404
Nothing found, but this random article might interest you!
• How Fast Can Higher-Order Masking Be in Software?
In EUROCRYPT 2017, 2017.
• Stream ciphers: A Practical Solution for Efficient Homomorphic-Ciphertext Compression.
In FSE 2016, 2016.
• NFLlib: NTT-based Fast Lattice Library.
In CT-RSA 2016, 2016.
• Lattice Attacks against Elliptic-Curve Signatures with Blinded Scalar Multiplication
In Selected Areas in Cryptography 2016, 2016.
• On the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking
In Cryptographic Hardware and Embedded Systems 2016, 2016.
• Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance.
In ASIACRYPT (1) 2015, 2015. Best Paper Award
• Trap Me If You Can - Million Dollar Curve
In Cryptology ePrint Archive, 2015.
• Cryptanalysis of SHA-0 and Reduced SHA-1.
In J. Cryptology, 2015.
• A survey of fault attacks in pairing based cryptography.
In Cryptography and Communications, 2015.
• 🇫🇷 Quatre millions d'échanges de clés par seconde.
In SSTIC 2015, 2015.
• Cryptanalysis of a (Somewhat) Additively Homomorphic Encryption Scheme Used in PIR.
In Financial Cryptography Workshops 2015, pp. 184-193, 2015.
• Zeroizing Without Low-Level Zeroes: New MMAP Attacks and their Limitations.
In CRYPTO (1) 2015, pp. 247-266, 2015.
• Cryptanalysis of the Co-ACD Assumption.
In CRYPTO (1) 2015, pp. 561-580, 2015.
• Algebraic Decomposition for Probing Security.
In CRYPTO (1) 2015, pp. 742-763, 2015.
• New Multilinear Maps Over the Integers.
In CRYPTO (1) 2015, pp. 267-286, 2015.
• Recovering a sum of two squares decomposition.
In J. Symb. Comput., 2014.
• Design and Implementation of Lattice-Based Cryptography.
Phd Thesis, 2014.
• Selected Areas in Cryptography - SAC 2014 - 21st International Conference, Montreal, QC, Canada, August 14-15, 2014, Revised Selected Papers
Lecture Notes in Computer Science, Springer, 2014. (ISBN: 978-3-319-13050-7.)
• Scale-Invariant Fully Homomorphic Encryption over the Integers.
In Public Key Cryptography 2014, pp. 311-328, 2014.
• Toward efficient, privacy-aware media classification on public databases.
In ICMR 2014, pp. 49, 2014.
• Direct Construction of Recursive MDS Diffusion Layers Using Shortened BCH Codes.
In FSE 2014, pp. 3-17, 2014. Best Paper Award
• Practical Validation of Several Fault Attacks against the Miller Algorithm.
In FDTC 2014, pp. 115-122, 2014.
• Symmetrized Summation Polynomials: Using Small Order Torsion Points to Speed Up Elliptic Curve Index Calculus.
In EUROCRYPT 2014, pp. 40-57, 2014.
• A Heuristic Quasi-Polynomial Algorithm for Discrete Logarithm in Finite Fields of Small Characteristic.
In EUROCRYPT 2014, pp. 1-16, 2014. Best Paper Award
• On the Practical Security of a Leakage Resilient Masking Scheme.
In CT-RSA 2014, pp. 169-182, 2014.
• On Double Exponentiation for Securing RSA against Fault Analysis.
In CT-RSA 2014, pp. 152-168, 2014.
• How to Estimate the Success Rate of Higher-Order Side-Channel Attacks.
In CHES 2014, pp. 35-54, 2014.
• Multi-user Collisions: Applications to Discrete Logarithm, Even-Mansour and PRINCE.
In ASIACRYPT (1) 2014, pp. 420-438, 2014.
• Improving the Polynomial time Precomputation of Frobenius Representation Discrete Logarithm Algorithms - Simplified Setting for Small Characteristic Finite Fields.
In ASIACRYPT (1) 2014, pp. 378-397, 2014.
