Personal Page of Léo Perrin
Table of Contents
1 Who Am I?
I am a junior researcher (chargé de recherche) at Inria, in the team Cosmiq (ex SECRET) where I started as a post-doc. I work on symmetric cryptography and Boolean functions.
You may reach me at myfirstname dot mylastname at inria dot fr
. I am
also @lpp_crypto
on twitter, and my work phone number is +331 80 49 41
13 (office hours only). What I look like is on Figure 1.
Figure 1: That's me!
2 Things I do/Have Done
I work on Discrete Mathematics/Boolean functions and symmetric cryptography. Some of my results are summarized here. I also try to keep track of which symmetric algorithms have been standardized; the result is here (work in progress).
2.1 Some Scientific Results
2.1.1 Non-Randomness in Russian Algorithms
Two symmetric cryptographic algorithms have been standardized in Russia in the past few years: a block cipher (Kuznyechik) and a hash function (Streebog). I have worked on one of their key components (their S-box) and co-authored several papers related to it that were published in some of the leading venues for cryptography research [5,10,25,30]. The designers of these algorithms claim to have generated this component using a random process (see their explanations and the discussions at ISO). I have found that they did not. My findings are summarized here.
2.1.2 Lightweight Cryptography
I co-designed the lightweight block cipher SPARX [28] with my colleagues while I was in Luxembourg.
The American NIST has a project about lightweight cryptography (see here). I co-authored two candidates: the post-quantum secure Saturnin and the software-oriented SPARKLE (which is based on SPARX). The latter is a finalist of this competition!
2.2 Quick CV
I have previously worked/studied at the following places.
- DTU, Lyngby, Denmark; for a short post-doc.
- RUB, Bochum, Germany; for a 3 weeks visit.
- SnT, University of Luxembourg, Luxembourg; for my PhD [2] (which won an award).
- Aalto University, Espoo, Finland; for my Master thesis [1].
- Royal Institute of Technology (KTH), Stockholm, Sweden; for a civilingenjör degree via a double degree partnership with…
- … Centrale Lyon, Lyon, France; for a diplôme d'ingénieur.
2.3 Software Development
- Sage library for studying Boolean functions: SboxU. It is very much a work in progress.
- I implemented a verifier for the verificatum electronic vote platform. I sold it to a subcontractor of the Norwegian Ministry of Local Government and Regional Development (KRD) who used it in the Norwegian parliamentary elections of 2013. It is available on github.
2.4 Program (co-)Chair
- WCC 2022: Co-chair with Gohar Khyureghyan and Alexander Pott.
- Journée C2 2022: Co-chair with Gaëtan Leurent
2.5 Committee/Editorial Board
- CT-RSA 2019: Committee member (link).
- WAIFI 2018: Committee member (link).
- ToSC 2017, 2019–2022: I was a member of the editorial board of the IACR Transactions on Symmetric Cryptology throughout 2017, and am now again starting in 2019.
- SPACE 2019: Committee member (link).
- BFA 2021, 2022: Committee member (link).
- IMACC 2022: Committee member (link).
- CCS 2022: Committee member for the applied cryptography track (link)
- Eurocrypt 2023: Committee member (link).
- Crypto 2023: Committee member (link).
2.6 Awards
- Prix Rolf Tarrach
- For my PhD thesis [2], I was awarded the Prix Rolf Tarrach; formerly known as the "prix de la meilleure thèse".
- Best Paper Awards
- Cryptanalysis Challenges
- PRINCE Challenge: I am a co-winner of the first round of the PRINCE challenge, a cryptanalysis competition setup by the NXP company. The corresponding paper [22] was accepted at FSE'15 and was recognized as a top 3 contribution.
- Spook Challenge: With my co-authors, we won the first round of the spook challenge, which dealt with attacking the Shadow permutation. Our results were published at CRYPTO'20 [34], and lead to an update of the Shadow permutation.
- Ethereum Challenge: with my co-authors, we won several of the cryptanalysis challenges put forward by the Ethereum foundation. Our results were published at ToSC [18].
