Anne Canteaut

Last updated

Anne Canteaut
Anne Canteaut - SCM-2024-018-085 8300.jpg
Nationality French
Education
Scientific career
Fields Cryptography
Institutions INRIA
Thesis Attaques de cryptosystèmes à mots de poids faible et construction de fonctions t-résilientes  (1996)
Doctoral advisor Paul Camion  [ fr ]

Anne Canteaut is a French researcher in cryptography, working at the French Institute for Research in Computer Science and Automation (INRIA) in Paris. She studies the design and cryptanalysis of symmetric-key algorithms and S-boxes.

Contents

Education and career

Canteaut earned a diploma in engineering from ENSTA Paris in 1993. [1] She completed her doctorate at Pierre and Marie Curie University in 1996, with the dissertation Attaques de cryptosystèmes à mots de poids faible et construction de fonctions t-résilientes supervised by Paul Camion  [ fr ]. [2]

She is currently the chair of the INRIA Evaluation Committee, [3] and of the FSE steering committee. [4] She was the scientific leader of the INRIA team SECRET between 2007 and 2019.

Cryptographic primitives

Canteaut has contributed to the design of several new cryptographic primitives:

Recognition

Canteaut was awarded the Legion of Honour in 2019. [9] She became a fellow of the International Association for Cryptologic Research in 2024. [10]

Related Research Articles

<span class="mw-page-title-main">International Data Encryption Algorithm</span> Symmetric-key block cipher

In cryptography, the International Data Encryption Algorithm (IDEA), originally called Improved Proposed Encryption Standard (IPES), is a symmetric-key block cipher designed by James Massey of ETH Zurich and Xuejia Lai and was first described in 1991. The algorithm was intended as a replacement for the Data Encryption Standard (DES). IDEA is a minor revision of an earlier cipher, the Proposed Encryption Standard (PES).

In cryptography, RC4 is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

In cryptography, an S-box (substitution-box) is a basic component of symmetric key algorithms which performs substitution. In block ciphers, they are typically used to obscure the relationship between the key and the ciphertext, thus ensuring Shannon's property of confusion. Mathematically, an S-box is a nonlinear vectorial Boolean function.

<span class="mw-page-title-main">Eli Biham</span> Israeli cryptographer and cryptanalyst (born 1960)

Eli Biham is an Israeli cryptographer and cryptanalyst who is a professor at the Technion - Israel Institute of Technology Computer Science department. From 2008 to 2013, Biham was the dean of the Technion Computer Science department, after serving for two years as chief of CS graduate school. Biham invented (publicly) differential cryptanalysis, for which he received his Ph.D., while working under Adi Shamir. It had been invented before by a team at IBM during their Data Encryption Standard work; the National Security Agency told IBM to keep the discovery secret.

<span class="mw-page-title-main">GOST (block cipher)</span> Soviet/Russian national standard block cipher

The GOST block cipher (Magma), defined in the standard GOST 28147-89, is a Soviet and Russian government standard symmetric key block cipher with a block size of 64 bits. The original standard, published in 1989, did not give the cipher any name, but the most recent revision of the standard, GOST R 34.12-2015, specifies that it may be referred to as Magma. The GOST hash function is based on this cipher. The new standard also specifies a new 128-bit block cipher called Kuznyechik.

<span class="mw-page-title-main">XTEA</span> Block cipher

In cryptography, XTEA is a block cipher designed to correct weaknesses in TEA. The cipher's designers were David Wheeler and Roger Needham of the Cambridge Computer Laboratory, and the algorithm was presented in an unpublished technical report in 1997. It is not subject to any patents.

In cryptography, the eXtended Sparse Linearization (XSL) attack is a method of cryptanalysis for block ciphers. The attack was first published in 2002 by researchers Nicolas Courtois and Josef Pieprzyk. It has caused some controversy as it was claimed to have the potential to break the Advanced Encryption Standard (AES) cipher, also known as Rijndael, faster than an exhaustive search. Since AES is already widely used in commerce and government for the transmission of secret information, finding a technique that can shorten the amount of time it takes to retrieve the secret message without having the key could have wide implications.

Bart Preneel is a Belgian cryptographer and cryptanalyst. He is a professor at Katholieke Universiteit Leuven, in the COSIC group.

<span class="mw-page-title-main">Serge Vaudenay</span> French cryptographer (born 1968)

Serge Vaudenay is a French cryptographer and professor, director of the Communications Systems Section at the École Polytechnique Fédérale de Lausanne

Introduced by Martin Hellman and Susan K. Langford in 1994, the differential-linear attack is a mix of both linear cryptanalysis and differential cryptanalysis.

In cryptography, DECIM is a stream cypher algorithm designed by Come Berbain, Olivier Billet, Anne Canteaut, Nicolas Courtois, Blandine Debraize, Henri Gilbert, Louis Goubin, Aline Gouget, Louis Granboulan, Cédric Lauradoux, Marine Minier, Thomas Pornin and Hervé Sibert.

In cryptography, ARIA is a block cipher designed in 2003 by a large group of South Korean researchers. In 2004, the Korean Agency for Technology and Standards selected it as a standard cryptographic technique.

