この記事は EAGLYS Advent Calendar 2024 の6日目の記事です
突貫で書いてしまった部分もあるので、大いに誤りを含む可能性があります。誤字・脱字レベルでも構いませんので、ご指摘ください。
また、予告なしに内容の加筆や構成の変更を行うことがありますが、読みやすくするためのものですので、ご容赦ください
後述しますが、2024年末頃に大幅加筆します
自己紹介
秘密計算のスタートアップで働いている社会人2年目です
普段は、秘密計算の研究や社会実装を行なっています
最近は、外部に向けた勉強会もやっています
近々、第2回が開催されますので、皆さん是非ご参加ください
第1回 EAGLYS暗号勉強会
学生時代は、耐量子計算機暗号(特に符号ベース暗号)を研究していました
今でも細々と続けています
Qiita だけでなく、X や Zenn でも活動しています、もしよろしければ
X のアカウント
Zenn のアカウント
はじめに
2024年に開催された国内や国外の各学会において、秘密計算・耐量子計算機暗号の各方式の発表件数をカウントします.ただし条件として
- 中身は確認せずにタイトルから方式を判断する(30秒以内に判断できない場合は「不明」とする)
- 対象とする学会は,国内が「SCIS」・「CSS」で,国外が「PQCrypto」・「Eurocrypt」・「Crypto」・「Asiacrypt」とする
を設けます.こうしないとさすがに大変すぎるので・・・.
*「秘密計算」セッションでの格子暗号の発表だったり,「楕円曲線」とか「数論」セッションでの同種写像暗号の発表などもなるべく拾うようにしますが,正確な件数を知りたいわけではないので,漏れがあっても勘弁を・・・
なんですが、一旦は国外の学会のみに絞って、記事を出します
国内に関しては、年末頃に加筆します・・・
過去の調査結果は↓
2021年版
耐量子計算機暗号ってどの方式が人気なの?符号ベース暗号は?調べてみました!
2022年版
耐量子計算機暗号の流行整理(2022年版)
略称
PQC: Post-Quantum Cryptography
SC: Secret Computation
HE: Homomorphic Encryption
MPC: Multi-Party Computation
GC: Garbled-Circuit
Eurocrypt
| Big Domain | Small Domain | Title | Author |
|---|---|---|---|
| PQC | Lattice | The Complexity of Algebraic Algorithms for LWE | M. J. Steiner |
| PQC | Lattice | Evaluating the security of CRYSTALS-Dilithium in the Quantum Random Oracle Model | K. A. Jackson, C. A. Miller, D. Wang |
| PQC | Lattice | Practical Threshold Signatures from Standard Lattice Assumptions | M. R. Albrecht, G. Fenzi, O. Lapiha, N. K. Nguyen |
| PQC | Lattice | A General Framework for Lattice-Based ABE using Evasive Inner Product Functional Encryption | Y.-C. Hsieh, H. Lin, J. Lio |
| PQC | Lattice | SLAP: Succinct Lattice-Based Polynomial Commitments from Standard Assumptions | M. R. Albrecht, G. Fenzi, O. Lapiha, N. K. Nguyen |
| PQC | Lattice | Provable Dual Attacks on Learning with Errors | P. Briaud, M. Bros, R. Perlner, D. Smith-Tone |
| PQC | Code | Algorithms for Matrix Code and Alternating Trilinear Form Equivalences via New Isomorphism Invariants | A. K. Narayanan, Y. Qiao, G. Tang |
| PQC | Code | Asymptotics and Improvements of Sieving for Codes | L. Ducas, S. Etinski, A. Esser, E. Kirshanova |
| PQC | Code | Reduction From Sparse LPN to LPN, Dual Attack 3.0 | K. Carrier, T. Debris-Alazard, C. Meyer-Hilfiger, J.-P. Tillich |
| PQC | Code | The Hardness of LPN over Any Integer Ring and Field for PCG Applications | H. Liu, X. Wang, K. Yang, Y. Yu |
| PQC | Isogeny | SQIsignHD: New Dimensions in Cryptography | P. Dartois, A. Leroux, D. Robert, B. Wesolowski |
| PQC | Isogeny | The Supersingular Endomorphism Ring and One Endomorphism Problems Are Equivalent | A. Page, B. Wesolowski |
| PQC | Isogeny | M&M'S: Mix and Match Attacks on Schnorr-type Blind Signatures with Repetition | K. Do, L. Hanzlik, E. Paracucchi |
| PQC | Isogeny | Isogeny Problems with Level Structure | L. D. Feo, T. B. Fouotsa. L. Panny |
