Algorithmic number theory dates back to the dawn of mathematics itself, cf. Eratosthenes's sieve to enumerate consecutive prime numbers. With the arrival of computers, previously unsolvable problems have come into reach, which has boosted the development of more or less practical algorithms for essentially all number theoretic problems. The field is now mature enough for a more computer science driven approach, taking into account the theoretical complexities and practical running times of the algorithms.
Concerning the lower level multiprecision arithmetic, folklore has asserted for a long time that asymptotically fast algorithms such as Schönhage–Strassen multiplication are impractical; nowadays, however, they are used routinely. On a higher level, symbolic computation provides numerous asymptotically fast algorithms (such as for the simultaneous evaluation of a polynomial in many arguments or linear algebra on sparse matrices), which have only partially been exploited in computational number theory. Moreover, precise complexity analyses do not always exist, nor do sound studies to choose between different algorithms (an exponential algorithm may be preferable to a polynomial one for a large range of inputs); folklore cannot be trusted in a fast moving area such as computer science.
Another problem is the reliability of the computations; many number theoretic algorithms err with a small probability, depend on unknown constants or rely on a Riemann hypothesis. The correctness of their output can either be ensured by a special design of the algorithm itself (slowing it down) or by an a posteriori verification. Ideally, the algorithm outputs a certificate, providing an independent fast correctness proof. An example is integer factorisation, where factors are hard to obtain but trivial to check; primality proofs have initiated sophisticated generalisations.
One of the long term goals of the Lfant project team is to make an inventory of the major number theoretic algorithms, with an emphasis on algebraic number theory and arithmetic geometry, and to carry out complexity analyses. So far, most of these algorithms have been designed and tested over number fields of small degree and scale badly. A complexity analysis should naturally lead to improvements by identifying bottlenecks, systematically redesigning and incorporating modern asymptotically fast methods.
Reliability of the developed algorithms is a second long term goal of our project team. Short of proving the Riemann hypothesis, this could be achieved through the design of specialised, slower algorithms not relying on any unproven assumptions. We would prefer, however, to augment the fastest unproven algorithms with the creation of independently verifiable certificates. Ideally, it should not take longer to check the certificate than to generate it.
All theoretical results are complemented by concrete reference implementations in Pari/Gp, which allow to determine and tune the thresholds where the asymptotic complexity kicks in and help to evaluate practical performances on problem instances provided by the research community. Another important source for algorithmic problems treated by the Lfant project team is modern cryptology. Indeed, the security of all practically relevant public key cryptosystems relies on the difficulty of some number theoretic problem; on the other hand, implementing the systems and finding secure parameters require efficient algorithmic solutions to number theoretic problems.
Modern number theory has been introduced in the second half of the 19th
century by Dedekind, Kummer, Kronecker, Weber and others, motivated by
Fermat's conjecture: There is no non-trivial solution in integers to the
equation
The solution requires to augment the integers by algebraic
numbers, that are roots of polynomials in
Unfortunately, elements in
Using ideals introduces the additional difficulty of having to deal
with
One of the main concerns of algorithmic algebraic number theory is to
explicitly compute these invariants (
The analytic class number formula links the invariants
When
Algebraic curves over finite fields are used to build the currently
most competitive public key cryptosystems. Such a curve is given by
a bivariate equation
The cryptosystem is implemented in an associated finite
abelian group, the Jacobian
The size of the Jacobian group, the main security parameter of the
cryptosystem, is given by an
The security of the cryptosystem requires more precisely that the
discrete logarithm problem (DLP) be difficult in the underlying
group; that is, given elements
For any integer
For a random curve, the parameter
Complex multiplication provides a link between number fields and
algebraic curves; for a concise introduction in the elliptic curve case,
see Sect. 1.1, for more background material,
. In fact, for most curves
Algebraically,
Analytically, in the elliptic case
The same theory can be used to develop algorithms that, given an
arbitrary curve over a finite field, compute its
A generalisation is provided by ray class fields; these are still abelian, but allow for some well-controlled ramification. The tools for explicitly constructing such class fields are similar to those used for Hilbert class fields.
Aurel Page has been recruited as a Inria CR in the team.
Damien Robert organised a one-week workshop with the members of the associated team FAST with several African countries.
The book by Henri Cohen on Modular Forms: A Classical Approach has been published.
The paper describing Arb in the IEEE Transactions on Computers was selected as the best paper of this journal's Special Issue on Computer Arithmetic.
