Started – Ends after:

The ongoing developments of quantum computer by IBM, the quantum supremacy achieved by Google, the existence of quantum algorithm for factorization, and various other efforts in direction of realizing large-scale quantum computation resources collectively indicate an upcoming quantum threat for the state-of-art public key cryptography. Since around a decade various cryptographic primitives have been proposed to address this issue. This domain of post-quantum cryptography has now became one of the most crucial and attractive research areas in cryptography. This workshop aims to offer a platform to the participants looking forward for introduction and recent developments in post-quantum cryptography.

This workshop is supported by ‘Research exploratory project’ at IRT SystemX and organized as a part of a collaborative project with the University of Luxembourg and Telecom Sud Paris.

Workshop Speakers

Mélissa Rossi

French cybersecurity agency (ANSSI), France.

Romain Alleaume

Telecom Paris / Institut Polytechnique de Paris

Federico Pintore

University of Oxford, UK

Jean-Christophe Deneunille

Ecole Nationale de l’Aviation Civile (ENAC), France

Vishal Saraswat

BOSCH, India

Veronika Kuchta

Monash University, Australia

Bhaskar Biswas

IIIT Kalyani, India

Workshop Agenda

Tuesday, 3rd

  • Welcome to the first day of workshop

  • Veronika Kuchta – Lattice-Based Zero-Knowledge Proof

  • Mélissa Rossi – Assessing residual security of lattice-based cryptography

  • Mélissa Rossi – Assessing residual security of lattice-based cryptography

  • Romain Alleaume – Quantum and Post-Quantum Cryptography Complementarity

  • Bhaskar Biswas – Code-based Crypto and HyMES

  • Jean-Christophe Deneunille – Code-based cryptography is being ready for post-quantum PKE standardization

Wednesday, 4th

  • Welcome to the second day of workshop

  • Federico Pintore – a practical and provable secure isogeny-based signature

  • Vishal Saraswat – Hash-Based Signatures

  • Conclusion of the workshop

Talks Abstract

Title of talk: Lattice-Based Zero-Knowledge Proof

Speaker: Veronika Kuchta, Monash University, Australia.

Abstract: Zero-Knowledge proof is a significant tool in modern cryptography. It has the paradoxical property of proving knowledge of a secret without revealing the secret. Zero-Knowledge proofs find useful applications in blockchain and many cryptographic constructions. In this talk the main challenges of lattice-based zero-knowledge proofs and their latest developments will be discussed.

Title of talk: Assessing residual security of lattice-based cryptography

Speaker: Mélissa Rossi, ENS Paris, France

Abstract: This talk will present a framework for cryptanalysis of lattice-based schemes, when side information —in the form of « hints »— about the secret is available. This presentation outlines a joint work with Dana Dachman-Soled, Léo Ducas and Huijing Gong that was presented in CRYPTO 2020 (

This framework generalizes the primal lattice reduction attack, and allows the progressive integration of hints before running a final lattice reduction step. The techniques for integrating hints include sparsifying the lattice, projecting onto and intersecting with hyperplanes, and/or altering the distribution of the secret vector. The main contribution is to propose a toolbox and a methodology to integrate such hints into lattice reduction attacks and to predict the performance of those lattice attacks with side information.

While initially designed for side-channel information, this framework can also be used in other cases. For example, one can simply exploit constraints imposed by certain schemes (LAC, Round5, NTRU). Besides, I will present a way to use this framework combined with decryption failures information using a joint work with Jan-Pieter D’Anvers and Fernando Virdia presented in EUROCRYPT 2020 (

Title of talk: Quantum and Post-Quantum Cryptography Complementarity

Speaker: Romain Alleaume Télécom Paris, France

Abstract: Quantum cryptography (QC) provides a practical way – based on physics – to solve the key establishment problem with information-theoretic security against a quantum attacker. We will present an overview of the recent progress related to the deployment of quantum cryptography to secure real-world networks and point at some challenges. We will then address the question of the relative positioning of QC and PQC. While often presented in competition, we will illustrate the benefits of combining physics and complexity-based approaches to strengthen information security.

Title of talk: Code-based Crypto and HyMES

Speaker: Bhaskar Biswas, IIIT Kalyani, India – ‘title of talk’

Abstract: Design and performance of code-based schemes with emphasis on Hybrid McEliece Encryption Scheme.

Title of talk: Code-based cryptography is being ready for post-quantum PKE standardization

Speaker: Jean-Christophe Deneunille, CEA, France

Abstract: Three years ago, the National Institute for Standards and Technologies (NIST) initiated a process to standardize quantum safe cryptographic primitives: public-key encryption, key-exchange and digital signature schemes. With almost 25% of round 2 submissions, code-based cryptography stands as a major candidate for post-quantum cryptography.

In this talk, I will introduce the fundamentals of code-based cryptography, present historical constructions that have inspired recent designs, and provide elements to understand why code-based cryptography stands as a mature possible replacement for encryption.

Earlier this summer, the competition has entered its third round, with one code-based finalist and two alternate candidates. I will give an overview of these schemes — with emphasis over HQC, and discuss their respective advantages and drawbacks regarding several use cases.

Finally, I will conclude the talk with challenges and open questions code-based cryptography faces.

Title of talk: Lossy CSI-FiSh: a practical and provable secure isogeny-based signature

Speaker: Federico Pintore, University of Oxford, UK

Abstract: In the last decades, elliptic curves have been a precious ally for cryptographers in the construction of secure public-key cryptosystems. Even so, with the possibility of obtaining quantum computers that could implement Shor’s quantum algorithm becoming more concrete in recent years, this happy marriage seemed to have come to an end. However, elliptic curves have been recently brought to the attention of cryptographers once again, this time to construct schemes supposed to be secure even against quantum adversaries. These schemes use isogenies (special maps) between elliptic curves, which turned out to be rather elusive for the construction of signature schemes. As a consequence, the first practical isogeny-based digital signature scheme, CSI-FiSh, was proposed only last year. In this talk I will present Lossy CSI-FiSh, a variant of CSI-FiSh with a stronger security proof and almost the same efficiency as CSI-FiSh. This new scheme was designed together with the Oxford Mathematics colleague Ali El Kaafarani and Dr. Shuichi Katsumata (AIST, JP).

Title of talk: Hash-Based Signatures

Speaker: Vishal Saraswat, BOSCH, India

Abstract: Hash-based signatures are important cryptographic primitives whose security is exclusively based on the underlying cryptographic hash functions, and nothing else. These signatures are among the most attractive constructions of the recent time as they are conjectured to be quantum secure. The basic idea of construction of a hash-based signature is combining one-time signatures like Lamport-Diffie, Winternitz, WOTS+, or few-time signatures like HORST with a Merkle tree-of-trees structure. The recent developments in hash-based signatures are devising stateful and stateless signatures which are realized placing many ‘one-time’ signatures or ‘few-time’ signatures respectively at the bottom of the tree. This talk introduces the basic frameworks and approaches of hash-based signatures.


kalpana Singh

Senior Researcher
IRT SystemX

Rajeev Anand Sahu

Post-Doctoral Researcher
Université du Luxembourg

Joaquin Garcia-Alfaro

Institut Polytechnique de Paris

Reda Yaich

Cybersecurity Team Leader
IRT SystemX