• A Comparison of the Homomorphic Encryption Schemes FV and YASHE.
In AFRICACRYPT 2014, pp. 318-335, 2014.
• Elliptic Curve Discrete Logarithm Problem over Small Degree Extension Fields - Application to the Static Diffie-Hellman Problem on $$E(\mathbb{F}_{q^{5}})$$.
In J. Cryptology, 2013.
• Formal verification of a CRT-RSA implementation against fault attacks.
In J. Cryptographic Engineering, 2013.
• One-Way Private Media Search on Public Databases: The Role of Signal Processing.
In IEEE Signal Process. Mag., 2013.
• Pairing the volcano.
In Math. Comput., 2013.
• Two Attacks on a White-Box AES Implementation.
In Selected Areas in Cryptography 2013, pp. 265-285, 2013.
• A New Index Calculus Algorithm with Complexity $$L(1/4+o(1))$$ in Small Characteristic.
In Selected Areas in Cryptography 2013, pp. 355-379, 2013.
• White-Box Security Notions for Symmetric Encryption Schemes.
In Selected Areas in Cryptography 2013, pp. 247-264, 2013.
• The Special Number Field Sieve in $$\mathbb F_{p^n}$$ - Application to Pairing-Friendly Constructions.
In Pairing 2013, pp. 45-61, 2013.
• Exhaustive search for small dimension recursive MDS diffusion layers for block ciphers and hash functions.
In ISIT 2013, pp. 1551-1555, 2013.
• On the Minimal Number of Bootstrappings in Homomorphic Circuits.
In Financial Cryptography Workshops 2013, pp. 189-200, 2013.
• Higher-Order Side Channel Security and Mask Refreshing.
In FSE 2013, pp. 410-424, 2013.
• Faster Index Calculus for the Medium Prime Case Application to 1175-bit and 1425-bit Finite Fields.
In EUROCRYPT 2013, pp. 177-193, 2013.
• Batch Fully Homomorphic Encryption over the Integers.
In EUROCRYPT 2013, pp. 315-335, 2013.
• Masking against Side-Channel Attacks: A Formal Security Proof.
In EUROCRYPT 2013, pp. 142-159, 2013.
• Lattice Signatures and Bimodal Gaussians.
In CRYPTO (1) 2013, pp. 40-56, 2013.
• Practical Multilinear Maps over the Integers.
In CRYPTO (1) 2013, pp. 476-493, 2013.
• Inverting the Final Exponentiation of Tate Pairings on Ordinary Elliptic Curves Using Faults.
In CHES 2013, pp. 365-382, 2013.
• SCARE of Secret Ciphers with SPN Structures.
In ASIACRYPT (1) 2013, pp. 526-544, 2013.
• Impact of Sboxes Size upon Side Channel Resistance and Block Cipher Design.
In AFRICACRYPT 2013, pp. 240-259, 2013.
• Injective Encodings to Elliptic Curves.
In ACISP 2013, pp. 203-218, 2013.
• A family of weak keys in HFE and the corresponding practical key-recovery.
In J. Mathematical Cryptology, 2012.
• Private Stream Search at Almost the Same Communication Cost as a Regular Search.
In Selected Areas in Cryptography 2012, pp. 372-389, 2012.
• Generating Provable Primes Efficiently on Embedded Devices.
In Public Key Cryptography 2012, pp. 372-389, 2012.
• Partial Key Exposure on RSA with Private Exponents Larger Than N.
In ISPEC 2012, pp. 369-380, 2012.
• Private Stream Search at the same communication cost as a regular search: Role of LDPC codes.
In ISIT 2012, pp. 2556-2560, 2012.
• Higher-Order Masking Schemes for S-Boxes.
In FSE 2012, pp. 366-384, 2012.
• Cover and Decomposition Index Calculus on Elliptic Curves Made Practical - Application to a Previously Unreachable Curve over $$\mathbb{F}_{p^6}$$.
In EUROCRYPT 2012, pp. 9-26, 2012. Best Paper Award
• A Tutorial on High Performance Computing Applied to Cryptanalysis - (Invited Talk Abstract).
