Nicolas Courtois

Last updated
Nicolas Tadeusz Courtois
Born (1971-11-14) November 14, 1971 (age 53)
Citizenship French
Alma mater University of Paris VI: Pierre et Marie Curie [1]
Known for Cryptography, security
Scientific career
Fields Computer science
Institutions University College London

Nicolas Tadeusz Courtois (born 14 November 1971) is a cryptographer. He was formerly senior lecturer in computer science at University College London. [2]

Courtois was one of the co-authors of both the XSL attack against block ciphers, such as the Advanced Encryption Standard, [3] [4] and the XL system for solving systems of algebraic equations [5] used in the attack. Other cryptographic results of Courtois include algebraic attacks on stream ciphers, [6] attacks on the KeeLoq and Hitag 2 systems used for remote keyless automobile entry systems, [7] and an analysis of cryptographic weaknesses in public transit smart cards including the London Underground Oyster card [8] and the Dutch OV-chipkaart. [7] [9] More recently, he has written about cryptocurrency. [10]

Courtois graduated from University of Paris VI: Pierre et Marie Curie, where he received his doctoral degree in cryptography. [1]

Related Research Articles

<span class="mw-page-title-main">International Data Encryption Algorithm</span> Symmetric-key block cipher

In cryptography, the International Data Encryption Algorithm (IDEA), originally called Improved Proposed Encryption Standard (IPES), is a symmetric-key block cipher designed by James Massey of ETH Zurich and Xuejia Lai and was first described in 1991. The algorithm was intended as a replacement for the Data Encryption Standard (DES). IDEA is a minor revision of an earlier cipher, the Proposed Encryption Standard (PES).

In cryptography, RC4 is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

In cryptography, Skipjack is a block cipher—an algorithm for encryption—developed by the U.S. National Security Agency (NSA). Initially classified, it was originally intended for use in the controversial Clipper chip. Subsequently, the algorithm was declassified.

<span class="mw-page-title-main">GOST (block cipher)</span> Soviet/Russian national standard block cipher

The GOST block cipher (Magma), defined in the standard GOST 28147-89, is a Soviet and Russian government standard symmetric key block cipher with a block size of 64 bits. The original standard, published in 1989, did not give the cipher any name, but the most recent revision of the standard, GOST R 34.12-2015, specifies that it may be referred to as Magma. The GOST hash function is based on this cipher. The new standard also specifies a new 128-bit block cipher called Kuznyechik.

In cryptography, Camellia is a symmetric key block cipher with a block size of 128 bits and key sizes of 128, 192 and 256 bits. It was jointly developed by Mitsubishi Electric and NTT of Japan. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. The cipher has security levels and processing abilities comparable to the Advanced Encryption Standard.

<span class="mw-page-title-main">DES-X</span> Block cipher

In cryptography, DES-X is a variant on the DES symmetric-key block cipher intended to increase the complexity of a brute-force attack. The technique used to increase the complexity is called key whitening.

In cryptography, the eXtended Sparse Linearization (XSL) attack is a method of cryptanalysis for block ciphers. The attack was first published in 2002 by researchers Nicolas Courtois and Josef Pieprzyk. It has caused some controversy as it was claimed to have the potential to break the Advanced Encryption Standard (AES) cipher, also known as Rijndael, faster than an exhaustive search. Since AES is already widely used in commerce and government for the transmission of secret information, finding a technique that can shorten the amount of time it takes to retrieve the secret message without having the key could have wide implications.

Provable security refers to any type or level of computer security that can be proved. It is used in different ways by different fields.

Bart Preneel is a Belgian cryptographer and cryptanalyst. He is a professor at Katholieke Universiteit Leuven, in the COSIC group.

Kleptography is the study of stealing information securely and subliminally. The term was introduced by Adam Young and Moti Yung in the Proceedings of Advances in Cryptology – Crypto '96. Kleptography is a subfield of cryptovirology and is a natural extension of the theory of subliminal channels that was pioneered by Gus Simmons while at Sandia National Laboratory. A kleptographic backdoor is synonymously referred to as an asymmetric backdoor. Kleptography encompasses secure and covert communications through cryptosystems and cryptographic protocols. This is reminiscent of, but not the same as steganography that studies covert communications through graphics, video, digital audio data, and so forth.

<span class="mw-page-title-main">Serge Vaudenay</span> French cryptographer (born 1968)

Serge Vaudenay is a French cryptographer and professor, director of the Communications Systems Section at the École Polytechnique Fédérale de Lausanne

A deterministic encryption scheme is a cryptosystem which always produces the same ciphertext for a given plaintext and key, even over separate executions of the encryption algorithm. Examples of deterministic encryption algorithms include RSA cryptosystem, and many block ciphers when used in ECB mode or with a constant initialization vector.

In cryptography, SFINKS is a stream cypher algorithm developed by An Braeken, Joseph Lano, Nele Mentens, Bart Preneel, and Ingrid Verbauwhede. It includes a message authentication code. It has been submitted to the eSTREAM Project of the eCRYPT network. In 2005, Nicolas T. Courtois noted that, while the cipher is elegant and secure against some simple algebraic attacks, it is vulnerable to more elaborate known attacks.