| PQC | Symmetric | Post-Quantum security of Tweakable Even-Mansour, and Applications | G. Alagic, C. Bai, J. Katz, C. Majenz, P. Struck |
| PQC | Other | Universal Composable Password Authenticated Key Exchange for the Post-Quantum World | Y. Liu, S. Liu, S. Han |
| SC | HE | Anamorphic Encryption: New Constructions and Homomorphic Realizations | D. Catalano. E. Giunta, F. Migliaro |
| SC | HE | Crypto Dark Matter on the Torus: Oblivious PRFs From Shallow PRFs and TFHE | M. R. Albrecht, A. Davidson, A. Deo, D. Gardham |
| SC | HE | Accelerating BGV Bootstrapping for Large $p$ Using Null Polynomials over $\mathbb{Z}_{p^e}$ | S. Ma, T. Huang, A. Wang, X. Wang |
| SC | HE | Bootstrapping Bits with CKKS | Y. Bae, J. H. Cheon, J. Kim, D. Stehlé |
| SC | HE | Circuit Bootstrapping: Faster and Smaller | R. Wang, Y. Wen, Z. Li, X. Lu, B. Wei, K. Liu, K. Wang |
| SC | MPC | Can Alice and Bob Guarantee Output to Carol? | B. Alon, E. Omri, M. Vfenkitasubramaniam |
| SC | MPC | Constant-Round Simulation-Secure Coin Tossing Extension with Guaranteed Output | D. Abram, J. Doerner, Y. Ishai, V. Narayanan |
| SC | MPC | Two-Round Maliciously-Secure Oblivious Transfer with Optimal Rate | P. Branco, N. Döttling, A. Srinivasan |
| SC | MPC | Perfect Asynchronous MPC with Linear Communication Overhead | I. Abraham, G. Asharov, S. Patil, A. Patra |
| SC | MPC | Fuzzy Private Set Intersection with Large Hyperballs | A. v. Baarsem. S. Pu |
| SC | MPC | Fast Public-Key Silent OT and More from Constrained Naor-Reingold | D. Bui, G. Couteau, P. Meyer, A. Passelègue, M. Riahinia |
| SC | GC | Toward Malicious Constant-Rate 2PC via Arithmetic Garbling | C. Hazay, Y. Yang |
| SC | GC | How to Garble Mixed Circuits that Combine Boolean and Arithmetic Computations | H. Li, T. Liu |
| SC | GC | Garbled Circuit Lookup Tables with Logarithmic Number of Ciphertexts | D. Heath, V. Kolesnikov, L. K. L Ng |
| SC | GC | Arithmetic Garbled Circuits from Free XOR | D. Heath |
集計
| Big Domain | Small Domain | count |
|---|---|---|
| PQC | ALL | 16 |
| PQC | Lattice | 6 |
| PQC | Code | 4 |
| PQC | Isogeny | 4 |
| PQC | Symmetric | 1 |
| PQC | Other | 1 |
| SC | ALL | 15 |
| SC | HE | 5 |
| SC | MPC | 6 |
| SC | GC | 4 |
Crypto
| Big Domain | Small Domain | Title | Author |
|---|---|---|---|
| PQC | Lattice | Memory-Sample Lower Bounds for LWE | J. Yang, M. Lu |
| PQC | Lattice | Polynomial Commitments from Lattices: Post-Quantum Security, Fast Verification and Transparent Setup | V. Cini, G. Malavolta, N. K. Nguyen, H. Wee |
| PQC | Lattice | Greyhound: Fast Polynomial Commitments from Lattices | N. K. Nguyen, G. Seiler |
| PQC | Lattice | Concretely Efficient Lattice-based Polynomial Commitment from Standard Assumptions | I. Hwang, J. Seo, Y. Song |
| PQC | Lattice | Attribute Based Encryption for Turing Machines from Lattices | S. Agrawal, S. Kumari, S. Yamada |
| PQC | Lattice | A Systematic Study of Sparse LWE | A. Jain, H. Lin, S. Saha |
