IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
02 December 2015
Université catholique de Louvain, Louvain-la-Neuve, Belgium
Job Posting******************************************************
Physical attacks exploit the real-life characteristics of a security device, for example (passively) monitoring its power consumption or (actively) triggering computational errors during processing, in order to recover its embedded secret keys. These attacks are particularly damaging against embedded devices.
Error-correcting codes aim at preventing errors in data by adding redundant information in data encoding in a way allowing detecting and - ideally - correcting errors. Error-correcting codes were initially designed as a protection against non-malicious errors, but might represent an interesting opportunity against malicious faults as well, and can possibly be extended in order to offer resistance against passive attacks as well.
The objective of this project is to investigate this research lead, designing codes offering resistance against physical attacks and assessing their effectiveness, in a context of smart grid/smart sensor applications.
The research will take place in the framework of a European project involving high-level academic and industrial experts. The researcher will also benefit from the dynamic research environment of the UCL Crypto Group (Université catholique de Louvain), with strong interactions with researchers working on related subjects.
The candidate should hold a PhD in mathematics, computer science or electronics, with strong interests in coding theory and cryptographic algorithms. A preliminary background in side-channel attacks is useful, but not mandatory.
Note that, due to the nature of the funding, this position is only available for a non-Belgian citizen in a situation of international mobility, i.e. the candidate should not have spent more than 24 months in Belgium over the last 3 years.
July 1
Event CalendarNotification: 31 August 2016
From July 1 to July 1
More Information: http://www.computer.org/cms/Computer.org/transactions/cfps/cfp_tcsi_sca.pdf
Mehmet Özen, Mustafa Çoban, Ferhat Karakoç
ePrint ReportThe cipher has an 18-round generalized type-2 Feistel structure with 64-bit block size.
The key schedule takes 80-bit master key and produces 32-bit round keys performing very simple operations.
In this work, we analyze the security of Khudra.
We first show that the effective round key length is 16-bit.
By the help of this observation, we improve the 14-round MITM attack proposed by Youssef et al. by reducing the memory complexity from $2^{64.8}$ to $2^{32.8}$.
Also, we propose a new guess-and-determine type attack on 14 rounds where only 2 known plaintext-ciphertext pairs are required to mount the attack in a time complexity of $2^{64}$ encryption operations.
To the best of our knowledge, this is the best attack in the single key model in terms of time, memory and data complexities where the data complexity is equal to the minimum theoretical data requirement.
Moreover, we present two observations on differential probabilities of the round function and the symmetric structure of the cipher.
We introduce $2^{40}$ weak keys for the full cipher by exploiting the symmetric structure of the cipher.
Pasquale Forte, Diego Romano, Giovanni Schmid
ePrint Reportident that the decentralized transaction ledger functionality implemented through the blockchain technology can be used not only for cryptocurrencies, but to register, confirm and transfer any kind of contract and property.
In this work we analyze the most relevant functionalities and
known issues of this technology, with the intent of pointing out the possible behaviours that are not as efficient as they should when thinking with a broader outlook. Our analysis would be the starting point for the introduction of a new approach to blockchain creation
and management, which will be the subject of a forthcoming paper.
Oregon State University, Computer Science, Corvallis, OR, USA
Job PostingWe are looking for excellent, highly motivated and self-driven PhD students to work in the areas of applied cryptography and network security. We have (fully funded) 2 or 3 Ph.D. positions, starting from Spring 2016 (i.e., March 2016) or Fall 2016 (September 2016).
OSU offers a competitive salary, an excellent work environment, all within a close proximity of high-tech industry and natural beauties of Oregon, USA. The excellent candidates will have opportunities for research internship, collaborations and joint-projects with lead-industrial and academic organizations.
The candidates will work on the design, analysis, realization and deployment of new cryptographic schemes and protocols in various practical application domains. Research topics include but not limited to:
- Secure and Trustworthy Cloud Computing
- Highly efficient searchable encryption and oblivious RAM
- Distributed cloud security
- Secure and Reliable Inter-Intra Vehicular Networks
- Time-critical authentication and integrity in inter-vehicular networks
- Privacy for autonomous driving
- Secure and reliable smart-infrastructures (e.g., smart-grid IoTs)
- Trusted-hardware and hardware-acceleration techniques to enhance cryptographic methods
- MS degree in computer science, electrical engineering or mathematics; BS with high-GPA and research experience also considered.
- Knowledge of cryptographic protocols and primitives;
- Excellent programming skills (e.g., C, C++),
- Good Academic Writing and Presentation Skills;
- Transcripts (BS and MS)
- Curriculum vitae
- Reference letters
- Previous publications
- Research statement>
01 December 2015
Tokyo, Japan, September 12 - September 14
Event CalendarNotification: 27 May 2016
From September 12 to September 14
Location: Tokyo, Japan
More Information: http://www.iwsec.org/2016/
Washington, DC, USA, September 12 - September 16
Event CalendarLocation: Washington, DC, USA
More Information: http://2016.qcrypt.net/
Election
The 2015 election has closed and 437 IACR members cast ballots to select three members of the Board of Directors.
