The main focus of the POLSYS project is to solve systems of polynomial equations.

Our main objectives are:

**Fundamental Algorithms and Structured Systems.** The
objective is to propose fast exponential exact algorithms to
solve the problem of solving polynomial equations
and to identify large classes of structured polynomial systems which can be solved in polynomial time.

**Solving Systems over the Reals and Applications.** For
positive dimensional systems basic questions over the reals may be
very difficult (for instance testing the existence of solutions) but
also very useful in applications (e.g. global optimization problems).
We plan to propose efficient algorithms and implementations to address
the most important issues: computing sample points in the real
solution sets, decide if two such sample points can be path-connected
and, as a long term objective, perform quantifier elimination over the
reals (computing a quantifier-free formula which is equivalent to a
given quantified boolean formula of polynomial
equations/inequalities).

**Dedicated Algebraic Computation and Linear Algebra.** While
linear algebra is a key step in the computation of Gröbner bases,
the matrices generated by the algorithms

**Solving Systems in Finite Fields, Applications in
Cryptology and Algebraic Number Theory.** We propose to develop a
systematic use of *structured systems* in Algebraic
Cryptanalysis. We want to improve the efficiency and to predict the
theoretical complexity of such attacks. We plan to demonstrate the
power of algebraic techniques in new areas of cryptography such as
Algebraic Number Theory (typically, in curve based cryptography).

Mohab Safey El Din was invited speaker in the International Symposium on Symbolic and Algebraic Computation (ISSAC), held in Boston, June 26-29, 2013.

Polynomial system solving is a fundamental problem in Computer Algebra with many applications in cryptography, robotics, biology, error correcting codes, signal theory, .... Among all available methods for solving polynomial systems, computation of Gröbner bases remains one of the most powerful and versatile method since it can be applied in the continuous case (rational coefficients) as well as in the discrete case (finite fields). Gröbner bases is also a building blocks for higher level algorithms who compute real sample points in the solution set of polynomial systems, decide connectivity queries and quantifier elimination over the reals. The major challenge facing the designer or the user of such algorithms is the intrinsic exponential behaviour of the complexity for computing Gröbner bases. The current proposal is an attempt to tackle these issues in a number of different ways: improve the efficiency of the fundamental algorithms (even when the complexity is exponential), develop high performance implementation exploiting parallel computers, and investigate new classes of structured algebraic problems where the complexity drops to polynomial time.

Efficient algorithms *A
new efficient algorithm for computing Gröbner bases without reduction
to zero (F5).* In Proceedings of ISSAC '02, pages 75-83, New York, NY,
USA, 2002. ACM.

*(i)* developing dedicated
linear algebra routines performing the Gaussian elimination steps:
this is precisely the objective 2 described below;

*(ii)*
generating smaller or simpler matrices to which we will apply Gaussian
elimination.

We describe here our goals for the latter
problem. First, we focus on algorithms for computing a Gröbner basis
of *general polynomial systems*. Next, we present our goals on
the development of dedicated algorithms for computing Gröbner bases
of *structured polynomial systems* which arise in various
applications.

**Algorithms for general systems.** Several
degrees of freedom are available to the designer of a Gröbner basis
algorithm to generate the matrices occurring during the
computation. For instance, it would be desirable to obtain matrices
which would be almost triangular or very sparse. Such a goal can be
achieved by considering various interpretations of the

**Algorithms dedicated to ****structured****
polynomial systems.** A complementary approach is to exploit the
structure of the input polynomials to design specific algorithms. Very
often, problems coming from applications are not random but are
highly structured. The specific nature of these systems may vary a
lot: some polynomial systems can be sparse (when the number of terms
in each equation is low), overdetermined (the number of the equations
is larger than the number of variables), invariants by the action of
some finite groups, multi-linear (each equation is linear w.r.t. to
one block of variables) or more generally multihomogeneous. In each
case, the ultimate goal is to identify large classes of problems whose theoretical/practical complexity drops and to propose in each case
dedicated algorithms.

We will develop algorithms for solving polynomial systems over complex/real numbers. Again, the goal is to extend significantly the range of reachable applications using algebraic techniques based on Gröbner bases and dedicated linear algebra routines. Targeted application domains are global optimization problems, stability of dynamical systems (e.g. arising in biology or in control theory) and theorem proving in computational geometry.

