This talk will be more of a discussion on some open problems we have seen so far. It should be independent of the previous talks. We will focus on a few of the problems on class groups and isogenies referred to in the Altug-Chen paper discussed on 2/22/19. The preprint is available here: https://eprint.iacr.org/2018/926 and notes from the previous talk can be found here: https://www.math.uci.edu/~schollt/multilinear_map_seminar/scholl-02-22-1.... The problems we will focus on are finding an elliptic curve with a specified endomorphism ring, and finding l-isogenies over composite rings.
Cryptographic applications of multilinear maps beyond bilinear pairings were first proposed in the work of Boneh and Silverberg. However the existence of cryptographically interesting $n$-multilinear maps for $n > 2$ remains an open problem. Very recently Lin and Tessaro showed that trilinear maps are sufficient for the purpose of achieving indistinguishability obfuscation. This striking result put spotlight on the following question: can a cryptographically interesting algebraic trilinear map be constructed? In this talk we discuss a method for constructing such a trilinear map, and present concrete candidate trilinear maps which involve Weil descent and the Jacobian varieties of hyperelliptic curves. A preprint is available here: https://arxiv.org/abs/1810.03646.
A group where finding inverses is hard can be used for many cryptographic constructions. In this talk we will discuss a candidate construction by Salim Ali Altug and Yilei Chen of a group where finding inverses is supposed to be difficult, see https://eprint.iacr.org/2018/926. Their construction works by representing the class group of a quadratic imaginary field as an isogeny graph of an elliptic curve over the ring Z/NZ where N is a product of two primes. After going over the basic constructions, we will discuss some open problems relating to the security of the construction.
The McEliece cryptosystem is the first code-based public key cryptosystem proposed by Robert McEliece in 1978 a few years after the appearance of RSA. The original McEliece cryptosystem uses binary Goppa codes which are a subclass of Algebraic Geometric Codes and it is still unbroken under quantum attack. In this talk, we introduce basic facts about coding theory and discuss various code-based public key cryptosystems including our new cryptosystem McNie, which is a combination of the McEliece cryptosystem and the Niederreiter cryptosystem.
In this talk, we will summarize a candidate multilinear map construction due to Gentry-Gorbunov-Halevi (GGH15). While the original key exchange protocol using GGH15 is broken, new safeguards have recently been proposed which aim to prevent this and other ``zeroizing'' attacks. Our goal will be to understand the construction, attack, and proposed safeguards.
In this talk we will introduce the Weil pairing on an elliptic curve and give several cryptographic applications. We will review the argument of Boneh and Silverberg which suggests that this kind of pairing does not exist naturally on higher dimensional varieties. We will also look at some constructions of pairing-friendly elliptic curves.