Keynote


Date : 25 novembre 2021 14:00 - Salle :Grand amphi SIGMA

Keynote 4 - On deck functions


Joaen DAEMEN - Université Catholique de Louvain - Belgique

 

Le séminaire sera dans l'Amphi Blaise Pascal aussi simplement appelé "grand amphi"

Pour venir :

Accès depuis le grand hall d'entrée - le grand hall se situe tout en bas de la géode, directement après l'entrée principale (tout en bas de Sigma).

En entrant par le haut de Sigma, l'entrée par laquelle on arrive depuis l'ISIMA, il faut aller dans la géode et descendre l'escalier jusqu'à arriver

au grand hall.

 

Modern symmetric encryption and/or authentication schemes consist of modes of block ciphers. Often these schemes have a proof of security on the condition that the underlying block cipher is PRP or SPRP-secure: keyed with a fixed and unknown key it shall be hard to distinguish from a random permutation. The PRP and SPRP security notions have become so accepted that they are referred to as the standard model. (S)PRP security cannot be proven but thanks to this nice split in primitives and modes, the assurance of block-cipher based cryptographic schemes relies on public scrutiny of the block cipher in the simple standard scenario.

During the last decade a field of permutation-based cryptography has appeared that defines modes on top of these primitives and many new permutations are proposed. At their core these modes often have a duplex-like construction and its parallel nephew, farfalle. However, while it is reasonable to assume one can build a block cipher that is (S)PRP secure it is impossible to formalize what it means for a permutation to behave like an ideal permutation. We show that permutation-based crypto can have its own standard model with (keyed) duplex functions or farfalle-based functions at their center, both instances of what we call deck functions and the standard model is the pseudorandom function (PRF) security of deck functions.

Modes can be defined in terms of deck functions and can be proven secure in the setting where the keyed deck function is hard to distinguish from a random oracle. The PRF security of the deck function is the subject of public scrutiny.In this talk I will discuss some modes on top of deck functions and some concrete deck functions.

Biographie :

After graduating in electromechanical engineering Joan Daemen was awarded his PhD in 1995 from KU Leuven. After his contract ended at COSIC, he privately continued his crypto research and contacted Vincent Rijmen to continue their collaboration that would lead to the Rijndael block cipher, and this was selected by NIST as the new Advanced Encryption Standard in 2000. After over 20 years of security industry experience, including work as a security architect and cryptographer for STMicroelectronics, he is now a professor in the Digital Security Group at Radboud University Nijmegen.

He co-designed the Keccak cryptographic hash function thate was selected as the SHA-3 hash standard by NIST in 2012 and is one of the founders of the permutation-based cryptography movement and co-inventor of the sponge, duplex and farfalle constructions. In 2017 he won the Levchin Prize for Real World Cryptography and in 2020 the RSA award for excellence in mathematics. In 2018 he was awarded an ERC advanced grant called ESCADA and an NWO TOP grant called SCALAR, both for design and analysis of symmetric crypto.