The following functionalities shall be requested by the end-users:

*(i)* deciding the emptiness of the real solution set of systems
of polynomial equations and inequalities,

*(ii)* quantifier
elimination over the reals or complex numbers,

*(iii)* answering
connectivity queries for such real solution sets.

We will focus on these functionalities.

We will develop algorithms based on the so-called critical point
method to tackle systems of equations and inequalities
(problem *(i)*) . These techniques are based on solving
0-dimensional polynomial systems encoding "critical points" which are
defined by the vanishing of minors of jacobian matrices (with
polynomial entries). Since these systems are highly structured, the
expected results of Objective 1 and 2 may allow us to obtain dramatic
improvements in the computation of Gröbner bases of such polynomial
systems. This will be the foundation of practically fast
implementations (based on singly exponential algorithms) outperforming
the current ones based on the historical Cylindrical Algebraic
Decomposition (CAD) algorithm (whose complexity is doubly exponential
in the number of variables). We will also develop algorithms and
implementations that allow us to analyze, at least locally, the
topology of solution sets in some specific situations. A
long-term goal is obviously to obtain an analysis of the global
topology.

Here, the primary objective is to focus on *dedicated* algorithms
and software for the linear algebra steps in Gröbner bases
computations and for problems arising in Number Theory. As explained
above, linear algebra is a key step in the process of computing
efficiently Gröbner bases. It is then natural to develop specific
linear algebra algorithms and implementations to further strengthen
the existing software. Conversely, Gröbner bases computation is
often a key ingredient in higher level algorithms from Algebraic
Number Theory. In theses cases, the algebraic problems are very
particular and specific. Hence dedicated Gröbner bases algorithms
and implementations would provide a better efficiency.

**Dedicated linear algebra tools.**FGb is
an efficient library for Gröbner bases computations which can be used,
for instance, via Maple. However, the library is sequential. A
goal of the project is to extend its efficiency to new trend parallel
architectures such as clusters of multi-processor systems in order to
tackle a broader class of problems for several applications.
Consequently, our first aim is to provide a durable, long term
software solution, which will be the successor of the existing FGb library. To achieve this goal, we will first develop a high
performance linear algebra package (under the LGPL license). This
could be organized in the form of a collaborative project between the
members of the team. The objective is not to develop a general
library similar to the Linbox project but to propose a dedicated
linear algebra package taking into account the specific properties of
the matrices generated by the Gröbner bases algorithms. Indeed these
matrices are sparse (the actual sparsity depends strongly on the
application), almost block triangular and not necessarily of full
rank. Moreover, most of the pivots are known at the beginning of the
computation. In practice, such matrices are huge (more than

Fast linear algebra packages would also benefit to the transformation of a Gröbner basis of a zero–dimensional ideal with respect to a given monomial ordering into a Gröbner basis with respect to another ordering. In the generic case at least, the change of ordering is equivalent to the computation of the minimal polynomial of a so-called multiplication matrix. By taking into account the sparsity of this matrix, the computation of the Gröbner basis can be done more efficiently using variant of the Wiedemann algorithm. Hence, our goal is also to obtain a dedicated high performance library for transforming (i.e. change ordering) Gröbner bases.

**Dedicated algebraic tools for Algebraic Number
Theory.** Recent results in Algebraic Number Theory tend to show that
the computation of Gröbner bases is a key step toward the resolution
of difficult problems in this
domain *Index calculus for abelian
varieties of small dimension and the elliptic curve discrete logarithm
problem*, Journal of Symbolic Computation 44,12 (2009)
pp. 1690-1702

Here, we focus on solving polynomial systems over finite fields
(i.e. the discrete case) and the corresponding applications
(Cryptology, Error Correcting Codes, ...). Obviously this
objective can be seen as an application of the results of the two
previous objectives. However, we would like to emphasize that it is
also the source of new theoretical problems and practical challenges.
We propose to develop a systematic use of *structured systems* in
*algebraic cryptanalysis*.

*(i)* So far, breaking a cryptosystem using algebraic
techniques could be summarized as modeling the problem by algebraic
equations and then computing a, usually, time consuming Gröbner
basis. A new trend in this field is to require a theoretical
complexity analysis. This is needed to explain the behavior of the
attack but also to help the designers of new cryptosystems to propose
actual secure parameters.

