<div dir="ltr"><div><div>Hi Aurore!</div><div><br></div><div>Such a pretty website, why no response? La terreur et la pierre de la <br></div><div>geurre? You probably couldn't care less what I think, but here for you: <br></div><div><br></div><div>When others finally understand more about curves, smart tabulations <br></div><div>such as yours will probably be viewed in a similar light to lists of integer <br></div><div>sequences on OEIS, so keep going and do branch out! <br></div><div><br></div><div>French academic professionalism is not an area where I excel</div><div>(ni la linguistique française), but I also have a few tabulations: <br></div><div><br></div><div><a href="https://pqdtopen.proquest.com/doc/2489352408.html?FMT=ABS">https://pqdtopen.proquest.com/doc/2489352408.html?FMT=ABS</a></div><div><br></div><div>My poor work isn't in the running for the Levchin Prize, but you may</div><div>be interested anyways... In the final draft, Edwards's addition rules <br></div><div>eventually contributed to proof of the alternate exact pendulum <br></div><div>solution in Chapter 2. Very sad to hear the news of H.E. passing <br></div><div>last year and disappointed to never have met him--known for "la <br></div><div>lumière de la vérité" and also language skills sanz supremacy.<br></div><div><br></div><div>Meanwhile, in the news, you will probably be happy to read about <br></div><div>Victor Miller (also a valuable contributor on [mathfun]):</div><div><br></div><div><a href="https://math.washington.edu/news/2021/02/22/neil-koblitz-co-recipient-2021-levchin-prize">https://math.washington.edu/news/2021/02/22/neil-koblitz-co-recipient-2021-levchin-prize</a></div><div><br></div><div>Unfortunately the prize cycle is always falling years behind the exploit <br></div><div>cycle, and given current madness, we can wonder what "success" will <br></div><div>look like five years from now? Sacrebleu!</div><div><br></div><div>As far as "teaching" goes, here's one of my targets right now: <br></div><div><br></div><div><a href="https://sha-mbles.github.io/">https://sha-mbles.github.io/</a></div><div><br></div><div>Scary that a "Pratyekabuddha GTX-Slinger" (sorry) could accomplish</div><div>a SHA-1 Chosen Prefix attack for L.T. 1 BTC. In the next version of the <br></div><div>crypto-capitalist university system, such a problem could presumably <br></div><div>be given out as homework. For now we would be happy with a lower</div><div>entry price point. So the problem is:<br></div><div><br></div><div>Design a weak hash function susceptible to prefix-collision in under an <br></div><div>hour of brute force searching, prove "Hello World" = "Goodbye World",</div><div>and claim the title "Evil Zen Master" that everyone is talking about.</div><div><br></div><div>The other, bigger question is whether or not SHA-2 could fall to a similar <br></div><div>attack, which relies on highly-incentivized crowd computing? I have asked</div><div>around, but experts are going silent and / or becoming "company interns"</div><div>(<span class="gmail-aCOpRe"><span>excusez moi à nouveau</span></span>).</div><div><br></div>I will look through your dissertation today, send questions or comments</div><div>if you want, or ideas about the toy hash function. <br></div><div dir="ltr"><br></div><div dir="ltr">Au revoir,</div><div dir="ltr"><br></div><div>--Brad</div><div><br></div><div><br></div><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Sep 16, 2020 at 2:08 AM Aurore Guillevic <<a href="mailto:aurore.guillevic@inria.fr">aurore.guillevic@inria.fr</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi,<br>
<br>
Following a discussion at the session cryptanalysis 2 at CRYPTO 2020<br>
online, I started a webpage on pairing-friendly curves, this is at<br>
<br>
<a href="https://members.loria.fr/AGuillevic/pairing-friendly-curves/" rel="noreferrer" target="_blank">https://members.loria.fr/AGuillevic/pairing-friendly-curves/</a><br>
<br>
Your comments are welcome.<br>
<br>
Best,<br>
<br>
Aurore Guillevic.<br>
<br>
<br>
-- <br>
Aurore Guillevic<br>
Chargée de recherche / Research scientist<br>
Équipe Caramba bureau B258<br>
Inria Nancy -- Grand Est<br>
615 rue du jardin botanique<br>
CS 20101<br>
54603 Villers-lès-Nancy Cedex France<br>
<a href="https://members.loria.fr/AGuillevic/" rel="noreferrer" target="_blank">https://members.loria.fr/AGuillevic/</a><br>
<br>
_______________________________________________<br>
Curves mailing list<br>
<a href="mailto:Curves@moderncrypto.org" target="_blank">Curves@moderncrypto.org</a><br>
<a href="https://moderncrypto.org/mailman/listinfo/curves" rel="noreferrer" target="_blank">https://moderncrypto.org/mailman/listinfo/curves</a><br>
</blockquote></div></div>