Fabien Laguillaumie

International Journals

I want to ride my BICYCL: BICYCL Implements CryptographY in CLass groups. C. Bouvier, G. Castagnos, L. Imbert and F. Laguillaumie. J Cryptol 36, 17 (2023) [pdf]
Bandwidth-efficient threshold EC-DSA revisited: Online/Offline Extensions, Identifiable Aborts, Proactivity and Adaptive Security. D. Catalano, G. Castagnos, F. Laguillaumie, F. Savasta and I. Tucker. Theoretical Computer Science, 939, 78-104 (2023) [pdf]
A Tighter Proof for CCA Secure Inner Product Functional Encryption: Genericity Meets Efficiency. G. Castagnos, F. Laguillaumie and I. Tucker. Theoretical Computer Science, 914, 84-113 (2022) [pdf]
Privately Outsourcing Exponentiation to a Single Server: Cryptanalysis and Optimal Constructions. C. Chevalier, F. Laguillaumie and D. Vergnaud. Algorithmica 83, 72–115 (2021) [pdf]
Attribute-Based Encryption Schemes with Constant-Size Ciphertexts. N. Attrapadung, J. Herranz, F. Laguillaumie, B. Libert, E. de Panafieu, C. Ràfols. Theoretical Computer Science, 422, 15-38 (2012) [pdf]
Improving the Security of an Efficient Unidirectional Proxy Re-Encryption Scheme. S. Canard, J. Devigne, F. Laguillaumie. Journal of Internet Services and Information Security, Volume 1, Issue 2/3, 140-160 (2011) [pdf]
Relations between Semantic Security and Anonymity in Identity Based Encryption. J. Herranz, F. Laguillaumie, C. Ràfols. Information Processing Letters, Volume 111, Issue 10, 453-460 (2011) [pdf]
A New Efficient Threshold Ring Signature Scheme based on Coding Theory. C. Aguilar Melchor, P.-L. Cayrel, P. Gaborit, F. Laguillaumie. IEEE Transactions on Information Theory, Volume 57, Number 7, 4833-4842 (2011) [pdf]
Time-Selective Convertible Undeniable Signatures with Short Conversion Receipts. F. Laguillaumie, D. Vergnaud. Inf. Sci., 180(12), 2458-2475 (2010)
Multi-Designated Verifiers Signatures: Anonymity without Encryption. F. Laguillaumie, D. Vergnaud. Information Processing Letters, Volume 102, Issues 2-3, 127-132 (2007) [ps.gz]
Aggregate Designated Verifier Signatures and Application to Secure Routing. R. Bhaskar, J. Herranz and F. Laguillaumie. International Journal of Security and Networks, Special Issue on Cryptography in Networks, Vol. 1 (1/2/3) (2007)
Universal Forgery on Sekhar's Signature Scheme with Message Recovery. F. Laguillaumie, J. Traoré, D. Vergnaud. Taylor & Francis - International Journal of Computer Mathematics, Vol. 81 (12), 1493-1495 (2004) [ps.gz]

