• Programme
• Writing talks and theses
• Theses topics
• Teaching
  • Winter 2017
  • Summer 2017
  • IPEC Winter 2017
  • Winter 2016/2017
  • IPEC Summer 2016
  • Summer 2016
  • IPEC Winter 2016
  • Winter 2015/2016
  • IPEC Summer 2015
  • Summer 2015
  • IPEC Winter 2015
  • Winter 2014/2015
  • IPEC Summer 2014
  • Summer 2014
  • IPEC Winter 2014
  • Winter 2013/2014
  • IPEC Summer 2013
  • Summer 2013
  • IPEC Winter 2013
  • Winter 2012/2013
  • IPEC Summer 2012
  • Summer 2012
  • IPEC Winter 2012
  • Winter 2011/2012
  • IPEC Summer 2011
  • Summer 2011
  • IPEC Winter 2011
  • Winter 2010/2011
  • IPEC Summer 2010
  • Summer 2010
  • IPEC Winter 2010
  • Winter 2009/2010
  • IPEC Summer 2009
  • Summer 2009
  • IPEC Winter 2009
  • Winter 2008/2009
  • IPEC Summer 2008
  • Summer 2008
  • IPEC Winter 2008
  • Winter 2007/2008
  • IPEC Summer 2007
  • Summer 2007
  • IPEC Winter 2007
  • Winter 2006/2007
  • IPEC Summer 2006
  • Summer 2006
  • Cryptography II
  • Seminar Digital Rights Management
  • Oberseminar Computer Security, Summer 2006
  • Security on the Internet
  • IPEC Winter 2006
  • Winter 2005/2006
• Special events
• crypt@b-it
• Schüler-Krypto

Lattice Based Cryptography (the GGH scheme)

Laila El Aimani ( Cosec (B-it) ):

Tuesday 09 May 2006, 15.00 sharp (s.t.), b-it 1.25 (cosec meeting room)

Contents

The GGH cryptosystem [GGH97] is the analogous, in lattices, of the McEliece system, based on error correcting codes. It is probably the most intuitive method for using lattices to devise a public key cryptosystem. The idea underlying the construction is that, given any basis for a lattice, it is easy to generate a vector which is close to a lattice point (by adding a small perturbation to the lattice point), whereas, it seems to be hard to recover, from this close vector, the original lattice point (given an arbitrary lattice basis).
The authors of the system have conjectured that their cryptosystem was secure for at least dimensions higher than 300. However, A paper by Nguyen [Ng99] exibited a weakness of the scheme whose consequences were devastating: There was a leakage of information about the plain text, which will simplify the process of decoding.
In this talk, we will present the GGH cryptosystem as well as the mentioned attack and finally conclude with recommendations to improve the scheme.
keywords: lattice algorithmic problems, lattice based cryptography, public key cryptography.