| PQC | Lattice | Two-Round Threshold Signature from Algebraic One-More Learning with Errors | S. Katsumata, K. Takemure, T. Espitau |
| PQC | Lattice | Adaptively Secure 5 Round Threshold Signatures from MLWE/MSIS and DL with Rewinding | S. Katsumata, M. Reichle, K. Takemure |
| PQC | Lattice | Cryptanalysis of Lattice-Based Sequentiality Assumptions and Proofs of Sequential Work | C. Peikert, Y. Tang |
| PQC | Lattice | Laconic Function Evaluation and ABE for RAMs from (Ring-)LWE | F. Dong, Z. Hao, E. Mook, H. Wee, D. Wichs |
| PQC | Lattice | Circuit ABE with poly(depth, λ)-sized Ciphertexts and Keys from Lattices | H. Wee |
| PQC | Lattice | Provable security against decryption failure attacks from LWE | C. Majenz, F. Sisinni |
| PQC | Code | Pseudorandom Error-Correcting Codes | M. Christ, S. Gunn |
| PQC | Code | Lossy Cryptography from Code-Based Assumptions | Q. Dao, A. Jain |
| PQC | Multi-variate | Non-Interactive Zero-Knowledge from LPN and MQ | Q. Dao, A. Jain. Z. Jin |
| PQC | Isogeny | QFESTA: Efficient Algorithms and Parameters for FESTA using Quaternion Algebras | K. Nakagawa, H. Onuki |
| PQC | Isogeny | Radical Vélu Isogeny Formulae | T. Decru |
| PQC | Isogeny | On cycles of pairing-friendly abelian varieties | M. C.-R. Santos, C. Costello, M, Naehrig |
| PQC | Isogeny | Improved algorithms for finding fixed-degree isogenies between supersingular elliptic curves | B. Benčina, P. Kutas, S.-P. Merz, C. Petit, M. Stopar, C. Weitkämper |
| PQC | Other | Improved Alternating-Moduli PRFs and Post-Quantum Signatures | N. Alamati, G.-V. Policharla, S. Raghuraman, P. Rindal |
| SC | HE | Fully-Succinct Multi-Key Homomorphic Signatures from Standard Assumptions | G. Anthoine, D. Balbas, D. Fiore |
| SC | HE | Exploring the Advantages and Challenges of Fermat NTT in FHE Acceleration | A. Kim, A. C. Mert, A. Mukherjee, A. Aikata, M. Deryabin, S. Kwon, H. Kang, S. S. Roy |
| SC | HE | On the practical CPAD security of "exact" and threshold FHE schemes and libraries | M. Checri, R. Sirdey, A. Boudguiga, J.-P. Bultel |
| SC | HE | How to Construct Quantum FHE, Generically | A. Gupte, V. Vaikuntanathan |
| SC | HE | Plaintext-Ciphertext Matrix Multiplication and FHE Bootstrapping: Fast and Fused | Y. Bae, J. H. Cheon, G. Hanrot, J. H. Park, D. Stehlé |
| SC | MPC | MPC for Tech Giants (GMPC): Enabling Gulliver and the Lilliputians to Cooperate Amicably | B. Alon, M, Naor, E. Omri, U. Stemmer |
| SC | MPC | Fully Secure MPC and zk-FLIOP Over Rings: New Constructions, Improvements and Extensions | A. Dalskov, D. Escudero, A. Nof |
| SC | MPC | Computation Efficient Structure-Aware PSI From Incremental Function Secret Sharing | G. Garimella, B. Goff, P. Miao |
| SC | MPC | Compressing Unit-Vector Correlations via Sparse Pseudorandom Generators | A. Agarwal, E. Boyle, N. Gilboa, Y. Ishai, M. Kelkar, Y. Ma |
