#### Filter Results:

- Full text PDF available (10)

#### Publication Year

1989

2015

#### Publication Type

#### Co-author

#### Publication Venue

#### Key Phrases

Learn More

- Joop van de Pol, Nigel P. Smart
- IMA Int. Conf.
- 2013

We revisit the estimation of parameters for use in applications of the BGV homomorphic encryption system, which generally require high dimensional lattices. In particular, we utilize the BKZ-2.0 simulator of Chen and Nguyen to identify the best lattice attack that can be mounted using BKZ in a given dimension at a given security level. Using this technique,… (More)

- Joop van de Pol, Nigel P. Smart, Yuval Yarom
- CT-RSA
- 1989

We extend the FLUSH+RELOAD side-channel attack of Benger et al. to extract a significantly larger number of bits of information per observed signature when using OpenSSL. This means that by observing only 25 signatures, we can recover secret keys of the secp256k1 curve, used in the Bitcoin protocol, with a probability greater than 50 percent. This is an… (More)

- Naomi Benger, Joop van de Pol, Nigel P. Smart, Yuval Yarom
- CHES
- 2014

We apply the FLUSH+RELOAD side-channel attack based on cache hits/misses to extract a small amount of data from OpenSSL ECDSA signature requests. We then apply a " standard " lattice technique to extract the private key, but unlike previous attacks we are able to make use of the side-channel information from almost all of the observed executions. This means… (More)

- Joppe W. Bos, Michael Naehrig, Joop van de Pol
- IACR Cryptology ePrint Archive
- 2014

The security of many lattice-based cryptographic schemes relies on the hardness of finding short vectors in integral lattices. We propose a new variant of the parallel Gauss sieve algorithm to compute such short vectors. It combines favorable properties of previous approaches resulting in reduced run time and memory requirement per node. Our publicly… (More)

- Thijs Laarhoven, Michele Mosca, Joop van de Pol
- IACR Cryptology ePrint Archive
- 2014

By applying a quantum search algorithm to various heuristic and provable sieve algorithms from the literature, we obtain improved asymptotic quantum results for solving the shortest vector problem on lattices. With quantum computers we can provably find a shortest vector in time 2 1.799n+o(n) , improving upon the classical time complexities of 2 2.465n+o(n)… (More)

- Thijs Laarhoven, Joop van de Pol, Benne de Weger
- IACR Cryptology ePrint Archive
- 2012

This paper is a tutorial introduction to the present state-of-the-art in the field of security of lattice-based cryptosystems. After a short introduction to lattices, we describe the main hard problems in lattice theory that cryptosystems base their security on, and we present the main methods of attacking these hard problems, based on lattice basis… (More)

Interference between processes executing on shared hardware can be used to mount performance-degradation attacks. However, in most cases, such attacks offer little benefit for the adversary. In this paper, we demonstrate that software-based performance-degradation attacks can be used to amplify side-channel leaks, enabling the adversary to increase both the… (More)

- Thijs Laarhoven, Michele Mosca, Joop van de Pol
- PQCrypto
- 2013

By applying Grover's quantum search algorithm to the lattice algorithms of Micciancio and Voulgaris, Nguyen and Vidick, Wang et al., and Pujol and Stehlé, we obtain improved asymptotic quantum results for solving the shortest vector problem. With quantum computers we can provably find a shortest vector in time 2 1.799n+o(n) , improving upon the classical… (More)

- Emmanuela Orsini, Joop van de Pol, Nigel P. Smart
- IET Information Security
- 2014

We describe a method to bootstrap a packed BGV ciphertext which does not depend (as much) on any special properties of the plaintext and ciphertext moduli. Prior " efficient " methods such as that of Gentry et al. (PKC 2012) required a ciphertext modulus q which was close to a power of the plaintext modulus p. This enables our method to be applied in a… (More)

Introduction: We recently presented ANIMO (Analysis of Networks with Interactive Modeling), a software tool for modeling dynamic molecular networks for use by biologists [1, 2]. We used ANIMO to generate a computational model of articular cartilage. Materials and methods: Based on a large-scale literature study [3] and our own experiments, we developed ECHO… (More)