Jana Sotáková

I am a PhD student of Christian Schaffner, Serge Fehr and Peter Bruin at Institute for Logic, Language and Computation at the University of Amsterdam (ILLC) and a part of the QuSoft Crypto group. I started my PhD in 2019 and expect to graduate in late 2023.
I am on the academic job market in 2023, seeking a postdoc in post-quantum cryptography or computational number theory.

I am working on:

post-quantum cryptography, especially isogeny-based cryptography,
computational number theory,
quantum algorithms used for cryptanalysis,
machine learning attacks on cryptography.

Until Spring 2022, I was also an organizer at WIQD, a network of women in Quantum.

News

I will talk about SALSA PICANTE at the AICRYPT workshop collocated with Eurocrypt 2023
Finished up the fun project SALSA PICANTE: a machine learning attack on LWE with binary secrets
Cathy Li, Jana Sotáková, Emily Wenger, Mohamed Malhou, Evrard Garcelon, Francois Charton, and Kristin Lauter
eprint: Report 2023/340; arxiv: arXiv:2303.04178.
Training transformers to learn from LWE samples to try to recover the secrets. Main contributions: reduced data requierement to linear number of samples (machine learning models use millions of samples to learn), added a preprocessing step that turns the samples into ones from which the transformer learns better; novel cross-attention mechanism that can read off the secret from the transformer itself.
Pushed the dimensions and hamming weights to n=350 and Hamming weights ~n/10. Still long way to go to threaten real-world schemes, but this is a massive improvement over the previous Salsa paper (n=128 with h=3)!
Disorientation faults in CSIDH were accepted to Eurocrypt 2023! The preprint is here ePrint 2022/1202. This is joint work with Gustavo Banegas, Juliane Krämer, Tanja Lange, Michael Meyer, Lorenz Panny, Krijn Reijnders, and Monika Trimoska.
Summary: While this is a physical attack (specifically, a fault-injection attack), we do exploit a lot of the inherent structure present in computing isogenies. Specifically, our threat model assumes we can flip the direction of some isogeny steps during the class group action computation. We overexamine what information this leaks - and we show that in almost all implementations, one can recover the whole secret key from a very modest number of successful faults!
Finished my lovely collaboration with Jonathan Komada Eriksen, Lorenz Panny and Mattia Veroni on making the Deuring correspondence more accessible - and easy to work with. Our preprint is public on eprint, the code is in a GitHub repo friends-of-quaternions/deuring.
Summary: We speed up the computation of the Deuring correspodence in general characteristic, using a couple of neat tricks to work with torsion points over extensions -- and selecting which torsion points to work with. We give Sage code for everything: the main parts are the KLPT and IdealToIsogeny algorithms.
From December 2022 until March 2023, I will be an intern for Kristin Lauter at Meta AI.
I attended the Leuven Isogeny Days 3 workshop.
I made a poster for ANTS XV presenting our new fault attack on CSIDH-like group action. Here are the two separate pictures for the neighbourhood graphs and here is the full graph. ~~We will put the paper online shortly!~~ The paper.
I am attending the PCMI 2022 Summer Session, as a Teaching Assistant for the course on isogenies given by Kristin Lauter in the second week of the Graduate Summer School!
Course materials (very similar to the 2021 online version) will be available here.
On April 5, I gave a talk at the ACCESS seminar talking about CTIDH: constant time CSIDH. You can check the slides.
Here are some expository notes I wrote about CTIDH to go with my talk at the ACCESS seminar, focusing on the math ideas behind CTIDH.

the news section

Papers

Google scholar, DBLP database entry, IACR database, ORCID.

SALSA PICANTE: a machine learning attack on LWE with binary secrets
Cathy Li, Jana Sotáková, Emily Wenger, Mohamed Malhou, Evrard Garcelon, Francois Charton, and Kristin Lauter
available on eprint as Report 2023/340;
available on arxiv as arXiv:2303.04178.
Deuring for the People: Supersingular Elliptic Curves with Prescribed Endomorphism Ring in General Characteristic
Jonathan Komada Eriksen, Lorenz Panny, Jana Sotáková, and Mattia Veroni
Submitted; available on eprint as Report 2023/106.
Sage code available as GitHub repo friends-of-quaternions/deuring.
Disorientation faults in CSIDH
Gustavo Banegas, Juliane Krämer, Tanja Lange, Michael Meyer, Lorenz Panny, Krijn Reijnders, Jana Sotáková, Monika Trimoska
Accepted at Eurocrypt 2023, available on eprint as Report 2022/1202.
My poster from ANTS is available here.
CTIDH: Faster constant-time CSIDH
Gustavo Banegas, Daniel J. Bernstein, Fabio Campos, Tung Chou, Tanja Lange, Michael Meyer, Benjamin Smith, Jana Sotáková
Available on the website and eprint Report 2021/633.
Also available as video on Youtube, and a published paper.
Slides from my ACCESS talk. Slides from the CHES talk.
Explicit connections between supersingular isogeny graphs and Bruhat--Tits trees
Laia Amorós, Annamaria Iezzi, Kristin Lauter, Chloe Martindale, and Jana Sotáková
To appear in WIN-E 3 proceedings.
Available on eprint and here.
Breaking the decisional Diffie-Hellman problem for class group actions using genus theory
Wouter Castryck and Jana Sotáková and Frederik Vercauteren
Crypto 2020, published paper, Best Paper Award
preprint available on eprint.
Adventures in Supersingularland
joint work with Sarah Arpin, Catalina Camacho-Navarro, Kristin Lauter, Joelle Lim, Kristina Nelson and Travis Scholl
Experimental Mathematics, available in Open Access at https://doi.org/10.1080/10586458.2021.1926009.
preprint available at eprint or at arXiv.
Eta quotients and class fields of imaginary quadratic fields
masters thesis under the supervision of Marco Streng (Leiden, 2017) available here

Contact

📨️j.s.sotakova@uva.nl

Follow @JSotakova

Where to find me on the Web

My QuSoft profile . My ILLC website. My CWI website. My LinkedIn. Google scholar page. DBLP database entry. IACR database entry. My ORCID ID.
My old website that contains some notes I've written.
An accurate log of my athletics endeavours can be found here. I even have an Olympic.org site! I attended the Youth Olympic Games in 2010: Wikipediaeven has an entry about my race.
My Alma Mater profile.
My blog. If my blog interests you, please send me a message. I will start blogging again.