*(ii)* To assess the security of
several cryptosystems in symmetric cryptography (block ciphers, hash
functions, ...), a major difficulty is the size of the systems
involved for this type of attack. More specifically, the bottleneck
is the size of the linear algebra problems generated during a Gröbner basis
computation.

We propose to develop a
systematic use of *structured systems* in *algebraic
cryptanalysis*.

The first objective is to build on the recent breakthrough in
attacking McEliece's cryptosystem: it is the first structural
weakness observed on one of the oldest public key cryptosystem. We
plan to develop a well founded framework for assessing the security of
public key cryptosystems based on coding theory from the algebraic
cryptanalysis point of view. The answer to this issue is strongly
related to the complexity of solving bihomogeneous systems (of
bidegree

Dedicated tools for linear algebra problems generated during the Gröbner basis computation will be used in algebraic cryptanalysis. The promise of considerable algebraic computing power beyond the capability of any standard computer algebra system will enable us to attack various cryptosystems or at least to propose accurate secure parameters for several important cryptosystems. Dedicated linear tools are thus needed to tackle these problems. From a theoretical perspective, we plan to further improve the theoretical complexity of the hybrid method and to investigate the problem of solving polynomial systems with noise, i.e. some equations of the system are incorrect. The hybrid method is a specific method for solving polynomial systems over finite fields. The idea is to mix exhaustive search and Gröbner basis computation to take advantage of the over-determinacy of the resulting systems.

Polynomial system with noise is currently emerging as a problem of major interest in cryptography. This problem is a key to further develop new applications of algebraic techniques; typically in side-channel and statistical attacks. We also emphasize that recently a connection has been established between several classical lattice problems (such as the Shortest Vector Problem), polynomial system solving and polynomial systems with noise. The main issue is that there is no sound algorithmic and theoretical framework for solving polynomial systems with noise. The development of such framework is a long-term objective.

We propose to develop a systematic use of structured systems in Algebraic Cryptanalysis. We want to improve the efficiency and to predict the theoretical complexity of such attacks. We plan to demonstrate the power of algebraic techniques in new areas of cryptography such as Algebraic Number Theory (typically, in curve based cryptography).

Solving polynomial systems over the reals arise as a critical issue in wide range of problems coming from engineering sciences (biology, physics, control theory, etc.). We will focus on developing general enough software that may impact on these domains with a particular focus on control theory

FGb is a powerful software for computing Groebner bases.It includes the new generation of algorihms for computing Gröbner bases polynomial systems (mainly the F4, F5 and FGLM algorithms). It is implemented in C/C++ (approximately 250000 lines), standalone servers are available on demand. Since 2006, FGb is dynamically linked with Maple software (version 11 and higher) and is part of the official distribution of this software.

See also the web page http://

ACM: I.1.2 Algebraic algorithms

Programming language: C/C++

RAGLib is a Maple library for solving over the reals polynomial systems and computing sample points in semi-algebraic sets.

Epsilon is a library of functions implemented in Maple and Java for polynomial elimination and decomposition with (geometric) applications.

Let

Let

We provide some experimental results based on generic systems as well as systems arising from a cryptography problem. They show that taking advantage of the quasi-homogeneous structure of the systems allow us to solve systems that were out of reach otherwise.

Ritt-Wu's algorithm of characteristic sets is the most representative for triangularizing sets of multivariate polynomials. Pseudo-division is the main operation used in this algorithm. In we present a new algorithmic scheme for computing generalized characteristic sets by introducing other admissible reductions than pseudo-division. A concrete subalgorithm is designed to triangularize polynomial sets using selected admissible reductions and several effective elimination strategies and to replace the algorithm of basic sets (used in Ritt-Wu's algorithm). The proposed algorithm has been implemented and experimental results show that it performs better than Ritt-Wu's algorithm in terms of computing time and simplicity of output for a number of non-trivial test examples

