IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
15 May 2017
Massimo Bartoletti, Stefano Lande, Alessandro Sebastian Podda
Ioana Boureanu, David Gerault, Pascal Lafourcade, Cristina Onete
In this paper, we exhibit flaws both in the authentication and distance-bounding layers of $HB+DB$; these vulnerabilities encompass practical attacks as well as provable security shortcomings. First, we show that $HB+DB$ may be impractical as a secure distance-bounding protocol, as its distance-fraud and mafia-fraud security-levels scale poorly compared to other distance-bounding protocols. Secondly, we describe an effective MiM attack against $HB+DB$: our attack refines the GRS-strategy and still leads to key-recovery by the attacker, yet this is not deterred by $HB+DB$'s distance-bounding. Thirdly, we refute the claim that $HB+DB$'s security against passive attackers relies on the hardness of the LPN problem. We also discuss how (erroneously) requiring such hardness, in fact, lowers $HB+DB$'s efficiency and its resistance to authentication and distance-bounding attacks. Drawing on $HB+DB$'s design flaws, we also propose a new distance-bounding protocol: $\mathbb{BLOG}$. It retains parts of $HB+DB$, yet $\mathbb{BLOG}$ is provably secure, even --in particular-- against MiM attacks. Moreover, $\mathbb{BLOG}$ enjoys better practical security (asymptotical in the security parameter).
Towards Practical PFE: An Efficient 2-Party Private Function Evaluation Protocol Based on Half Gates
Osman Bicer, Muhammed Ali Bingol, Mehmet Sabir Kiraz, Albert Levi
14 May 2017
Alex Biryukov, Leo Perrin
We present for the first time a unified framework for describing the hardness of a primitive along any of these three axes: code-hardness, time-hardness and memory-hardness. This unified view allows us to present modular block cipher and sponge constructions which can have any of the three forms of hardness and can be used to build any higher level symmetric primitive: hash function, PRNG, etc.
We also formalize a new concept: asymmetric hardness. It creates two classes of users: common users have to compute a function with a certain hardness while users knowing a secret can compute the same function in a far cheaper way. Functions with such an asymmetric hardness can be directly used in both our modular structures, thus constructing any symmetric primitive with an asymmetric hardness. We also propose the first asymmetrically memory-hard function, DIODON.
As illustrations of our framework, we introduce WHALE and SKIPPER. WHALE is a code-hard hash function which could be used as a key derivation function and SKIPPER is the first asymmetrically time-hard block cipher.
Abhishek Chakraborty, Ankit Mondal, Ankur Srivastava
Dallas, USA, 30 October - 3 November 2017
Submission deadline: 4 August 2017
Notification: 4 September 2017
University of Surrey, UK
Closing date for applications: 6 June 2017
Contact: Professor Steve Schneider
Director of Surrey Centre for Cyber Security
University of Surrey
Guildford
Surrey GU2 7XH
s.schneider (at) surrey.ac.uk
More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=034017
Imperial College London
Applications are invited for a PhD student broadly interested in the topics of security, privacy, and compilers. Dr. Livshits’ research involves a broad range of topics in application security, privacy, program analysis, general software reliability, and bug finding. Some of the prior work in recent years was in areas as diverse as malware detection and building augmented reality systems. A wide range of specific projects is available, although prospective students are expected to come up with some of the topics they are excited about.
To apply for this position, you will need to have a strong background in at least one of the following areas: security, privacy, compilers, program analysis, programming languages, or operating systems. You will also need some experience in building and working with large software systems and tools. This experience can come from either your academic projects or through working in the industry; candidates with a strong industrial background are encouraged to apply.
Applicants should have a Distinction/First class grade Master’s degree in Computer Science or a related field, and good communication and technical writing skills. The position is fully funded, covering tuition fees, travel funds and a stipend/bursary. The position is available to both EU and overseas students.
Closing date for applications: 31 December 2017
Contact: Dr. Ben Livshits (livshits (at) ic.ac.uk)
https://www.doc.ic.ac.uk/~livshits/
More information: http://www.imperial.ac.uk/computing/prospective-students/courses/phd/scholarships/security-privacy-compilers/
13 May 2017
Ximing Fu, Xiaoyun Wang, Jiazhe Chen
\c{C}etin Kaya Ko\c{c}
Yuriy Polyakov, Kurt Rohloff, Gyana Sahu, Vinod Vaikuntanthan
Satrajit Ghosh, Jesper Buus Nielsen, Tobias Nilges
Using our highly efficient OLE as a black box, we obtain a direct construction of an OPE protocol that simultaneously achieves UC-security and requires only $O(d)$ OTs, where $d$ is the degree of the polynomial that shall be evaluated.
Jihye Kim, Seunghwa Lee, Jiwon Lee, Hyunok Oh
Peter Rindal, Roberto Trifiletti
12 May 2017
Oxford, United Kingdom, 12 December - 14 December 2017
Submission deadline: 14 July 2017
Notification: 5 September 2017
11 May 2017
Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Bryan Ford
OmniLedger offers tunable performance based on the assumed strength of the adversaries, and scales linearly with the number of shards. Experiments show that it achieves Visa-level throughput of 6000 transactions per second (peaking at 50000) for 1800 validators, of which up to 12.5% (5%) are assumed to be malicious. Finally, OmniLedger significantly reduces bandwidth cost for out-of-date validators to update: for a one-month-old view, a validator downloads 40% of the amount of data compared to Bitcoin, whereas a new validator downloads only 7% while bootstrapping.
Jingjing Wang, Xiaoyu Zhang, Jingjing guo, Jianfeng Wang
Jens Bauch, Daniel J. Bernstein, Henry de Valence, Tanja Lange, Christine van Vredendaal
10 May 2017
Masaaki Shirase
Prabhanjan Ananth, Arka Rai Choudhuri, Abhishek Jain
1. A five round MPC protocol based on the Decisional Diffie-Hellman (DDH) assumption.
2. A four round MPC protocol based on one-way permutations and sub-exponentially secure DDH. This result is {\em optimal} in the number of rounds.
Previously, no four-round MPC protocol for general functions was known and five-round protocols were only known based on indistinguishability obfuscation (and some additional assumptions) [Garg et al., EUROCRYPT'16].