楊柏因 Bo-Yin Yang

Half My Life in Cryptographic Implementations

Since 2002 I have become known for my work in cryptographic implementations. Cryptography demands secure, efficient, and correct implementations, and that's what I (and my lab) do.

In classical (pre-quantum) cryptography, I co-invented of the Ed25519 digital signature scheme, today used by billions of people daily. In the field of post-quantum cryptography (PQC), I have improved implementation techniques for multivariate cryptography, lattice-based cryptography, and supersingular isogeny-based cryptography. Notably, our lab's publications include many of the current state-of-the-art lattice-based cryptographic implementations, including the newly standardized Dilithium and Kyber, and the Bernstein-Yang safegcd algorithm, which we developed for computing modular multiplicative inverses, is currently used to protect billions of dollars' worth of cryptocurrencies. My lab has also developed numerous implementation techniques for the Number Theoretic Transform (NTT), and these research results will soon be used by billions of people daily. Additionally, our laboratory has engaged in research on formal verification techniques and was the first team to verify the correctness of a key post-quantum cryptography subroutine. Our implementations are shared with the world in the form of open-source.

We research the cryptanalysis of post-quantum cryptographic implementations. Having held lattice and multivariate cryptanalysis records, each for some time, we helped the world understand the fundamental security of PQC. The bgj3 sieve, which I jointly proposed, is the currently fastest algorithm to solve the approximate shortest vector problem in lattices.

While the security of cryptographic implementations cannot guarantee overall information security, information security is impossible without secure cryptographic implementations. May future generations produce even more cryptographic implementers.