Another Pairing Implementation in PARI
Scientific Description: Apip , Another Pairing Implementation in PARI, is a library for computing standard and optimised variants of most cryptographic pairings.
The following pairings are available: Weil, Tate, ate and twisted ate, optimised versions (à la Vercauteren–Hess) of ate and twisted ate for selected curve families.
The following methods to compute the Miller part are implemented: standard Miller double-and-add method, standard Miller using a non-adjacent form, Boxall et al. version, Boxall et al. version using a non-adjacent form.
The final exponentiation part can be computed using one of the following variants: naive exponentiation, interleaved method, Avanzi–Mihailescu's method, Kato et al.'s method, Scott et al.'s method.
Part of the library has been included into Pari/Gp proper.
Functional Description: APIP is a library for computing standard and optimised variants of most cryptographic pairings.
Participant: Jérôme Milan
Contact: Jérôme Milan
URL: http://
Abelian Varieties and Isogenies
Functional Description: AVIsogenies is a Magma package for working with abelian varieties, with a particular emphasis on explicit isogeny computation.
Its prominent feature is the computation of (l,l)-isogenies between Jacobian varieties of genus-two hyperelliptic curves over finite fields of characteristic coprime to l, practical runs have used values of l in the hundreds.
It can also be used to compute endomorphism rings of abelian surfaces, and find complete addition laws on them.
Participants: Damien Robert, Gaëtan Bisson and Romain Cosset
Contact: Gaëtan Bisson
Keyword: Arithmetic
Functional Description: The Cm software implements the construction of ring class fields of imaginary quadratic number fields and of elliptic curves with complex multiplication via floating point approximations. It consists of libraries that can be called from within a C program and of executable command line applications.
Release Functional Description: Features - Precisions beyond 300000 bits are now supported by an addition chain of variable length for the -function. Dependencies - The minimal version number of Mpfr has been increased to 3.0.0, that of Mpc to 1.0.0 and that of Pari to 2.7.0.
Participant: Andreas Enge
Contact: Andreas Enge
Computation of Igusa Class Polynomials
Keywords: Mathematics - Cryptography - Number theory
Functional Description: Cmh computes Igusa class polynomials, parameterising two-dimensional abelian varieties (or, equivalently, Jacobians of hyperelliptic curves of genus 2) with given complex multiplication.
Participants: Andreas Enge, Emmanuel Thomé and Regis Dupont
Contact: Emmanuel Thomé
Functional Description: Cubic is a stand-alone program that prints out generating equations for cubic fields of either signature and bounded discriminant. It depends on the Pari library. The algorithm has quasi-linear time complexity in the size of the output.
Participant: Karim Belabas
Contact: Karim Belabas
URL: http://
Functional Description: Euclid is a program to compute the Euclidean minimum of a number field. It is the practical implementation of the algorithm described in [38] . Some corresponding tables built with the algorithm are also available. Euclid is a stand-alone program depending on the PARI library.
Participants: Jean-Paul Cerri and Pierre Lezowski
Contact: Pierre Lezowski
URL: http://
Functional Description: KleinianGroups is a Magma package that computes fundamental domains of arithmetic Kleinian groups.
Participant: Aurel Page
Contact: Aurel Page
URL: http://
Keyword: Arithmetic
Functional Description: Mpc is a C library for the arithmetic of complex numbers with arbitrarily high precision and correct rounding of the result. It is built upon and follows the same principles as Mpfr. The library is written by Andreas Enge, Philippe Théveny and Paul Zimmermann.
Release Functional Description: Fixed mpc_pow, see http://lists.gforge.inria.fr/pipermail/mpc-discuss/2014-October/001315.html - #18257: Switched to libtool 2.4.5.
Participants: Andreas Enge, Mickaël Gastineau, Paul Zimmermann and Philippe Théveny
Contact: Andreas Enge
Keyword: Arithmetic
Functional Description: Mpfrcx is a library for the arithmetic of univariate polynomials over arbitrary precision real (Mpfr ) or complex (Mpc ) numbers, without control on the rounding. For the time being, only the few functions needed to implement the floating point approach to complex multiplication are implemented. On the other hand, these comprise asymptotically fast multiplication routines such as Toom-Cook and the FFT.
