The PolSys is a common team betwen Inria, UPMC (LIP6 - Paris 6) and CNRS.

The main objective of the POLSYS project is to solve systems of polynomial equations. Our main objectives are:

**Fundamental Algorithms and Structured Systems.** The
objective is to propose fast exponential exact algorithms to
solve the problem of solving polynomial equations
and to identify large classes of structured polynomial systems which can be solved in polynomial time.

**Solving Systems over the Reals and Applications.** For
positive dimensional systems basic questions over the reals may be
very difficult (for instance testing the existence of solutions) but
also very useful in applications (e.g. global optimization problems).
We plan to propose efficient algorithms and implementations to address
the most important issues: computing sample points in the real
solution sets, decide if two such sample points can be path-connected
and, as a long term objective, perform quantifier elimination over the
reals (computing a quantifier-free formula which is equivalent to a
given quantified boolean formula of polynomial
equations/inequalities).

**Dedicated Algebraic Computation and Linear Algebra.** While
linear algebra is a key step in the computation of Gröbner bases,
the matrices generated by the algorithms

**Solving Systems in Finite Fields, Applications in
Cryptology and Algebraic Number Theory.** We propose to develop a
systematic use of *structured systems* in Algebraic
Cryptanalysis. We want to improve the efficiency and to predict the
theoretical complexity of such attacks. We plan to demonstrate the
power of algebraic techniques in new areas of cryptography such as
Algebraic Number Theory (typically, in curve based cryptography).

Polynomial system solving is a fundamental problem in Computer Algebra with many applications in cryptography, robotics, biology, error correcting codes, signal theory, .... Among all available methods for solving polynomial systems, computation of Gröbner bases remains one of the most powerful and versatile method since it can be applied in the continuous case (rational coefficients) as well as in the discrete case (finite fields). Gröbner bases is also a building blocks for higher level algorithms who compute real sample points in the solution set of polynomial systems, decide connectivity queries and quantifier elimination over the reals. The major challenge facing the designer or the user of such algorithms is the intrinsic exponential behaviour of the complexity for computing Gröbner bases. The current proposal is an attempt to tackle these issues in a number of different ways: improve the efficiency of the fundamental algorithms (even when the complexity is exponential), develop high performance implementation exploiting parallel computers, and investigate new classes of structured algebraic problems where the complexity drops to polynomial time.

Efficient algorithms *A
new efficient algorithm for computing Gröbner bases without reduction
to zero (F5).* In Proceedings of ISSAC '02, pages 75-83, New York, NY,
USA, 2002. ACM.

*(i)* developing dedicated
linear algebra routines performing the Gaussian elimination steps:
this is precisely the objective 2 described below;

*(ii)*
generating smaller or simpler matrices to which we will apply Gaussian
elimination.

We describe here our goals for the latter
problem. First, we focus on algorithms for computing a Gröbner basis
of *general polynomial systems*. Next, we present our goals on
the development of dedicated algorithms for computing Gröbner bases
of *structured polynomial systems* which arise in various
applications.

**Algorithms for general systems.** Several
degrees of freedom are available to the designer of a Gröbner basis
algorithm to generate the matrices occurring during the
computation. For instance, it would be desirable to obtain matrices
which would be almost triangular or very sparse. Such a goal can be
achieved by considering various interpretations of the

**Algorithms dedicated to ****structured****
polynomial systems.** A complementary approach is to exploit the
structure of the input polynomials to design specific algorithms. Very
often, problems coming from applications are not random but are
highly structured. The specific nature of these systems may vary a
lot: some polynomial systems can be sparse (when the number of terms
in each equation is low), overdetermined (the number of the equations
is larger than the number of variables), invariants by the action of
some finite groups, multi-linear (each equation is linear w.r.t. to
one block of variables) or more generally multihomogeneous. In each
case, the ultimate goal is to identify large classes of problems whose theoretical/practical complexity drops and to propose in each case
dedicated algorithms.

We will develop algorithms for solving polynomial systems over complex/real numbers. Again, the goal is to extend significantly the range of reachable applications using algebraic techniques based on Gröbner bases and dedicated linear algebra routines. Targeted application domains are global optimization problems, stability of dynamical systems (e.g. arising in biology or in control theory) and theorem proving in computational geometry.

The following functionalities shall be requested by the end-users:

*(i)* deciding the emptiness of the real solution set of systems
of polynomial equations and inequalities,

*(ii)* quantifier
elimination over the reals or complex numbers,

*(iii)* answering
connectivity queries for such real solution sets.