2.7 Student Supervision
I had the pleasure of supervising the following students.
2.7.1 Interns
Interns that then became PhD students are listed after.
- Sohaïb Ouzineb
- He worked on the structure of the S-box of the block cipher CMEA used by the North American 2G Network. His report on this topic is available on HAL.
Towards the Reverse-Engineering of the CaveTable. Sohaïb Ouzineb, 2019. link to HAL.
- Shibam Ghosh
- He worked on quadratic Boolean functions with Anne Canteaut and myself, and is now a PhD student in Haifa.
2.7.2 PhD Students
- Clémence Bouvier
- She started her PhD in October 2020, and is co-supervised by Anne Canteaut and myself. She works on arithmetization-friendly symmetric cryptography (her webpage).
- Jules Baudrin
- He started his PhD in September 2021, and is co-supervised by Anne Canteaut and myself. He works on the cryptanalysis of lightweight symmetric primitives (his webpage).
- Aurélien Bœuf
- He started his PhD in October 2022, and is co-supervised by Anne Canteaut and myself. He works on arithmetization-friendly symmetric cryptography as part of the ReSCALE project.
3 Content of this Website
I have written a page dedicated to S-box reverse-engineering and its applications. It also contains links to several pages, each dedicated to a specific result.
- On S-box Reverse-Engineering
- Tutorials, Teaching
- Tutorial on S-box Analysis (work in progress)
- Software and other Implementations
- Standardized Symmetric Cryptography
4 Publications List
All my publications are listed below. When available, I also provide a link to the corresponding conference presentation. See also google scholar.
4.1 Memoirs
- On the properties of S-boxes. Master thesis done in the crypto group at Aalto University under the supervision of Céline Blondeau. Defended in March 2013.
- Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms. PhD thesis in computer science done in the cryptoLux group from the university of Luxembourg under the supervision of Alex Biryukov. Defended in April 2017. It was awarded the Rolf Tarrach price. pdf at uni.lu. slides.
4.2 Journal Papers
- Céline Blondeau and Léo Perrin. More differentially 6-uniform power functions. Designs, Codes and Cryptography, 73(2):487–505, 2014. link to springer.com.
- Alex Biryukov, Dmitry Khovratovich, and Léo Perrin. Multiset-algebraic cryptanalysis of reduced Kuznyechik, Khazad, and secret SPNs. IACR Transactions on Symmetric Cryptology, 2016(2):226–247, 2017. link to tosc.iacr.org.
- Léo Perrin and Aleksei Udovenko. Exponential S-boxes: a link between the S-boxes of BelT and Kuznyechik/Streebog. IACR Transactions on Symmetric Cryptology, 2016(2):99–124, 2017. link to tosc.iacr.org.
- Anne Canteaut, Sébastien Duval, and Léo Perrin. A generalisation of Dillon's APN permutation with the best known differential and nonlinear properties for all fields of size \(2^{4k+2}\). IEEE Transactions on Information Theory, 63(11):7575–7591, Nov 2017. link to eprint.iacr.org.
- Dumitru-Daniel Dinu, Yann Le Corre, Dmitry Khovratovich, Léo Perrin, Johann Großschädl and Alex Biryukov. Triathlon of Lightweight Block Ciphers for the Internet of Things. Journal of Cryptographic Engineering, pp. 1–20, Jul 2018. link to eprint.iacr.org.
- Anne Canteaut, and Léo Perrin. On CCZ-Equivalence, Extended-Affine Equivalence, and Function Twisting. Finite Fields and their Applications, 26:209–246, March 2019. link to eprint.iacr.org.
- Anne Canteaut, Léo Perrin and Shizhu Tian. If a Generalised Butterfly is APN then it Operates on 6 Bits. Cryptography and Communications, pp. 1–18, April 2019. link to eprint.iacr.org.
- Léo Perrin. Partitions in the S-Box of Streebog and Kuznyechik IACR Transactions on Symmetric Cryptology, 2019(1), 302–329, 2019. link to tosc.iacr.org. Presentation (by myself): link to youtube. best paper award!