Consider a

Antipodally symmetric spherical functions play a pivotal role in diffusion MRI in representing sub-voxel-resolution microstructural information of the underlying tissue. This information is described by the geometry of the spherical function. In we propose a method to automatically compute all the extrema of a spherical function. We then classify the extrema as maxima, minima and saddle-points to identify the maxima. We take advantage of the fact that a spherical function can be described equivalently in the spherical harmonic (SH) basis, in the symmetric tensor (ST) basis constrained to the sphere, and in the homogeneous polynomial (HP) basis constrained to the sphere. We extract the extrema of the spherical function by computing the stationary points of its constrained HP representation. Instead of using traditional optimization approaches, which are inherently local and require exhaustive search or re-initializations to locate multiple extrema, we use a novel polynomial system solver which analytically brackets all the extrema and refines them numerically, thus missing none and achieving high precision. To illustrate our approach we consider the Orientation Distribution Function (ODF). In diffusion MRI the ODF is a spherical function which represents a state-of-the-art reconstruction algorithm whose maxima are aligned with the dominant fiber bundles. It is, therefore, vital to correctly compute these maxima to detect the fiber bundle directions. To demonstrate the potential of the proposed polynomial approach we compute the extrema of the ODF to extract all its maxima. This polynomial approach is, however, not dependent on the ODF and the framework presented in this line of work can be applied to any spherical function described in either the SH basis, ST basis or the HP basis.

A fundamental problem in computer science is to find all the common
zeroes of

In 2004, an algorithm is introduced to solve the DLP for elliptic
curves defined over a non prime finite field

The Goppa Code Distinguishing (GD) problem consists in distinguishing the matrix of a Goppa code from a random matrix. The hardness of this problem is an assumption to prove the security of code-based cryptographic primitives such as McEliece's cryptosystem. Up to now, it is widely believed that the GD problem is a hard decision problem. We present in the first method allowing to distinguish alternant and Goppa codes over any field. Our technique can solve the GD problem in polynomial-time provided that the codes have sufficiently large rates. The key ingredient is an algebraic characterization of the key-recovery problem. The idea is to consider the rank of a linear system which is obtained by linearizing a particular polynomial system describing a key-recovery attack. Experimentally it appears that this dimension depends on the type of code. Explicit formulas derived from extensive experimentations for the rank are provided for "generic" random, alternant, and Goppa codes over any alphabet. Finally, we give theoretical explanations of these formulas in the case of random codes, alternant codes over any field of characteristic two and binary Goppa codes.

We investigate in this paper the security of HFE and Multi-HFE schemes as well as their minus and embedding variants. Multi-HFE is a generalization of the well-known HFE schemes. The idea is to use a multivariate quadratic system instead of a univariate polynomial in HFE over an extension field as a private key. According to the authors, this should make the classical direct algebraic (message-recovery) attack proposed by Faugère and Joux on HFE no longer efficient against Multi-HFE. We consider here the hardness of the key-recovery in Multi-HFE and its variants, but also in HFE (both for odd and even characteristic). We first improve and generalize the basic key recovery proposed by Kipnis and Shamir on HFE. To do so, we express this attack as matrix/vector operations. In one hand, this permits to improve the basic Kipnis-Shamir (KS) attack on HFE. On the other hand, this allows to generalize the attack on Multi-HFE. Due to its structure, we prove that a Multi-HFE scheme has much more equivalent keys than a basic HFE. This induces a structural weakness which can be exploited to adapt the KS attack against classical modifiers of multivariate schemes such as minus and embedding. Along the way, we discovered that the KS attack as initially described cannot be applied against HFE in characteristic 2. We have then strongly revised KS in characteristic 2 to make it work. In all cases, the cost of our attacks is related to the complexity of solving MinRank. Thanks to recent complexity results on this problem, we prove that our attack is polynomial in the degree of the extension field for all possible practical settings used in HFE and Multi-HFE. This makes then Multi-HFE less secure than basic HFE for equally-sized keys. As a proof of concept, we have been able to practically break the most conservative proposed parameters of multi-HFE in few days (256 bits security broken in 9 days).