In EUROCRYPT 2012, pp. 1-7, 2012.
• Decoding Random Binary Linear Codes in $$2^{n/20}$$: How 1 + 1 = 0 Improves Information Set Decoding.
In EUROCRYPT 2012, pp. 520-536, 2012.
• Supplemental Access Control (PACE v2): Security Analysis of PACE Integrated Mapping.
In Cryptography and Security 2012, pp. 207-232, 2012.
• Secret Key Leakage from Public Key Perturbation of DLP-Based Cryptosystems.
In Cryptography and Security 2012, pp. 233-247, 2012.
• Conversion of Security Proofs from One Leakage Model to Another: A New Issue.
In COSADE 2012, pp. 69-81, 2012.
• Towards Super-Exponential Side-Channel Security with Efficient Leakage-Resilient PRFs.
In CHES 2012, pp. 193-212, 2012.
• Integrating Anonymous Credentials with eIDs for Privacy-Respecting Online Authentication.
In APF 2012, pp. 111-124, 2012.
• Mutual Information Analysis: a Comprehensive Study.
In J. Cryptology, 2011.
• Scalar multiplication on Weierstraß elliptic curves from Co-Z arithmetic.
In J. Cryptographic Engineering, 2011.
• Univariate side channel attacks and leakage modeling.
In J. Cryptographic Engineering, 2011.
• Cryptanalysis of the RSA Subgroup Assumption from TCC 2005.
In Public Key Cryptography 2011, pp. 147-155, 2011.
• Fast Software Encryption - 18th International Workshop, FSE 2011, Lyngby, Denmark, February 13-16, 2011, Revised Selected Papers
Lecture Notes in Computer Science, Springer, 2011. (ISBN: 978-3-642-21701-2.)
• Improved Generic Algorithms for Hard Knapsacks.
In EUROCRYPT 2011, pp. 364-385, 2011.
• Traitor tracing schemes for protected software implementations.
In Digital Rights Management Workshop 2011, pp. 15-22, 2011.
• A Variant of the F4 Algorithm.
In CT-RSA 2011, pp. 356-375, 2011.
• Protecting AES with Shamir's Secret Sharing Scheme.
In CHES 2011, pp. 79-94, 2011.
• Theoretical and practical aspects of mutual information-based side channel analysis.
In IJACT, 2010.
• On the security of blockwise secure modes of operation beyond the birthday bound.
In IEEE Transactions on Information Theory, 2010.
• Affine Masking against Higher-Order Side Channel Analysis.
In Selected Areas in Cryptography 2010, pp. 262-280, 2010.
• Parallel-CFS - Strengthening the CFS McEliece-Based Signature Scheme.
In Selected Areas in Cryptography 2010, pp. 159-170, 2010.
• Distinguishing Distributions Using Chernoff Information.
In ProvSec 2010, pp. 144-165, 2010.
• Pairing Computation on Elliptic Curves with Efficiently Computable Endomorphism and Small Embedding Degree.
In Pairing 2010, pp. 435-449, 2010.
• Cryptanalysis of the Hidden Matrix Cryptosystem.
In LATINCRYPT 2010, pp. 241-254, 2010.
• Methods for the reconstruction of parallel turbo codes.
In ISIT 2010, pp. 2008-2012, 2010.
• SPAKE: A Single-Party Public-Key Authenticated Key Exchange Protocol for Contact-Less Applications.
In Financial Cryptography Workshops 2010, pp. 107-122, 2010.
• New Generic Algorithms for Hard Knapsacks.
In EUROCRYPT 2010, pp. 235-256, 2010.
• Provably Secure Higher-Order Masking of AES.
In CHES 2010, pp. 413-427, 2010.
• Public Key Perturbation of Randomized RSA Implementations.
In CHES 2010, pp. 306-319, 2010. Best Paper Award
• Pairing the Volcano.
In ANTS 2010, pp. 201-218, 2010.
• Statistical Analysis of Second Order Differential Power Analysis.
In IEEE Trans. Computers, 2009.
