Maths for Security

Course description

This course is about the low-level implementation aspects of cryptography in practice. It was shown by Gaudry and Golovnev in 2019 that the lack of a multi-precision integer library in a non-standardized context led to wrong practical choices and devastating flaws in the security, and a final attack in a few minutes on a laptop (https://arxiv.org/abs/1908.05127). The ElGamal encryption with keys of 256 bits instead of 2048 bits was implemented, despite all international key-size recommendations. The topic of this course is the development of a basic multi-precision library handling integers and modular integers, aiming at an implementation of the RSA public-key cryptosystem. If time allows it, we will also cover the finite field case with ElGamal and DSA. The lab sessions will make use of the C language. A minimal knowledge of C is expected, for example from the course LLP (Low-level Programming) in M1.

Course content

Multi-precision integer arithmetic and modular arithmetic, applications to public-key cryptography (at least RSA, and if possible, DSA, ElGamal, Diffie-Hellman)
Lab sessions: programming in C.

Keywords

Multi-precision arithmetic, modular arithmetic, Chinese Remainder Theorem, RSA, Finite Field.

Biography

Aurore Guillevic has been a research scientist at Inria Nancy since 2016 and Rennes since 2024 (CAPSULE group), specialised in asymmetric cryptography, elliptic curves, and record computations.
She was a PhD student at the Laboratoire Chiffre, Thales Communications, in 2010-2013, where she took part in the development of the company’s multi-precision library LibCryptoLCH in C language.
She was adjunct assistant professor at École Polytechnique in 2017-2020 and visiting professor at Aarhus University (Denmark) in 2021-2022.