Release Functional Description: - new function product_and_hecke - improved memory consumption for unbalanced FFT multiplications
Participant: Andreas Enge
Contact: Andreas Enge
Keyword: Computational number theory
Functional Description: Pari/Gp is a widely used computer algebra system designed for fast computations in number theory (factorisation, algebraic number theory, elliptic curves, modular forms ...), but it also contains a large number of other useful functions to compute with mathematical entities such as matrices, polynomials, power series, algebraic numbers, etc., and many transcendental functions.
Participants: Andreas Enge, Hamish Ivey-Law, Henri Cohen and Karim Belabas
Partner: CNRS
Contact: Karim Belabas
Pierre Lezowski has studied in , Euclidean properties of matrix algebras. He
proved that if
Jean-Paul Cerri and Pierre Lezowski have generalized in , Cerri's algorithm (for
the computation of the upper part of the norm-Euclidean spectrum of a
number field) to totally definite quaternion fields. This allowed them to
establish the exact value of the norm-Euclidean minimum of many orders in
totally definite quaternion fields over a quadratic number field. Before
this work, nobody knew how to compute the exact value of such a minimum
when the base number field has degree
In Lezowski determines which cyclic field of
degree
In G. Castagnos, L. Imbert, and F. Laguillaumie revisit a recent cryptographic primitive called encryption switching
protocols (ESP). This primitive was introduced by Couteau, Peters and Pointcheval last year. It allows to switch ciphertexts between two encryption
schemes. If such an ESP is built with two schemes that are
respectively additively and multiplicatively homomorphic, it
naturally gives rise to a secure 2-party computation protocol. It
is thus perfectly suited for evaluating functions, such as
multivariate polynomials, given as arithmetic circuits. Couteau et
al. built an ESP to switch between Elgamal and Paillier encryptions which do not naturally
fit well together. Consequently, they had to design a clever variant of
Elgamal over
In this work, Castagnos et. al. first present a conceptually simple generic
construction for encryption switching protocols. Then, they give an
efficient instantiation of our generic approach that uses two
well-suited protocols, namely a variant of Elgamal in
This paper was presented at the CRYPTO Conference 2017, and is part of the Alambic project.
The book by Henri Cohen on Modular Forms: A Classical Approach has been published. The theory of modular forms is a fundamental tool used in many areas of mathematics and physics. It is also a very concrete subject in itself and abounds with an amazing number of surprising identities. This comprehensive textbook, gives a complete picture of the classical aspects of the subject, with an emphasis on explicit formulas. Content include: elliptic functions and theta functions, the modular group, its subgroups, and general aspects of holomorphic and nonholomorphic modular forms, with an emphasis on explicit examples. The heart of the book is the classical theory developed by Hecke and continued up to the Atkin–Lehner–Li theory of newforms and including the theory of Eisenstein series, Rankin–Selberg theory, and a more general theory of theta series including the Weil representation. The final chapter also explores in some detail more general types of modular forms such as half-integral weight, Hilbert, Jacobi, Maass, and Siegel modular forms.
The article by Bill Allombert, Jean-Paul Allouche and Michel Mendès France on Euler's divergent series and an elementary model in Statistical Physics has been published in Statistical Physics Ars Mathematica Contemporanea. This article study the multiple integral of a multivariate exponential taken with respect either to the Lebesgue measure or to the discrete uniform Bernoulli measure. In the first case the integral is linked to Euler's everywhere divergent power series and its generalizations, while in the second case the integral is linked to a one-dimensional model of spin systems as encountered in physics.
Bill Allombert has worked with
Nicolas Brisebarre and Alain Lasjaunias on
a two-valued sequence and related continued fractions in power series fields.
They explicitly describe a noteworthy transcendental continued fraction in the field of power series over
In the Pari software, K. Belabas and H. Cohen have added an
extensive new package mf for modular forms. This package allows to
build spaces of classical modular form
In , E. Milio and D. Robert describe an algorithm
to evaluate in quasi-linear time Hilbert modular functions in
dimension 2, and also how to recover in time quasi-linear the period
matrix from the value of the function. They apply this theory to the
modular functions
In , Dudeanu, Alina and Jetchev, Dimitar and Robert, Damien and Vuille, Marius describe an algorithm to compute cyclic isogenies from their kernels. This extends the work of from isogenies with maximal isotropic kernels for the Weil pairing to cyclic isogenies, using real multiplication. Such isogenies are indispensable to fully explore the isogeny graph and will be able to speed up a lot of algorithms that needs isogenous curves, like the CRT method for class polynomials.
