IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
18 December 2015
Zheng Yuan, Zhen Peng, Ming Mao
ePrint ReportChristoph Dobraunig, Maria Eichlseder, Florian Mendel
ePrint ReportS. Carpov, R. Sirdey
ePrint ReportYoshinori Aono, Manindra Agrawal, Takakazu Satoh, Osamu Watanabe
ePrint ReportThis paper provides a way to analyze a general limitations of the lattice construction for the Coppersmith technique. Our analysis upper bounds the possible range of $U$ that is asymptotically equal to the bound given by the original result of Coppersmith and May. This means that they have already given the best lattice construction. In addition, we investigate the optimality for the bivariate equation to solve the small inverse problem, which was inspired by Kunihiro's argument. In particular, we show the optimality for the Boneh-Durfee's equation used for RSA cryptoanalysis,
To show our results, we establish framework for the technique by following the relation of Howgrave-Graham, and then concretely define the conditions in which the technique succeed and fails. We then provide a way to analyze the range of $U$ that satisfies these conditions. Technically, we show that the original result of Coppersmith achieves the optimal bound for $U$ when constructing a lattice in the standard way. We then provide evidence which indicates that constructing a non-standard lattice is generally difficult.
17 December 2015
Nicolas T. Courtois
ePrint ReportUniversity of Utah, Salt Lake City
Job PostingThe University of Utah is a Carnegie Research I Institution, and the School of Computing is an exciting, growing school with a 50-year history of excellence in computer science education, innovation, and research. The University of Utah is located in Salt Lake City, the hub of a large metropolitan area with excellent cultural and recreational opportunities. Additional information about the school and our current faculty can be found at http://www.cs.utah.edu.
Candidates may apply through the following URL: http://utah.peopleadmin.com/postings/45876
Review of applications will begin after November 15 and will continue until the positions are filled.
Closing date for applications: 30 January 2016
Contact: Suresh Venkatasubramanian, Associate Professor (suresh (at) cs.utah.edu)
More information: http://www.cs.utah.edu/people/faculty-hiring/#SoC
15 December 2015
Mihir Bellare, Anna Lysyanskaya
ePrint ReportYark{\i}n Dor\"{o}z, Berk Sunar, Gizem S. \c{C}etin
ePrint ReportGeoffroy Couteau, Thomas Peters, David Pointcheval
ePrint ReportGizem S. \c{C}etin, Yark{\i}n Dor\"{o}z, Berk Sunar, William J. Martin
ePrint ReportGizem S. \c{C}etin, Wei Dai, Yark{\i}n Dor\"{o}z, Berk Sunar
ePrint ReportThomas Fuhr, Gaëtan Leurent, Valentin Suder
ePrint ReportOCB has a security proof up to 2^n/2 queries, and a matching forgery attack was described by Ferguson, where the main step of the attack recovers the whitening key. In this work we study recent authenticated encryption algorithms inspired by OCB, such as Marble, AEZ, and COPA. While Fergusons attack is not applicable to those algorithms, we show that it is still possible to recover the secret mask with birthday complexity. Recovering the secret mask easily leads to a forgery attack, but it also leads to more devastating attacks, with a key-recovery attack against Marble and AEZ v2 and v3 with birthday complexity.
For Marble, this clearly violates the security claims of full n-bit security. For AEZ, this matches the security proof, but we believe it is nonetheless a quite undesirable property that collision attacks allow to recover the master key, and more robust designs would be desirable.
Our attack against AEZ is generic and independent of the internal permutation (in particular, it still works with the full AES), but the key-recovery is specific to the key derivation used in AEZ v2 and v3. Against Marble, the forgery attack is generic, but the key-recovery exploits the structure of the E permutation (4 AES rounds). In particular, we introduce a novel cryptanalytic method to attack 3 AES rounds followed by 3 inverse AES rounds, which can be of independent interest.
Frederik Armknecht, Colin Boyd, Christopher Carr, Kristian Gj{\o}steen, Angela J{\"a}schke, Christian A. Reuter, Martin Strand
ePrint ReportChester Rebeiro, Debdeep Mukhopadhyay
ePrint ReportYuval Ishal, Eyal Kushilevitz, Steve Lu, Rafail Ostrovsky
ePrint ReportIn addition, our solution also provides a mechanism for allowing data owners to set filters that prevent prohibited queries from returning any results, without revealing the filtering terms. Finally, we also present the benchmarks of our prototype implementation. This is the full version of the extended abstract to appear at CT-RSA 2016.
Jian Guo, J\'er\'emy Jean, Ivica Nikoli\'c, Kexin Qiao, Yu Sasaki, Siang Meng Sim
ePrint ReportPratish Datta, Ratna Dutta, Sourav Mukhopadhyay
ePrint ReportBucharest, Romania, 8 September - 9 September 2016
Event CalendarSubmission deadline: 1 June 2016
Notification: 1 August 2016
University of Nebraska Lincoln
Job PostingDr. Qiben Yan’s lab in University of Nebraska Lincoln has multiple Ph.D. TA/RA openings starting from Fall 2016. The successful candidates are expected to work on exciting research areas in Cyber Security, including: Internet and web security, mobile/wireless networks and security, spectrum and cognitive radio security, applied cryptography, network monitoring and intrusion detection, botnet and mobile malware defense. Preferred candidates should be self-motivated, responsible, and have the curiosity and determination to explore the path to develop himself/herself into an outstanding security researcher. Candidates with CS, EE or other relevant backgrounds will be considered, and an earned Master degree is a plus. A solid background in either of the following will be a plus: wireless communications & networking, security/cryptography, data mining/machine learning, optimization, game theory/control, or strong system implementation skills. If you are interested, please send your CV/resume, transcripts, GRE and TOEFL scores, and any other information that you believe is helpful for your application in one email to Prof. Yan at yan (at) unl.edu. For more information, please visit http://cse.unl.edu/~qyan.
Closing date for applications: 28 February 2016
Contact: Dr. Qiben Yan
More information: http://cse.unl.edu/~qyan
Newcastle University
Job PostingThe successful applicant will join a vibrant and growing Secure and Resilient Systems (SRS) research group at the School of computing Science, Newcastle University. So far research works in the group have been largely driven by tackling real-world security problems, with some of the research outcomes adopted by international standards and deployed in large-scale commercial applications.
About us: The School of Computing Science at Newcastle University is recognised as one of the fourteen Academic Centres of Excellence in Cyber Security Research (ACEs-CSR) in the UK. In the latest 2014 Research Excellence Framework (REF) assessment which included all UK universities, Newcastle University CS was ranked the 1st in the UK for its Research Impact.
How to apply: follow the online application link below (Look for project title: Secure IoT Platform for A Smart Nation, School: Computing Science, Ref: NSS16). To help speed up the process, please also send your CV and a brief cover letter to feng.hao (at) ncl.ac.uk.
Closing date for applications: 26 February 2016
Contact: feng.hao (at) ncl.ac.uk
More information: http://www.ncl.ac.uk/sage/study/postgrad/singapore/index.htm