Matthieu Finiasz did his PhD in the project team SECRET at INRIA from 2001 to 2004 and was a postdoctoral researcher at EPFL in the LASEC team from 2004 to 2007. After 5 years as a research scientist at ENSTA he joins CryptoExperts today. His research interests are the design of efficient code-based cryptosystems and, more generally, applications of coding theory to symmetric and asymmetric cryptography. Matthieu has a thorough research experience and numerous scientific publications in the field of code-based cryptographic systems. Among other achievements, Matthieu is one of the designers of the CFS signature scheme (2001), the first signature scheme with a tight security reduction to the syndrome decoding problem (the central NP-complete problem in code-based cryptography). He also designed other cryptographic primitives with similar security reductions, like the provably secure hash function FSB submitted to the NIST SHA-3 competition (2008).
Matthieu Finiasz’s web page.
On February 14th, 2012, Lenstra et al. published on the Cryptology ePrint Archive an extended abstract of a study assessing computational and randomness properties of millions of actual public keys collected from a wide variety of sources on the web. They found out that many thousands of 1024-bit RSA moduli still in use offer no security, since they share a prime factor with at least one other RSA key, easily yielding to a factorization using the Euclidean GCD Algorithm. El-Gamal, DSA and ECDSA keys are also studied. According to the authors, the fact many public keys are shared among unrelated parties might be explained by an inappropriate choice of the seeds (with low entropy) of the pseudorandom number generators used to generate the prime factors of RSA, regardless the sizes of the keys. Some particular clusters of moduli (sharing factors) are quite stupefying and difficult to explain. In particular, there exist a subset of 36 moduli corresponding to the set yielded by all the pairwise product of 9 specific primes.
Finally, they observe a 99.8% security at best for real-world 1024-bit RSA (representing 75% of the collected RSA keys). However, as the body of keys grows, so does the percentage of affected keys. Thus, the simple step of abandoning 1024-bit keys for 2048-bit ones (as recommended by the NIST since 2011) is susceptible to lead to a comparable proportion of unsecured keys. These results are definitively an interesting warning for both users and cryptographic developers of the importance of high entropy seeds for pseudorandom number generators used in real world.
An article entitled “Higher-Order Masking Schemes for S-boxes” written by Matthieu Rivain (CryptoExperts) together with Claude Carlet (Paris 8 University), Louis Goubin (Versailles University), Emmanuel Prouff (Oberthur Technologies) and Michael Quisquater (Versailles University) has been accepted for presentation at the 19th International Workshop on Fast Software Encryption (FSE 2012) and publication in the conference proceedings. The conference will take place in Washington DC (USA) from March 19th to 21th.
Matthieu Rivain (CryptoExperts) will be part of the program committee of the 2012 edition of Cryptographic Hardware and Embedded Systems (CHES), which is the main international workshop in the fields of cryptographic implementations and embedded systems security. CHES is sponsored by the International Association for Cryptologic Research (IACR) and it has been held annually since 1999 in various locations in United States, Europe and Asia. This year, CHES will take place in Leuven (Belgium) from the 9th until the 12th of September 2012, and it will be organized by the COSIC research group of the Katholieke Universiteit Leuven.
The article “Partial key exposure on RSA with private exponents larger than N” written by Tancrède Lepoint (CryptoExperts), together with Marc Joye (Technicolor), will be published in 8th International Conference on Information Security Practice and Experience (ISPEC 2012), Hangzhou, China, April 9-12, 2012.
Following his recent graduation from the Université Joseph Fourier, Tancrède Lepoint, MSc in Computer Science, today joins CryptoExperts to carry out a PhD thesis on lattice-based cryptography. Tancrède’s research works are advised by Prof. D. Pointcheval (Cascade team, Ecole Normale Supérieure).
Tancrède Lepoint’s web page.