IACR News
If you have a news item you wish to distribute, they should be sent to the communications secretary. See also the events database for conference announcements.
Here you can see all recent updates to the IACR webpage. These updates are also available:
27 September 2021
Cape Privacy, North America, Fully Remote
Closing date for applications:
Contact: David Besemer, VP Engineering
More information: https://capeinc.bamboohr.com/jobs/view.php?id=32
Spanish National Research Council (CSIC)
Closing date for applications:
Contact: David Arroyo Guardeño, Ph. D. Research group on Cryptology and Information Security (GiCSI) Institute of Physical and Information Technologies (ITEFI) Spanish National Research Council (CSIC) https://dargcsic.github.io/
More information: https://dargcsic.github.io/posts/2021-09-21-spirs
Marcel Armour, Carlos Cid
Weak key forgeries were given a systematic treatment in the work of Procter and Cid (FSE'13), who showed how to construct MAC forgeries that effectively test whether the decryption key is in some (arbitrary) set of target keys. Consequently, it would appear that weak key forgeries naturally lend themselves to constructing partition oracles; we show that this is indeed the case, and discuss some practical applications of such an attack. Our attack applies in settings where AE schemes are used with static session keys, and has the particular advantage that an attacker has full control over the underlying plaintexts, allowing any format checks on underlying plaintexts to be met -- including those designed to mitigate against partitioning oracle attacks.
Prior work demonstrated that key commitment is an important security property of AE schemes, in particular settings. Our results suggest that resistance to weak key forgeries should be considered a related design goal. Lastly, our results reinforce the message that weak passwords should never be used to derive encryption keys.
Max Heiser
We present an improvement to the quantum algorithm, which improves the time complexity to \(2^{0.2571d+o(d)}\). Essentially, we provide a way to use Grover's algorithm to speed up another part of the process, providing a better tradeoff. This improvement affects the security of lattice-based encryption schemes, including NIST PQC Round 3 finalists.
Daniel M. Kane, Shahed Sharif, Alice Silverberg
Angelique Faye Loe, Liam Medley, Christian O'Connell, Elizabeth A. Quaglia
The properties of our VDF allow us to establish the design of the first practical Delay Encryption scheme, a primitive introduced at EUROCRYPT 2021. We provide a formal security analysis of our results, as well as an implementation study detailing the practical performance of our VDF.
Kavya Sreedhar, Mark Horowitz, Christopher Torng
24 September 2021
Malika Izabachène, Anca Nitulescu, Paola de Perthuis, David Pointcheval
We introduce a scheme for OPE in the presence of malicious senders, enforcing honest sender behavior and consistency by adding verifiability to the calculations.
The main tools used are FHE for input privacy and arguments of knowledge for the verifiability property. MyOPE deploys sublinear communication costs in the sender's polynomial degree and one to five rounds of interaction.
In other words, it can be used as a verifiable computation scheme for polynomial evaluation over FHE ciphertexts. While classical techniques in pairing-based settings allow generic succinct proofs for such evaluations, they require large prime order subgroups which highly impact the communication complexity, and prevent the use of FHE with practical parameters. MyOPE builds on generic secure encodings techniques that allow composite integers and enable real-world FHE parameters and even RNS-based optimizations. It is best adapted for the unbalanced setting where the degree of the polynomial and the computing power of the sender are large.
MyOPE can be used as a building block in specialized two-party protocols such as PSI (this use-case is hereafter described), oblivious keyword search, set membership and more using the OPE instantiation.
As another contribution, our techniques are generalized to applications other than OPE, such as Symmetric Private Information Retrieval (SPIR), to make them secure against a malicious sender.
Andreas Erwig, Sebastian Faust, Siavash Riahi
In this work, we initiate the study of large-scale threshold cryptosystems. We present novel protocols for distributed key generation, threshold encryption, and signature schemes that guarantee security in large-scale environments with complexity independent of $N$. One of our key contributions is to show how to generically transform threshold encryption and signature schemes, which are secure against static adversaries (and satisfy certain additional properties), to secure threshold cryptosystems that offer strong security in the large-scale setting.
Jorge Chavez-Saab, Francisco Rodríguez Henríquez, Mehdi Tibouchi
Loïs Huguenin-Dumittan, Serge Vaudenay
Poulami Das, Andreas Erwig, Sebastian Faust, Julian Loss, Siavash Riahi
Ehsan Ebrahimi
In this paper, we propose an XOR-homomorphic commitment scheme based on the Learning Parity with Noise (LPN) problem and use it to construct an efficient quantum computationally zero-knowledge interactive proof system for the graph 3-coloring problem.
Aleksei Udovenko
This work describes new theoretical and practical insights into traditional bit-based division property. We focus on analyzing and exploiting monotonicity/convexity of division property and its relation to the graph indicator. In particular, our investigation leads to a new compact representation of propagation, which allows CNF/MILP modeling for larger S-Boxes, such as 16-bit Super-Sboxes of lightweight block ciphers or even 32-bit random S-boxes. This solves the challenge posed by Derbez and Fouque (ToSC 2020), who questioned the possibility of SAT/SMT/MILP modeling of 16-bit Super-Sboxes. As a proof-of-concept, we model the Super-Sboxes of the 8-round LED by CNF formulas, which was not feasible by any previous approach.
Our analysis is further supported by an elegant algorithmic framework. We describe simple algorithms for computing division property of a set of $n$-bit vectors in time $O(n2^n)$, reducing such sets to minimal/maximal elements in time $O(n2^n)$, computing division property propagation table of an $n\times m$-bit S-box and its compact representation in time $O((n+m)2^{n+m})$. In addition, we develop an advanced algorithm tailored to "heavy" bijections, allowing to model, for example, a randomly generated 32-bit S-box.
Song Bian, Dur E Shahwar Kundi, Kazuma Hirozawa, Weiqiang Liu, Takashi Sato
Kazuhiko Minematsu, Akiko Inoue, Katsuya Moriwaki, Maki Shigeri, Hiroyasu Kubo
Seungjin Baek, Hocheol Nam, Yongwoo Oh, Muoi Tran, Min Suk Kang
David W. H. A. da Silva, Luke Harmon, Gaetan Delavignette, Carlos Araujo
Emma Dauterman, Vivian Fang, Ioannis Demertzis, Natacha Crooks, Raluca Ada Popa
Dirk Fischer
In this work, a quantal version of the classical cryptographic Diffie-Hellman key exchange protocol is introduced. It is called Quantum Diffie-Hellman key exchange. Unlike for the existing quantum key distribution protocols, actual quantum states, and not their measurement outcomes, are regarded as finally exchanged keys/information. By implementation of that quantal Diffie-Hellman version, both communication parties in the end are in possession of identically prepared, and secret quantum states. Thus the cryptographically important principle of forward secrecy is now available in a quantum physical framework. As a merit of the quantum setting, an improvement of the classical Diffie-Hellman protocol is also achieved, as neither of the two parties exactly know the final, exchanged states.