• On Second-Order Fault Analysis Resistance for CRT-RSA Implementations.
In WISTP 2009, pp. 68-83, 2009.
• Reconstruction of Punctured Convolutional Codes.
In Information Theory Workshop 2009, pp. 75-79, 2009.
• Recovering a code's length and synchronization from a noisy intercepted bitstream.
In ISIT 2009, pp. 2737-2741, 2009.
• Fair E-Cash: Be Compact, Spend Faster.
In ISC 2009, pp. 294-309, 2009.
• Fault Analysis of Rabbit: Toward a Secret Key Leakage.
In INDOCRYPT 2009, pp. 72-87, 2009.
• Oracle-Assisted Static Diffie-Hellman Is Easier Than Discrete Logarithms.
In IMA Int. Conf. 2009, pp. 351-367, 2009.
• Fault Analysis of Grain-128.
In HOST 2009, pp. 7-14, 2009.
• Advances in Cryptology - EUROCRYPT 2009, 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26-30, 2009. Proceedings
Lecture Notes in Computer Science, Springer, 2009. (ISBN: 978-3-642-01000-2.)
• Fault Attacks on RSA Public Keys: Left-To-Right Implementations Are Also Vulnerable.
In CT-RSA 2009, pp. 414-428, 2009.
• Securing RSA against Fault Analysis by Double Addition Chain Exponentiation.
In CT-RSA 2009, pp. 459-480, 2009.
• Fault Attacks on RSA Signatures with Partially Unknown Messages.
In CHES 2009, pp. 444-456, 2009.
• Differential Fault Analysis on DES Middle Rounds.
In CHES 2009, pp. 457-469, 2009.
• Higher-Order Masking and Shuffling for Software Implementations of Block Ciphers.
In CHES 2009, pp. 171-188, 2009.
• Improved Generic Algorithms for 3-Collisions.
In ASIACRYPT 2009, pp. 347-363, 2009. Best Paper Award
• Security Bounds for the Design of Code-Based Cryptosystems.
In ASIACRYPT 2009, pp. 88-105, 2009.
• Factoring $$pq^2$$ with Quadratic Forms: Nice Cryptanalyses.
In ASIACRYPT 2009, pp. 469-486, 2009.
• Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis.
In ACNS 2009, pp. 499-518, 2009.
• Quantitative security of block ciphers : designs and cryptanalysis tools
Phd Thesis, 2008.
• Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions.
In J. Cryptology, 2008.
• On the Exact Success Rate of Side Channel Analysis in the Gaussian Model.
In Selected Areas in Cryptography 2008, pp. 165-183, 2008.
• Algebraic and Correlation Attacks against Linearly Filtered Non Linear Feedback Shift Registers.
In Selected Areas in Cryptography 2008, pp. 184-198, 2008.
• Expressive Subgroup Signatures.
In SCN 2008, pp. 185-200, 2008.
• How to Use Merkle-Damgård - On the Security Relations between Signature Schemes and Their Inner Hash Functions.
In ProvSec 2008, pp. 241-253, 2008.
• Syndrome Based Collision Resistant Hashing.
In PQCrypto 2008, pp. 137-147, 2008.
• Another Approach to Pairing Computation in Edwards Coordinates.
In INDOCRYPT 2008, pp. 400-413, 2008.
• The Complexity of Distinguishing Distributions (Invited Talk).
In ICITS 2008, pp. 210-222, 2008.
• Guess-and-Determine Algebraic Attack on the Self-Shrinking Generator.
In FSE 2008, pp. 235-252, 2008.
• Block Ciphers Implementations Provably Secure Against Second Order Side Channel Analysis.
In FSE 2008, pp. 127-143, 2008.
• In(security) Against Fault Injection Attacks for CRT-RSA Implementations.
In FDTC 2008, pp. 101-107, 2008.
• Dynamic Threshold Public-Key Encryption.
In CRYPTO 2008, pp. 317-334, 2008.
• Attack and Improvement of a Secure S-Box Calculation Based on the Fourier Transform.
