IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
28 May 2018
Onur G\"unl\"u, Tasnad Kernetzky, Onurcan I\c{s}can, Vladimir Sidorenko, Gerhard Kramer, Rafael F. Schaefer
Dana Dachman-Soled, Mukul Kulkarni
In this work, we ask if it is possible to construct CNMC from weaker assumptions. We answer this question by presenting lower as well as upper bounds. Specifically, we show that it is impossible to construct 2-split-state CNMC, with no CRS, for one-bit messages from any falsifiable assumption, thus establishing the lower bound. We additionally provide an upper bound by constructing 2-split-state CNMC for one-bit messages, assuming only the existence of a family of injective one way functions.
We also present a construction of 4-split-state CNMC for multi-bit messages in CRS model from the same assumptions. Additionally, we present definitions of the following new primitives: (1) One-to-one commitments, and (2) Continuous Non-Malleable Randomness Encoders, which may be of independent interest.
Cryptography, Security, and Privacy (CrySP), University of Waterloo
Applicants must hold a PhD in a related field, and should have a proven research record, as demonstrated by publications in top security and privacy or database venues (such as Oakland, CCS, SIGMOD, VLDB) and/or top venues specific to data security (such as DBSEC).
The start date of the position is negotiable. The position may be for one or two years.
Applicants should submit a CV, a research plan, two or three selected papers, and the names and contact information of three references. For further information about the position, or to apply, please send email to Florian Kerschbaum with \"Postdoctoral position\" in the subject line. Applications may be considered as they arrive.
Closing date for applications: 1 September 2018
Contact: Florian Kerschbaum with \"Postdoctoral position\" in the subject line. Applications may be considered as they arrive.
Cryptography, Security, and Privacy Research Group
David R. Cheriton School of Computer Science
University of Waterloo
Waterloo, Ontario, Canada N2L 3G1
Tel: 519-888-4567 x36163
Fax: 519-885-1208
More information: https://crysp.uwaterloo.ca/prospective/postdoc/
Cryptography, Security, and Privacy (CrySP), University of Waterloo
Applicants must hold a PhD in a related field, and should have a proven research record, as demonstrated by publications in top security and privacy venues (such as Oakland, CCS, USENIX Security, and NDSS) and/or top venues specific to privacy-enhancing technologies (such as PETS/PoPETs).
The start date of the position is negotiable. The position may be for one or two years.
Applicants should submit a CV, a research plan, two or three selected papers, and the names and contact information of three references.
Closing date for applications: 1 September 2018
Contact: Ian Goldberg with \"Postdoctoral position\" in the subject line. Applications may be considered as they arrive.
Cryptography, Security, and Privacy Research Group
David R. Cheriton School of Computer Science
University of Waterloo
Waterloo, Ontario, Canada N2L 3G1
Tel: 519-888-4567 x36163
Fax: 519-885-1208
More information: https://crysp.uwaterloo.ca/prospective/postdoc/
27 May 2018
Atsushi Takayasu, Noboru Kunihiro
26 May 2018
Osman Bicer, Muhammed Ali Bingol, Mehmet Sabir Kiraz
Ben Fisch, Shashwat Silas
Cristina Pérez-Solà, Sergi Delgado-Segura, Guillermo Navarro-Arribas, Jordi Herrera-Joancomart
Weiqing You, Xiaoming Chen, Wenxi Li
James Bartusek, Jiaxin Guan, Fermi Ma, Mark Zhandry
In this work, we demonstrate that all known zeroizing attacks on GGH15 implicitly construct algebraic relations between the results of zero-testing and the encoded plaintext elements. We then propose a ``GGH15 zeroizing model" as a new general framework which greatly generalizes known attacks.
Our second contribution is to describe a new GGH15 variant, which we formally analyze in our GGH15 zeroizing model. We then construct a new iO candidate using our multilinear map, which we prove secure in the GGH15 zeroizing model. This implies resistance to all known zeroizing strategies. The proof relies on the Branching Program Un-Annihilatability (BPUA) Assumption of Garg et al. [TCC 16-B] (which is implied by PRFs in NC^1 secure against P/Poly) and the complexity-theoretic p-Bounded Speedup Hypothesis of Miles et al. [ePrint 14] (a strengthening of the Exponential Time Hypothesis).
Dominik Klein
Fukang Liu, Gaoli Wang, Zhenfu Cao
Mriganka Mandal, Ratna Dutta
Gilad Asharov, Gil Segev, Ido Shahaf
We establish tight bounds on the tradeoff between the space overhead, locality and read efficiency of SSE schemes within two general frameworks that capture the memory access pattern underlying all existing schemes. First, we introduce the ``pad-and-split'' framework, refining that of Cash and Tessaro while still capturing the same existing schemes. Within our framework we significantly strengthen their lower bound, proving that any scheme with locality $L$ must use space $\Omega ( N \log N / \log L )$ for databases of size $N$. This is a tight lower bound, matching the tradeoff provided by the scheme of Demertzis and Papamanthou (SIGMOD '17) which is captured by our pad-and-split framework.
Then, within the ``statistical-independence'' framework of Asharov et al. we show that their lower bound is essentially tight: We construct a scheme whose tradeoff matches their lower bound within an additive $O(\log \log \log N)$ factor in its read efficiency, once again improving upon the existing schemes. Our scheme offers optimal space and locality, and nearly-optimal read efficiency that depends on the frequency of the queried keywords: For a keyword that is associated with $n = N^{1 - \epsilon(n)}$ document identifiers, the read efficiency is $\omega(1) \cdot \epsilon(n)^{-1}+ O(\log\log\log N)$ when retrieving its identifiers (where the $\omega(1)$ term may be arbitrarily small, and $\omega(1) \cdot \epsilon(n)^{-1}$ is the lower bound proved by Asharov et al.). In particular, for any keyword that is associated with at most $N^{1 - 1/o(\log \log \log N)}$ document identifiers (i.e., for any keyword that is not exceptionally common), we provide read efficiency $O(\log \log \log N)$ when retrieving its identifiers.
Ran Gelles, Anat Paskin-Cherniavsky, Vassilis Zikas
We devise an information-theoretic technique that converts any correct, but not necessarily private, two-party protocol that assumes reliable channels, into a protocol which is both correct and private against semi-honest adversaries, assuming BSC channels alone. Our results also apply to other types of noisy-channels such as the elastic-channel.
Our construction combines tools from the cryptographic literature with tools from the literature on interactive coding, and achieves, to our knowledge, the best known communication overhead. Specifically, if $f$ is given as a circuit of size $s$, our scheme communicates $O(s + \kappa)$ bits for $\kappa$ a security parameter. This improves the state of the art (Ishai et al., CRYPTO' 11) where the communication is $O(s) + \text{poly}(\kappa \cdot \text{depth}(s))$.
Gilles Barthe, Sonia Belaïd, François Dupressoir, Pierre-Alain Fouque, Benjamin Grégoire, François-Xavier Standaert, Pierre-Yves Strub
Xiaoyang Dong, Bingyou Dong, Xiaoyun Wang
In this paper, we continue to study the symmetric ciphers against quantum attackers. First, we convert the classical advanced slide attacks (introduced by Biryukov and Wagner) to a quantum one, that gains an exponential speed-up of the time complexity. Thus, we could break 2/4K-Feistel and 2/4K-DES in polynomial time. Second, we give a new quantum key-recovery attack on full-round GOST, a Russian standard, with $2^{112}$ Grover iterations, which is faster than a quantum brute force search attack by a factor $2^{16}$.