One more parameter: w , positive integer (e.g., 467). Message for encryption: n -coeff weight- w polynomial c with all coeffs in {− 1 ; 0 ; 1 } . “Weight w ”: w nonzero coeffs, n − w zero coeffs.

  27. 19 NTRU encryption One more parameter: w , positive integer (e.g., 467). Message for encryption: n -coeff weight- w polynomial c with all coeffs in {− 1 ; 0 ; 1 } . “Weight w ”: w nonzero coeffs, n − w zero coeffs. Ciphertext: C = Ab + c in R q where b is chosen randomly from the set of messages.

  28. 20 sage: def randommessage(): ....: R = randrange ....: assert w <= n ....: c = n*[0] ....: for j in range(w): ....: while True: ....: r = R(n) ....: if not c[r]: break ....: c[r] = 1-2*R(2) ....: return Zx(c) ....: sage: w = 5 sage: randommessage() -x^6 - x^5 + x^4 + x^3 - x^2 sage:

  29. 21 sage: def encrypt(c,A): ....: b = randommessage() ....: Ab = convolution(A,b) ....: C = balancedmod(Ab + c,q) ....: return C ....: sage:

  30. 21 sage: def encrypt(c,A): ....: b = randommessage() ....: Ab = convolution(A,b) ....: C = balancedmod(Ab + c,q) ....: return C ....: sage: A,secretkey = keypair() sage:

  31. 21 sage: def encrypt(c,A): ....: b = randommessage() ....: Ab = convolution(A,b) ....: C = balancedmod(Ab + c,q) ....: return C ....: sage: A,secretkey = keypair() sage: c = randommessage() sage:

  32. 21 sage: def encrypt(c,A): ....: b = randommessage() ....: Ab = convolution(A,b) ....: C = balancedmod(Ab + c,q) ....: return C ....: sage: A,secretkey = keypair() sage: c = randommessage() sage: C = encrypt(c,A) sage:

  33. 21 sage: def encrypt(c,A): ....: b = randommessage() ....: Ab = convolution(A,b) ....: C = balancedmod(Ab + c,q) ....: return C ....: sage: A,secretkey = keypair() sage: c = randommessage() sage: C = encrypt(c,A) sage: C 21*x^6 - 48*x^5 + 31*x^4 - 76*x^3 - 77*x^2 + 15*x - 113 sage:

  34. 22 NTRU decryption Compute dC = 3 ab + dc in R q .

  35. 22 NTRU decryption Compute dC = 3 ab + dc in R q . a; b; c; d have small coeffs, so 3 ab + dc is not very big.

  36. 22 NTRU decryption Compute dC = 3 ab + dc in R q . a; b; c; d have small coeffs, so 3 ab + dc is not very big. Assume that coeffs of 3 ab + dc are between − q= 2 and q= 2 − 1.

  37. 22 NTRU decryption Compute dC = 3 ab + dc in R q . a; b; c; d have small coeffs, so 3 ab + dc is not very big. Assume that coeffs of 3 ab + dc are between − q= 2 and q= 2 − 1. Then 3 ab + dc in R q reveals 3 ab + dc in R = Z [ x ] = ( x n − 1).

  38. 22 NTRU decryption Compute dC = 3 ab + dc in R q . a; b; c; d have small coeffs, so 3 ab + dc is not very big. Assume that coeffs of 3 ab + dc are between − q= 2 and q= 2 − 1. Then 3 ab + dc in R q reveals 3 ab + dc in R = Z [ x ] = ( x n − 1). Reduce modulo 3: dc in R 3 .

  39. 22 NTRU decryption Compute dC = 3 ab + dc in R q . a; b; c; d have small coeffs, so 3 ab + dc is not very big. Assume that coeffs of 3 ab + dc are between − q= 2 and q= 2 − 1. Then 3 ab + dc in R q reveals 3 ab + dc in R = Z [ x ] = ( x n − 1). Reduce modulo 3: dc in R 3 . Multiply by 1 =d in R 3 to recover message c in R 3 .

