IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
31 August 2020
-
Event CalendarSubmission deadline: 31 March 2021
Dhiman Saha, Yu Sasaki, Danping Shi, Ferdinand Sibleyras, Siwei Sun, Yingjie Zhang
ePrint ReportCHES
To register for CHES 2020, please visit the CHES 2020 registration site. Registration for CHES 2020 is free for IACR members; non-IACR members will be asked to pay the IACR membership fee (USD 50 regular, USD 25 for students) during registration.
You can follow any updates on twitter @2020CHES.
28 August 2020
Benjamin Dowling, Marc Fischlin, Felix Günther, Douglas Stebila
ePrint ReportIan McQuoid, Mike Rosulek, Lawrence Roy
ePrint Report- only two exponentiations per party, the same as plain unauthenticated Diffie-Hellman key agreement (and likely optimal);
- optimal round complexity: a single flow (one message from each party that can be sent in parallel) to achieve implicit authentication, or two flows to achieve explicit mutual authentication;
- security in the random oracle model, rather than ideal cipher or generic group model;
- UC security, rather than game-based.
Our protocol is a generalization of the seminal EKE protocol of Bellovin & Merritt (S&P 1992).
We also present a UC-secure 1-out-of-$N$ oblivious transfer (OT) protocol, for random payloads. Its communication complexity is independent of $N$, meaning that $N$ can even be exponential in the security parameter. Such a protocol can also be considered a kind of oblivious PRF (OPRF). Our protocol improves over the leading UC-secure 1-out-of-$N$ OT construction of Masny & Rindal (CCS 2019) for all $N>2$, and has essentially the same cost for $N=2$.
The new technique underlying these results is a primitive we call programmable-once public function (POPF). Intuitively, a POPF is a function whose output can be programmed by one party on exactly one point. All other outputs of the function are outside of any party's control, in a provable sense.
Hoeteck Wee, Daniel Wichs
ePrint ReportOur construction is based on the recent "split FHE" framework of Brakerski, D\"ottling, Garg, and Malavolta (EUROCRYPT '20), and we provide a new instantiation of this framework. As a first step, we construct an iO scheme that is provably secure assuming that LWE holds \emph{and} that it is possible to obliviously generate LWE samples without knowing the corresponding secrets. We define a precise notion of oblivious LWE sampling that suffices for the construction. It is known how to obliviously sample from any distribution (in a very strong sense) using iO, and our result provides a converse, showing that the ability to obliviously sample from the specific LWE distribution (in a much weaker sense) already also implies iO. As a second step, we give a heuristic contraction of oblivious LWE sampling. On a very high level, we do this by homomorphically generating pseudoradnom LWE samples using an encrypted pseudorandom function.
Abraham Westerbaan, Bas Westerbaan
ePrint ReportHemi Leibowitz, Amir Herzberg, Ewa Syta, Sara Wrótniak
ePrint ReportMohammad Sadeq Dousti, Alptekin Küpçü
ePrint ReportPrasanna Ravi, Romain Poussier, Shivam Bhasin, Anupam Chattopadhyay
ePrint ReportYihong Zhu, Min Zhu, Bohan Yang, Wenping Zhu, Chenchen Deng, Chen Chen, Shaojun Wei, Leibo Liu
ePrint ReportArthur Van Der Merwe, David Paul, Jelena Schmalz, Timothy M. Schaerf
ePrint Report27 August 2020
Jyotirmoy Pramanik, Avishek Adhikari
ePrint ReportFukang Liu, Takanori Isobe, Willi Meier
ePrint ReportUniversity of Twente, The Netherlands
Job PostingThe Services and Cybersecurity (SCS) group at the University of Twente invites applications for a 4-year PhD position in evidence-based security response.
We are looking for candidates with a solid background in network and system security.
More information and the link to apply:
https://www.utwente.nl/en/organization/careers/!/1097214/full-time-phd-position-in-evidence-based-security-response
Deadline for applications: 30 September 2020, 23:59 CET
Closing date for applications:
Contact: Dr. Andreas Peter (a.peter@utwente.nl)
More information: https://www.utwente.nl/en/organization/careers/!/1097214/full-time-phd-position-in-evidence-based-security-response
26 August 2020
Runchao Han, Jiangshan Yu, Haoyu Lin
ePrint ReportTim Beyne, Chaoyun Li
ePrint ReportWe focus on low-data attacks, since these are the most relevant for typical use-cases of LowMC. In addition, this implies that our attacks can not be prevented by limiting the amount of data that can be encrypted using the weak tweak pair.
Despite our findings, we believe that the MALICIOUS framework can be used to create backdoored variants of LowMC provided that the parameters are modified.
Yang Yu, Michail Moraitis, Elena Dubrova
ePrint ReportXiaoyang Dong, Siwei Sun, Danping Shi, Fei Gao, Xiaoyun Wang, Lei Hu
ePrint ReportHannah Davis, Felix Günther
ePrint ReportPrior work gave reductions of both protocols' security to the underlying building blocks that were loose (in the number of users and/or sessions), so loose that they gave no guarantees for practical parameters. Adapting techniques by Cohn-Gordon et al. (Crypto 2019), we give reductions for SIGMA and TLS 1.3 to the strong Diffie-Hellman problem which are tight, and prove that this problem is as hard as solving discrete logarithms in the generic group model. Leveraging our tighter and fully-quantitative bounds, we meet the protocols' targeted security levels when instantiated with standardized curves and improve over prior bounds by up to over 80 bits of security across a range of real-world parameters.