- Christof Beierle1, Alex Biryukov, Luan Cardoso dos Santos, Johann Großschädl, Léo Perrin, Aleksei Udovenko, Vesselin Velichkov and Qingju Wang. Lightweight AEAD and Hashing using the Sparkle Permutation Family. IACR Transactions on Symmetric Cryptology, 2020 Special Issue 1, pp. 208–261, June 2020. link to tosc.iacr.org
- Anne Canteaut, Sébastien Duval, Gaëtan Leurent, María Naya-Plasencia, Léo Perrin, Thomas Pornin and André Schrottenloher. SATURNIN: a suite of lightweight symmetric algorithms for post-quantum security. IACR Transactions on Symmetric Cryptology, 2020 Special Issue 1, pp. 160–207, June 2020. link to tosc.iacr.org
- Patrick Derbez and Léo Perrin. Meet-in-the-Middle Attacks and Structural Analysis of Round-Reduced PRINCE. Journal of Cryptology, Volume 33, pp. 1184–1215, March 2020. link to eprint.iacr.org
- Shizhu Tian, Christina Boura and Léo Perrin. Boomerang uniformity of popular S-box constructions. Designs, Codes and Cryptography volume 88, pages 1959–1989, August 2020. link to eprint.iacr.org
- Olivier Bronchain, Sebastian Faust, Virginie Lallemand, Gregor Leander, Léo Perrin, and François-Xavier Standaert. MOE: Multiplication Operated Encryption With Trojan Resilience. IACR Transactions on Symmetric Cryptology, 2020(1), pp. 78–129. link to tosc.iacr.org
- Christof Beierle, Gregor Leander, Léo Perrin. Designs, Codes and Cryptography. Trims and Extensions of Quadratic APN Functions. Designs, Codes and Cryptography, volume 90, pages 1009–1036, Marche 2022. link to arXiv
- Christof Beierle, Claude Carlet, Gregor Leander, Léo Perrin, A further study of quadratic APN permutations in dimension nine. Finite Fields and Their Applications, Volume 81, 2022. link to arXiv
- Augustin Bariant, Clémence Bouvier, Gaëtan Leurent, and Léo Perrin. Algebraic Attacks Against Some Arithmetization-Oriented Primitives. IACR Transactions on Symmetric Cryptology, 2022(3), pp. 73–101. link to tosc.iacr.org
- Jules Baudrin, Anne Canteaut, Léo Perrin. Practical Cube Attack against Nonce-Misused Ascon. IACR Transactions on Symmetric Cryptology, 2022(4), pp. 120–144. link to tosc.iacr.org
4.3 Proceedings of International Peer-Reviewed Conferences
- Léo Perrin and Dmitry Khovratovich. Collision spectrum, entropy loss, T-sponges, and cryptanalysis of GLUON-64. In Carlos Cid and Christian Rechberger, editors, Fast Software Encryption – FSE 2014, volume 8540 of Lecture Notes in Computer Science, pages 82–103. Springer, Heidelberg, March 2015. link to eprint.iacr.org.
- Alex Biryukov, Patrick Derbez, and Léo Perrin. Differential analysis and meet-in-the-middle attack against round-reduced TWINE. In Gregor Leander, editor. Fast Software Encryption – FSE 2015, volume 9054 of Lecture Notes in Computer Science. Springer, Heidelberg, March 2015. link to eprint.iacr.org; Presentation (by myself): link to youtube.
- Patrick Derbez and Léo Perrin. Meet-in-the-middle attacks and structural analysis of round-reduced PRINCE. In Gregor Leander, editor. Fast Software Encryption – FSE 2015, volume 9054 of Lecture Notes in Computer Science. Springer, Heidelberg, March 2015. link to eprint.iacr.org; presentation (by Patrick Derbez): link to youtube.
- Alex Biryukov, Gaëtan Leurent, and Léo Perrin. Cryptanalysis of Feistel networks with secret round functions. In Orr Dunkelman and Liam Keliher, editors, Selected Areas in Cryptography – SAC 2015, volume 9566 of Lecture Notes in Computer Science, pages 102–121, Cham, 2016. Springer International Publishing. link to eprint.iacr.org.