Guruswami and Sudan designed a
polynomial-time list-decoding algorithm. Their method divides into two
steps. First it computes a polynomial

The Guruswami and Sudan algorithm has been adapted to other families
of codes such as algebraic-geometric codes and alternant codes over
fields. Extensions over certain types of finite
rings have further been studied for Reed-Solomon codes, for alternant codes,
and for algebraic-geometric codes. In all these cases, the two main
steps of the Guruswami and Sudan algorithm are roughly preserved, but
to the best of our knowledge, the second step has never been studied
into deep details from the complexity point of view. In , we
investigate root-finding for polynomials over *Galois rings*,
which are often used within these error correcting codes, and that are
defined as non-ramified extension of

Oberthur Technologies

Oberthur Technologies is the World second largest provider of security and identification solutions and services based on smart card technologies for mobile, payment, transport, digital TV and convergence markets. Since 2007, SALSA co-supervised 3 internships of first year master student on cryptology in smart-cards, and one internship of a 2nd year master student. The goal of this last internship was to study the feasibility of implementing multivariate schemes in constrained environments (typically a smart card). A new jointly supervised PhD thesis (PolSys/Oberthur) has start in march 2012.

Gemalto

Gemalto is an international IT security company providing software applications, secure personal devices such as smart cards and token, etc.Governments, wireless operators, banks, and enterprises use Gemalto’s software and personal devices to deliver mobile services, payment security, authenticated cloud access, identity and privacy protection, eHealthcare, eGovernment, transport ticketing and machine to machine (M2M) communications applications.

**ANR Jeunes Chercheurs CAC Computer Algebra and Cryptography (2009-2013).** The contract CAC “Computer Algebra and Cryptography started in October 2009 for a period of 4 years. This project investigates the areas of cryptography and computer algebra, and their influence on the security
and integrity of digital data. In CAC, we plan to use basic tools of computer algebra to evaluate the security
of cryptographic schemes. CAC will focus on three new challenging applications of algebraic techniques
in cryptography; namely block ciphers, hash functions, and factorization with known bits. To this hand, we
will use Gröbner bases techniques but also lattice tools. In this proposal, we will explore non-conventional
approaches in the algebraic cryptanalysis of these problems (Participants: L. Perret [contact], J.-C. Faugère, G. Renault).

**ANR Grant (international program) EXACTA (2010-2013): Exact/Certified Algorithms with Algebraic Systems.**

The main objective of this project is to study and compute the solutions of nonlinear algebraic systems and their structures and properties with selected target applications using exact or certified computation. The project consists of one main task of basic research on the design and implementation of fundamental algorithms and four tasks of applied research on computational geometry, algebraic cryptanalysis, global optimization, and algebraic biology. It will last for three years (2010-2013) with 300 person-months of workforce. Its consortium is composed of strong research teams from France and China (KLMM, SKLOIS, and LMIB) in the area of solving algebraic systems with applications.

**ANR Grant HPAC: High Performance Algebraic Computing (2012-2016).**
The pervasive ubiquity of parallel architectures and memory hierarchy has led to a new quest for parallel
mathematical algorithms and software capable of exploiting the various levels of parallelism: from hardware
acceleration technologies (multi-core and multi-processor system on chip, GPGPU, FPGA) to cluster and
global computing platforms. For giving a greater scope to symbolic and algebraic computing, beyond the
optimization of the application itself, the effective use of a large number of resources (memory and specialized
computing units) is expected to enhance the performance multi-criteria objectives: time, resource usage,
reliability, even energy consumption. The design and the implementation of mathematical algorithms with
provable, adaptive and sustainable performance is a major challenge. In this context, this project
is devoted to fundamental and practical research speciﬁcally in exact linear algebra and system solving that are two essential
"dwarfs" (or "killer kernels") in scientiﬁc and algebraic computing. The project should lead to progress in
matrix algorithms and challenge solving in cryptology, and should provide new insights into high performance
programming and library design problems (J.-C. Faugère [contact], L. Perret, G. Renault, M. Safey El Din).

**ANR Grant GeoLMI: Geometry of Linear Matrix Inequalities
(2011-2015).** he GeoLMI project aims at developing an algebraic
and geometric study of linear matrix inequalities (LMI) for systems
control theory. It is an interdisciplinary project at the border
between information sciences (systems control), pure mathematics
(algebraic geometry) and applied mathematics (optimisation). The
project focuses on the geometry of determinantal varieties, on
decision problems involving positive polynomials, on computational
algorithms for algebraic geometry, on computational algorithms for
semi-deﬁnite programming, and on applications of algebraic geometry
techniques in systems control theory, namely for robust control of
linear systems and polynomial optimal control (Participants:
J.-C. Faugère, M. Safey El Din [contact], E. Tsigaridas).