During the year, F. Johansson has released three new versions (2.10, 2.11 and 2.12) of the Arb software for arbitrary-precision ball arithmetic.
The paper describing Arb has been published in the IEEE Transactions on Computers and was selected as the best paper of this journal's Special Issue on Computer Arithmetic. As a result, a video presentation was featured on the journal's website and Johansson was invited to present the paper in a special session at the 24th IEEE Symposium on Computer Arithmetic (ARITH24) at Imperial College London, UK.
In , Johansson describes the first complete algorithm for computing the Lambert W function rigorously in complex ball arithmetic.
F. Johansson together with C. Fieker, W. Hart and T. Hofmann of TU Kaiserslautern have developed Nemo and Hecke, two packages for computer algebra and algebraic number theory using the Julia programming language. The paper describing Nemo and Hecke has been published in the proceedings of ISSAC, the main international computer algebra conference.
The paper describing the SymPy package for computer algebra in Python has been published. SymPy is a highly collaborative international project and F. Johansson is one of the 27 coauthors of this paper. Johansson's main contributions to the software include developing the mpmath package used for arbitrary-precision numerical evaluation. In addition, Johansson has issued the stable version 1.0 release of mpmath.
https://
The Alambic project is a research project formed by members of the Inria Project-Team CASCADE of ENS Paris, members of the AriC Inria project-team of ENS Lyon, and members of the CRYPTIS of the university of Limoges. G. Castagnos is an external member of the team of Lyon for this project.
Non-malleability is a security notion for public key cryptographic encryption schemes that ensures that it is infeasible for an adversary to modify ciphertexts into other ciphertexts of messages which are related to the decryption of the first ones. On the other hand, it has been realized that, in specific settings, malleability in cryptographic protocols can actually be a very useful feature. For example, the notion of homomorphic encryption allows specific types of computations to be carried out on ciphertexts and generate an encrypted result which, when decrypted, matches the result of operations performed on the plaintexts. The homomorphic property can be used to create secure voting systems, collision-resistant hash functions, private information retrieval schemes, and for fully homomorphic encryption enables widespread use of cloud computing by ensuring the confidentiality of processed data.
The aim of the Alambic project to investigate further theoretical and practical applications of malleability in cryptography. More precisely, this project focuses on three different aspects: secure computation outsourcing and server-aided cryptography, homomorphic encryption and applications and << paradoxical >> applications of malleability.
Title: OpenDreamKit
Program: H2020
Duration: January 2016 - December 2020
Coordinator: Nicolas Thiéry
Inria contact: Karim Belabas
Description
http://
OpenDreamKit is a Horizon 2020 European Research Infrastructure project (#676541) that will run for four years, starting from September 2015. It provides substantial funding to the open source computational mathematics ecosystem, and in particular popular tools such as LinBox, MPIR, SageMath, GAP, Pari/GP, LMFDB, Singular, MathHub, and the IPython/Jupyter interactive computing environment.
Title: (Harder Better) FAster STronger cryptography
International Partner
Université des Sciences et Techniques de Masuku (Gabon) - Tony Ezome and the PRMAIS project
Start year: 2017
The project aims to develop better algorithms for elliptic curve cryptography with prospect of the two challenges ahead: - securing the internet of things - preparing towards quantum computers.
Elliptic curves are currently the fastest public-key cryptosystem (with a key size that can fit on embeded devices) while still through a different mode of operation beeing (possibly) able to resist quantum based computers.
Activities for this year involved
the funding of Luca De Feo to speak at the EMA
“Mathématiques pour la Cryptographie Post-quantique et
Mathématiques pour le Traitement du Signal”,
organised by Djiby Sow and Abdoul Asiz Ciss organised an EMA
at the
École Polytechnique de Thiès (Sénégal) from May 10 to May 23,
about
“Cryptographie à base d'isogénies”;
the visit of Abdoulaye Maiga to the LFANT team where he worked
with Damien Robert to find absolute invariants of good reduction modulo 2
for abelian surfaces; and the organisation by
Damien Robert of a workshop in Bordeaux with most of the team
members from September 04 to September 08.
The slides or proceedings are available at
https://
The team is used to collaborate with Leiden University through the ALGANT program for PhD joint supervision.
Eduardo Friedman (U. of Chile), long term collaborator of K. Belabas and H. Cohen is a regular visitor in Bordeaux (about 1 month every year).