- Alex Biryukov and Léo Perrin. On reverse-engineering S-boxes with hidden design criteria or structure. In Rosario Gennaro and Matthew J. B. Robshaw, editors, Advances in Cryptology – CRYPTO 2015, Part I, volume 9215 of Lecture Notes in Computer Science, pages 116–140. Springer, Heidelberg, August 2015. link to eprint.iacr.org.
- Alex Biryukov, Léo Perrin, and Aleksei Udovenko. Reverse-engineering the S-box of streebog, kuznyechik and STRIBOBr1. In Marc Fischlin and Jean-Sébastien Coron, editors, Advances in Cryptology – EUROCRYPT 2016, Part I, volume 9665 of Lecture Notes in Computer Science, pages 372–402. Springer, Heidelberg, May 2016. link to eprint.iacr.org.
- Léo Perrin and Aleksei Udovenko. Algebraic insights into the secret feistel network. In Thomas Peyrin, editor, Fast Software Encryption – FSE 2016, volume 9783 of Lecture Notes in Computer Science, pages 378–398. Springer, Heidelberg, March 2016. link to eprint.iacr.org.
- Léo Perrin, Aleksei Udovenko, and Alex Biryukov. Cryptanalysis of a theorem: Decomposing the only known solution to the big APN problem. In Matthew Robshaw and Jonathan Katz, editors, Advances in Cryptology – CRYPTO 2016, Part II, volume 9815 of Lecture Notes in Computer Science, pages 93–122. Springer, Heidelberg, August 2016. link to eprint.iacr.org; Presentation (by Aleskei Udovenko): link to youtube.
- Daniel Dinu, Léo Perrin, Aleksei Udovenko, Vesselin Velichkov, Johann Großschädl, and Alex Biryukov. Design strategies for ARX with provable bounds: Sparx and LAX. In Jung Hee Cheon and Tsuyoshi Takagi, editors, Advances in Cryptology – ASIACRYPT 2016, Part I, volume 10031 of Lecture Notes in Computer Science, pages 484–513. Springer, Heidelberg, December 2016. link to eprint.iacr.org.
- Alex Biryukov and Léo Perrin. Symmetrically and Asymmetrically Hard Cryptography. In Tsuyoshi Takagi and Thomas Peyrin, editors, Advances in Cryptology – ASIACRYPT 2017, Part III, volume 10626 of Lecture Notes in Computer Science, pages 417–445. Springer, Heidelberg, December 2017. link to eprint.iacr.org; Presentation (by myself): link to youtube.
- Xavier Bonnetain, Léo Perrin, and Shizhu Tian. Anomalies and Vector Space Search: Tools for S-Box Analysis. In Steven Galbraith and Shiho Moriai, editors, Advances in Cryptology – ASIACRYPT 2019, Part I, volume 11921 of Lecture Notes in Computer Science, pages 196–223. Springer, Heidelberg, December 2019. link to eprint.iacr.org.
- Martin R. Albrecht, Lorenzo Grassi, Léo Perrin, Sebastian Ramacher, Christian Rechberger, Dragos Rotaru, Arnab Roy and Markus Schofnegger. Feistel Structures for MPC, and More. In Kazue Sako, Steve Schneider and Peter Y. A. Ryan, editors, Computer Security - ESORICS 2019, volume 11736 of Lecture Notes in Computer Science, pages 151–171. Springer, Heidelberg, 2019. link to eprint.iacr.org.
- Orr Dunkelman and Léo Perrin. Adapting Rigidity to Symmetric Cryptography: Towards "Unswerving" Designs. In Thyla van der Merwe and Feng Hao, editors, Proceedings of the 5th ACM Workshop on Security Standardisation Research Workshop, pages 69-80. ACM, November 2019.