The results are as follows.
- PHILLIP ROGAWAY: 284
- MICHEL ABDALLA: 247
- ANNA LYSYANSKAYA: 194
- Alexandra Boldyreva: 164
- Jon Callas: 68
- Hilarie Orman: 60
Congratulations to Phillip, Michel, and Anna, who will serve as IACR Directors for three-year terms commencing January 1, 2016, and thank you to Alexandra, Jon, and Hilarie for your contributions to the IACR and willingness to serve.
Election verification data can be found at https://vote.heliosvoting.org/helios/e/IACR2015.
IACR Election Committee (Josh Benaloh, David Pointcheval, Bart Preneel)
Dan Bogdanov, Liina Kamm, Baldur Kubo, Reimo Rebane, Ville Sokk, Riivo Talviste
ePrint Report
Yasufumi Hashimoto
ePrint Reportby using a diagonalization approach. As a result, our attack can recover equivalent secret keys of multi-HFE in polynomial time for odd characteristic case. In fact, we experimentally succeeded to recover equivalent secret keys of several examples of multi-HFE in about fifteen seconds on average, which was recovered in about nine days by the min-rank attack.
Jia Xu, Jianying Zhou, Liming Lu
ePrint ReportWe also analyze the security and feasibility of proposed method.
Leveraging on this technique, we give a simple access control system based on passwords, which provides a low cost alternative solution for legacy system besides smart card based solution.
Phillip Rogaway
ePrint Report
Brussels, Belgium, December 9 - December 10
Event CalendarLocation: Brussels, Belgium
More Information: https://hyperelliptic.org/PSC
Cryptography, Security, and Privacy Research Group, Koç University, ?stanbul, Turkey
Job PostingFor more information about our group and projects, visit
http://crypto.ku.edu.tr
For applying online, and questions about the application-process, visit
http://gsse.ku.edu.tr
For summer internship opportunities, visit
http://kusrp.ku.edu.tr
For research questions, contact Asst. Prof. Alptekin Küpçü
http://home.ku.edu.tr/~akupcu
Spring 2016 MSC/PHD/POSTDOC deadline: 14 December 2015.
Summer 2016 Internship deadline: 31 January 2016 (may have a later deadline if quota remains).
Technische Universität Darmstadt, Germany
Job PostingThe vacancy is within the newly established research training group \"Privacy and Trust for Mobile Users\" funded by DFG, the German Research Foundation.
We are looking for a candidate interested in working at the intersection of privacy engineering, identity management, applied cryptography, and machine learning, starting as soon as possible.
Further information: https://www.sit.informatik.tu-darmstadt.de/de/security-in-information-technology/open-positions/pre-doc-in-consent-management/
30 November 2015
Jean-Philippe Aumasson, Philipp Jovanovic, Samuel Neves
ePrint Report
Gorka Irazoqui, Thomas Eisenbarth, Berk Sunar
ePrint Reportacross dierent computing domains, ranging from high-end
multi-tenant cloud servers to low-power mobile platforms.
The denser integration of CPUs creates an opportunity for
great economic savings achieved by packing processes of
multiple tenants or by bundling all kinds of tasks at vari-
ous privilege levels to share the same platform. This level
of sharing carries with it a serious risk of leaking sensitive
information through the shared microarchitectural compo-
nents. Microarchitectural attacks initially only exploited
core-private resources, but were quickly generalized to re-
sources shared within the CPU.
We present the first fine grain side channel attack that works
across processors. The attack does not require CPU co-
location of the attacker and the victim. The novelty of
the proposed work is that, for the first time the directory
protocol of high efficiency CPU interconnects is targeted.
The directory protocol is common to all modern multi-CPU
systems. Examples include AMD\'s HyperTransport, Intel\'s
Quickpath, and ARM\'s AMBA Coherent Interconnect. The
proposed attack does not rely on any specic characteristic
of the cache hierarchy, e.g. inclusiveness. Note that in-
clusiveness was assumed in all earlier works. Furthermore,
the viability of the proposed covert channel is demonstrated
with two new attacks: by recovering a full AES key in
OpenSSL, and a full ElGamal key in libgcrypt within the
range of seconds on a shared AMD Opteron server.
Dipanjan Das, Priyanka Bose, S. Sree Vivek, S. Sharmila Deva Selvi, C. Pandu Rangan
ePrint Report
Mihir Bellare, Douglas Stebila
ePrint Report
Marie-Sarah Lacharit\\\'{e}, Kenneth G. Paterson
ePrint Report