We will focus on these functionalities.

We will develop algorithms based on the so-called critical point
method to tackle systems of equations and inequalities
(problem *(i)*) . These techniques are based on solving
0-dimensional polynomial systems encoding "critical points" which are
defined by the vanishing of minors of jacobian matrices (with
polynomial entries). Since these systems are highly structured, the
expected results of Objective 1 and 2 may allow us to obtain dramatic
improvements in the computation of Gröbner bases of such polynomial
systems. This will be the foundation of practically fast
implementations (based on singly exponential algorithms) outperforming
the current ones based on the historical Cylindrical Algebraic
Decomposition (CAD) algorithm (whose complexity is doubly exponential
in the number of variables). We will also develop algorithms and
implementations that allow us to analyze, at least locally, the
topology of solution sets in some specific situations. A
long-term goal is obviously to obtain an analysis of the global
topology.

Here, the primary objective is to focus on *dedicated* algorithms
and software for the linear algebra steps in Gröbner bases
computations and for problems arising in Number Theory. As explained
above, linear algebra is a key step in the process of computing
efficiently Gröbner bases. It is then natural to develop specific
linear algebra algorithms and implementations to further strengthen
the existing software. Conversely, Gröbner bases computation is
often a key ingredient in higher level algorithms from Algebraic
Number Theory. In theses cases, the algebraic problems are very
particular and specific. Hence dedicated Gröbner bases algorithms
and implementations would provide a better efficiency.

**Dedicated linear algebra tools.**FGb is
an efficient library for Gröbner bases computations which can be used,
for instance, via Maple. However, the library is sequential. A
goal of the project is to extend its efficiency to new trend parallel
architectures such as clusters of multi-processor systems in order to
tackle a broader class of problems for several applications.
Consequently, our first aim is to provide a durable, long term
software solution, which will be the successor of the existing FGb library. To achieve this goal, we will first develop a high
performance linear algebra package (under the LGPL license). This
could be organized in the form of a collaborative project between the
members of the team. The objective is not to develop a general
library similar to the Linbox project but to propose a dedicated
linear algebra package taking into account the specific properties of
the matrices generated by the Gröbner bases algorithms. Indeed these
matrices are sparse (the actual sparsity depends strongly on the
application), almost block triangular and not necessarily of full
rank. Moreover, most of the pivots are known at the beginning of the
computation. In practice, such matrices are huge (more than

Fast linear algebra packages would also benefit to the transformation of a Gröbner basis of a zero–dimensional ideal with respect to a given monomial ordering into a Gröbner basis with respect to another ordering. In the generic case at least, the change of ordering is equivalent to the computation of the minimal polynomial of a so-called multiplication matrix. By taking into account the sparsity of this matrix, the computation of the Gröbner basis can be done more efficiently using variant of the Wiedemann algorithm. Hence, our goal is also to obtain a dedicated high performance library for transforming (i.e. change ordering) Gröbner bases.

**Dedicated algebraic tools for Algebraic Number
Theory.** Recent results in Algebraic Number Theory tend to show that
the computation of Gröbner bases is a key step toward the resolution
of difficult problems in this
domain *Index calculus for abelian
varieties of small dimension and the elliptic curve discrete logarithm
problem*, Journal of Symbolic Computation 44,12 (2009)
pp. 1690-1702

Here, we focus on solving polynomial systems over finite fields
(i.e. the discrete case) and the corresponding applications
(Cryptology, Error Correcting Codes, ...). Obviously this
objective can be seen as an application of the results of the two
previous objectives. However, we would like to emphasize that it is
also the source of new theoretical problems and practical challenges.
We propose to develop a systematic use of *structured systems* in
*algebraic cryptanalysis*.

*(i)* So far, breaking a cryptosystem using algebraic
techniques could be summarized as modeling the problem by algebraic
equations and then computing a, usually, time consuming Gröbner
basis. A new trend in this field is to require a theoretical
complexity analysis. This is needed to explain the behavior of the
attack but also to help the designers of new cryptosystems to propose
actual secure parameters.

*(ii)* To assess the security of
several cryptosystems in symmetric cryptography (block ciphers, hash
functions, ...), a major difficulty is the size of the systems
involved for this type of attack. More specifically, the bottleneck
is the size of the linear algebra problems generated during a Gröbner basis
computation.

