Results 1-20 of 30. Search equation: ((uid:50001378)) Sort: Author Issue date Title Filter: All documents types Scientific journals - Article - Short communication - Book review - Letter to the editor - Complete issue - OtherBooks - Book published as author, translator, etc. - Collective work published as editor or directorParts of books - Contribution to collective works - Contribution to encyclopedias, dictionaries... - Preface, postface, glossary...Scientific congresses, symposiums and conference proceedings - Unpublished conference - Paper published in a book - Paper published in a journal - PosterScientific presentation in universities or research centersReports - Expert report - Internal report - External report - OtherDissertations and theses - Bachelor/master dissertation - Doctoral thesis - Postdoctoral thesis - OtherLearning materials - Course notes - OtherPatentCartographic materials - Single work - Part of another publicationComputer developments - Textual, factual or bibliographical database - Software - OtherE-prints/Working papers - First made available on ORBilu - Already available on another siteDiverse speeches and writings - Article for general public - Conference given outside the academic context - Speeches/Talks - Other     1 2   High-Order Conversion from Boolean to Arithmetic MaskingCoron, Jean-Sébastien in Proceedings of CHES 2017 (2017)Detailed reference viewed: 107 (14 UL) Zeroizing Attacks on Indistinguishability Obfuscation over CLT13Coron, Jean-Sébastien ; Lee, Moon Sung; Lepoint, Tancrede et alin Proceedings of PKC 2017 (2017)Detailed reference viewed: 83 (18 UL) Faster Evaluation of SBoxes via Common SharesCoron, Jean-Sébastien ; Greuet, Aurelien; Prouff, Emmanuel et alin Proceedings of CHES 2016 (2016)Detailed reference viewed: 68 (2 UL) Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking SchemeCoron, Jean-Sébastien ; Battistello, Alberto; Prouff, Emmanuel et alin Proceedings of CHES 2016 (2016)Detailed reference viewed: 85 (0 UL) Cryptanalysis of GGH15 Multilinear MapsCoron, Jean-Sébastien ; Lee, Moon Sung; Lepoint, Tancrede et alin Proceedings of Crypto 2016 (2016)Detailed reference viewed: 88 (2 UL) Zeroizing Without Low-Level Zeroes: New MMAP Attacks and Their LimitationsCoron, Jean-Sébastien in Proceedings of Crypto 2015 (2015)Detailed reference viewed: 91 (4 UL) New Multilinear Maps over the IntegersCoron, Jean-Sébastien ; Lepoint, Tancrede; Tibouchi, Mehdiin Proceedings of Crypto 2015 (2015)Detailed reference viewed: 96 (12 UL) Conversion from Arithmetic to Boolean Masking with Logarithmic ComplexityCoron, Jean-Sébastien ; Groszschädl, Johann ; Tibouchi, Mehdi et alin Leander, Gregor (Ed.) Fast Software Encryption, 22nd International Workshop, FSE 2015, Istanbul, Turkey, March 8-11, 2015, Revised Selected Papers (2015, March)A general technique to protect a cryptographic algorithm against side-channel attacks consists in masking all intermediate variables with a random value. For cryptographic algorithms combining Boolean ... [more ▼]A general technique to protect a cryptographic algorithm against side-channel attacks consists in masking all intermediate variables with a random value. For cryptographic algorithms combining Boolean operations with arithmetic operations, one must then perform conversions between Boolean masking and arithmetic masking. At CHES 2001, Goubin described a very elegant algorithm for converting from Boolean masking to arithmetic masking, with only a constant number of operations. Goubin also described an algorithm for converting from arithmetic to Boolean masking, but with O(k) operations where k is the addition bit size. In this paper we describe an improved algorithm with time complexity O(log k) only. Our new algorithm is based on the Kogge-Stone carry look-ahead adder, which computes the carry signal in O(log k) instead of O(k) for the classical ripple carry adder. We also describe an algorithm for performing arithmetic addition modulo 2^k directly on Boolean shares, with the same complexity O(log k) instead of O(k). We prove the security of our new algorithm against first-order attacks. Our algorithm performs well in practice, as for k=64 we obtain a 23% improvement compared to Goubin’s algorithm. [less ▲]Detailed reference viewed: 162 (7 UL) Secure Conversion between Boolean and Arithmetic Masking of Any OrderCoron, Jean-Sébastien ; Groszschädl, Johann ; Vadnala, Praveen Kumar in Batina, Lejla; Robshaw, Matthew (Eds.) Cryptographic Hardware and Embedded Systems - CHES 2014, 16th International Workshop, Busan, South Korea, September 23-26, 2014. Proceedings (2014, September)Detailed reference viewed: 126 (12 UL) Higher Order Masking of Look-Up TablesCoron, Jean-Sébastien in Proceedings of Eurocrypt 2014 (2014)Detailed reference viewed: 69 (1 UL) Fast Evaluation of Polynomials over Binary Finite Fields and Application to Side-Channel CountermeasuresCoron, Jean-Sébastien ; Roy, Arnab; Venkatesh, Srinivas Vivek in Batina, Lejla; Robshaw, Matthew (Eds.) Cryptographic Hardware and Embedded Systems – CHES 2014 (2014)We describe a new technique for evaluating polynomials over binary finite fields. This is useful in the context of anti-DPA countermeasures when an S-box is expressed as a polynomial over a binary finite ... [more ▼]We describe a new technique for evaluating polynomials over binary finite fields. This is useful in the context of anti-DPA countermeasures when an S-box is expressed as a polynomial over a binary finite field. For n-bit S-boxes our new technique has heuristic complexity ${\cal O}(2^{n/2}/\sqrt{n})$ instead of ${\cal O}(2^{n/2})$ proven complexity for the Parity-Split