Page 82 - 2017 Brochure
P. 82
究員
楊柏因 Bo-Yin Yang
Research Fellow
Ph.D., Applied Mathematics, Massachusetts Institute of Technology
Tel: +886-2-2788-3799 ext. 1731 Fax: +886-2-2782-4814
Email: byyang@iis.sinica.edu.tw
http://www.iis.sinica.edu.tw/pages/byyang
• B.S., Mathematics, National Taiwan University (1987)
• Ph.D., Mathematics, Massachusetts Institute of Technology (1991)
• Associate Professor of Mathematics, Tamkang University (1992-2006)
• Associate Research Fellow, Institute of Information Science, Academia Sinica (2006-2011)
• Research Fellow, Institute of Information Science, Academia Sinica (2011-present)
• Research Fellow (Joint appointed), Center for Information Technology Innovation, Academia Sinica (2011-present)
• Career Advancement Award, Academia Sinica (2010-2014)
• Sinica Investigator Award, Academia Sinica (2015-2019)
Research Description cannot read with a secret index from a table, and we cannot branch
depending on secret data. Pragmatically, this also means no bugs.
My research is mainly in applied cryptography and efficient Correctness is as important as speed. We have contributed to the
implementations of cryptography and cryptanalysis. Our team high-speed, high-security Curve25519 elliptic curve cryptosystem,
is internationally renowned for the study of post-quantum which is currently being used by Apple and Google, and our code
cryptography and cryptographic implementation, especially has recently been formally verified to be correct.
on specialist platforms. We also spend time developing high
assurance crypto software, meaning we try to formally verify Some of our specialist high-speed cryptographic implementations
cryptographic subroutines as correct. can be seen on the leader board of the Fukuoka Multivariate
Quadratic Challenge, where we lead the world in solving binary
There is always a tradeoff between security and speed. Efficient equations with exactly as many equations as variables (using an
implementation of cryptography is therefore extremely important in FPGA cluster) and overdetermined large-field equations (using
that only ‘fast enough’ applications will be used. One unfortunate multi-core machines).
feature of programming for crypto applications is that compiling
C usually yields suboptimal code, because cryptographers are
not the intended clientele of vendors. Another unique aspect of
cryptography is that to conform to the security model, data flow
from secrets to observables must be avoided. Therefore, we
Publications 8. C. Bouillaguet, H.-C. K. Chen, C.-M. Cheng, T. Chou, R.
Niederhagen, A. Shamir, and B.-Y. Yang, Fast Exhaustive Search for
1. A. Petzoldt, M.-S. Chen, B.-Y. Yang, C. Tao, J. Ding: Design Polynomial Systems in F_2 , CHES 2010, LNCS 6225, pp. 203-218.
Principles for HFEv- Based Multivariate Signature Schemes, Asiacrypt
2015, LNCS 9452, pp. 311-334. 9. D. J. Bernstein, T.-R. Chen, *C.-M. Cheng, T. Lange, and B.-Y. Yang,
ECM on Graphics Cards, Eurocrypt 2009, LNCS 5479, pp. 483-501.
2. Y.-F. Chen, C.-H. Hsu, H.-H. Lin, P. Schwabe, M.-H. Tsai, B.-Y.
Wang, B.-Y. Yang, and S.-Y. Yang, Verifying Curve25519 Software, 10. A. I.-T. Chen, M.-S. Chen, T.-R. Chen, C.-M. Cheng, J. Ding, E.
ACM CCS 2014 L.-H. Kuo, F. Y.-S. Lee, and B.-Y. Yang, SSE Implementation of
Multivariate PKCs on Modern x86 CPUs, CHES 2009, pp. 33-48,
3. C. Bouillaguet, C.-M. Cheng, T. Chou, R. Niederhagen and B.-Y. LNCS 5747.
Yang, Fast Exhaustive Search for Quadratic Systems in F2 on FPGAs,
SAC 2013, LNCS 8282, pp. 205-222.
4. T. Chou, C.-M. Cheng, R. Niederhagen, and B.-Y. Yang, Solving
Quadratic Equations with XL on Parallel Architectures, CHES 2012,
LNCS 7428, pp. 356-373.
5. D. J. Bernstein, N. Duif, T. Lange, P. Schwabe, and B.-Y. Yang, High-
speed high-security signatures, Journal of Cryptographic Engineering
2:2(2012), pp. 77-89. Invited paper from CHES 2011, LNCS 6917,
pp. 124-142.
6. F.-H. Liu, Y.-J. Huang, and B.-Y. Yang, Public-Key Cryptography
from New Multivariate Quadratic Assumptions, PKC 2012, and LNCS
7293, pp. 190-205.
7. P.-C. Kuo, M. Schneider, Ö. Dagdelen, J. Reichelt, J. Buchmann, C.-M.
Cheng, and B.-Y. Yang, Extreme Enumeration on GPU and in Clouds,
CHES 2011, LNCS 6917, pp. 176-191.