In CHES 2008, pp. 1-14, 2008. Best Paper Award
• Perturbating RSA Public Keys: An Improved Attack.
In CHES 2008, pp. 380-395, 2008.
• SHA-3 Proposal: FSB.
In Submission to the NIST SHA-3 competition, 2008.
• Yet Another Attack on Vest.
In AFRICACRYPT 2008, pp. 221-235, 2008.
• Provable Security in Cryptography
Tutorial.
• A Generic Method for Secure SBox Implementation.
In WISA 2007, pp. 227-244, 2007.
• Linear Cryptanalysis of Non Binary Ciphers.
In Selected Areas in Cryptography 2007, pp. 184-211, 2007.
• Cryptanalysis of White Box DES Implementations.
In Selected Areas in Cryptography 2007, pp. 278-295, 2007.
• Decryptable Searchable Encryption.
In ProvSec 2007, pp. 228-236, 2007.
• Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys.
In Pairing 2007, pp. 39-59, 2007.
• Overtaking VEST.
In FSE 2007, pp. 58-72, 2007.
• Toward a Rigorous Variation of Coppersmith's Algorithm on Three Variables.
In EUROCRYPT 2007, pp. 361-378, 2007.
• Improved Fast Syndrome Based Cryptographic Hash Functions.
In ECRYPT Hash Workshop 2007, 2007.
• Impossibility Proofs for RSA Signatures in the Standard Model.
In CT-RSA 2007, pp. 31-48, 2007.
• Hash Functions and the (Amplified) Boomerang Attack.
In CRYPTO 2007, pp. 244-263, 2007.
• Side Channel Cryptanalysis of a Higher Order Masking Scheme.
In CHES 2007, pp. 28-44, 2007. Best Paper Award
• Cryptographic Hardware and Embedded Systems - CHES 2007, 9th International Workshop, Vienna, Austria, September 10-13, 2007, Proceedings
Lecture Notes in Computer Science, Springer, 2007. (ISBN: 978-3-540-74734-5.)
• When e-th Roots Become Easier Than Factoring.
In ASIACRYPT 2007, pp. 13-28, 2007.
• Identity-Based Broadcast Encryption with Constant Size Ciphertexts and Private Keys.
In ASIACRYPT 2007, pp. 200-215, 2007.
• TCHo: A Hardware-Oriented Trapdoor Cipher.
In ACISP 2007, pp. 184-199, 2007.
• Dynamic Fully Anonymous Short Group Signatures.
In VIETCRYPT 2006, pp. 193-210, 2006.
• Dial C for Cipher.
In Selected Areas in Cryptography 2006, pp. 76-95, 2006.
• When Stream Cipher Analysis Meets Public-Key Cryptography.
In Selected Areas in Cryptography 2006, pp. 266-284, 2006.
• Encoding-Free ElGamal Encryption Without Random Oracles.
In Public Key Cryptography 2006, pp. 91-104, 2006.
• Galois LFSR, Embedded Devices and Side Channel Weaknesses.
In INDOCRYPT 2006, pp. 436-451, 2006.
• Chosen-Ciphertext Attacks Against MOSQUITO.
In FSE 2006, pp. 390-404, 2006.
• The Function Field Sieve in the Medium Prime Case.
In EUROCRYPT 2006, pp. 254-270, 2006.
• Inverting HFE Is Quasipolynomial.
In CRYPTO 2006, pp. 345-356, 2006.
• The Number Field Sieve in the Medium Prime Case.
In CRYPTO 2006, pp. 326-344, 2006.
• Fast Generation of Prime Numbers on Portable Devices: An Update.
In CHES 2006, pp. 160-173, 2006.
• Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings
Lecture Notes in Computer Science, Springer, 2006. (ISBN: 3-540-46559-6.)
• Trading One-Wayness Against Chosen-Ciphertext Security in Factoring-Based Encryption.
In ASIACRYPT 2006, pp. 252-266, 2006.
• KFC - The Krazy Feistel Cipher.
In ASIACRYPT 2006, pp. 380-395, 2006.