We propose to develop a
systematic use of *structured systems* in *algebraic
cryptanalysis*.

The first objective is to build on the recent breakthrough in
attacking McEliece's cryptosystem: it is the first structural
weakness observed on one of the oldest public key cryptosystem. We
plan to develop a well founded framework for assessing the security of
public key cryptosystems based on coding theory from the algebraic
cryptanalysis point of view. The answer to this issue is strongly
related to the complexity of solving bihomogeneous systems (of
bidegree

Dedicated tools for linear algebra problems generated during the Gröbner basis computation will be used in algebraic cryptanalysis. The promise of considerable algebraic computing power beyond the capability of any standard computer algebra system will enable us to attack various cryptosystems or at least to propose accurate secure parameters for several important cryptosystems. Dedicated linear tools are thus needed to tackle these problems. From a theoretical perspective, we plan to further improve the theoretical complexity of the hybrid method and to investigate the problem of solving polynomial systems with noise, i.e. some equations of the system are incorrect. The hybrid method is a specific method for solving polynomial systems over finite fields. The idea is to mix exhaustive search and Gröbner basis computation to take advantage of the over-determinacy of the resulting systems.

Polynomial system with noise is currently emerging as a problem of major interest in cryptography. This problem is a key to further develop new applications of algebraic techniques; typically in side-channel and statistical attacks. We also emphasize that recently a connection has been established between several classical lattice problems (such as the Shortest Vector Problem), polynomial system solving and polynomial systems with noise. The main issue is that there is no sound algorithmic and theoretical framework for solving polynomial systems with noise. The development of such framework is a long-term objective.

We propose to develop a systematic use of *structured systems* in
Algebraic Cryptanalysis. We want to improve the efficiency and to
predict the theoretical complexity of such attacks. We plan to
demonstrate the power of algebraic techniques in new areas of
cryptography such as Algebraic Number Theory (typically, in curve
based cryptography).

Solving polynomial systems over the reals arise as a critical issue in wide range of problems coming from engineering sciences (biology, physics, control theory, etc.). We will focus on developing general enough software that may impact on these domains with a particular focus on control theory.

FGb is a powerful software for computing Groebner bases.It includes the new generation of algorihms for computing Gröbner bases polynomial systems (mainly the F4, F5 and FGLM algorithms). It is implemented in C/C++ (approximately 250000 lines), standalone servers are available on demand. Since 2006, FGb is dynamically linked with Maple software (version 11 and higher) and is part of the official distribution of this software.

See also the web page http://

ACM: I.1.2 Algebraic algorithms

Programming language: C/C++

RAGLib is a Maple library for computing sampling points in semi-algebraic sets.

Epsilon is a library of functions implemented in Maple and Java for polynomial elimination and decomposition with (geometric) applications.

A fundamental problem in computer science is to find all the common
zeroes of

The computation of Gröbner bases remains one of the most powerful methods for tackling the Polynomial System Solving (PoSSo) problem. The most efficient known algorithms reduce the Gröbner basis computation to Gaussian eliminations on several matrices. However, several degrees of freedom are available to generate these matrices. It is well known that the particular strategies used can drastically affect the efficiency of the computations. In this work, we investigate a recently-proposed strategy, the so-called “Mutant strategy”, on which a new family of algorithms is based (MXL, MXL2 and MXL3). By studying and describing the algorithms based on Gröbner basis concepts, we demonstrate in that the Mutant strategy can be understood to be equivalent to the classical Normal Selection Strategy currently used in Gröbner basis algorithms. Furthermore, we show that the “partial enlargement” technique can be understood as a strategy for restricting the number of S-polynomials considered in an iteration of the F4 Gröbner basis algorithm, while the new termination criterion used in MXL3 does not lead to termination at a lower degree than the classical Gebauer–Möller installation of Buchberger’s criteria. We claim that our results map all novel concepts from the MXL family of algorithms to their well-known Gröbner basis equivalents. Using previous results that had shown the relation between the original XL algorithm and F4, we conclude that the MXL family of algorithms can be fundamentally reduced to redundant variants of F4.

Arora & Ge recently showed that solving LWE can be reduced to solve a high-degree non-linear system of equations. They used a linearization to solve the systems. We investigate in the possibility of using Gröbner bases to improve Arora & Ge approach.

