IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
13 September 2016
EURECOM, Sophia Antipolis, FRANCE
Job PostingEURECOM hosts one of the most established academic research activities in the field of security and privacy in Europe since more than 20 years. This activity takes place in three dedicated research groups as part of the digital security department. The new faculty is expected to join forces with the Applied Cryptography and Security Protocols Group with his/her expertise in the following fields:
- applied cryptography
- security protocols
- privacy enhancing technologies
geared towards the following application areas:
- security and privacy in cloud computing
- security and privacy in Big Data.
Candidates must have a Ph.D. in computer science or electrical engineering and a proven track record of postdoctoral research in one or several of these areas.
While actively leading research with his/her team, the new faculty is also expected to enhance the resources of the department by raising additional funding. Besides excellence in academic research, he/she must tackle with real life security and privacy problems raised by industrial applications.
The new faculty is also expected to carry out fundamental research and to develop new graduate courses in the aforementioned domains.
Qualified applicants should send a cover letter with a resume including a publication list emphasizing the three most important publications, a statement of proposed research and teaching activities and the names and addresses of three references by e-mail under reference MDCAC2016 to recruitment-mdcsec (at) eurecom.fr. The screening will start on November 1st, 2016 and applications will be accepted until the position is filled.
Closing date for applications: 31 December 2016
Contact: recruitment-mdcsec (at) eurecom.fr
subject: MDCAC2016
More information: http://www.eurecom.fr/en/home?quicktabs_homepage_tabs=2#quicktabs-homepage_tabs
11 September 2016
Eiichiro Fujisaki, Keita Xagawa
ePrint ReportRongmao Chen, Yi Mu, Guomin Yang, Willy Susilo, Fuchun Guo, Mingwu Zhang
ePrint ReportWe introduce the notion of malleable smooth projective hash function, which is an extension of the smooth projective hash function (SPHF) introduced by Cramer and Shoup (Eurocrypt'02) with the new properties of key malleability and element rerandomizability. We demonstrate the feasibility of our new notion using graded rings proposed by Benhamouda et al. (Crypto'13), and present an instantiation from the k-linear assumption. Moreover, we show that the malleable SPHF can also be based on other standard assumptions.
We show how to generically construct CRFs via malleable SPHFs in a modular way for some widely used cryptographic protocols. Specifically, we propose generic constructions of CRFs for the unkeyed message-transmission protocol and the oblivious signature-based envelope (OSBE) protocol of Blazy, Pointcheval and Vergnaud (TCC'12). We also present a new malleable SPHFfrom the linear encryption of valid signatures for instantiating the OSBE protocol with CRFs.
We further study the two-pass oblivious transfer (OT) protocol and show that the malleable SPHF does not suffice for its CRF constructions. We then develop a new OT framework from graded rings and show how to construct OT-CRFs by modifying the malleable SPHF framework. This new framework encompasses the DDH-based OT-CRF constructions proposed by Mironov and Stephens-Davidowitz (Eurocrypt'15), and yields a new construction under the $k$-linear assumption.
10 September 2016
Abu Dhabi, United Arab Emirates, 7 January - 12 January 2017
Event CalendarSurat, India, 29 January - 1 February 2017
Event CalendarSubmission deadline: 30 September 2016
Notification: 21 November 2016
Sibenik, Croatia, 5 June - 9 June 2017
Event CalendarFuchun Guo, Willy Susilo, Yi Mu, Rongmao Chen, Jianchang Lai, Guomin Yang
ePrint ReportIn this paper, we introduce a universal approach for finding loss, namely Iterated Random Oracle, which can be applied to all computational assumptions. The finding loss in our proposed approach is very small. For $2^{60}$ queries to the random oracle, the success probability of finding the correct solution from the query set will be as large as $1/{64}$ compared to $1/{2^{60}}$ by a random pick. We show how to apply the iterated random oracle for security transformation from key encapsulation mechanism with one-way security to normal encryption with indistinguishability security. The security reduction is very tight due to a small finding loss. The transformation does not expand the ciphertext size. We also give the application of the iterated random oracle in the key exchange.
Xavier Boyen, Christopher Carr, Thomas Haines
ePrint ReportOur proposal strips out the ``blocks''-&-``chain'' consolidation mechanism, instead repurposing the atomic transactions as the only system objects. A fully distributed proof of work, coupled with progressive and predictable rewards, is efficiently layered on top of the transaction structure. Without blocks, the cryptographic ``chain'' of transaction affirmations turns into a directed graph, whose sparseness, timely growth and global convergence are steered by game-theoretic incentives.
The transaction affirmation process is _cooperative_ (rather than competitive), to entice all participants to work _solitarily_ at their own pace, rather than in pools at the pace of a blockchain.
In the absence of blocks, we develop a framework that enjoys better decentralisation, improved responsiveness and natural scalability. Crucially, most of the key features of cryptocurrencies are _transaction-bound_ rather than blockchain-bound, and are thus compatible with our framework---e.g., scripting, multi denominations, _smart contracts_, etc.
Ilaria Chillotti, Nicolas Gama, Mariya Georgieva, Malika Izabachène
ePrint ReportWe show that the bootstrapping scheme FHEW of Ducas and Micciancio (Eurocrypt 2015) can be expressed only in terms of this external product. As a result, we obtain a speed up from less than 1 second to less than 0.1 seconds. We also reduce the 1GB bootstrapping key size to 24MB, preserving the same security levels, and we improve the noise propagation overhead by replacing exact decomposition algorithms with approximate ones.