• Proving the Security of AES Substitution-Permutation Network.
In Selected Areas in Cryptography 2005, pp. 65-81, 2005.
• Cryptanalysis of the Tractable Rational Map Cryptosystem.
In Public Key Cryptography 2005, pp. 258-274, 2005.
• A Family of Fast Syndrome Based Cryptographic Hash Functions.
In Mycrypt 2005, pp. 64-83, 2005.
• An Algebraic Masking Method to Protect AES Against Power Attacks.
In ICISC 2005, pp. 199-209, 2005.
• Two Attacks Against the HBB Stream Cipher.
In FSE 2005, pp. 330-341, 2005.
• Collisions of SHA-0 and Reduced SHA-1.
In EUROCRYPT 2005, pp. 36-57, 2005.
• Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions.
In CRYPTO 2005, pp. 205-222, 2005.
• On Second-Order Differential Power Analysis.
In CHES 2005, pp. 293-308, 2005.
• Universally Convertible Directed Signatures.
In ASIACRYPT 2005, pp. 682-701, 2005.
• Discrete-Log-Based Signatures May Not Be Equivalent to Discrete Log.
In ASIACRYPT 2005, pp. 1-20, 2005. Best Paper Award
• A One Round Protocol for Tripartite Diffie-Hellman.
In J. Cryptology, 2004.
• 🇫🇷 Nouvelles constructions utilisant des codes correcteurs d'erreurs en cryptographie à clef publique.
Phd Thesis, 2004.
• Blockwise Adversarial Model for On-line Ciphers and Symmetric Encryption Schemes.
In Selected Areas in Cryptography 2004, pp. 212-226, 2004.
• Two Power Analysis Attacks against One-Mask Methods.
In FSE 2004, pp. 332-347, 2004.
• Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions.
In CRYPTO 2004, pp. 306-316, 2004.
• How to Disembed a Program?
In CHES 2004, pp. 441-454, 2004.
• How Far Can We Go Beyond Linear Cryptanalysis?
In ASIACRYPT 2004, pp. 432-450, 2004.
• Separating Decision Diffie-Hellman from Computational Diffie-Hellman in Cryptographic Groups.
In J. Cryptology, 2003.
• A Chosen IV Attack Against Turing.
In Selected Areas in Cryptography 2003, pp. 194-207, 2003.
• Authenticated On-Line Encryption.
In Selected Areas in Cryptography 2003, pp. 145-159, 2003.
• A Fast and Secure Implementation of Sflash.
In Public Key Cryptography 2003, pp. 267-278, 2003.
• A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems.
In Public Key Cryptography 2003, pp. 199-210, 2003.
• Words of minimal weight and weight distribution of binary Goppa codes.
In ISIT 2003, 2003.
• Improvements to the general number field sieve for discrete logarithms in prime fields. A comparison with the gaussian integer method.
In Math. Comput., 2003.
• Loosening the KNOT.
In FSE 2003, pp. 87-99, 2003.
• A Generic Protection against High-Order Differential Power Analysis.
In FSE 2003, pp. 192-205, 2003.
• New Attacks against Standardized MACs.
In FSE 2003, pp. 170-181, 2003.
• Cryptanalysis of the EMD Mode of Operation.
In EUROCRYPT 2003, pp. 1-16, 2003.
• A Public Key Encryption Scheme Based on the Polynomial Reconstruction Problem.
In EUROCRYPT 2003, pp. 229-240, 2003.
• Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Gröbner Bases.
In CRYPTO 2003, pp. 44-60, 2003.
• GCD-Free Algorithms for Computing Modular Inverses.
In CHES 2003, pp. 243-253, 2003.
• Faster Double-Size Modular Multiplication from Euclidean Multipliers.
In CHES 2003, pp. 214-227, 2003.
• A Control of Smooth Deformations with Topological Change on Polyhedral Mesh Based on Curves and Loops.
In Shape Modeling International 2002, pp. 191-200, 2002.