| SC | MPC | Doubly Efficient Cryptography: Commitments, Arguments and RAM MPC | W.-K. Lin, E. Mook, D. Wichs |
| SC | MPC | Towards Achieving Asynchronous MPC with Linear Communication and Optimal Resilience | V. Goyal, C.-D. Liu-Zhang, Y. Song |
集計
| Big Domain | Small Domain | count |
|---|---|---|
| PQC | ALL | 21 |
| PQC | Lattice | 12 |
| PQC | Code | 2 |
| PQC | Multi-variate | 1 |
| PQC | Isogeny | 4 |
| PQC | MPC-in-the-head | 1 |
| PQC | Other | 1 |
| SC | ALL | 11 |
| SC | HE | 5 |
| SC | MPC | 6 |
Asiacrypt
| Big Domain | Small Domain | Title | Author |
|---|---|---|---|
| PQC | Lattice | Unbounded ABE for Circuits from LWE, Revisited | V. Cini, H. Wee |
| PQC | Lattice | Adaptive Hardcore Bit and Quantum Key Leasing over Classical Channel from LWE with Polynomial Modulus | D. H. Phan, W. Wen, X. Yan, J. Zheng |
| PQC | Lattice | Partially Non-Interactive Two-Round Lattice-Based Threshold Signatures | R. Chairattana-Apirom, S. Tessaro, C. Zhu |
| PQC | Lattice | Verifiable Oblivious Pseudorandom Functions from Lattices: Practical-ish and Thresholdisable | K. D. Gur, M. R. Albrecht |
| PQC | Lattice | Evasive LWE Assumptions: Definitions, Classes, and Counterexamples | C. Brzuska, A. Ünal, I. K. Y. Woo |
| PQC | Lattice | Dense and smooth lattices in any genus | W. van Woerden |
| PQC | Lattice | Cryptanalysis of Rank-2 Module-LIP with Symplectic Automorphisms | H. Luo, K. Jiang, Y. Pan. A. Wang |
| PQC | Lattice | On the Spinor Genus and the Distinguishing Lattice Isomorphism Problem | C. Ling, J. Liu, A. Mendelsohn |
| PQC | Code | Dual Support Decomposition in the Head: Shorter Signatures from Rank SD and MinRank | L. BIDOUX, T. FENEUIL, P. GABORIT, R. NEVEU, M. RIVAIN |
| PQC | Code | Reducing the Number of Qubits in Quantum Information Set Decoding | C. Chevignard, P.-A. Fouque, A. Schrottenloher |
| PQC | Code | Code-Based Zero-Knowledge from VOLE-in-the-Head and Their Applications: Simpler, Faster, and Smaller | Y. Ouyang, D. Tang, Y. Xu |
| PQC | Code | MinRank Gabidulin encryption scheme on matrix codes | N. Aragon, A. Couvreur, V. Dyseryn, P. Gaborit, A. Vinçotte |
| PQC | Isogeny | SQIsign2D-West: The Fast, the Small, and the Safer | A. Basso, P. Dartois, L. D. Feo, A. Leroux, L. Maino, G. Pope, D. Robert, B. Wesolowski |
| PQC | Isogeny | SQIPrime: A dimension 2 variant of SQISignHD with non-smooth challenge isogenies | M. Duparc, T. B. Fouotsa |
| PQC | Isogeny | SQIsign2D-East: A New Signature Scheme Using 2-dimensional Isogenies | K. Nakagawa, H. Onuki, W. Castryck, M. Chen, R. Invernizzi, G. Lorenzon, F. Vercauteren |
| PQC | Isogeny | Ideal-to-isogeny algorithm using 2-dimensional isogenies and its application to SQIsign | H. Onuki, K. Nakagawa |
| PQC | Isogeny | An Algorithmic Approach to $(2,2)$-isogenies in the Theta Model and Applications to Isogeny-based Cryptography | P. Dartois, L. Maino, G. Pope, D. Robert |