International Conferences

Threshold Linearly Homomorphic Encryption on $\mathbf{Z}/2^k\mathbf{Z}$. G. Castagnos, F. Laguillaumie and I. Tucker. Proc. of ASIACRYPT 2022, Part II, Springer LNCS Vol. 13792, 99-129 (2022) Copyright IACR [pdf]
Efficient CCA Timed Commitments in Class Groups. S.A.K. Thyagarajan, G. Castagnos, F. Laguillaumie and G. Malavolta. Proc. of ACM CCS 2021, ACM, 2663--2684 (2021) [pdf]
Blind Functional Encryption. S. Canard, A. Hamdi and F. Laguillaumie. Proc. of ICICS 2020, Springer LNCS Vol.12282, 183-201 (2020) Copyright Springer [pdf]
Bandwidth-efficient threshold EC-DSA. D. Catalano, G. Castagnos, F. Laguillaumie, F. Savasta and I. Tucker. Proc. of PKC 2020, Part II, Springer LNCS Vol. 12111, 266-296 (2020) Copyright IACR [pdf]
Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations. D. Catalano, G. Castagnos, F. Laguillaumie, F. Savasta and I. Tucker. Proc. of CRYPTO 2019, Part III, Springer LNCS Vol. 11694, 191-221 (2019) Copyright IACR [pdf]
Practical Fully Secure Unrestricted Inner Product Functional Encryption modulo $p$. G. Castagnos, F. Laguillaumie and I. Tucker. Proc. of ASIACRYPT 2018, Part II, Springer LNCS Vol. 11273, 1-32 (2018) Copyright IACR [pdf]
Encryption Switching Protocols Revisited: Switching modulo $p$. G. Castagnos, L. Imbert and F. Laguillaumie. Proc. of CRYPTO 2017, Part I, Springer LNCS Vol. 10401, 255-287 (2017) Copyright IACR [pdf]
Verifiable Message-Locked Encryption. S. Canard, F. Laguillaumie and M. Paindavoine. Proc. of CANS 2016, Springer LNCS Vol. 10052, 299-315 (2016)
Privately Outsourcing Exponentiation to a Single Server: Cryptanalysis and Optimal Constructions. C. Chevalier, F. Laguillaumie and D. Vergnaud. Proc. of ESORICS 2016, Part I. Springer LNCS Vol. 9878, 261-278 (2016) Copyright Springer [pdf]
Implementing Candidate Graded Encoding Schemes from Ideal Lattices. M. Albrecht, C. Cocis, F. Laguillaumie and A. Langlois. Proc. of ASIACRYPT 2015, Part II. Springer LNCS Vol.9453, 1-24 (2015) Copyright IACR [pdf]
Software implentation : [gghlite-flint]
Linearly Homomorphic Encryption from DDH. G. Castagnos and F. Laguillaumie. Proc. of CT-RSA 2015. Springer LNCS Vol.9048, 484-502 (2015) Copyright Springer [pdf]
Proxy Re-Encryption Scheme Supporting a Selection of Delegatees. J. Devigne, E. Guerrini and F. Laguillaumie. Proc. of Africacrypt 2014. Springer LNCS Vol. 8469, 13-30 (2014) Copyright Springer [pdf]
Lattice-Based Group Signatures with Logarithmic Signature Size. F. Laguillaumie, A. Langlois and B. Libert and D. Stehlé. Proc. of ASIACRYPT 2013. Springer LNCS Vol. 8270, 41-61 (2013) Copyright IACR [pdf]
Homomorphic Encryption for Multiplications and Pairing Evaluation. G. Castagnos and F. Laguillaumie. Proc. of SCN 2012. Springer LNCS Vol. 7485, 374-392 (2012) Copyright Springer [pdf]
Short Attribute-based Signatures for Threshold Predicates. J. Herranz, F. Laguillaumie, B. Libert and C. Ràfols. Proc. of CT-RSA 2012. Springer LNCS Vol. 7178, 51-67 (2012) Copyright Springer [pdf]
Plaintext-Checkable Encryption. S. Canard, G. Fuchsbauer, A. Gouget and F. Laguillaumie. Proc. of CT-RSA 2012. Springer LNCS Vol. 7178, 332-348 (2012) Copyright Springer [pdf]