80 研究人員 Research Faculty
楊柏因 Bo-Yin Yang
Research Fellow
Ph.D., Applied Mathematics, Massachusetts Institute of Technology
Tel: +886-2-2788-3799 ext. 1731 Fax: +886-2-2782-4814
Email: byyang@iis.sinica.edu.tw
http://www.iis.sinica.edu.tw/pages/byyang
• B.S., Mathematics, National Taiwan University (1987)
• Ph.D., Mathematics, Massachusetts Institute of Technology (1991)
• Associate Professor of Mathematics, Tamkang University (1992-2006)
• Associate Research Fellow, Institute of Information Science, Academia Sinica (2006-2011)
• Research Fellow, Institute of Information Science, Academia Sinica (2011-present)
• Research Fellow (Joint appointed), Center for Information Technology Innovation, Academia Sinica (2011-present)
• Career Advancement Award, Academia Sinica (2010-2014)
• Sinica Investigator Award, Academia Sinica (2015-2019)
Research Description cannot read with a secret index from a table, and we cannot branch
depending on secret data. Pragmatically, this also means no bugs.
My research is mainly in applied cryptography and efficient Correctness is as important as speed. We have contributed to the
implementations of cryptography and cryptanalysis. Our team high-speed, high-security Curve25519 elliptic curve cryptosystem,
is internationally renowned for the study of post-quantum which is currently being used by Apple and Google, and our code
cryptography and cryptographic implementation, especially has recently been formally verified to be correct.
on specialist platforms. We also spend time developing high
assurance crypto software, meaning we try to formally verify Some of our specialist high-speed cryptographic implementations
cryptographic subroutines as correct. can be seen on the leader board of the Fukuoka Multivariate
Quadratic Challenge, where we lead the world in solving binary
There is always a tradeoff between security and speed. Efficient equations with exactly as many equations as variables (using an
implementation of cryptography is therefore extremely important in FPGA cluster) and overdetermined large-field equations (using
that only ‘fast enough’ applications will be used. One unfortunate multi-core machines).
feature of programming for crypto applications is that compiling
C usually yields suboptimal code, because cryptographers are
not the intended clientele of vendors. Another unique aspect of
cryptography is that to conform to the security model, data flow
from secrets to observables must be avoided. Therefore, we
Publications 8. C. Bouillaguet, H.-C. K. Chen, C.-M. Cheng, T. Chou, R.
Niederhagen, A. Shamir, and B.-Y. Yang, Fast Exhaustive Search for
1. A. Petzoldt, M.-S. Chen, B.-Y. Yang, C. Tao, J. Ding: Design Polynomial Systems in F_2 , CHES 2010, LNCS 6225, pp. 203-218.
Principles for HFEv- Based Multivariate Signature Schemes, Asiacrypt
2015, LNCS 9452, pp. 311-334. 9. D. J. Bernstein, T.-R. Chen, *C.-M. Cheng, T. Lange, and B.-Y. Yang,
ECM on Graphics Cards, Eurocrypt 2009, LNCS 5479, pp. 483-501.
2. Y.-F. Chen, C.-H. Hsu, H.-H. Lin, P. Schwabe, M.-H. Tsai, B.-Y.
Wang, B.-Y. Yang, and S.-Y. Yang, Verifying Curve25519 Software, 10. A. I.-T. Chen, M.-S. Chen, T.-R. Chen, C.-M. Cheng, J. Ding, E.
ACM CCS 2014 L.-H. Kuo, F. Y.-S. Lee, and B.-Y. Yang, SSE Implementation of
Multivariate PKCs on Modern x86 CPUs, CHES 2009, pp. 33-48,
3. C. Bouillaguet, C.-M. Cheng, T. Chou, R. Niederhagen and B.-Y. LNCS 5747.
Yang, Fast Exhaustive Search for Quadratic Systems in F2 on FPGAs,
SAC 2013, LNCS 8282, pp. 205-222.
4. T. Chou, C.-M. Cheng, R. Niederhagen, and B.-Y. Yang, Solving
Quadratic Equations with XL on Parallel Architectures, CHES 2012,
LNCS 7428, pp. 356-373.
5. D. J. Bernstein, N. Duif, T. Lange, P. Schwabe, and B.-Y. Yang, High-
speed high-security signatures, Journal of Cryptographic Engineering
2:2(2012), pp. 77-89. Invited paper from CHES 2011, LNCS 6917,
pp. 124-142.
6. F.-H. Liu, Y.-J. Huang, and B.-Y. Yang, Public-Key Cryptography
from New Multivariate Quadratic Assumptions, PKC 2012, and LNCS
7293, pp. 190-205.
7. P.-C. Kuo, M. Schneider, Ö. Dagdelen, J. Reichelt, J. Buchmann, C.-M.
Cheng, and B.-Y. Yang, Extreme Enumeration on GPU and in Clouds,
CHES 2011, LNCS 6917, pp. 176-191.
80 研究人員 Research Faculty
