Tancrède Lepoint's Homepage (original) (raw)

home • publications & preprints • phd

About me

I am a Principal Applied Scientist in the AI & AGI Security team at Amazon, where I build secure foundations for AI systems. My work spanspost-quantum cryptography,AI security, andprivacy-enhancing technologies.

I co-authoredCRYSTALS-Kyber andCRYSTALS-Dilithium, the lattice-based schemes that NIST standardized asML-KEM andML-DSA, now replacing decades-old algorithms in TLS and Signal to protect billions of connections against quantum computers. My work onhomomorphic encryption, anonymous credentials, and differential privacy has been deployed at scale by Amazon, Google, and Apple.

Previously, I was a Principal Applied Scientist at AWS (2022–2025), where I led data protection and AI security in the Provable Security & Automation organization. Before that, I was a Cryptography Engineer at Apple (2021–2022) and a Research Scientist at Google (2018–2021), working on post-quantum cryptography, secure computation, anonymous credentials, and privacy-preserving analytics. Earlier, I worked on post-quantum cryptography and homomorphic encryption at SRI International (2016–2018) and CryptoExperts (2011–2016). I hold a Ph.D. from École Normale Supérieure and University of Luxembourg (Gilles Kahn Prize, 2014).

Selected work

Post-quantum cryptography

Quantum computers will eventually break the cryptographic algorithms that secure today’s internet. I have worked on designing, analyzing, and deploying their replacements.

• CRYSTALS-Kyber and**CRYSTALS-Dilithium** — lattice-based key encapsulation and digital signature schemes,standardized by NIST asML-KEM andML-DSA. Now being deployed worldwide to protect against quantum threats.
• Improved security proofs in lattice-based cryptography — introduced the use of Rényi divergence as an alternative to statistical distance for lattice-based security reductions, leading to tighter parameters.Best Paper, Asiacrypt 2015.

AI security

I work on building secure and reliable AI systems, from private training with federated learning and secure aggregation to testing LLM-integrated applications.

• Advances and open problems in federated learning — the foundational survey of federated learning, covering privacy, robustness, and systems challenges.Foundations and Trends in Machine Learning, 2021.
• Secure single-server aggregation with (poly)logarithmic overhead — efficient secure aggregation protocol for privacy-preserving machine learning.Deployed byGoogle for federated learning with distributed differential privacy. Published at ACM CCS 2020.
• Delta debugging for LLM-integrated systems — a systematic approach to isolating faults in systems that integrate large language models. ICSE-SEIP 2026.

Privacy-enhancing technologies

I design cryptographic systems that let organizations use sensitive data without exposing it—from private information retrieval and anonymous credentials to differential privacy and contact-tracing analytics. Several of these systems have been deployed at scale by Apple and Google.

• Communication–computation trade-offs in PIR — practical homomorphic-encryption-based protocols for private database queries.Deployed byGoogle for private set membership and byApple for on-device private information retrieval. Published at Usenix 2021.
• Exposure Notifications Privacy-preserving Analytics — a system for collecting aggregate statistics about COVID-19 exposure notifications without learning anything about individual users.Deployed by Apple and Google.
• Verified foundations for differential privacy — machine-checked proofs that the core algorithms used in differential privacy implementations are correct.Deployed inAWS Clean Rooms Differential Privacy. Distinguished Artifact, PLDI 2025.
• Anonymous tokens with private metadata — cryptographic tokens that let servers verify clients without tracking them.Informed the design ofPrivacy Pass / Trust Tokens, with anIETF/IRTF draft on signature key blinding. Published at Crypto 2020; relatedROS cryptanalysis receivedBest Paper, Eurocrypt 2021.

All publications & preprints →

Professional Service

• Director IACR 2018–2024
• Co-editor Cryptology ePrint Archive 2016–2023
• General Chair
  • CRYPTO 2024
• Program Chair
  • WAHC 2020
  • WAHC 2019
• Program Committee
  • EuroS&P 2026
  • ASIACRYPT 2025
  • USENIX SECURITY 2024
  • USENIX SECURITY 2023
  • CT-RSA 2023
  • PKC 2023
  • CRYPTO 2023
  • USENIX SECURITY 2022
  • CT-RSA 2021
  • IEEE S&P 2021
  • USENIX SECURITY 2021
  • CHES 2021
  • CT-RSA 2020
  • USENIX SECURITY 2020
  • CHES 2020
  • EUROCRYPT 2020
  • CT-RSA 2019
  • PKC 2019
  • USENIX SECURITY 2019
  • SSR 2019
  • CT-RSA 2018
  • COSADE 2018
  • AFRICACRYPT 2018
  • PQCRYPTO 2018
  • CRYPTO 2018
  • SCN 2018
  • SSR 2018
  • CHES 2018
  • WAHC 2018
  • CT-RSA 2017
  • WAHC 2017
  • EUROCRYPT 2017
  • CHES 2017
  • PQCRYPTO 2017
  • CANS 2017
  • INDOCRYPT 2017
  • WAHC 2016
  • ICITS 2016
  • CHES 2016
  • WAHC 2015
  • SECICT2015
  • CANS2015
  • ACNS 2015
  • ACISP 2015