Type: PEOPLE

Defi:

Instrument: Career Integration Grant

Objectif: NC

Duration: May 2013 - April 2017

Coordinator: Jean-Charles Faugère

Partner: Institut National de Recherche en Informatique et en Automatique (Inria), France

Inria contact: Elias Tsigaridas

Abstract: The project Algebraic Algorithms and Applications (A3) is an interdisciplinary and multidisciplinary project, with strong international synergy. It consists of four work packages The first (Algebraic Algorithms) focuses on fundamental problems of computational (real) algebraic geometry: effective zero bounds, that is estimations for the minimum distance of the roots of a polynomial system from zero, algorithms for solving polynomials and polynomial systems, derivation of non-asymptotic bounds for basic algorithms of real algebraic geometry and application of polynomial system solving techniques in optimization. We propose a novel approach that exploits structure and symmetry, combinatorial properties of high dimensional polytopes and tools from mathematical physics. Despite the great potential of the modern tools from algebraic algorithms, their use requires a combined effort to transfer this technology to specific problems. In the second package (Stochastic Games) we aim to derive optimal algorithms for computing the values of stochastic games, using techniques from real algebraic geometry, and to introduce a whole new arsenal of algebraic tools to computational game theory. The third work package (Non-linear Computational Geometry), we focus on exact computations with implicitly defined plane and space curves. These are challenging problems that commonly arise in geometric modeling and computer aided design, but they also have applications in polynomial optimization. The final work package (Efficient Implementations) describes our plans for complete, robust and efficient implementations of algebraic algorithms.

The POLSYS Team and ARIC at ENS Lyon are part of the QOLAPS (Quantifier Elimination, Optimization, Linear Algebra and Polynomial Systems) Associate Team with the Symbolic Computation Group at North Carolina State University. Activities of this associate team are described at the following url:

http://

Crypto team at Royal Holloway, University of London, UK.

Prof. Victor Y. Pan, Department of Mathematics and Computer Science Lehman College, City University of New York, USA.

The POLSYS Team is involved in the ECCA (Exact Certified Computation with Algebraic Systems) at LIAMA in China.

Prof. K. Yokoyama (Japan) visited the POLSYS team during January 2013.

Prof. C. Yap (Courant Institute, New-York, USA) was an Inria invited professor and visited the POLSYS team during June and July 2013.

Prof. B. Sturmfels (Univ. Berkeley, USA) visited the POLSYS team during July 2013.

Prof. I. Bomze (Univ. of Vienna, Austria) visited the POLSYS team during October 2013.

Prof. J. Guttierez (Univ. Santander, Spain) visited the POLSYS team during November 2013.

Prof. J. Hauenstein (North Carolina State Univ., USA) visited the POLSYS team during November 2013.

J. Rohal (North Carolina State Univ., USA) visited the POLSYS team during November 2013.

T. Verron (Internship M2 and ENS Paris): Computation of Gröbner bases for quasi-homogeneous systems.

Our seminar hosted over twenty invited speakers in 2013.

L. Perret was a PC member of Inscrypt'13, PKC'13 and Eurocrypt'14. L. Perret joined the editorial board of Designs, Codes and Cryptography.

L. Perret was invited speaker in the workshop “Computer algebra and polynomials” held on November 25-29, 2013 at the Research Institute for Symbolic Computation, Linz, Austria.

M. Safey El Din was invited speaker at

the Polynomial Optimisation Program at Newton Institute in Cambridge (UK);

the conference “Numerical Methods and Efficient Computations” in honor of J.-P. Dedieu, CIRM, France, 2013.

the International Symposium on Symbolic and Algebraic Computation (ISSAC) .

C. Eder and E Tsigaridas were invited speakers in the workshop “Gröbner Bases, Resultants and Linear Algebra” held on 3-6 September 3-6, 2013 at the Research Institute for Symbolic Computation, Hagenberg, Austria.

