报告名称：Dimension of invariant subspace of a Stark-friendly symmetric cipher design

报告专家：吴保峰

专家所在单位：中科院信息工程研究所

报告时间：2022年4月14日下午

报告地点：腾讯会议(855 570 766)

专家简介：吴保峰，本科毕业于山东大学数学学院，博士毕业于中科院数学与系统科学研究院，2013年博士毕业后进入中科院信息工程研究所从事博士后研究，现为信工所副研究员、硕士生导师。主要从事密码数学理论、密码算法设计与分析相关领域研究，在TIT、FFA、ISIT、FSE等国际期刊或会议发表论文30余篇，主持或参与国家自然科学基金面上项目、青年基金、专项基金以及军队密码合作基金等科研项目十余项。

报告摘要：The HADES design strategy combines the classical SPN construction with the Partial SPN (PSPN) construction of symmetric ciphers. Starkad and Poseidon are two instantiations of HADES, both using Cauchy-type MDS matrices as diffusion layers. At Eurocrypt 2021, Keller and Rosemarin posed a successful attack on Starkad by showing that its PSPN part admitted a high dimensional invariant subspace. They alsoconjectured an improved bound for the dimension of this invariant subspace. In this talk, I will introduce Keller and Rosemarin's work, and explain how to prove their conjecture. This conjecture is essentially about the nullity of a matrix polynomial of a block matrix with Hadamard type blocks over commutative rings of characteristic 2. It turns out that the main argument leads to the proof is incredibly simple, as long as we have found the key point.