[Qp-l] [QCSBP] Seminar tomorrow at 16:30 CET: Andrea Basso

Wed Mar 24 21:16:16 CET 2021

Hi,

The next speaker of our seminar series is Andrea Basso, who will speak
tomorrow afternoon about "Lattice-based cryptography and SABER". You can
find the abstract of the talk at the bottom of this email.

You can join using the following Zoom link:
https://berkeley.zoom.us/j/96826613566?pwd=MUZtOGllSklFM2d0NGhwaFBqNXhjdz09
(due to the default privacy settings you need to sign into your Zoom
account before joining).

After the seminar we will have room for informal discussions as well on
gather.town: https://gather.town/i/MRk4EY1j

Best,

András

2021.03.25 16:30 CET -- *Speaker: Andrea Basso* (University of Birmingham,
UK)

*Title:* Lattice-based cryptography and SABER

*Abstract:* Post-quantum cryptography represents the future of
cryptographic research. One of the most promising approaches involves
lattices. Lattice-based cryptosystems offer security, performance, and low
communication costs. Indeed, one of the NIST standards is guaranteed to be
lattice-based.

There are two main families of lattice-based protocols: those based on the
NTRU problem and those based on the Learning With Errors (LWE) problem. The
security of both can be reduced to long-studied problems in lattice theory.
There are also several variations to each problem, with partial reductions
between each other. Interestingly, lattice-based cryptography has also
opened up new possibilities. A fully homomorphic encryption protocol was
developed based on lattice problems, paving the way for the development of
several new schemes that offer interesting properties. Homomorphic
encryption thus has the potential to deeply transform several fields and
impact privacy-focused applications, which makes it an exciting area of
research.

On the public-key encryption side, one of the four finalists for the NIST
standardization process is Saber, a key exchange mechanism based on a
derandomized module variant of LWE. Saber consists of a Diffie-Hellman-like
key exchange protocol, which is then transformed into an IND-CPA encryption
scheme, and finally into an IND-CCA secure key encapsulation mechanism. The
design of Saber relies on small secrets and power-of-two moduli. This
contributes to high performance, but it also poses interesting
implementation challenges. Research on Saber is still ongoing, and new
techniques and implementations are being developed. In particular,
side-channel security and masking performance are being studied, and the
results will determine the future of the protocol.

-- 
You received this message because you are subscribed to the Google Groups "Quantum CS Seminar" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qcsseminar+unsubscribe at googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qcsseminar/CAG54o1mPxqVYN71nd3U9S3HzwJCAhc4PsKs%2B1K0-PLmAJtfLdQ%40mail.gmail.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://plc.inf.elte.hu/pipermail/qp-l/attachments/20210324/f7ed3cf2/attachment.html>