# A Discussion on Some Open Problems

Travis Scholl

## Institution:

University of California, Irvine

## Time:

Friday, March 15, 2019 - 11:00am to 11:50am

## Location:

PSCB 220

This talk will be more of a discussion on some open problems we have seen so far. It should be independent of the previous talks. We will focus on a few of the problems on class groups and isogenies referred to in the Altug-Chen paper discussed on 2/22/19. The preprint is available here: https://eprint.iacr.org/2018/926 and notes from the previous talk can be found here: https://www.math.uci.edu/~schollt/multilinear_map_seminar/scholl-02-22-1.... The problems we will focus on are finding an elliptic curve with a specified endomorphism ring, and finding l-isogenies over composite rings.

# A Candidate Trilinear Cryptographic Map Part 2

Ming-Deh Huang

## Institution:

University of Southern California

## Time:

Friday, March 8, 2019 - 12:00pm to 12:50pm

## Location:

RH 306

This talk will be a continuation of the previous talk. A preprint is available here: https://arxiv.org/abs/1810.03646.

# Trilinear maps for cryptography Part 1

Ming-Deh Huang

## Institution:

University of Southern California

## Time:

Friday, March 8, 2019 - 11:00am to 11:50am

## Location:

RH 306

Cryptographic applications of multilinear maps beyond bilinear pairings were first proposed in the work of Boneh and Silverberg. However the existence of cryptographically interesting $n$-multilinear maps for $n > 2$ remains an open problem. Very recently Lin and Tessaro showed that trilinear maps are sufficient for the purpose of achieving indistinguishability obfuscation. This striking result put spotlight on the following question: can a cryptographically interesting algebraic trilinear map be constructed? In this talk we discuss a method for constructing such a trilinear map, and present concrete candidate trilinear maps which involve Weil descent and the Jacobian varieties of hyperelliptic curves. A preprint is available here: https://arxiv.org/abs/1810.03646.

# Altug-Chen Candidate Group with Infeasible Inversion

Travis Scholl

## Institution:

University of California, Irvine

## Time:

Friday, February 22, 2019 - 11:00am to 11:50am

## Location:

PSCB 220

A group where finding inverses is hard can be used for many cryptographic constructions. In this talk we will discuss a candidate construction by Salim Ali Altug and Yilei Chen of a group where finding inverses is supposed to be difficult, see https://eprint.iacr.org/2018/926. Their construction works by representing the class group of a quadratic imaginary field as an isogeny graph of an elliptic curve over the ring Z/NZ where N is a product of two primes. After going over the basic constructions, we will discuss some open problems relating to the security of the construction.

# Quantum resistant code-based cryptosystems: the McEliece cryptosystem and its variants

Jon-Lark Kim

## Institution:

Sogang University, Korea

## Time:

Friday, March 1, 2019 - 11:00am to 11:50am

## Location:

PSCB 220

The McEliece cryptosystem is the first code-based public key cryptosystem proposed by Robert McEliece in 1978 a few years after the appearance of RSA. The original McEliece cryptosystem uses binary Goppa codes which are a subclass of Algebraic Geometric Codes and it is still unbroken under quantum attack. In this talk, we introduce basic facts about coding theory and discuss various code-based public key cryptosystems including our new cryptosystem McNie, which is a combination of the McEliece cryptosystem and the Niederreiter cryptosystem.

# Gentry-Gorbunov-Halevi Multilinear Map Scheme Part 2

Shahed Sharif

## Institution:

California State University San Marcos

## Time:

Friday, February 8, 2019 - 11:00am to 11:50am

## Location:

PSCB 220

A continuation of the previous talk on the Gentry-Gorbunov-Halevi multilinear map.

# Gentry-Gorbunov-Halevi Multilinear Map Scheme Part 1

Travis Scholl

## Institution:

University of California, Irvine

## Time:

Friday, February 1, 2019 - 11:00am to 11:50am

## Location:

RH 440R

In this talk, we will summarize a candidate multilinear map construction due to Gentry-Gorbunov-Halevi (GGH15). While the original key exchange protocol using GGH15 is broken, new safeguards have recently been proposed which aim to prevent this and other zeroizing'' attacks. Our goal will be to understand the construction, attack, and proposed safeguards.

# Garg-Gentry-Halevi Multilinear Map Schemes Part 2

Shahed Sharif

## Institution:

California State University San Marcos

## Time:

Friday, January 25, 2019 - 11:00am to 12:00pm

## Location:

RH 440R

A continuation of the previous talk on the Garg-Gentry-Halevi multilinear map. We finish our description of the scheme, and describe some attacks on it.

# Cryptographic Applications of the Weil Pairing

Travis Scholl

## Institution:

University of California, Irvine

## Time:

Friday, January 11, 2019 - 11:00am to 12:00pm

## Location:

RH 440R

In this talk we will introduce the Weil pairing on an elliptic curve and give several cryptographic applications. We will review the argument of Boneh and Silverberg which suggests that this kind of pairing does not exist naturally on higher dimensional varieties. We will also look at some constructions of pairing-friendly elliptic curves.