  40. 22 NTRU decryption Compute dC = 3 ab + dc in R q . a; b; c; d have small coeffs, so 3 ab + dc is not very big. Assume that coeffs of 3 ab + dc are between − q= 2 and q= 2 − 1. Then 3 ab + dc in R q reveals 3 ab + dc in R = Z [ x ] = ( x n − 1). Reduce modulo 3: dc in R 3 . Multiply by 1 =d in R 3 to recover message c in R 3 . Coeffs are between − 1 and 1, so recover c in R .

  41. 23 sage: def decrypt(C,secretkey): ....: M = balancedmod ....: f,r = secretkey ....: u=M(convolution(C,f),q) ....: c=M(convolution(u,r),3) ....: return c ....: sage:

  42. 23 sage: def decrypt(C,secretkey): ....: M = balancedmod ....: f,r = secretkey ....: u=M(convolution(C,f),q) ....: c=M(convolution(u,r),3) ....: return c ....: sage: c x^5 + x^4 - x^3 + x + 1 sage:

  43. 23 sage: def decrypt(C,secretkey): ....: M = balancedmod ....: f,r = secretkey ....: u=M(convolution(C,f),q) ....: c=M(convolution(u,r),3) ....: return c ....: sage: c x^5 + x^4 - x^3 + x + 1 sage: decrypt(C,secretkey) x^5 + x^4 - x^3 + x + 1 sage:

  44. 24 sage: n = 7 sage: w = 5 sage: q = 256 sage:

  45. 24 sage: n = 7 sage: w = 5 sage: q = 256 sage: A,secretkey = keypair() sage:

  46. 24 sage: n = 7 sage: w = 5 sage: q = 256 sage: A,secretkey = keypair() sage: A -101*x^6 - 76*x^5 - 90*x^4 - 83*x^3 + 40*x^2 + 108*x - 54 sage:

  47. 24 sage: n = 7 sage: w = 5 sage: q = 256 sage: A,secretkey = keypair() sage: A -101*x^6 - 76*x^5 - 90*x^4 - 83*x^3 + 40*x^2 + 108*x - 54 sage: d,d3 = secretkey sage:

  48. 24 sage: n = 7 sage: w = 5 sage: q = 256 sage: A,secretkey = keypair() sage: A -101*x^6 - 76*x^5 - 90*x^4 - 83*x^3 + 40*x^2 + 108*x - 54 sage: d,d3 = secretkey sage: d x^5 + x^4 - x^3 + x - 1 sage:

  49. 24 sage: n = 7 sage: w = 5 sage: q = 256 sage: A,secretkey = keypair() sage: A -101*x^6 - 76*x^5 - 90*x^4 - 83*x^3 + 40*x^2 + 108*x - 54 sage: d,d3 = secretkey sage: d x^5 + x^4 - x^3 + x - 1 sage: conv = convolution sage:

  50. 24 sage: n = 7 sage: w = 5 sage: q = 256 sage: A,secretkey = keypair() sage: A -101*x^6 - 76*x^5 - 90*x^4 - 83*x^3 + 40*x^2 + 108*x - 54 sage: d,d3 = secretkey sage: d x^5 + x^4 - x^3 + x - 1 sage: conv = convolution sage: M = balancedmod sage:

  51. 24 sage: n = 7 sage: w = 5 sage: q = 256 sage: A,secretkey = keypair() sage: A -101*x^6 - 76*x^5 - 90*x^4 - 83*x^3 + 40*x^2 + 108*x - 54 sage: d,d3 = secretkey sage: d x^5 + x^4 - x^3 + x - 1 sage: conv = convolution sage: M = balancedmod sage: a3 = M(conv(d,A),q) sage:

  52. 24 sage: n = 7 sage: w = 5 sage: q = 256 sage: A,secretkey = keypair() sage: A -101*x^6 - 76*x^5 - 90*x^4 - 83*x^3 + 40*x^2 + 108*x - 54 sage: d,d3 = secretkey sage: d x^5 + x^4 - x^3 + x - 1 sage: conv = convolution sage: M = balancedmod sage: a3 = M(conv(d,A),q) sage: a3 3*x^2 - 3*x

  53. 25 sage: c = randommessage() sage:

  54. 25 sage: c = randommessage() sage: b = randommessage() sage:

  55. 25 sage: c = randommessage() sage: b = randommessage() sage: C = M(conv(A,b)+c,q) sage:

  56. 25 sage: c = randommessage() sage: b = randommessage() sage: C = M(conv(A,b)+c,q) sage: C -57*x^6 + 28*x^5 + 114*x^4 + 72*x^3 - 37*x^2 + 16*x + 119 sage:

  57. 25 sage: c = randommessage() sage: b = randommessage() sage: C = M(conv(A,b)+c,q) sage: C -57*x^6 + 28*x^5 + 114*x^4 + 72*x^3 - 37*x^2 + 16*x + 119 sage: u = M(conv(C,d),q) sage:

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem Chris Peikert SRI

Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem Chris Peikert SRI

Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem Chris Peikert SRI Georgia Tech Impagliazzos World Workshop 1 / 16 This Talk 1 State of Lattice-Based Cryptography 2 Main Result: Public-Key Encryption based on GapSVP

908 views • 73 slides
Discrete-Log Based Public Key Cryptosystems Jim Royer September 25, 2018 Introduction to

Discrete-Log Based Public Key Cryptosystems Jim Royer September 25, 2018 Introduction to

Note: Log = logarithm, not Discrete-Log Based Public Key Cryptosystems Jim Royer September 25, 2018 Introduction to Cryptography 1 References Symmetric and Asymmetric Cryptosystems Public-Key Cryptosystems Based on the Discrete

436 views • 9 slides
Lattice-based cryptography, day 1: simplicity D. J. Bernstein University of Illinois at Chicago;

Lattice-based cryptography, day 1: simplicity D. J. Bernstein University of Illinois at Chicago;

1 Lattice-based cryptography, day 1: simplicity D. J. Bernstein University of Illinois at Chicago; Ruhr University Bochum 2 2000 Cohen cryptosystem Public key: vector of integers K = ( K 1 ; : : : ; K N ) { X; : : : ; X } N .

1.84k views • 164 slides
Lattice-based cryptography: Episode V: the ring strikes back Daniel J. Bernstein University of

Lattice-based cryptography: Episode V: the ring strikes back Daniel J. Bernstein University of

1 Lattice-based cryptography: Episode V: the ring strikes back Daniel J. Bernstein University of Illinois at Chicago Crypto 1999 Nguyen: At Crypto 97, Goldreich, Goldwasser and Halevi proposed a public-key cryptosystem based on the

683 views • 32 slides
Exploring the parameter space in lattice attacks Daniel J. Bernstein Tanja Lange Based on

Exploring the parameter space in lattice attacks Daniel J. Bernstein Tanja Lange Based on

1 Exploring the parameter space in lattice attacks Daniel J. Bernstein Tanja Lange Based on attack survey from 2019 BernsteinChuengsatiansup Langevan Vredendaal. Some hard lattice meta-problems: Analyze cost of known attacks.

489 views • 36 slides
High-speed Instruction-set Coprocessor for Lattice-based Key Encapsulation Mechanisms: Saber in

High-speed Instruction-set Coprocessor for Lattice-based Key Encapsulation Mechanisms: Saber in

High-speed Instruction-set Coprocessor for Lattice-based Key Encapsulation Mechanisms: Saber in Hardware Sujoy Sinha Roy and Andrea Basso CHES 2020 Motivation Saber is (now) a round 3 finalist for the NIST PQC standardization process. NIST [MAA

482 views • 37 slides
The RSA Algorithm Private-key cryptosystems: - Alice and Bob agree on the key before the