The Isomorphism of Polynomials (IP) is one of the most fundamental problems in multivariate public key cryptography (MPKC). In , we introduce a new framework to study the counting problem associated to IP. Namely, we present tools of finite geometry allowing to investigate the counting problem associated to IP. Precisely, we focus on enumerating or estimating the number of isomorphism equivalence classes of homogeneous quadratic polynomial systems. These problems are equivalent to finding the scale of the key space of a multivariate cryptosystem and the total number of different multivariate cryptographic schemes respectively, which might impact the security and the potential capability of MPKC. We also consider their applications in the analysis of a specific multivariate public key cryptosystem. Our results not only answer how many cryptographic schemes can be derived from monomials and how big the key space is for a fixed scheme, but also show that quite many HFE cryptosystems are equivalent to a Matsumoto-Imai scheme.

The Polynomial System Solving (PoSSo) problem is a fundamental
NP-Hard problem in computer algebra. Among others, PoSSo have
applications in area such as coding theory and cryptology.
Typically, the security of multivariate public-key schemes (MPKC)
such as the UOV cryptosystem of Kipnis, Shamir and Patarin is
directly related to the hardness of PoSSo over finite fields. The
goal of is to further understand the influence of
finite fields on the hardness of PoSSo. To this end, we consider
the so-called *hybrid approach*. This is a polynomial system
solving method dedicated to finite fields proposed by Bettale,
Faugère and Perret (Journal of Mathematical Cryptography, 2009).
The idea is to combine exhaustive search with Gröbner bases. The
efficiency of the hybrid approach is related to the choice of a
trade-off between the two methods. We propose here an improved
complexity analysis dedicated to quadratic systems. Whilst the
principle of the hybrid approach is simple, its careful analysis
leads to rather surprising and somehow unexpected results. We prove
that the optimal trade-off (i.e. number of variables to be fixed)
allowing to minimize the complexity is achieved by fixing a number
of variables proportional to the number of variables of the system
considered, denoted

In and (see also the PhD thesis of C. Goyet ), we present new cryptanalyses of symmetric and asymmetric cryptosystems (e.g. AES and ECDSA). These analyses share the same fundamental hypotheses that some information are provided to the attacker by some oracle. In a practical point of view, such an oracle can be represented as a partial side channel attack realized in a first step (e.g. SPA, Fault attacks). The second step of the attack uses algorithms from computer algebra (e.g. Gröbner basis computation, LLL) in order to retrieve the secret key.

A graph

Let

We consider the problem of computing critical points of the
restriction of a polynomial map to an algebraic variety. This is of
first importance since the global minimum of such a map is reached
at a critical point. Thus, these points appear naturally in
non-convex polynomial optimization which occurs in a wide range of
scientific applications (control theory, chemistry,
economics,etc.). Critical points also play a central role in recent
algorithms of effective real algebraic geometry. Experimentally, it
has been observed that Gröbner basis algorithms are efficient to
compute such points. Therefore, recent software based on the
so-called Critical Point Method are built on Gröbner bases
engines. Let

Oberthur Technologies is the World second largest provider of security and identification solutions and services based on smart card technologies for mobile, payment, transport, digital TV and convergence markets. Since 2007, SALSA co-supervised 3 internships of first year master student on cryptology in smart-cards, and one internship of a 2nd year master student. The goal of this last internship was to study the feasibility of implementing multivariate schemes in constrained environments (typically a smart card). A new jointly supervised PhD thesis (PolSys/Oberthur) has start in march 2012.

Gemalto is an international IT security company providing software applications, secure personal devices such as smart cards and token,

PolSys is currently working Gemalto – thanks to PhD grabt CIFRE – on the security analysis of code-based cryptosystems (participants J.-C. Faugère, L. Perret, F. Urvoy de Portzamparc).

**ANR Jeunes Chercheurs CAC Computer Algebra and Cryptography (2009-2013).** The contract CAC “Computer Algebra and Cryptography” started in October 2009 for a period of 4 years. This project investigates the areas of cryptography and computer algebra, and their inﬂuence on the security
and integrity of digital data. In CAC, we plan to use basic tools of computer algebra to evaluate the security
of cryptographic schemes. CAC will focus on three new challenging applications of algebraic techniques
in cryptography; namely block ciphers, hash functions, and factorization with known bits. To this hand, we
will use Gröbner bases techniques but also lattice tools. In this proposal, we will explore non-conventional
approaches in the algebraic cryptanalysis of these problems (Participants: L. Perret [contact], J.-C. Faugère, G. Renault).