Researchers visiting the team to give a talk to the team seminar include Damien Stehlé (ENS Lyon), Cécile Pierrot (Centrum Wiskunde and Informatica, Amsterdam), Christophe Petit (Oxford), Benjamin Wesolowski (EPFL), Bernhard Schmidt (Nanyang Technological University, Singapore), Mohamadou Sall (Université Cheikh Anta Diop, Dakar, Sénégal), Emmanuel Fouotsa (The University of Bamenda, Cameroon), Abdoulaye Maiga (Université Cheikh Anta Diop, Dakar, Sénégal), Tony Ezome (Université des Sciences et Techniques de Masuku (USTM), Franceville, Gabon), Abdoul Aziz Ciss (Université Cheikh Anta Diop, Dakar, Sénégal), José Manuel Rodriguez Caballero (Labri), Jean Kieffer (ENS Paris), Christian Klein (Institut de Mathématiques de Bourgogne), Frank Vallentin (Mathematisches Institut, Universität zu Köln).
Jared Asuncion went to the Autumn school: Topics in arithmetic and algebraic geometry last 9 - 13 October 2017 at the University of Mainz in Mainz, Germany.
Jared Asuncion went to see his cosupervisor, Marco String last 6 - 10 November 2017 at the Universiteit Leiden in Leiden, The Netherlands. It is planned to stay in Leiden for a period of six months while working on his PhD.
Jared Asuncion went to the 21st Workshop on Elliptic Curve Cryptography last 13 - 15 November 2017 at the Radboud University in Nijmegen, The Netherlands.
A. Page visited C. Maire in Cornell University (Ithaca, US) from November 27th to December 4th and gave a research talk there on December 1st. He then visited Michael Lipnowski in the Institute for Advanced Studies (Princeton, US) from December 4th to December 14th.
A. Enge visited Bernhard Schmidt in Nanyang Technological University, Singapore for three weeks.
Fredrik Johansson participated in the OSCAR: Antic workshop at TU Kaiserslautern, Germany and gave an invited talk on "Fundamental algorithms in Arb".
Fredrik Johansson participated in the workshop on Elliptic Integrals, Elliptic Functions and Modular Forms in Quantum Field Theory at DESY, Zeuthen, Germany, and gave an invited talk on "Numerics of classical elliptic functions, elliptic integrals and modular forms".
B. Allombert and K. Belabas organized a workshop Pari/Gpin Lyon on 09-13 January 2017.
B. Allombert and K. Belabas organized a workshop “Elliptic curves,
modular forms and
B. Allombert and A. Page organized a mini-workshop Pari/Gpin Oujda, Morocco on 22-23 November 2017.
K. Belabas acts on the editorial board of Journal de Théorie des Nombres de Bordeaux since 2005 and of Archiv der Mathematik since 2006.
H. Cohen is an editor for the Springer book series Algorithms and Computations in Mathematics (ACM).
J.-M. Couveignes is a member of the editorial board (scientific committee) of the Publications mathématiques de Besançon since 2010.
A. Enge is an editor of Designs, Codes and Cryptography since 2004.
J.-M. Couveignes is a member of the scientific council of the labex "Fondation Sciences Mathématiques de Paris", FSMP, Paris.
J.-M. Couveignes is a member of the 'conseil d'orientation' of the labex "Institut de Recherche en Mathématiques, Interactions et Applications", IRMIA, Strasbourg.
K. Belabas is a member of the 'conseil scientifique' of the Société Mathématique de France
Since January 2017, A. Enge is “délégué scientifique” of the Inria research centre Bordeaux–Sud-Ouest. As such, he is also a designated member of the “commission d'évaluation” of Inria.
Since January 2015, K. Belabas is vice-head of the Math Institute (IMB). He also leads the computer science support service (“cellule informatique”) of IMB and coordinates the participation of the institute in the regional computation cluster PlaFRIM.
He is an elected member of “commission de la recherche” in the academic senate of Bordeaux University.
He is a member of the “Conseil National des Université” (25th section, pure mathematics).
J.-P. Cerri is an elected member of the scientific council of the Mathematics Institute of Bordeaux (IMB) and responsible for the bachelor programme in mathematics and informatics.
Since January 2015, J.-M. Couveignes is the head of the Math Institute (IMB). He is head of the Scientific Committee of the Albatros (ALliance Bordeaux universities And Thales Research in AviOnicS) long term cooperation between Inria, Bordeaux-INP, Université de Bordeaux and CNRS.
