• Publications
  • Influence
CRYSTALS - Kyber: A CCA-Secure Module-Lattice-Based KEM
TLDR
This paper introduces Kyber, a portfolio of post-quantum cryptographic primitives built around a key-encapsulation mechanism (KEM), based on hardness assumptions over module lattices, and introduces a CPA-secure public-key encryption scheme and eventually construct, in a black-box manner, CCA-secure encryption, key exchange, and authenticated-key-exchange schemes.
Frodo: Take off the Ring! Practical, Quantum-Secure Key Exchange from LWE
TLDR
Despite conventional wisdom that generic lattices might be too slow and unwieldy, it is demonstrated that LWE-based key exchange is quite practical: the authors' constant time implementation requires around 1.3ms computation time for each party; compared to the recent NewHope R-LWE scheme, communication sizes increase by a factor of 4.7x, but remain under 12 KiB in each direction.
Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem
TLDR
This work demonstrates the practicality of post-quantum key exchange by constructing cipher suites for the Transport Layer Security (TLS) protocol that provide key exchange based on the ring learning with errors (R-LWE) problem, and accompanies these cipher suites with a rigorous proof of security.
Improved Security for a Ring-Based Fully Homomorphic Encryption Scheme
TLDR
This paper constructs a new fully homomorphic encryption scheme from the Stehle and Steinfeld version based on standard lattice assumptions and a circular security assumption, which is scale-invariant and therefore avoids modulus switching and the size of ciphertexts is one ring element.
Factorization of a 768-Bit RSA Modulus
This paper reports on the factorization of the 768-bit number RSA-768 by the number field sieve factoring method and discusses some implications for RSA.
Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough
TLDR
This paper presents a new approach to assess the security of white-box implementations which requires neither knowledge about the look-up tables used nor any reverse engineering effort.
Elliptic Curve Cryptography in Practice
TLDR
It is found that despite the high stakes of money, access and resources protected by ECC, implementations suffer from vulnerabilities similar to those that plague previous cryptographic systems.
Private Predictive Analysis on Encrypted Medical Data
...
...