Existing public-key cryptography is mainly based on the hardness of two problems: factoring and solving discrete logarithms. In the eventuality of building large scale quantum computers, these two problems become easy to solve [Sho97]. Post-quantum cryptography refers to cryptographic algorithms that are thought to be secure against attacks which can be implemented on a quantum computer. Lattices, multivariate systems of equations, codes, isogenies and hash functions provide problems which are conjectured to remain hard to solve even using a quantum computer and which can be used as security foundations for post-quantum cryptographic schemes. At Bitdefender, we are interested in post-quantum cryptography with a focus on lattice-based solutions. One of the most well known lattice problems is the Approximate Shortest Vector Problem (ApproxSVP). Still, there are few cryptographic schemes built directly on the conjectured hardness of ApproxSVP. Instead, most of the schemes in the literature are built either on the hardness of an intermediate problem, the Learning With Errors Problem (LWE), which has been proved to be as hard as ApproxSVP ([Reg05]), or on one of its algebraic variants ([SSTX09], [LPR10], [LS15]). In this invited talk, I will give a general overview of our recent results. In the past few years, at Bitdefender, we built advanced primitives from LWE QLST18], [LT19]) and studied the hardness of (new) algebraic variants of LWE ([RSSS17J, [RSW18], [B0118], IBBPS19]).
展开▼