method. We also prove a lower bound of ${\Omega}(2^{n/2}/\sqrt{n})$ on the complexity of any method to evaluate $n$-bit S-boxes; this shows that our method is asymptotically optimal. Here, complexity refers to the number of non-linear multiplications required to evaluate the polynomial corresponding to an S-box. In practice we can evaluate any 8-bit S-box in 10 non-linear multiplications instead of 16 in the Roy-Vivek paper from CHES 2013, and the DES S-boxes in 4 non-linear multiplications instead of 7. We also evaluate any 4-bit S-box in 2 non-linear multiplications instead of 3. Hence our method achieves optimal complexity for the PRESENT S-box. [less ▲]Detailed reference viewed: 126 (6 UL) A Note on the Bivariate Coppersmith TheoremCoron, Jean-Sébastien ; Kirichenko, Alexey; Tibouchi, Mehdi in Journal of Cryptology (2013), 26(2), 246-250Detailed reference viewed: 78 (2 UL) Practical Multilinear Maps over the IntegersCoron, Jean-Sébastien ; Lepoint, Tancrède ; Tibouchi, Mehdi in CRYPTO (1) (2013)Detailed reference viewed: 93 (2 UL) Batch Fully Homomorphic Encryption over the IntegersCheon, Jung Hee; Coron, Jean-Sébastien ; Kim, Jinsu et alin EUROCRYPT (2013)Detailed reference viewed: 126 (0 UL) Public Key Compression and Modulus Switching for Fully Homomorphic Encryption over the IntegersCoron, Jean-Sébastien ; Naccache, David; Tibouchi, Mehdi in EUROCRYPT (2012)Detailed reference viewed: 86 (0 UL) Conversion of Security Proofs from One Leakage Model to Another: A New IssueCoron, Jean-Sébastien ; Christophe, Giraud; Emmanuel, Prouff et alin Proceedings of COSADE 2012 (2012)To guarantee the security of a cryptographic implementation against Side Channel Attacks, a common approach is to formally prove the security of the corresponding scheme in a model as pertinent as ... [more ▼]To guarantee the security of a cryptographic implementation against Side Channel Attacks, a common approach is to formally prove the security of the corresponding scheme in a model as pertinent as possible. Nowadays, security proofs for masking schemes in the literature are usually conducted for models where only the manipulated data are assumed to leak. However in practice, the leakage is better modeled encompassing the memory transitions as e.g. the Hamming distance model. From this observation, a natural question is to decide at which extent a countermeasure proved to be secure in the first model stays secure in the second. In this paper, we look at this issue and we show that it must definitely be taken into account. Indeed, we show that a countermeasure proved to be secure against second-order side-channel attacks in the first model becomes vulnerable against a first-order side-channel attack in the second model. Our result emphasize the issue of porting an implementation from devices leaking only on the manipulated data to devices leaking on the memory transitions. [less ▲]Detailed reference viewed: 89 (8 UL) Fully Homomorphic Encryption over the Integers with Shorter Public KeysCoron, Jean-Sébastien ; Mandal, Avradip ; Naccache, David et alin CRYPTO (2011)Detailed reference viewed: 77 (0 UL) Improved Generic Algorithms for Hard KnapsacksBecker, Anja; Coron, Jean-Sébastien ; Joux, Antoinein EUROCRYPT (2011)Detailed reference viewed: 74 (0 UL) Analysis and Improvement of the Random Delay Countermeasure of CHES 2009Coron, Jean-Sébastien ; Kizhvatov, Ilya in Proceedings of CHES 2010 (2010)Random delays are often inserted in embedded software to protect against side-channel and fault attacks. At CHES 2009 a new method for generation of random delays was described that increases the attacker ... [more ▼]Random delays are often inserted in embedded software to protect against side-channel and fault attacks. At CHES 2009 a new method for generation of random delays was described that increases the attacker's uncertainty about the position of sensitive operations. In this paper we show that the CHES 2009 method is less secure than claimed. We describe an improved method for random delay generation which does not suffer from the same security weakness. We also show that the paper's criterion to measure the security of random delays can be misleading, so we introduce a new criterion for random delays which is directly connected to the number of acquisitions required to break an implementation. We mount a power analysis attack against an 8-bit implementation of the improved method verifying its higher security in practice. [less ▲]Detailed reference viewed: 61 (0 UL) A Domain Extender for the Ideal CipherCoron, Jean-Sébastien ; Dodis, Yevgeniy; Mandal, Avradip et alin Proceedings of TCC 2010 (2010)We describe the first domain extender for ideal ciphers, i.e. we show a construction that is indifferentiable from a 2n-bit ideal cipher, given a n-bit ideal cipher. Our construction is based on a 3-round ... [more ▼]We describe the first domain extender for ideal ciphers, i.e. we show a construction that is indifferentiable from a 2n-bit ideal cipher, given a n-bit ideal cipher. Our construction is based on a 3-round Feistel, and is more efficient than first building a n-bit random oracle from a n-bit ideal cipher (as in [9]) and then a 2n-bit ideal cipher from a n-bit random oracle (as in [10], using a 6-round Feistel). We also show that 2 rounds are not enough for indifferentiability by exhibiting a simple attack. We also consider our construction in the standard model: we show that 2 rounds are enough to get a 2n-bit tweakable block-cipher from a n-bit tweakable block-cipher and we show that with 3 rounds we can get beyond the birthday security bound. [less ▲]Detailed reference viewed: 68 (0 UL) 1 2