Astracts

• Phong Nguyen: Lattice Algorithms: From Euclid to NIST Security Estimates
  Lattice problems are the most popular hard problems used by submissions for NIST’s post-quantum cryptography standardization. In these lectures, we will survey the main algorithms to solve hard lattice problems. We will discuss the validity of security estimates made by NIST submissions. This will lead us to focus on two algorithms, enumeration and sieving, and explain what we know, what we do not know, and why lattice security estimates are tricky.
• Tancrède Lepoint: Algorithmic of {LWE, NTRU}-based submissions to NIST Post-Quantum Standardization Effort
  The NIST Post-Quantum standardization effort has received 26 “lattice-based” cryptosystems (out of 69 submissions). In this talk, we will introduce some of the main contenders, and the algorithmic methods and hardness assumptions used in these submissions. In particular, we will present the Learning-With-Error assumption and its structured variants (ring, module) and the NTRU assumption. We will also discuss the trade-off offered by those submissions, discuss their implementations, and review some initial cryptanalytic efforts.
• Alain Couvreur: Cryptographie à base de codes
  Après avoir rappelé quelques bases de théorie des codes, on présentera le schéma de chiffrement de McEliece et ses instanciations les plus célèbres. On discutera ensuite de quelques attaques classiques : d'une part les attaques sur les messages via des algorithmes de décodage génériques, d'autre part les attaques sur les clés. On terminera en présentant quelques propositions de schémas de chiffrement récemment soumises au NIST.
• Aline Gouget: Starting transition towards products embedding post-quantum cryptography
  In this talk, we will present an industrial vision of the preparation for the integration of post-quantum mechanisms in products, what we can do today and what we can plan for the next few years. We will review the "official" information usable for starting the preparation of the transition. Then, we will describe several use-cases to illustrate different levels of priority in the management of the transition towards post-quantum cryptography. Then, we will talk about new problems that post-quantum cryptography raises compared to conventional cryptography and discuss key criteria in a context of secure implementation in a constrained environment.
• Elham Kashefi: Introduction to quantum computing
  In this short introduction I will walk you through the recently proposed Quantum Software Manifesto to present an overall view of the activities and progress in the field of quantum computing. Next I will introduce the basic framework to understand simple quantum algorithms and quantum protocols.
• Charles Bouillaguet: Chiffrement et signature reposant sur les systèmes d'équations multivariés
  Ce cours se propose de faire un tour d'horizon de la cryptographie multivariée. Après une discussion sur la difficulté du problème calculatoire sous-jascent, les mécanismes les plus emblématiques (et qui sont potentiellement sûrs) seront présentés, notamment HFE (pour le chiffrement) et UOV (pour les signatures). Quelques autres aspects, moins connus, seront développés : par exemple un schéma d'identification zero-knowledge reposant sur la difficulté de résoudre des instances arbitraires du problème, et sa conversion en schéma de signature "prouvablement sûr".
• Luca De Feo: Isogeny graphs in cryptography
  In this talk I will review the use of isogeny graphs in cryptography, starting from Couveignes' "Hard Homogeneous Spaces" protocol, through hash functions based on supersingular isogeny graphs, to the most recent results on SIDH and related protocols. I will try as much as possible to make the contents accessible to non-specialists, and will highlight some open problems in the field.

Programme