EVENTO
Cryptographic Algorithms Based on Ramanujan Graphs
Tipo de evento: Defesa de Tese de Doutorado
Ramanujan graphs are optimal expanders, and expander graphs are sparse graphs that have very important properties such as low diameter, high connectivity, and high chromatic number. These graphs are also applied to block ciphers, such as Advanced Encryption Standard (AES). Much of the security of AES is present in its Substitution-Box (S-Box), in the same way that other block ciphers. In the literature, several methods have been proposed to create strong S-Boxes for AES. A strong S-Box should satisfy several cryptographic properties to resist linear and differential cryptanalysis. An S-Box is a Boolean function. If a Boolean function is bent, then its S-Box associated has maximum nonlinearity, a relevant cryptographic property for construction of S-Boxes resistant to linear cryptanalysis. Ramanujan graph is related to bent functions, namely, a Cayley graph associated with bent function is always a Ramanujan graph. Although, the AES S-Box is not bent, we identified that its circulant matrix in the subbytes is an adjacency matrix of a Ramanujan graph and propose an algorithm to verify the relationship found. Recently, we proposed a theorem and demonstrated the relationship between the Ramanujan graph and the circulant matrix used in AES. We define a B-Ramanujan matrix as a (0,1)-circulant adjacency matrix of a Ramanujan graph. We also verified that B-Ramanujan matrices guarantee strong S-Boxes. For the case of AES-256, we should choose a matrix in a set with approximately 10^18 nonsingular binary matrices. However, our result reduces the search to a set of 247 B-Ramanujan matrices. Grovers Algorithm could attack AES with a 256-bit key length in approximately 2^128 iterations. This algorithm is a quantum algorithm with complexity O(Raiz(N)), where N is the domain size of the function. For the case of a 1024-bit key, Grovers algorithm could brutally force AES into approximately 2^512 iterations. However, this big AES would avoid quantum attacks and its S-Box can be construct using the proposed theorem. Indeed, we can use this technique in every block cipher. In addition, we obtain a numerical sequence consisting of the number of n x n B-Ramanujan matrices. The relevance of Ramanujan graphs applied in cryptography motivated our study in the search for a post-quantum and homomorphic algorithm based on such graphs. In 2011, Jao and De Feo proposed a key-agreement isogeny-based algorithm supposed to be resistant to quantum attacks. It is based on supersingular isogeny (Ramanujan) graph walks. Recently, the Supersingular Isogeny Key Encapsulation (SIKE) reached the fourth round of the NISTs standardization process on post-quantum cryptography. However, these algorithms were attacked by Wouter Castryck and Thomas Decru with Kani's theorem a few months ago. This attack does not threaten all cryptosystems based on isogeny graphs. In the first semester of this year, we propose a SIKE-like considering the degrees of isogeny in the encryption and decryption process. Our SIKE-like is additive homomorphic. Unfortunately, the recent attack on SIKE also exposed vulnerability in our algorithm. Currently, we are analyzing the attack to propose a version resistant to the current attack.Para assistir acesse:meet.google.com/vkx-nwsc-uke
Data Início: 27/01/2023 Hora: 13:00 Data Fim: 27/01/2023 Hora: 16:00
Local: LNCC - Laboratório Nacional de Computação Ciêntifica - Virtual
Aluno: Marcio Prudêncio Belleza - Laboratório Nacional de Computação Científica - LNCC
Orientador: Fábio Borges de Oliveira - Laboratório Nacional de Computação Científica - LNCC
Participante Banca Examinadora: Leonardo Augusto Martucci - - KAU Raphael Carlos Santos Machado - Universidade Federal Fluminense - UFF Renato Portugal - Laboratório Nacional de Computação Científica - LNCC
Suplente Banca Examinadora: Bruno Richard Schulze - Laboratório Nacional de Computação Científica - LNCC Max Mühlhäuser - TU Darmstadt -