The RSA Algorithm Private-key cryptosystems: - Alice and Bob agree on the key before the

The RSA Algorithm Private-key cryptosystems: - Alice and Bob agree on the key before the communication - all cryptosystems we discussed so far - also called: symmetric-key cryptosystems Public-key cryptosystems (Chapter 6) : - what to do if

281 views • 4 slides
The impact of side-channel attacks on the design of cryptosystems D. J. Bernstein University of

The impact of side-channel attacks on the design of cryptosystems D. J. Bernstein University of

The impact of side-channel attacks on the design of cryptosystems D. J. Bernstein University of Illinois at Chicago The standard model of senders, receivers, attackers, etc.: 1. Parties perform computation, send messages to other parties.

550 views • 32 slides
High-speed cryptography, part 3: more cryptosystems Daniel J. Bernstein University of Illinois

High-speed cryptography, part 3: more cryptosystems Daniel J. Bernstein University of Illinois

High-speed cryptography, part 3: more cryptosystems Daniel J. Bernstein University of Illinois at Chicago &amp; Technische Universiteit Eindhoven Cryptographers Working systems Cryptanalytic algorithm designers Unbroken

739 views • 44 slides
Visualizing size-security tradeoffs for lattice-based encryption Daniel J. Bernstein Horizontal

Visualizing size-security tradeoffs for lattice-based encryption Daniel J. Bernstein Horizontal

Visualizing size-security tradeoffs for lattice-based encryption Daniel J. Bernstein Horizontal axis: ciphertext size Why focus on size instead of CPU time? Fitting into existing frameworks and protocols. Data from Google. Long term:

835 views • 23 slides
Challenges in evaluating costs of known lattice attacks Daniel J. Bernstein Tanja Lange Based

Challenges in evaluating costs of known lattice attacks Daniel J. Bernstein Tanja Lange Based

1 Challenges in evaluating costs of known lattice attacks Daniel J. Bernstein Tanja Lange Based on attack survey from 2019 BernsteinChuengsatiansup Langevan Vredendaal. Why analysis is important: Guide attack optimization.

799 views • 69 slides
How cryptographic benchmarking goes wrong Daniel J. Bernstein Thanks to NIST 60NANB12D261 for

How cryptographic benchmarking goes wrong Daniel J. Bernstein Thanks to NIST 60NANB12D261 for

1 How cryptographic benchmarking goes wrong Daniel J. Bernstein Thanks to NIST 60NANB12D261 for funding this work, and for not reviewing these slides in advance. PRESERVE, ending 2015.06.30, was a European project Preparing Secure

491 views • 32 slides
Contents Introduction to data security Public key cryptosystems: Classical

Contents Introduction to data security Public key cryptosystems: Classical

Contents Introduction to data security Public key cryptosystems: Classical cryptosystems RSA Introduction to modern Prime number generation cryptography Polynomial arithmetic T-79.159 Block ciphers: DES, IDEA,

439 views • 15 slides
Security dangers of the NIST curves D. J. Bernstein University of Illinois at Chicago &amp;

Security dangers of the NIST curves D. J. Bernstein University of Illinois at Chicago &amp;

Security dangers of the NIST curves D. J. Bernstein University of Illinois at Chicago &amp; Technische Universiteit Eindhoven Joint work with: Tanja Lange Technische Universiteit Eindhoven The NIST curves were designed to make DLP

241 views • 12 slides
Symmetric Key Cryptosystems Modern Symmetric Key Cryptosystems Public key cryptosystems (PKCs) and

Symmetric Key Cryptosystems Modern Symmetric Key Cryptosystems Public key cryptosystems (PKCs) and

Modern Block Ciphers DES Games with Block Ciphers Modern Block Ciphers DES Games with Block Ciphers Symmetric Key Cryptosystems Modern Symmetric Key Cryptosystems Public key cryptosystems (PKCs) and their applications are the primary focus