| PQC | Isogeny | Extending class group action attacks via sesquilinear pairings | J. Macula, K. E. Stange |
| PQC | MPC-in-the-head | Faster Signatures from MPC-in-the-Head | D. Bui, E. Carozza, G. Couteau, D. Goudarzi, A. Joux |
| PQC | other | One Tree to Rule Them All: Optimizing GGM Trees and OWFs for Post-Quantum Signatures | C. Baum, W. Beullens, S. Mukherjee, E. Orsini, S. Ramacher, C. Rechberger, L. Roy, P. Scholl |
| SC | HE | Revisiting Key Decomposition Techniques for FHE: Simpler, Faster and More Generic | M. G. Belorgey, S. Carpov, N. Gama, S. Guasch, D. Jetchev |
| SC | HE | Faster BGV Bootstrapping for Power-of-two Cyclotomics through Homomorphic NTT | S. Ma, T. Huang, A. Wang, X. Wang |
| SC | HE | Relaxed Functional Bootstrapping: A New Perspective on BGV/BFV Bootstrapping | Z. Liu, Y. Wang |
| SC | HE | NTRU-based Bootstrapping for MK-FHEs without using Overstretched Parameters | B. Xiang, J. Zhang, K. Wang, Y. Deng, D. Feng |
| SC | HE | Homomorphic sign evaluation with a RNS representation of integers | P. Chartier, M. Koskas, M. Lemou, F. Méhats |
| SC | HE | Low Communication Threshold Fully Homomorphic Encryption | A. Passelègue, D. Stehlé |
| SC | HE | Bootstrapping Small Integers With CKKS | Y. Bae, J. Kim, D. Stehlé, E. Suvanto |
| SC | MPC | FOLEAGE: F4-OLE-Based Multi-Party Computation for Boolean Circuits | M. Bombar, D. Bui, G. Couteau, A. Couvreur, C. Ducros, S. Servan-Schreiber |
| SC | MPC | Actively Secure Polynomial Evaluation from Shared Polynomial Encodings | P. Reisert, M. Rivinius, T. Krips, S. Hasler, R. Küsters |
| SC | MPC | Dishonest Majority Multiparty Computation over Matrix Rings | H. Liu, C. Xing, C. Yuan, T. Zou |
| SC | MPC | The Concrete Security of Two-Party Computation: Simple Definitions, and Tight Proofs for PSI and OPRFs | M. Bellare, R. Ranjan, D. Riepel, A. Aldakheel |
| SC | MPC | Honest Majority GOD MPC with O(depth(C)) Rounds and Low Online Communication | A. Agarwal, A. Bienstock, I. Damgård Daniel Escudero |
| SC | MPC | Perfectly-Secure Multiparty Computation with Linear Communication Complexity over Any Modulus | D. Escudero, Y. Song, W. Wang |
| SC | MPC | Dishonest Majority Constant-Round MPC with Linear Communication from DDH | V. Goyal, J. Li, A. K. Misra, R. Ostrovsky, Y. Song, C. Weng |
集計
| Big Domain | Small Domain | count |
|---|---|---|
| PQC | ALL | 20 |
| PQC | Lattice | 8 |
| PQC | Code | 4 |
| PQC | Isogeny | 6 |
| PQC | MPC-in-the-head | 1 |
| PQC | Other | 1 |
| SC | ALL | 14 |
| SC | HE | 7 |
| SC | MPC | 7 |
まとめ
今回は、主要な学会に絞って、秘密計算・耐量子計算機暗号の発表に関して調査しました
多変数が多いかと思ったのですが、そんなこともなく・・・来年はどうなることやら
個人的には、符号関連の発表が多くて、嬉しい限りです
他にも量子関連の発表もいくつかあり、例えば、Crypto では、
``Quantum Advantage from One-Way Functions'', T. Morimae, T. Yamakawa
``Space-Efficient and Noise-Robust Quantum Factoring'', S. Ragavan, V. Vaikuntanathan
などがあったりしました。面白そう・・・