G. Renault was invited speaker in the *Minisymposium On Coppersmith's Heuristic Algorithm for Finding Roots of Multivariate Polynomials*
in the *SIAM Conference on Applied Algebraic Geometry* at Colorado State University, USA (August 1–4, 2013)
(http://

M. Safey El Din co-organized (with P. Boito, G. Chèze and
C. Pernet) the *Journées Nationales de Calcul Formel* in CIRM,
France (May, 13-17, 2013) (http://

M. Safey El Din co-organized (with E. Kaltofen and L. Zhi) the *Minisymposium on Exact Certificates in Nonlinear Global
Optimization* in the *SIAM Conference on Applied Algebraic
Geometry* at Colorado State University, USA (August 1–4, 2013)
(http://

J.-C. Faugère was invited speaker in the *Computer algebra and
polynomials* International Workshop at Linz, Austria (Dec 2013).

J.-C. Faugère was invited speaker in the *Multivariate Polynomial
Workshop
* at Fukuoka, Japan (Fev 2013).

J.-C. Faugère was invited speaker in the *Groebner bases, resultants and linear algebra Workshop
* at Linz, Austria (Sep 2013).

M. Safey El Din and E. Tsigaridas organized the *Minisymposium Algorithms in Real Algebraic Geometry and its Applications*
in the *SIAM Conference on Applied Algebraic Geometry* at Colorado State University, USA (August 1–4, 2013)
(http://

M. Safey El Din is member of the editorial board of Journal of Symbolic Computation.

E. Tsigaridas (in collaboration with O. Devillers, M. Karavelas, M. Teillaud)
organized the *Workshop on Geometric Computing, Heraklion*, in Greece, January 21 – 25 2013
(http://

E. Tsigaridas participated in the *International Symposium on Symbolic and Algebraic Computation* (ISSAC)
which was held in June 26-29, 2013 at Northeastern University, Boston, Massachusetts, USA
and presented the paper .

C. Eder participated in the *International Symposium on Symbolic and Algebraic Computation* (ISSAC)
which was held in June 26-29, 2013 at Northeastern University, Boston, Massachusetts, USA
and presented the paper .

C. Eder was invited in University of Mississippi, Hattiesburg Mississippi (USA) on 25 June 2013 and gave a talk on
*Improved Gröbner Basis computation with applications in cryptography*.

J.-C. Faugère has the following editorial activities:

Associate Editor of Cryptography and Communications - Discrete Structures, Boolean Functions and Sequences (SPRINGER).

Guest Editor of a special issue of the Journal Of Symbolic Computation (2013) (with L. Perret).

D. Wang has the following editorial activities:

Editor-in-Chief and Managing Editor for the journal

Mathematics in Computer Science (published by Birkhäuser/Springer, Basel).

Executive Associate Editor-in-Chief for the journal

SCIENCE CHINA Information Sciences (published by Science China Press, Beijing and Springer, Berlin).

Member of the Editorial Boards for the

Journal of Symbolic Computation (published by Academic Press/Elsevier, London),

Frontiers of Computer Science (published by Higher Education Press, Beijing and Springer, Berlin),

Texts and Monographs in Symbolic Computation (published by Springer, Wien New York),

Book Series on Mathematics Mechanization (published by Science Press, Beijing),

Book Series on Fundamentals of Information Science and Technology (published by Science Press, Beijing).

Member of the International Advisory Board for the Communications of JSSAC (Japan Society for Symbolic and Algebraic Computation) (published by JSSAC).

Editor for the Book Series in Computational Science (published by Tsinghua University Press, Beijing).

D. Wang was involved in the organization of the following conferences

General Co-chair of the

5th International Conference on Mathematical Aspects of Computer and Information Sciences (MACIS 2013) (Nanning, China, December 11-13, 2013).

Member of the Program Committee

2nd International Workshop on Hybrid Systems and Biology (HSB 2013) (Taormina, Italy, September 2, 2013),

15th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC 2013) (Timisoara, Romania, September 23-26, 2013).

Co-organizer and Program Co-chair

Second International Seminar on Program Verification, Automated Debugging and Symbolic Computation (PAS 2013) (Beijing, China, October 23-25, 2013).

Member of the Steering Committee

International Conference on Mathematical Aspects of Computer and Information Sciences (MACIS)

International Symposium on Symbolic Computation in Software Science (SCSS).