Moreover, our external product allows to explain the unique asymmetry in the noise propagation of GSW samples and makes it possible to evaluate deterministic automata homomorphically as in (ePrint 2014/048) in an efficient way with a noise overhead only linear in the length of the tested word.
Finally, we provide an alternative practical analysis of LWE based scheme, which directly relates the security parameter to the error rate of LWE and the entropy of the LWE secret key.
Ted Chinburg, Brett Hemenway, Nadia Heninger, Zachary Scherr
ePrint ReportViet Tung Hoang, Jonathan Katz, Adam O'Neill, Mohammad Zaheri
ePrint ReportConcretely, we first treat SOA security of nonce-based PKE. After formulating an appropriate definition of SOA- secure nonce-based PKE,we provide efficient constructions in the non-programmable random-oracle model, based on lossy trapdoor functions.
We then lift our notion of security to the setting of "hedged" PKE, which ensures security as long as the sender's seed, message, and nonce jointly have high entropy. This unifies the notions and strengthens the protection that nonce-based PKE provides against randomness failures even in the non-SOA setting.We lift our definitions and constructions of SOA-secure nonce-based PKE to the hedged setting as well.
Eduard Marin, Enrique Argones Rúa, Dave Singelée, Bart Preneel
ePrint ReportThis paper surveys some of the proposed countermeasures in the field of medical device security, with a special focus on those that use patient's physiological signals for key establishment or authentication between the devices. We point out that most of the existing solutions, including those relying on PS, take assumptions that do not necessarily hold in practical scenarios. Furthermore, we show that the H2H protocol and the Biosec protocol have serious security weaknesses and design flaws which make them vulnerable to attacks. Based on our analysis, we define some of the challenges that need be addressed before adopting these solutions. Furthermore, we investigate how to use physiological-signal-based protocols in cryptography, possibly in combination with other solutions, such as pre-installed factory keys, to achieve higher security protection.
Prastudy Fauzi, Helger Lipmaa, Michał Zając
ePrint ReportSarah Miracle, Scott Yilek
ePrint ReportThomas Shrimpton, R. Seth Terashima
ePrint ReportTo address both concerns, we introduce a new analysis model, the ideal-cipher model under key-oblivious access (ICM-KOA). Like the ICM, the ICM-KOA can give sharp security bounds when standard-model bounds do not. Unlike the ICM, results in the ICM-KOA are less brittle to current and future cryptanalytic results on the blockcipher used to instantiate the ideal cipher. Also, results in the ICM-KOA immediately imply results in the ICM _and_ the standard model, giving multiple viewpoints on a construction with a single effort. The ICM-KOA provides a conceptual bridge between ideal ciphers and tweakable blockciphers (TBC): blockcipher-based constructions secure in the ICM-KOA have TBC-based analogs that are secure under standard-model TBC security assumptions. Finally, the ICM-KOA provides a natural framework for analyzing blockcipher key-update strategies that use the blockcipher to derive the new key. This is done, for example, in the NIST CTR-DRBG and in the hardware RNG that ships on Intel chips.
Shuangyi Zhu, Yuan Ma, Jingqiang Lin, Jia Zhuang, Jiwu Jing
ePrint ReportSuvradip Chakraborty, Goutam Paul, C. Pandu Rangan
ePrint ReportJack Doerner, David Evans, abhi shelat
ePrint ReportWe adapt the classic Gale-Shapley algorithm for use in such a context, and show experimentally that our modifications yield a lower asymptotic complexity and more than an order of magnitude in practical cost improvement over previous techniques. Our main improvements stem from designing new oblivious data structures that exploit the properties of the matching algorithms. We apply a similar strategy to scale the Roth-Peranson instability chaining algorithm, currently in use by the National Resident Matching Program. The resulting protocol is efficient enough to be useful at the scale required for matching medical residents nationwide, taking just over 18 hours to complete an execution simulating the 2016 national resident match with more than 35,000 participants and 30,000 residency slots.
Junqing Gong, Xiaolei Dong, Jie Chen, Zhenfu Cao
ePrint ReportIn this paper, we answer the question in the affirmative by describing a prime-order IBE scheme with the same performance as the most efficient solutions so far but whose security still relies on the standard k-linear (k-Lin) assumption. Our technical start point is Blazy et al.'s almost-tightly secure IBE [CRYPTO, 2014]. We revisit their concrete IBE scheme and associate it with the framework of nested dual system group. This allows us to extend Blazy et al.'s almost-tightly secure IBE to the MIMC setting using Gong et al.'s method [PKC, 2016]. We emphasize that, when instantiating our construction by the Symmetric eXternal Diffie-Hellman assumption (SXDH = 1-Lin), we obtain the most efficient concrete IBE scheme with almost-tight reduction in the MIMC setting, whose performance is even comparable to the most efficient IBE in the classical model (i.e., the single-instance, single-ciphertext setting). Besides pursuing high performance, our IBE scheme also achieves a weaker form of anonymity pointed out by Attrapadung et al. [AsiaCrypt, 2015].
09 September 2016
Royal Holloway, University of London, UK
Job PostingClosing date for applications: 10 October 2016
Contact: Kenny Paterson
Information Security Group
Royal Holloway, University of London
kenny.paterson (at) rhul.ac.uk
More information: https://jobs.royalholloway.ac.uk/vacancy.aspx?ref=0916-295