Master : G. Castagnos, Cryptanalyse, 60h, M2, University of Bordeaux, France;
Master : G. Castagnos, Cryptologie avancée, 30h, M2, University of Bordeaux, France;
Master : G. Castagnos, Courbes elliptiques, 60h, M2, University of Bordeaux, France;
Master : D. Robert, Courbes elliptiques, 60h, M2, University of Bordeaux, France;
Master : K. Belabas, Computer Algebra, 91h, M2, University of Bordeaux, France;
Licence : Jean-Paul Cerri, Arithmétique et Cryptologie, 24h TD, L3, Université de Bordeaux, France
Licence : Jean-Paul Cerri, Algèbre bilinéaire et géométrie, 35h TD, L3, Université de Bordeaux, France
Licence : Jean-Paul Cerri, Structures algébriques 2, 35h TD, L3, Université de Bordeaux, France
Master : Jean-Paul Cerri, Cryptologie, 24h TD, M1, Université de Bordeaux, France
Master : Jean-Paul Cerri, Arithmétique, 60h TD, M1, Université de Bordeaux, France
PhD in progress : Ida Tucker, Design of new advanced cryptosystems from homomorphic building blocks, since October 2017, supervised by Guilhem Castagnos and Fabien Laguillaumie
PhD in progress: Abdoulaye Maiga, Computing canonical lift of genus 2 hyperelliptic curves, University Dakar, supervised by Djiby Sow, Abdoul Aziz Ciss and D. Robert.
PhD in progress: Jared Asuncion, Class fields of complex multiplication fields, since September 2017, supervised by A. Enge and Marco Streng (Universiteit Leiden).
PhD in progress: Chloë Martindale, Isogeny graphs, since 2013, supervised by A. Enge and Marco Streng (Universiteit Leiden).
PhD in progress: Emmanouil Tzortzakis
Algorithms for
PhD in progress: Pavel Solomatin
Topics on
PhD in progress: Antonin Riffaut Calcul effectif de points spéciaux, supervised by Y. Bilu and K. Belabas.
Master 2: Margarita Pierrakea, Supersingular isogeny key-exchange, supervised by D. Robert.
A. Enge has written a report for the doctoral dissertation by Alexandre Le Meur, Université de Rennes, sur Formules de Thomae généralisées à des courbes galoisiennes résolubles sur la droite projective.
A. Enge has written a report for the doctoral dissertation by Alexandre Gélin, Université Pierre et Marie Curie, Class Group Computations in Number Fields and Applications to Cryptology. K. Belabas was a member of the defense committee.
K. Belabas has written a report for the doctoral dissertation of Thomas Camus, Université Grenoble-Alpes, Méthodes algorithmiques pour les réseaux algébriques.
K. Belabas was a member of the defense committee of José Villanueva-Guttierez, Université de Bordeaux, Sur quelques questions en théorie d'Iwasawa.
K. Belabas was a member of the defense committee of Philippe Moustrou, Université de Bordeaux, Geometric distance graphs, lattices and polytopes.
J-M. Couveignes was a member of the defense committee of Carine Jaber (advisor Christian Klein), Université de Dijon, Approche algorithmique au domaine fondamental de Siegel the 28 June 2017.
J-M. Couveignes was the president of the defense committee of Matthieu Rambaud (advisor Hugues Randriambololona), Telecom-ParisTech, Shimura curves and bilinear multiplication algorithms in finite fields the 2 September 2017.
D. Robert is a member of the jury of Agregations de Mathematiques. He is also the codirector with Alain Couvreur of the option “calcul formel” of the Modelisation part of the oral examination.
The book Guide to Pairing-Based Cryptography has been published by CHAPMAN and HALL/CRC. D. Robert wrote with Sorina Ionica the chapter “Pairings” of this book. This book aims to help Engineers understand and implement pairing based cryptography; in the Chapter “Pairings”, D. Robert give a self contained definition and proof of the Weil and Tate pairing; including how to handle divisors with non disjoint support (this is often skipped in scientific papers but is important for practical implementations).
A. Page gave a popularization talk “À la découverte de la cryptologie : la science du secret” during the Fête de la Science event. Two groups of high school students and one group of Inria agents participated in this activity. Following this talk, three high school students decided to work on the RSA cryptosystem for their TPE essay and came back to the IMB to meet A. Page and talk about this topic in greater detail.