Multivariate cryptography is the generic term for asymmetric cryptographic primitives based on multivariate polynomials over a finite field . In certain cases, those polynomials could be defined over both a ground and an extension field. If the polynomials have degree two, we talk about multivariate quadratics. Solving systems of multivariate polynomial equations is proven to be NP-complete. That's why those schemes are often considered to be good candidates for post-quantum cryptography. Multivariate cryptography has been very productive in terms of design and cryptanalysis. Overall, the situation is now more stable and the strongest schemes have withstood the test of time. It is commonly admitted that Multivariate cryptography turned out to be more successful as an approach to build signature schemes primarily because multivariate schemes provide the shortest signature among post-quantum algorithms.

<span class="mw-page-title-main">Crypto-1</span> Stream cipher

Crypto1 is a proprietary encryption algorithm and authentication protocol created by NXP Semiconductors for its MIFARE Classic RFID contactless smart cards launched in 1994. Such cards have been used in many notable systems, including Oyster card, CharlieCard and OV-chipkaart.

This article summarizes publicly known attacks against block ciphers and stream ciphers. Note that there are perhaps attacks that are not publicly known, and not all entries may be up to date.

PRESENT is a lightweight block cipher, developed by the Orange Labs (France), Ruhr University Bochum (Germany) and the Technical University of Denmark in 2007. PRESENT was designed by Andrey Bogdanov, Lars R. Knudsen, Gregor Leander, Christof Paar, Axel Poschmann, Matthew J. B. Robshaw, Yannick Seurin, and C. Vikkelsoe. The algorithm is notable for its compact size.

In cryptography, the white-box model refers to an extreme attack scenario, in which an adversary has full unrestricted access to a cryptographic implementation, most commonly of a block cipher such as the Advanced Encryption Standard (AES). A variety of security goals may be posed, the most fundamental being "unbreakability", requiring that any (bounded) attacker should not be able to extract the secret key hardcoded in the implementation, while at the same time the implementation must be fully functional. In contrast, the black-box model only provides an oracle access to the analyzed cryptographic primitive. There is also a model in-between, the so-called gray-box model, which corresponds to additional information leakage from the implementation, more commonly referred to as side-channel leakage.

<span class="mw-page-title-main">Orr Dunkelman</span> Israeli cryptographer and cryptanalyst

Orr Dunkelman is an Israeli cryptographer and cryptanalyst, currently a professor at the University of Haifa Computer Science department. Dunkelman is a co-director of the Center for Cyber Law & Privacy at the University of Haifa and a co-founder of Privacy Israel, an Israeli NGO for promoting privacy in Israel.

In cryptography, a round or round function is a basic transformation that is repeated (iterated) multiple times inside the algorithm. Splitting a large algorithmic function into rounds simplifies both implementation and cryptanalysis.

References

  1. 1 2 Nicolas T. Courtois at the Mathematics Genealogy Project
  2. "Staff profile". UCL. Retrieved 2 June 2014.
  3. Courtois, Nicolas T.; Pieprzyk, Josef (2002), "Cryptanalysis of block ciphers with overdefined systems of equations", Advances in Cryptology – AsiaCrypt 2002, Lecture Notes in Computer Science, vol. 2501, Springer-Verlag, pp. 267–287, doi: 10.1007/3-540-36178-2_17 , ISBN   978-3-540-00171-3 .
  4. Greene, Thomas C. (September 16, 2002), New AES crypto standard broken already? Depends who you ask, The Register .
  5. Courtois, Nicolas; Klimov, Alexander; Patarin, Jacques; Shamir, Adi (2000), "Efficient algorithms for solving overdefined systems of multivariate polynomial equations", Advances in Cryptology – EuroCrypt 2000, Lecture Notes in Computer Science, vol. 1807, Springer-Verlag, pp. 392–407, doi: 10.1007/3-540-45539-6_27 , ISBN   978-3-540-67517-4 .
  6. Courtois, Nicolas T. (2003), "Fast algebraic attacks on stream ciphers with linear feedback", Advances in Cryptology – Crypto 2003, Lecture Notes in Computer Science, vol. 2729, Springer-Verlag, pp. 176–194, doi: 10.1007/978-3-540-45146-4_11 , ISBN   978-3-540-40674-7 .
  7. 1 2 Blincoe, Robert (July 28, 2008), Oyster cracker vows to clone cards: Cloning kit could sell for just £200, says researcher, v3.co.uk.
  8. Charlesworth, Andrew (June 23, 2008), Researchers crack Oyster card security, v3.co.uk.
  9. de Winter, Brenno (April 18, 2008), "Weer nieuwe kraak chip OV-chipkaart", WebWereld (in Dutch).
  10. "Emerging Technology From the arXiv". MIT Technology Review. 17 May 2014. Retrieved 2 June 2014. On The Longest Chain Rule and Programmed Self-Destruction of Crypto Currencies