- Tim Beyne, Anne Canteaut, Itai Dinur, Maria Eichlseder, Gregor Leander, Gaëtan Leurent, María Naya-Plasencia, Léo Perrin, Yu Sasaki, Yosuke Todo and Friedrich Wiemer Out of Oddity – New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems. In Micciancio D., Ristenpart T. (eds) Advances in Cryptology – CRYPTO 2020, Part III. Lecture Notes in Computer Science, vol 12172, pages 299–328. link to eprint.iacr.org
- Patrick Derbez, Paul Huynh, Virginie Lallemand, María Naya-Plasencia, Léo Perrin and André Schrottenloher. Cryptanalysis Results on Spook. In Micciancio D., Ristenpart T. (eds) Advances in Cryptology – CRYPTO 2020, Part III. Lecture Notes in Computer Science, vol 12172, pages 359–388. link to eprint.iacr.org
- Christof Beierle, Alex Biryukov, Luan Cardoso dos Santos, Johann Großschädl, Léo Perrin, Aleksei Udovenko, Vesselin Velichkov and Qingju Wang. Alzette: A 64-Bit ARX-box. In Micciancio D., Ristenpart T. (eds) Advances in Cryptology – CRYPTO 2020, Part III. Lecture Notes in Computer Science, vol 12172, pages 419–448. link to eprint.iacr.org
- Antonio Flórez Gutiérrez, Gaëtan Leurent, María Naya-Plasencia, Léo Perrin, André Schrottenloher and Ferdinand Sibleyras. New results on Gimli: full-permutation distinguishers and improved collisions. In Shiho Moriai and Huaxiong Wang, editors, Advances in Cryptology – ASIACRYPT 2020, to appear. link to eprint.iacr.org. best paper award!
4.4 Proceedings of National Peer-Reviewed Conferences
- Léo Perrin and Xavier Bonnetain. Russian Style (Lack of) Randomness. Symposium sur la sécurité des technologies de l'information et des communications, 2019. The article webpage contains links to the article itself (in English), the slides (in English), and the talk itself given by Xavier Bonnetain (in French).
4.5 Other Publications
- Adi Shamir, Alex Biryukov, and Léo Perrin. Summary of an Open Discussion on IoT and Lightweight Cryptography. Proceedings of Early Symmetric Crypto workshop, 2017. link to uni.lu
- Alex Biryukov, and Léo Perrin. State of the Art in Lightweight Symmetric Cryptography. Eprint report, 2017. link to eprint.iacr.org
- Léo Perrin. Probability 1 Iterated Differential in the SNEIK Permutation. Eprint report, 2019. link to eprint.iacr.org
- Xavier Bonnetain, Anne Canteaut, Véronique Cortier, Pierrick Gaudry, Lucca Hirschi, Steve Kremer, Stéphanie Lacour, Matthieu Lequesne, Gaëtan Leurent, Léo Perrin, André Schrottenloher, Emmanuel Thomé, Serge Vaudenay and Christophe Vuillot. Le traçage anonyme, dangereux oxymore. Available online at https://risques-tracage.fr/; an English version is also available at https://tracing-risks.com/.
4.6 (Invited) Talks/Seminars
4.6.1 Panel Discussions
- Contact tracing, at the the 8th Technion Summer School on Cyber and Computer Security.