Master : J.-C. Faugère. Cours sur les systemes polynomiaux au MPRI Université Paris 7 Denis Diderot, France

Master : J. Berthomieu, Modélisation et résolutions numérique et
symbolique de problèmes *via* les logiciels Maple et
MATLAB, 35 heures équivalent TD, niveau M1,
Université Pierre-et-Marie-Curie, France

Master : J. Berthomieu, Algèbre linéaire et applications, 35 heures équivalent TD, niveau M1, Université Pierre-et-Marie-Curie, France

Master : L. Perret, 96 heures équivalent TD, niveau M1 et M2, Université Pierre-et-Marie-Curie, France

Master : L. Perret, 96 heures équivalent TD, niveau L2 et M3, Université Pierre-et-Marie-Curie, France.

Master : G. Renault, Cryptologie Avancée, 50 heures équivalent TD, niveau M2, Université Pierre-et-Marie-Curie, France

Master : G. Renault, Algèbre linéaire et applications, 35 heures équivalent TD, niveau M1, Université Pierre-et-Marie-Curie, France

Licence : G. Renault, Introduction à la Cryptologie, 50 heures équivalent TD, niveau L3, Université Pierre-et-Marie-Curie, France

Master : M. Safey El Din, Modélisation et résolutions numérique et
symbolique de problèmes *via* les logiciels Maple et
MATLAB, 35 heures équivalent TD, niveau M1,
Université Pierre-et-Marie-Curie, France

PhD : Aurélien Greuet, 5 Dec 2013, .
*Optimisation polynomiale et variétés polaires : theéorie, algorithmes et implantations.*
University of Versailles Saint-Quentin and Université Pierre et Marie Curie, France.
V. Cossart and M. Safey El Din.

PhD : Louise Huot, 13 Dec 2013.
*Résolution de systèmes polynomiaux et cryptologie sur les
courbes elliptiques.*
Université Pierre et Marie Curie, France.
J.-C. Faugère, P. Gaudry and G. Renault.

PhD : Jing Yang, 2013. Beihang University, China and North Carolina State University, USA. D. Wang and H. Hong.

PhD : Chenqi Mou, 2013. *Solving polynomial systems over finite fields*.
Beihang University, China and Université Pierre et Marie Curie, France.
J.-C. Faugère and D. Wang.

J.-C. Faugère and M. Safey El Din supervise the PhD thesis of T. Verron.

J.-C. Faugère and G. Renault supervise the PhD thesis of R. Zeitoun.

J.-C. Faugère and L. Perret supervise the PhD thesis of F. Portzamparc.

J.-C. Faugère supervises the PhD thesis of J. Svartz.

J.-C. Faugère supervises the PhD thesis of A. Wallet (jointly with V. Vitse, UJF, Grenoble).

M. Safey El Din supervises (jointly with D. Henrion, LAAS, Toulouse) the PhD thesis of S. Naldi.

M. Safey El Din was member of

the Habilitation Thesis Committee of S. Graillat (UPMC) as an examiner (Dec. 2013) ;

the PhD Thesis committee of A. Greuet (Univ. Versailles Saint-Quentin) as the PhD advisor (Dec. 2013) ;

the PhD Thesis committee of L. Huot (UPMC) as an examiner (Dec. 2013) ;

the PhD Thesis committee of C. Mou (UPMC and Beihang Univ.) as president (June 2013) ;

the PhD Thesis committee of J. Rohal (North Carolina State Univ., USA) as an external examiner (Aug. 2013).

J.-C. Faugère was member of

the PhD Thesis committee of L. Ducas (ENS Paris) as president ( 2013) ;

the PhD Thesis committee of S. Montan (UPMC) as president ( 2013) ;

the PhD Thesis committee of A. Greuet (Univ. Versailles Saint-Quentin) as examiner (Dec. 2013) ;

the PhD Thesis committee of C. Mou (UPMC and Beihang Univ.) as PhD advisor (June 2013) ;

the PhD Thesis committee of L. Huot (UPMC) as PhD advisor (Dec. 2013) ;

M. Safey El Din participated to the hiring committee for promotion to Associate Professor of the Academy of Mathematics and Systems Science in China.

G. Renault was member of

the PhD Thesis committee of J.-G. Kammerer (Univ. Rennes 1) as examiner (May 2013) ;

the PhD Thesis committee of L. Huot (UPMC) as PhD advisor (Dec. 2013).