A Variant of Miller's Formula and Algorithm. J. Boxall, N. El Mrabet, F. Laguillaumie, D.-P. Le. Proc. of Pairing 2010. Springer LNCS Vol. 6487, 417-434 (2010) Copyright Springer [pdf]
Constant Size Ciphertexts in Threshold Attribute-Based Encryption. J. Herranz, F. Laguillaumie, C. Ràfols. Proc. of PKC 2010. Springer LNCS Vol. 6056, 19-34 (2010) Copyright IACR [pdf]
Factoring $pq^2$ with Quadratic Forms: Nice Cryptanalyses. G. Castagnos, A. Joux, F. Laguillaumie, P. Nguyen. Proc. of ASIACRYPT 2009. Springer LNCS Vol. 5912, 469-486 (2009) Copyright Springer [pdf]
Fair E-cash: Be Compact, Spend Faster. S. Canard, C. Delerablée, E. Hufschmitt, A. Gouget, F. Laguillaumie, H. Sibert, J. Traoré, D. Vergnaud. Proc. of ISC'09. Springer LNCS Vol. 5735, 294-309 (2009) Copyright Springer [pdf]
On the Security of Cryptosystems with Quadratic Decryption: The Nicest Cryptanalysis. G. Castagnos, F. Laguillaumie. Proc. of EUROCRYPT 2009. Springer LNCS Vol. 5479, 260-277 (2009) Copyright IACR [pdf]
Trapdoor Sanitizable Signatures and their Application to Content Protection. S. Canard, F. Laguillaumie, M. Milhau. Proc. of ACNS'08. Springer LNCS Vol. 5037, 256-276 (2008) Copyright Springer [pdf]
On the Soundness of Restricted Universal Designated Signatures and Dedicated Signatures - How to prove the possession of an Elgamal/DSA signature. F. Laguillaumie, D. Vergnaud. Proc. of ISC'07. Springer LNCS Vol. 4779, 175-188 (2007) Copyright Springer [ps.gz]
Blind Ring Signatures Secure under the Chosen Target CDH Assumption. J. Herranz, F. Laguillaumie. Proc. of ISC'06. Springer LNCS Vol. 4176, 117-130 (2006) Copyright Springer [ps.gz]
Efficient Authentication for Reactive Routing Protocols. R. Bhaskar, J. Herranz, F. Laguillaumie. Proc. of AINA'06 (SNDS'06), Vol. II, IEEE Computer Society, 57-61 (2006) [ps.gz]
Universal Designated Verifier Signatures Without Random Oracles or Non Black Box Assumptions. F. Laguillaumie, B. Libert, J.-J. Quisquater. Proc. of SCN'06. Springer LNCS Vol. 4116, 63-77 (2006) Copyright Springer [ps.gz]
Short Undeniable Signatures Without Random Oracles: the Missing Link. F. Laguillaumie, D. Vergnaud. Proc. of Indocrypt'05. Springer LNCS Vol. 3797, 283-296 (2005). Copyright Springer [ps.gz]
Universally Convertible Directed Signatures. F. Laguillaumie, P. Paillier, D. Vergnaud. Proc. of ASIACRYPT 2005. Springer LNCS Vol. 3788, 682-701 (2005). Copyright IACR [ps.gz]
Time-Selective Convertible Undeniable Signatures. F. Laguillaumie, D. Vergnaud. Proc. of CT-RSA'05. Springer LNCS Vol. 3376, 154-171 (2005). Copyright Springer [ps.gz]
Designated Verifiers Signature: Anonymity and Efficient Construction from any Bilinear Map. F. Laguillaumie, D. Vergnaud. Proc. of SCN'04, Springer LNCS Vol. 3352, 107-121 (2005). Copyright Springer [ps.gz]
Multi-Designated Verifiers Signature Schemes. F. Laguillaumie, D. Vergnaud. Proc. of ICICS'04, Springer LNCS Vol. 3269, 495-507 (2004) Copyright Springer [ps.gz]
Extending the Boneh-Durfee-de Weger attack to RSA-like Cryptosystems. F. Laguillaumie, D. Vergnaud. Proc. of the 24 th Symposium on Information Theory in the Benelux, 45--52 (2003)