In cryptography, decorrelation theory is a system developed by Serge Vaudenay in 1998 for designing block ciphers to be provably secure against differential cryptanalysis, linear cryptanalysis, and even undiscovered cryptanalytic attacks meeting certain broad criteria. Ciphers designed using these principles include COCONUT98 and the AES candidate DFC, both of which have been shown to be vulnerable to some forms of cryptanalysis not covered by the theory.

In cryptography, rotational cryptanalysis is a generic cryptanalytic attack against algorithms that rely on three operations: modular addition, rotation and XOR — ARX for short. Algorithms relying on these operations are popular because they are relatively cheap in both hardware and software and run in constant time, making them safe from timing attacks in common implementations.

This article summarizes publicly known attacks against block ciphers and stream ciphers. Note that there are perhaps attacks that are not publicly known, and not all entries may be up to date.

In cryptography, the white-box model refers to an extreme attack scenario, in which an adversary has full unrestricted access to a cryptographic implementation, most commonly of a block cipher such as the Advanced Encryption Standard (AES). A variety of security goals may be posed, the most fundamental being "unbreakability", requiring that any (bounded) attacker should not be able to extract the secret key hardcoded in the implementation, while at the same time the implementation must be fully functional. In contrast, the black-box model only provides an oracle access to the analyzed cryptographic primitive. There is also a model in-between, the so-called gray-box model, which corresponds to additional information leakage from the implementation, more commonly referred to as side-channel leakage.

Prince is a block cipher targeting low latency, unrolled hardware implementations. It is based on the so-called FX construction. Its most notable feature is the alpha reflection: the decryption is the encryption with a related key which is very cheap to compute. Unlike most other "lightweight" ciphers, it has a small number of rounds and the layers constituting a round have low logic depth. As a result, fully unrolled implementation are able to reach much higher frequencies than AES or PRESENT. According to the authors, for the same time constraints and technologies, PRINCE uses 6–7 times less area than PRESENT-80 and 14–15 times less area than AES-128.

Dmitry Khovratovich is a Russian cryptographer, currently a Lead Cryptographer for the Dusk Network, researcher for the Ethereum Foundation, and member of the International Association for Cryptologic Research.

<span class="mw-page-title-main">Orr Dunkelman</span> Israeli cryptographer and cryptanalyst

Orr Dunkelman is an Israeli cryptographer and cryptanalyst, currently a professor at the University of Haifa Computer Science department. Dunkelman is a co-director of the Center for Cyber Law & Privacy at the University of Haifa and a co-founder of Privacy Israel, an Israeli NGO for promoting privacy in Israel.

In cryptography, a round or round function is a basic transformation that is repeated (iterated) multiple times inside the algorithm. Splitting a large algorithmic function into rounds simplifies both implementation and cryptanalysis.

References

  1. "Anne Canteaut". ENSTA Paris. Retrieved 2020-10-14.
  2. Anne Canteaut at the Mathematics Genealogy Project
  3. "Inria Evaluation Committee". Inria . 18 October 2022. Retrieved 2022-12-26.
  4. Knudsen, Lars R. (21 December 2020). "Fast Software Encryption (FSE)". Inria . Retrieved 2022-12-26.
  5. Wu, Hongjun; Preneel, Bart (2006). "Cryptanalysis of the Stream Cipher DECIM". In Robshaw, Matthew J. B. (ed.). Fast Software Encryption, 13th International Workshop, FSE 2006, Graz, Austria, March 15-17, 2006, Revised Selected Papers. Lecture Notes in Computer Science. Vol. 4047. Springer. pp. 30–40. CiteSeerX   10.1.1.59.9346 . doi: 10.1007/11799313_3 .
  6. Salehani, Yaser Esmaeili; Kircanski, Aleksandar; Youssef, Amr M. (2011). "Differential Fault Analysis of Sosemanuk". In Nitaj, Abderrahmane; Pointcheval, David (eds.). Progress in Cryptology - AFRICACRYPT 2011 - 4th International Conference on Cryptology in Africa, Dakar, Senegal, July 5-7, 2011. Proceedings. Lecture Notes in Computer Science. Vol. 6737. Springer. pp. 316–331. doi:10.1007/978-3-642-21969-6_20.
  7. Detrey, Jérémie; Gaudry, Pierrick; Khalfallah, Karim (2010). "A Low-Area Yet Performant FPGA Implementation of Shabal". In Biryukov, Alex; Gong, Guang; Stinson, Douglas R. (eds.). Selected Areas in Cryptography - 17th International Workshop, SAC 2010, Waterloo, Ontario, Canada, August 12-13, 2010, Revised Selected Papers. Lecture Notes in Computer Science. Vol. 6544. Springer. pp. 99–113. doi: 10.1007/978-3-642-19574-7_7 .
  8. Soleimany, Hadi; Blondeau, Céline; Yu, Xiaoli; Wu, Wenling; Nyberg, Kaisa; Zhang, Huiling; Zhang, Lei; Wang, Yanfeng (2015). "Reflection Cryptanalysis of PRINCE-Like Ciphers". J. Cryptol. 28 (3): 718–744. doi: 10.1007/s00145-013-9175-4 . S2CID   253639057.
  9. "Décret du 13 juillet 2019 portant promotion et nomination". Government of France. 13 July 2019.
  10. "Anne CANTEAUT 2024 IACR Fellow". IACR.