**ANR Grant (international program) EXACTA (2010-2013): Exact/Certified Algorithms with Algebraic Systems.**

The main objective of this project is to study and compute the solutions of nonlinear algebraic systems and their structures and properties with selected target applications using exact or certiﬁed computation. The project consists of one main task of basic research on the design and implementation of fundamental algorithms and four tasks of applied research on computational geometry, algebraic cryptanalysis, global optimization, and algebraic biology. It will last for three years (2010–2013) with 300 person-months of workforce. Its consortium is composed of strong research teams from France and China (KLMM, SKLOIS, and LMIB) in the area of solving algebraic systems with applications.

**ANR Grant HPAC: High Performance Algebraic Computing (2012-2016).**
The pervasive ubiquity of parallel architectures and memory hierarchy has led to a new quest for parallel
mathematical algorithms and software capable of exploiting the various levels of parallelism: from hardware
acceleration technologies (multi-core and multi-processor system on chip, GPGPU, FPGA) to cluster and
global computing platforms. For giving a greater scope to symbolic and algebraic computing, beyond the
optimization of the application itself, the effective use of a large number of resources (memory and specialized
computing units) is expected to enhance the performance multi-criteria objectives: time, resource usage,
reliability, even energy consumption. The design and the implementation of mathematical algorithms with
provable, adaptive and sustainable performance is a major challenge. In this context, this project
is devoted to fundamental and practical research speciﬁcally in exact linear algebra and system solving that are two essential
"dwarfs" (or "killer kernels") in scientiﬁc and algebraic computing. The project should lead to progress in
matrix algorithms and challenge solving in cryptology, and should provide new insights into high performance
programming and library design problems (J.-C. Faugère [contact], L. Perret, G. Renault, M. Safey El Din).

**ANR Grant GeoLMI: Geometry of Linear Matrix Inequalities (2011-2015).**
he GeoLMI project aims at developing an algebraic and geometric study of linear matrix inequalities (LMI)
for systems control theory. It is an interdisciplinary project at the border between information sciences (systems
control), pure mathematics (algebraic geometry) and applied mathematics (optimisation). The project focuses
on the geometry of determinantal varieties, on decision problems involving positive polynomials, on computational algorithms for algebraic geometry, on computational algorithms for semi-deﬁnite programming, and on applications of algebraic geometry techniques in systems control theory, namely for robust control of linear
systems and polynomial optimal control (Participants: J.-C. Faugère, M. Safey El Din [contact]).

ECRYPT II - European Network of Excellence for Cryptology II is a 4 1/2 year network of excellence funded within the Information & Communication Technologies (ICT) Programme of the European Commission’s Seventh Framework Programme (FP7) under contract number ICT-2007-216676. It falls under the action line Secure, dependable and trusted infrastructures. ECRYPT II started on 1 August 2008. Its objective is to continue intensifying the collaboration of European researchers in information security. The ECRYPT II research roadmap is motivated by the changing environment and threat models in which cryptology is deployed, by the gradual erosion of the computational difﬁculty of the mathematical problems on which cryptology is based, and by the requirements of new applications and cryptographic implementations. Its main objective is to ensure a durable integration of European research in both academia and industry and to maintain and strengthen the European excellence in these areas. In order to reach this goal, 11 leading players have integrated their research capabilities within three virtual labs focusing on symmetric key algorithms (SymLab), public key algorithms and protocols (MAYA), and hardware and software implementations associate (VAMPIRE). They are joined by more than 20 adjoint members to the network who will closely collaborate with the core partners. The team joins the European Network of Excellence for Cryptology ECRYPT II this academic year as associate member (J.C. Faugère [contact], L. Perret, and G. Renault).

The POLSYS Team and ARIC at ENS Lyon are part of the QOLAPS (Quantifier Elimination, Optimization, Linear Algebra and Polynomial Systems) Associate Team with the Symbolic Computation Group at North Carolina State University.

The POLSYS Team is part of the ECCA (Exact/Certified Computations with Algebraic systems) project at LIAMA in Beijing; our Chinese collaborators are from Beihang University, Peking University, the Chinese Academy of Sciences (Key Laboratory of Mathematics Mechnanization and State Key Laboratory of Information Security).