Book Chapter:

Chiffrement avancé à partir du problème Learning With Errors. F. Laguillaumie, A. Langlois and D. Stehlé. Chapitre de l'ouvrage "Informatique Mathématique, une photographie en 2014", Presses Universitaires de Perpignan (2014) [pdf]

Technical Reports:

Bilinear pairings on elliptic curves. J. Boxall, A. Enge, F. Laguillaumie. ANR PACE deliverable L1.1 (2009) [pdf]
Efficient and Provably Secure Designated Verifier Signature Schemes from Bilinear Maps. F. Laguillaumie, D. Vergnaud. Rapport de recherche LMNO n° 24 (2003)
Short Private Exponent Attacks on Fast Variants of RSA. M. Ciet, F. Koeune, F. Laguillaumie, J.-J. Quisquater : Technical Report CG-2002/4, UCL Crypto Group, Louvain-la-Neuve (2002)[pdf]

Talks:

27/06/22: Efficient CCA Timed Commitments in Class Groups. Séminaire Cascade, Paris
26/10/20 : Cryptography and Class Groups. Università degli Studi di Catania, Italia
14/11/19 : Threshold variant of the digital signature algorithm standard. AriC Seminar, Lyon
07/12/18 : 2-party Computation and Homomorphic Encryption. École Cyber in Occitanie, Montpellier
06/21/17 : Encryption Switching Protocols. Barcelona Crypto Day, UPC, Barcelona
05/28/17 : Homomorphic Encryption and Multiparty Computation. Séminaire CIEL, LIRMM Montpellier
03/01/17 : Privately Outsourcing Exponentiation to a Single Server: Cryptanalysis and Optimal Constructions. Séminaire Cryptographie et Sécurité, Caen
06/12/14 : Anonymity-oriented Signatures based on Lattices. Scientific committee talk, YACC 2014, Porquerolles
05/28/14 : Proxy Re-Encryption Scheme Supporting a Selection of Delegatees. Africacrypt 2014, Marrakech
04/05/14 : Chiffrement avancé à partir du problème Learning with errors. EJC IM 2014, Université de Caen Basse-Normandie
03/20/14 : Cryptographie et réseaux euclidiens. École de printemps C2, Université Joseph Fourier, Grenoble 1
03/14/12 : Efficient Attribute-based Cryptography. Groupe de travail Arith, Université de Montpellier 2
03/08/12 : Efficient Attribute-based Cryptography. BIPOP-CASYS seminar, Université Joseph Fourier, Grenoble 1
01/13/11 : NICE : une cryptanalyse imaginaire et une cryptanalyse réelle. Arenaire's work session, Lyon
07/08/10 : Factoring $pq^2$ with quadratic forms and cryptographic applications. Seminar on Mathematics Applied to Cryptography, UPC, Barcelona
06/25/10 : Factoring $pq^2$ with quadratic forms and cryptographic applications. Invited talk, XXI^èmes Rencontres Arithmétiques de Caen
02/11/10 : Factorisation des entiers $N = pq^2$ et applications cryptographiques. Séminaire Caramel, Nancy
02/09/10 : Factorisation des entiers $N = pq^2$ et formes quadratiques. Séminaire Algo, Université de Caen
06/04/08 : Trapdoor Sanitizable Signatures and their Application to Content Protection. ACNS'08, New-York
04/10/08 : Signatures "caviars" et applications. Séminaire Protection de l'Information, Université Paris 8
11/10/07 : On the Soundness of Restricted Universal Designated Signatures and Dedicated Signatures. ISC'07, Valparaiso
06/11/07 : How to sign incognito. First Indo-French Workshop on Cryptography and Related Topics, Paris
06/04-07/07 : Lectures on Cryptology. Cryptology seminar, University Cadi Ayyad, Marrakech
11/21/06 : Signatures spéciales : application à l'authentification du routage dans les réseaux ad hoc (II). Séminaire Algo, Université de Caen
11/14/06 : Signatures spéciales : application à l'authentification du routage dans les réseaux ad hoc (I). Séminaire Algo, Université de Caen
08/30/06 : Blind Ring Signatures Secure under the Chosen-Target-CDH Assumption. ISC'06, Samos
02/14/06 : Signatures à vérification contrôlée. Groupe de travail Arithmétique Cryptographie Codage, Université de Limoges
02/10/06 : Signatures à vérification contrôlée. Séminaire Cryptographie, Codes et Algorithmique, ENSTA
02/03/06 : Signatures à vérification contrôlée. Séminaire de Cryptographie IRMAR/CELAR (Rennes)
01/24/06 : Signatures à vérification contrôlée. Groupe de Travail Math/Info de l'Université de Versailles St-Quentin-en-Yvelines
12/12/05 : Short Undeniable Signatures Without Random Oracles: the Missing Link. Indocrypt 2005, Bangalore
06/12/05 : Pairing-based Undeniable Signatures and Variants. PIC'05, Dublin
02/16/05 : Time-Selective Convertible Undeniable Signatures. RSA'05 - CT, San Francisco
09/08/04 : Designated Verifiers Signature: Anonymity and Efficient Construction from any Bilinear Map. SCN'04, Amalfi
05/18/04 : Signatures à vérificateur(s) désigné(s). Séminaire Arithmétique, Codage, Cryptographie de l'Université de Limoges
05/13/04 : Comment signer incognito ? Séminaire Cryptographie de l'Université de Caen
04/29 /04 : Signatures à vérificateur(s) désigné(s). Séminaire Complexité et Cryptographie du GRECC (ENS)
04/08/04 : Signatures à vérificateur désigné basées sur les pairings et leur généralisation . groupe de travail Cryptographie du LIFAR (Rouen)
02/11/04 : Multi-designated verifiers signatures. Advanced Course in Contemporary Cryptology (CRM - Barcelone)
08/19/03 : Efficient and Provably Secure Designated Verifier Signature Schemes from Bilinear Maps. Crypto'03 rump session, Santa Barbara
05/22/03 : Extending the Boneh-Durfee-de Weger attack to RSA-like Cryptosystems. Benelux IT 2003, Veldhoven
02/18/03 : Arithmétique des Suites de Divisibilité Elliptiques et Cryptographie. Séminaire Arithmétique, Codage, Cryptographie de l'Université de Limoges
01/30/03 : Attaques sur les petits exposants secrets de RSA. Séminaire Cryptographie de l'Université de Caen
01/08/03 : Pairings et Cryptographie. Séminaire Sécurité des Services et Réseaux (France Télécom R&D, Caen)
02/13/02 : Courbes Elliptiques et Cryptographie. Séminaire Sécurité des Services et Réseaux (France Télécom R&D, Caen)

