Sites Inria

Version française

CARAMEL Research team

Activity reports

Overall Objectives

A general keyword that could encompass most of our research objectives is arithmetic. Indeed, in the Caramel team, the goal is to push forward the possibilities to compute efficiently with objects having an arithmetic nature. This includes integers, real and complex numbers, polynomials, finite fields, and, last but not least, algebraic curves.

Our main application domains are public-key cryptography and computer algebra systems. Concerning cryptography, we concentrate on the study of the primitives based on the factorization problem or on the discrete-logarithm problem in finite fields or (Jacobians of) algebraic curves. Both the constructive and destructive sides are of interest to Caramel. For applications in computer algebra systems, we are mostly interested in arithmetic building blocks for integers, floating-point numbers, polynomials, and finite fields. Also some higher level functionalities like factoring and discrete-logarithm computation are usually desired in computer algebra systems.

Since we develop our expertise at various levels, from most low-level software or hardware implementation of basic building blocks to complicated high-level algorithms like integer factorization or point counting, we have remarked that it is often too simple-minded to separate them: we believe that the interactions between low-level and high-level algorithms are of utmost importance for arithmetic applications, yielding important improvements that would not be possible with a vision restricted to low- or high-level algorithms.

We emphasize three main directions in the Caramel team:

Integer factorization and discrete-logarithm computation in finite fields.

We are in particular interested in the number field sieve algorithm (NFS) that is the best algorithm known for factoring large RSA-like integers, and for solving discrete logarithms in prime finite fields and small extension degree finite fields. In the case of discrete logarithm in small characteristic, recent progress led to algorithms that are less similar to the NFS algorithm; on the other hand they involve Gröbner basis computations.

In all these cases, we plan to improve on existing algorithms, with a view towards practical considerations and setting new records.

Algebraic curves and cryptography.

Our two main research interests on this topic lie in genus-2 cryptography and in the arithmetic of pairings, mostly on the constructive side in both cases. For genus-2 curves, a key algorithmic tool that we develop is the computation of explicit isogenies; this allows improvements for cryptography-related computations such as point counting in large characteristic, complex-multiplication construction and computation of the ring of endomorphisms.

The pairing-based cryptography landscape has been greatly modified recently, due to the progress in the discrete logarithm problem. Therefore, this is no longer a priority for us.

Arithmetic.

Integer, finite-field and polynomial arithmetic are ubiquitous to our research. We consider them not only as tools for other algorithms, but as a research theme per se. We are interested in algorithmic advances, in particular for large input sizes where asymptotically fast algorithms become of practical interest. We also keep an important implementation activity, both in hardware and in software.

Polynomial system solving is a transverse theme to these research directions. It is rather natural with algebraic curves, and occurs also in NFS-related contexts, that many important challenges can be represented via polynomial systems, which have structural specificities. We also intend to develop algorithms and tools that, when possible, take advantage of these specificities.