• Public Key Cryptography, 5th International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2002, Paris, France, February 12-14, 2002, Proceedings
Lecture Notes in Computer Science, Springer, 2002. (ISBN: 3-540-43168-3.)
• Optimal Chosen-Ciphertext Secure Encryption of Arbitrary-Length Messages.
In Public Key Cryptography 2002, pp. 17-33, 2002.
• Solving Underdefined Systems of Multivariate Quadratic Equations.
In Public Key Cryptography 2002, pp. 211-227, 2002.
• Short McEliece-based digital signatures.
In ISIT 2002, 2002.
• On the Security of Randomized CBC-MAC Beyond the Birthday Paradox Limit: A New Construction.
In FSE 2002, pp. 237-251, 2002.
• Fast Correlation Attacks: An Algorithmic Point of View.
In EUROCRYPT 2002, pp. 209-221, 2002.
• GEM: A Generic Chosen-Ciphertext Secure Encryption Method.
In CT-RSA 2002, pp. 263-276, 2002.
• Universal Padding Schemes for RSA.
In CRYPTO 2002, pp. 226-241, 2002.
• Blockwise-Adaptive Attackers: Revisiting the (In)Security of Some Provably Secure Encryption Models: CBC, GEM, IACBC.
In CRYPTO 2002, pp. 17-30, 2002.
• Provably Secure Chipcard Personalization, or, How to Fool Malicious Insiders.
In CARDIS 2002, 2002.
• The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems.
In ANTS 2002, pp. 20-32, 2002.
• The Function Field Sieve Is Quite Special.
In ANTS 2002, pp. 431-445, 2002.
• "Chinese & Match", an alternative to Atkin's "Match and Sort" method used in the SEA algorithm.
In Math. Comput., 2001.
• Cryptanalysis of PKP: A New Approach.
In Public Key Cryptography 2001, pp. 165-172, 2001.
• FLASH, a Fast Multivariate Signature Algorithm.
In CT-RSA 2001, pp. 298-307, 2001.
• QUARTZ, 128-Bit Long Digital Signatures.
In CT-RSA 2001, pp. 282-297, 2001.
• A Sound Method for Switching between Boolean and Arithmetic Masking.
In CHES 2001, pp. 3-15, 2001.
• How to Achieve a McEliece-Based Digital Signature Scheme.
In ASIACRYPT 2001, pp. 157-174, 2001.
• A Statistical Attack on RC6.
In FSE 2000, pp. 64-74, 2000.
• A NICE Cryptanalysis.
In EUROCRYPT 2000, pp. 382-391, 2000.
• New Attacks on PKCS#1 v1.5 Encryption.
In EUROCRYPT 2000, pp. 369-381, 2000.
• A Chosen-Ciphertext Attack against NTRU.
In CRYPTO 2000, pp. 20-35, 2000.
• Efficient Generation of Prime Numbers.
In CHES 2000, pp. 340-354, 2000.
• On Boolean and Arithmetic Masking against Differential Power Analysis.
In CHES 2000, pp. 231-237, 2000.
• Trapdooring Discrete Logarithms on Elliptic Curves over Rings.
In ASIACRYPT 2000, pp. 573-584, 2000.
• Cryptanalysis of the TTM Cryptosystem.
In ASIACRYPT 2000, pp. 44-57, 2000.
• Why Textbook ElGamal and RSA Encryption Are Insecure.
In ASIACRYPT 2000, pp. 30-43, 2000.
• A One Round Protocol for Tripartite Diffie-Hellman.
In ANTS 2000, pp. 385-394, 2000.
• Evaluating Differential Fault Analysis of Unknown Cryptosystems.
In Public Key Cryptography 1999, pp. 235-244, 1999.
• Low-Cost Double-Size Modular Exponentiation or How to Stretch Your Cryptoprocessor.
In Public Key Cryptography 1999, pp. 223-234, 1999.
• A Trapdoor Permutation Equivalent to Factoring.
In Public Key Cryptography 1999, pp. 219-222, 1999.
• Self-Escrowed Public-Key Infrastructures.