Habilitation à diriger des recherches: Public-Key Cryptography: Design and Algorithmic [pdf]

Defended on the 12th of December, 2011. The referees were:

Dario Catalano - Reviewer (Professor Università di Catania)
Guillaume Hanrot - President (Professeur, Ecole Normale Supérieure de Lyon)
Pascal Paillier (CEO and Senior Security Expert at CryptoExperts)
David Pointcheval - Reviewer (DR CNRS, Ecole Normale Supérieure)
Brigitte Vallée - Supervisor (DR CNRS, Caen)

Abstract: Public key cryptography aims at providing efficient, versatile, and secure solutions to protect complex systems such as electronic voting, anonymous access control, secure routing,... The foundation of public key cryptography is the existence of hard algorithmic problems, on which the security of these protocols relies. The factorisation of integers, the discrete logarithm over the group of points of an elliptic curve are example of such problems. Designing a secure cryptosystem needs a precise identification and analysis of the underlying algorithmic problem, an optimised arithmetic, and a proof of its security according to a model of adversary.

I present in this thesis my contributions to this framework: in the first part, I will describe a new factoring algorithm for numbers of the shape pq^2 using the algorithmic of quadratic forms, and its application to the cryptanalysis of long-lived cryptosystems based on the arithmetic of orders of quadratic fields. I will then illustrate the optimisation of the arithmetic of cryptography by providing an improvement of Miller's algorithm to compute pairings on elliptic curves, which is of crucial importance in the design of functional cryptosystems, as illustrated later.

In a second part, I will talk about the design and security analysis of functional cryptosystems, which provide a natural way to protect data in defining a security policy to authorise several users to access (part of) this data. The concept of functional encryption naturally captures those of (anonymous) identity-based encryption and attribute based encryption. I will provide a theoretical study of the relations between semantic security and anonymity for identity-based encryption in different security scenarios. Then, I will propose efficient attribute based encryption and signature schemes for which the size of the ciphertexts or signatures does not depend on the number of attributes of a user.

PhD thesis: On the security of pairing-based signatures with controlled verification (in french [ps.gz])

I did my PhD thesis under the supervision of Prof. E. Reyssat at the LMNO (Université de Caen) and at France Telecom Research and Development. I defended my PhD on the 29th of June, 2005. The referees were

Jacques Stern - President (Prof. ENS)
Antoine Joux - Reviewer (Prof. Univ. of Versailles/DGA)
David Pointcheval - Reviewer (CR CNRS, ENS)
Thierry Berger (Prof. Univ. of Limoges)
Marc Girault (France Telecom R&D)
Eric Reyssat - Supervisor (Prof. Univ of Caen)
Brigitte Vallée (DR CNRS, Univ of Caen)

Abstract: To answer to the increasing needs to secure communication systems, cryptology must provide specific, flexible and efficient solutions. Crucial is the need for authentication.

In this thesis, we analyse cryptographic primitives related to data authentication. They differ from traditional digital signatures as they can only be verified under the control of a specific entity and they provide some anonymity properties.

We first deal with undeniable signatures and introduce a new property in their definition, namely the time-selective conversion. We analyze the security of several new schemes in the random oracle model, and we propose simple undeniable signatures whose security can be proven in the standard model. We also study a logical extension of undeniable signatures, called directed signatures and we propose a new scheme and its security in the random oracle model. Finally we develop the concept of designated verifier signatures and provide a formal definition of multi-designated verifiers signatures with a rigorous treatment of the security model for such an extension. We also study an anonymity property for the signer.

The signatures presented in this thesis are based on the Weil and Tate pairings, recently introduced in cryptology. These bilinear applications allow a degree of freedom to design cryptosystems, and imply the bilinear variants of the classical Diffie-Hellman problem upon which rely our new schemes. In particular we introduce from simple observations the so-called ``$xyz$-trick'' and the ``$xyz$-DDH'' problem which make it possible to design cryptographic protocols achieving a trade-off between authenticity and privacy.