We are also part of an International Royal Society Joint Project with the Crypto team Royal Holloway, University of London, UK (2010-2012). The Royal Society Joint Project Grant Programme is designed to enable international collaboration. The main goal of the project is to investigate the viability of a wide range of new algebraic techniques in the cryptanalysis of block ciphers, and potentially other symmetric cryptographic algorithms (such as hash functions).

As part of its collaboration with Guénaël Renault, the Professor Kazuhiro Yokoyama from Rikkyo University (Japan) visited the team during December 2012.

Erich Kaltofen (Professor at North Carolina State University) visited the group in June-July 2012 in the frame of the QOLAPS Associate Team.

Xiao-Shan Gao, Lihong Zhi, Jinsan Cheng (Chinese Academy of Sciences, KLMM) visited the group in July 2012 in the frame of the ECCA project and the ANR EXACTA project.

T. Verron (Internship M2 and ENS Paris): Computation of Gröbner bases for quasi-homogeneous systems.

F. Martani (Internship M2): Dedicated Linear Algebra for Gröbner Bases.

Elias Tsigaridas visited the Computer Science Department of Aarhus University, Denmark (28 May - 3 June) and gave a talk on random polynomials. He participated in ISSAC 2012 (July 22-25, 2012) in Grenoble, France and gave a talk on real solving polynomials with coefficients in multiple extension fields. He visited (23 Oct – 4 Noe) the Chinese Academy of Sciences, Beijing, China, as an invited speaker for the workshop Computational Geometry of the Asian Symposium on Computer Mathematics (ASCM), where he gave a talk on “Univariate Real Root Isolation in Extension Field and Applications to Topology of Curves”. During his stay in China, he was also invited to give a talk at Institute of Software of the State Key Lab of Computer Science, about random polynomials. He was invited at the Department of Applied Mathematics, Univ. of Crete, Greece (15 Jun – 2 Jul) and gave a talk at the department's seminar about random polynomials. He participated and gave a talk in 7th Athens Colloquium on Algorithms and Complexity (ACAC) in Athens, Greece (27–28 July) on solving polynomials with coefficients on an extension field. He participated in the conference Computer Algebra in Scientific Computing (CASC) that was held in September 3 - 6, at Maribor, Slovenia. He visited in the North Carolina State University, USA (15 – 20 Oct) where he gave a talk at the Department's Symbolic Computation seminar with title “Real algebraic geometry and stochastic games”. He participated in the Mathematics, Algorithms and Proofs 2012 (MAP) workshop of the GEOLMI ANR project (Univ. Konstanz, Germany, September 17 - September 21, 2012). Finally, he was invited to give a talk in the X-mas seminar of the ERGA lab of the Dept. of Informatics, Univ. of Athes, Greeece (27 December 2012) on real solving polynomials in the presence of logarithms.

J.C. Faugère was invited to give an invited talk in the international workshop on efficient linear algebra for Gröbner basis computation in Kaiserslautern. J.C. Faugère visited the Mathematics Department of the North Carolina State University and give a talk at the Computer Science Department of Duke University (USA). J.-C. Faugère, is member of the MEGA Advisory Board.

D. Wang is member of the editorial board of:

Editor-in-Chief and Managing Editor for the journal “Mathematics in Computer Science” (published by Birkhäuser/Springer, Basel).

Executive Associate Editor-in-Chief for the journal “SCIENCE CHINA Information Sciences” (published by Science China Press, Beijing and Springer, Berlin).

Member of the Editorial Boards for the

Journal of Symbolic Computation (published by Academic Press/Elsevier, London),

Frontiers of Computer Science in China (published by Higher Education Press, Beijing and Springer, Berlin),

Texts and Monographs in Symbolic Computation (published by Springer, Wien New York),

Book Series on Mathematics Mechanization (published by Science Press, Beijing),

Book Series on Fundamentals of Information Science and Technology (published by Science Press, Beijing).

Editor for the Book Series in Computational Science (published by Tsinghua University Press, Beijing).