521 views • 5 slides
High-speed cryptography, Cryptographers part 3: more cryptosystems Working

High-speed cryptography, Cryptographers part 3: more cryptosystems Working

High-speed cryptography, Cryptographers part 3: more cryptosystems Working systems Daniel J. Bernstein Cryptanalytic University of Illinois at Chicago &amp; algorithm designers Technische Universiteit Eindhoven Unbroken

1.49k views • 145 slides
Bootstrapping (with Small Error Growth) Chris Peikert University of Michigan HEAT Summer School

Bootstrapping (with Small Error Growth) Chris Peikert University of Michigan HEAT Summer School

Bootstrapping (with Small Error Growth) Chris Peikert University of Michigan HEAT Summer School 12 Oct 2015 1 / 14 Fully Homomorphic Encryption [RAD78,Gentry09] FHE lets you do this: Eval ( f ) f ( ) A cryptographic holy

1.01k views • 66 slides
Controlled Sharing of Sensitive Content NDN Case Study Yingdi Yu UCLA 10/3/15 1

Controlled Sharing of Sensitive Content NDN Case Study Yingdi Yu UCLA 10/3/15 1

Controlled Sharing of Sensitive Content NDN Case Study Yingdi Yu UCLA 10/3/15 1 Content-based confidentiality Confidentiality stays with content independent from where the content is independent from how it is

647 views • 10 slides
How Dangerous are Decryp- tion Failures in Lattice-based Encryption? Jan-Pieter DAnvers 20

How Dangerous are Decryp- tion Failures in Lattice-based Encryption? Jan-Pieter DAnvers 20

How Dangerous are Decryp- tion Failures in Lattice-based Encryption? Jan-Pieter DAnvers 20 november 2019 1 Outline 1 Introduction 2 How to find 1st failure 3 How to find next failure 4 Recovering the secret 5 Conclusion 1 1 LWE hard

1.07k views • 81 slides
Content-Base Confidentiality lessons learned in the past year Yingdi Yu UCLA 9/29/15

Content-Base Confidentiality lessons learned in the past year Yingdi Yu UCLA 9/29/15

Content-Base Confidentiality lessons learned in the past year Yingdi Yu UCLA 9/29/15 ndncomm2015 1 What is content-based confidentiality? Confidentiality stays with content independent from where the content is

456 views • 11 slides
Inner Product Functional Encryption Edouard Dufour Sans January 25, 2018 Table of Contents

Inner Product Functional Encryption Edouard Dufour Sans January 25, 2018 Table of Contents

Inner Product Functional Encryption Edouard Dufour Sans January 25, 2018 Table of Contents Introduction Functional Encryption Security definitions Notations The Power of Inner Products Descriptive statistics Machine Learning Practical

930 views • 65 slides
Code-based Cryptography Christiane Peters Technical University of Denmark ECC 2011 September

Code-based Cryptography Christiane Peters Technical University of Denmark ECC 2011 September

Code-based Cryptography Christiane Peters Technical University of Denmark ECC 2011 September 20, 2011 Code-based cryptography 1. Background 2. The McEliece cryptosystem 3. Information-set-decoding attacks 4. Designs: Wild McEliece 5.

721 views • 55 slides
How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

Department of Informatics Security and Privacy Maximilian Blochberger How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic pitfalls by design Goal Raise awareness of cryptographic misuse Disclaimer

910 views • 29 slides
Liquidsoap Audio &amp; Video Streaming Language 1 / 73 What is Liquidsoap? 2 / 73 What is

Liquidsoap Audio &amp; Video Streaming Language 1 / 73 What is Liquidsoap? 2 / 73 What is

Liquidsoap Audio &amp; Video Streaming Language 1 / 73 What is Liquidsoap? 2 / 73 What is Liquidsoap? A language to create audio and video streams 3 / 73 What is Liquidsoap? A language to create audio and video streams myplaylist =

1.08k views • 73 slides

More recommend