The design of secure cryptosystem with algebraic methods

Luogo: Dipartimento di Matematica, via Sommarive, 14 - Povo (TN) - Aula Seminari

Ore 9:00

Relatore:

• Massimiliano Sala (Università di Trento)

Abstract:

After a brief overview of my past and current research, I have chosen to present two specific research subjects that I wish to pursue further with my group.
Both relates to the algebraic study of block cipher. A block cipher is a cryptosystem defined by an algorithmic correspondence between a set of parameters, called "keys", and a set of permutations, called the "encryption functions", acting on a vector space, called the "message space". Once two peers have agreed (in secret) on a key, they will use the corresponding encryption function, as follows. When one peer needs to send some information, she will consider some vectors in the message space that convey her information,
called "plaintext", and then she will apply the encryption function to the plaintext obtaining the same number of vectors, called the "ciphertext", which will be sent in the open.
The other peer will use the inverse of the encryption function on his received ciphertext to obtain back the plaintext.
The security of this encryption scheme lies in the aforementioned correspondence between the key set and the encryption functions. Granted that the attacker will know this correspondence in details, including the key space, and that she will intercept a huge amount of plaintext-ciphertext pairs, all encrypted with the same key, she should not be able to understand the key.
This is possible only if the encryption functions are not constrained in a small subgroup of the symmetric group and, ideally, are distributed randomly in the whole symmetric group. So the first research subject I'll discuss relates to the way a block cipher is designed in order to spread out its encryption functions as much as possible. This line of research has involved several collaborators and relies heavily on group theory methods, in particular the classification of maximal subgoups contained in the celebrated O'Nan-Scott theorem.
An essential point in designing a block cipher is to determine the right conditions to impose on its nonlinear components, called SBOXES. The study of SBOXES is the study of (bijective) vectorial Boolean functions enjoying high nonlinearity. While ideal conditions come directly from our theorems, it is unknown whether such conditions can be met for real-life values.
Thus, the second line of research that I'll present is the study of (vectorial) Boolean functions that maximise resistance to known attacks. Again, several collaborators have been involved, and we have followed both a computational approach, based mainly on multivariate polynomials, and a theoretical approach, based on finite field theory and some methods specific for Boolean functions.