Disclaimer: This page refers to an external person. It only lists all the interactions between this person and the Crypto Group. Validity or accuracy of the following information is thus not guaranteed in any way.

## Seminars given

**
***February 05, 2009* - Quantitative security of block ciphers : designs and cryptanalysis tools

by Thomas Baignères

Abstract: | Block ciphers probably figure in the list of the most important cryptographic primitives. Although they are used for many different purposes, their essential goal is to ensure confidentiality. In this talk, we are concerned by their quantitative security, that is, by measurable attributes that reflect their ability to guarantee this confidentiality. We will first consider the (in)security of block ciphers against statistical cryptanalytic attacks and develop some tools to perform optimal attacks and quantify their efficiency. We start by studying a simple setting in which the adversary has to distinguish between two sources of randomness and show how an optimal strategy can be derived in certain cases. We show that in practice the cardinality of the sample space is too large for the optimal strategy to be implemented and how this naturally leads to the concept of projection-based distinguishers. We show how these distinguishers between random sources can be turned into distinguishers between random oracles (or block ciphers) and how, in this setting, one can generalize linear cryptanalysis to Abelian groups. In the second part of this talk, we introduce two new constructions. We start by recalling some essential notions about provable security for block ciphers and about Serge Vaudenay's Decorrelation Theory, and introduce new simple modules for which we prove essential properties that we will later use in our designs. We then present the block cipher C and prove that it is immune against a wide range of cryptanalytic attacks. In particular, we compute its exact security against linear and differential cryptanalysis, taking into account the cumulative effect of the linear hull and of differentials. We then introduce the main ideas underlying the design of KFC, a block cipher which builds upon the same foundations as C but for which we can prove results for higher order adversaries. BIO: Thomas Baignères started his PhD in 2003 at EPFL, under the supervision of Prof. Serge Vaudenay. He successfully defended his thesis on November 2008. His research covers block ciphers and the foundations of their cryptanalysis. Apart from research, Thomas was one of the general chairs of FSE'08, co-authored an exercise book on cryptography published by Springer and, together with Matthieu Finiasz (ENSTA), he developed iChair, a submission/review server software. |