In ICISC 1999, pp. 257-268, 1999.
• Unbalanced Oil and Vinegar Signature Schemes.
In EUROCRYPT 1999, pp. 206-222, 1999.
• Public-Key Cryptosystems Based on Composite Degree Residuosity Classes.
In EUROCRYPT 1999, pp. 223-238, 1999.
• Probing Attacks on Tamper-Resistant Devices.
In CHES 1999, pp. 303-315, 1999.
• DES and Differential Power Analysis (The "Duplication" Method).
In CHES 1999, pp. 158-172, 1999.
• Efficient Public-Key Cryptosystems Provably Secure Against Active Adversaries.
In ASIACRYPT 1999, pp. 165-179, 1999.
• Lattice Reduction: A Toolbox for the Cryptanalyst.
In J. Cryptology, 1998.
• Improved Algorithms for Isomorphisms of Polynomials.
In EUROCRYPT 1998, pp. 184-200, 1998.
• The action of a few permutations on r-tuples is quickly transitive.
In Random Struct. Algorithms, 1998.
• Differential Collisions in SHA-0.
In CRYPTO 1998, pp. 56-71, 1998.
• Reducing the Collision Probability of Alleged Comp128.
In CARDIS 1998, pp. 366-371, 1998.
• Smart Card Crypto-Coprocessors for Public-Key Cryptography.
In CARDIS 1998, pp. 372-379, 1998.
• C*-+ and HM: Variations Around Two Schemes of T. Matsumoto and H. Imai.
In ASIACRYPT 1998, pp. 35-49, 1998.
• On Ideal Non-perfect Secret Sharing Schemes.
In Security Protocols Workshop 1997, pp. 207-216, 1997.
• Trapdoor one-way permutations and multivariate polynominals.
In ICICS 1997, pp. 356-368, 1997.
• Asymmetric cryptography with S-Boxes.
In ICICS 1997, pp. 369-380, 1997.
• The Action of a Few Random Permutations on r-Tuples and an Application to Cryptography.
In STACS 1996, pp. 375-386, 1996.
• A Practical Attack against Knapsack based Hash Functions (Extended Abstract).
In EUROCRYPT 1994, pp. 58-66, 1994.
• Improved Low-Density Subset Sum Algorithms.
In Computational Complexity, 1992.
• Improving the Critical Density of the Lagarias-Odlyzko Attack Against Subset Sum Problems.
In FCT 1991, pp. 258-264, 1991.
• The Cryptanalysis of a New Public-Key Cryptosystem Based on Modular Knapsacks.
In CRYPTO 1991, pp. 204-212, 1991.
• Cryptanalysis of Another Knapsack Cryptosystem.
In ASIACRYPT 1991, pp. 470-476, 1991.

## Featured Presentations & Talks

• The importance of rigidity in cryptographic standards
AWACS 2016, A Workshop About Cryptographic Standards. Vienna, Austria (co-located with Eurocrypt 2016), May 08, 2016.
• CLT: Construction(s) and Attacks
Summer school on Fully Homomorphic Encryption and Multilinear Maps, Paris, France, October 14, 2015.
• Zeroizing Attacks on Multilinear Maps.
Workshop on Tools for Asymmetric Cryptanalysis, Bochum, Germany, October 08, 2015.
• Multilinear Maps over the Integers: From Design to Security.
The Mathematics of Modern Cryptography Workshop, Berkeley, U.S.A., July 10, 2015.
• The ins and outs of programming cryptography in smart cards.
Real World Cryptography, London, U.K., January 08, 2015.
• 🇫🇷 Chiffrement (complètement) homomorphe : de la théorie à la pratique.
Séminaire confiance numérique, Clermont-Ferrand, France, October 09, 2014.
• Homomorphic Encryption: From Theory to Practice.
CryptoBG International Summer School 2014, Bulgaria, July 23, 2014.
• Quantitative Security of Block Ciphers.
Université Catholique de Louvain, February 05, 2009.
• Practical Decorrelation.
Echternach Symmetric Cryptography seminar, January 07, 2008.