L. Perret co-organized with C. Cid the Ecrypt II Summer School on Tools (Mykonos, Greece, 28 May - 1 June 2012 https://

J.-C Faugère, and G. Renault delivered an invited talk at the Ecrypt II Summer School on Tools (Mykonos, Greece, 28 May - 1 June 2012 https://

J.-C Faugère was the programm chair of third international conference on Symbolic Computation and Cryptography (SCC 2012) ( International Centre for Mathematical meetings (CIEM), Castro Urdiales, 11-13 July 2012, http://

L. Perret was in the programm comittee of SCC'12.

J.-C Faugère and L. Perret were in P.C. of the YACC'12 conference (September 24 – September 28, 2012, Porquerolles Island, France, http://

L. Perret was in the programm comittee of International Conference on Practice and Theory in Public-Key Cryptography (PKC'2013)
(Nara, Japan, February 26 - March 1, 2013, http://

J.-C Faugère and L. Perret are in the programm comittee of Symbolic Computations and Post-Quantum Cryptography Online Seminar
organised by the Stevens Institute (USA, http://

J.-C Faugère and L. Perret are guest editors of a Special issue of Journal of Symbolic Computation on “Mathematical and Computer Algebra Techniques in Cryptology" (in progress)

M. Safey El Din is member of the editorial board of Journal of Symbolic Computation. He was member of the Programm committee of CASC 2012. He visited the department of Computer Science at the Univ. of Western Ontario in February 2012 and Sept. 2012. With J.-C. Faugère, L. Perret and E. Tsigaridas, he visited the Symbolic Computation Group at North Carolina State University in October 2012. He was member of the National Council of Universities until Sept. 2012. Since Nov. 2012, he is the head of the Scientific Computing Department of LIP6. He has been nominated at the Institut Universitaire de France.

Master : Ludovic Perret, Introduction à la Sécurité, 140 heures équivalent TD, niveau M1, Univ. Pierre-et-Marie-Curie, France

Master : J. Berthomieu, Modeling and numerical and symbolical resolutions of problems via Maple and MATLAB systems, 14 heures équivalent TD, niveau M1, Univ. Pierre-et-Marie-Curie, France

Master : J. Berthomieu, Linear Algebra and Applications, 35 heures équivalent TD, niveau M1, Univ. Pierre-et-Marie-Curie, France

Master : Guénaël Renault, Algèbre Linéaire et Applications, 35 heures équivalent TD, niveau M1, Univ. Pierre-et-Marie-Curie, France

Master : Guénaël Renault, Cryptologie Appliquée, 70 heures équivalent TD, niveau M2, Univ. Pierre-et-Marie-Curie, France

Master : Guénaël Renault, co-head of the speciality on“Sécurité, Fiabilité et Performance Numérique” in the Computer Science Master Program, niveaux M1-M2, Univ. Pierre-et-Marie-Curie, France

Master : M. Safey El Din, Modeling and numerical and symbolical resolutions of problems via Maple and MATLAB systems, 21 heures équivalent TD, niveau M1, Univ. Pierre-et-Marie-Curie, France

Master : M. Safey El Din, Polynomial Systems, Computer Algebra and Applications, 17 heures équivalent TD, niveau M2, Master Parisien de Recherche en Informatique, France

PhD : Christopher Goyet, Cryptanalyse algébrique par canaux auxiliaires, Univ. Pierre-et-Marie-Curie, 7 novembre 2012, J.-C. Faugère, G. Renault

PhD : Pierre-Jean Spaenlehauer, Résolution de systèmes multi-homogènes et déterminantiels: algorithmes, complexités et applications, Univ. Pierre-et-Marie-Curie, 9 octobre 2012, J.-C. Faugère, M. Safey El Din

PhD in progress : Jules Svartz, Solving polynomial systems with symmetries, inscription octobre 2011, J.-C. Faugère

PhD in progress : Louise Huot, Étude des systèmes polynomiaux en cryptologie sur les courbes, Univ. Pierre-et-Marie-Curie, inscription octobre 2010, J.-C. Faugère, G. Renault

PhD in progress : Rina Zeitoun, Cryptologie sur cartes a puces et methodes algebriques, Univ. Pierre-et-Marie-Curie, inscription mars 2012, J.-C. Faugère, G. Renault

PhD in progress : Frederic Urvoy de Portzamparc, Cryptanalyse algébrique et étude de la sécurisation contre les attaques physiques des primitives fondées sur la théorie des codes, inscription février 2012, J.-C. Faugère, L. Perret

PhD in progress : Simone Naldi, Algorithmes de la géométrie algébrique réelle pour la théorie du contrôle, Univ. Paul Sabatier (Toulouse), inscription octobre 2012, D. Henrion, M. Safey El Din

J.-C. Faugère was member of 4 committees: 3 Prof. (UPMC, Montpellier, Rouen) and 1 MdC (UPMC).

J.-C. Faugère gives a talk at Dassault Systèmes on applications of Gröbner Bases to industrial problems.