4.6.2 Invitation Only International Workshops
- ESC'15: On reverse-engineering S-boxes with hidden design criteria or structure. Early Symmetric Crypto (ESC), Clervaux, Luxembourg, January 2015. website; slides
- Dagstuhl 16021: S-Box Reverse-Engineering: Recovering Design Criteria, Hidden Structures and New Boolean Function Result. Dagstuhl Seminar 16021 (Symmetric Cryptography), Dagstuhl, Germany, January 2016. website
- ESC'17: On the Scope of Lightweight Cryptography. Early Symmetric Crypto (ESC), Canach, Luxembourg, January 17. website; slides
- Dagstuhl 18021: Generalized Feistel Networks with Optimal Diffusion. Dagstuhl Seminar 18021 (Symmetric Cryptography), Dagstuhl, Germany, January 18. website; slides
- Dagstuhl 20041: ISO Update. Dagstuhl Seminar 20041 (Symmetric Cryptography), Dagstuhl, Germany, January 20. website; slides
4.6.3 Other Workshop and Conferences
- CryptoAction Symposium II: On S-Box Reverse-Engineering. CryptoAction Symposium II, Amsterdam, Netherlands, March 2017. website; slides
- BFA 2017: On S-Box Reverse-Engineering: from Cryptanalysis to the Big APN Problem. Boolean Functions and their Applications 2017, Bergen, Norway, July 17. website; slides
- Cryptacus 2017: State of the Art in Lightweight Symmetric Cryptography. Cryptacus Workshop, Nijmegen, Netherlands, November 2017. website; slides
- CECC'18: On S-Box Reverse-Engineering. Central European Conference on Cryptology 2018, Smolenice, Slovakia, June 2018. website; slides
- BFA 2018: On CCZ-Equivalence, Extended Affine-Equivalence and Function Twisting. Boolean Functions and their Applications 2018, Loen, Norway, June 2018. website; abstract; slides
- Fq14: On CCZ-Equivalence, Extended Affine-Equivalence and Function Twisting. The 14th International Conference on Finite Field and their Applications, Vancouver, 2019. website; slides
- IETF 105: Streebog & Kuznyechik: Inconsistencies in the Claims of their Designers. IETF Meeting. Montréal, July 2019. website; slides.
- BFA 2020: How to Take a Function Apart with SboxU, somewhere in the ether, September 2020. website; slides.
- BFA 2021: Constructing more Quadratic APN Functions with the QAM Method, Rosendal, Norway, September 2021. website; slides.
4.6.4 Local Seminars
- Inria Seminar: Cryptanalysis of a Theorem: Decomposing the Only Known Solution to the Big APN Problem. INRIA, Paris, France, June 2017.
- CCA: Rétro-ingénierie de boîtes-S. Séminaire Codage, Cryptologie, Algorithmes (CCA), Paris, France, July 2017. website
- Rolf Tarrach Award Ceremony: Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms. Luxembourg, July 2018. website; slides
- CRYPTO Seminar: Vector Spaces Search and its Applications in Boolean Functions. UVSQ, Versailles, France, November 2018.
- PhD Graduation Ceremony (uni.lu): Building Light but not Weak Protections for the IoT. University of Luxembourg, 2018. slides
- CARAMBA Seminar: S-Box Decomposition and Some Applications. CARAMBA team, Nancy, France, January 2019. slides
- Class at Rostock University: How to Analyse an S-box, and, in the Process, Prove the Russian Standardizing Agency Wrong. Rostock University, Rostock, Germany, June 2019. slides
- FIC 2020: Towards New International Cryptographic Standards: Designing and Breaking Cryptography, Lille, France, January 2020. slides
- GdT maths4covid19: On Bluetooth-based Contact-Tracing Smartphone Applications: Principles and Controversies, somewhere on the internet, June 2020. slides. Available on youtube, the slides are in English but I speak French.
- Versailles LWC Seminar: La cryptographie symétrique légère (et sa standardisation). Online seminar of the University of Versailles, December 2020. slides (fr).
- Versailles LWC Seminar: SPARKLE: une famille d'algorithmes scintillants. Online seminar of the University of Versailles, December 2020. slides (fr).
- Versailles Seminar: Arithmetization-Oriented Symmetric Cryptography: Why and How?. Seminar of the University of Versailles, October 2022. slides
5 Miscellaneous
- I have a qualification from 2018 to be maître de conférence in Section 27 (Computer Science).
- I rely on emacs a lot in my day-to-day work. In fact, I write this
page as an org document which is then exported to HTML. The CSS is
based on the excellent and easy to setup
ReadTheOrg
by Fabrice Niessen. It is on github. - My Erdos number is equal to 3.
5.1 Outreach
- If you are trying to explain cryptography to non-scientists, you may want to have a look at the material I contributed to while I was in Luxembourg (available on the cryptolux wiki).
- The slides of a talk I give online for "Parlons Math" during the first lockdown in spring 2020 are available here (fr).