IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
22 May 2017
Atul Luykx, Bart Mennink, Kenneth G. Paterson
ePrint ReportZhe Liu, Patrick Longa, Geovandro Pereira, Oscar Reparaz, Hwajeong Seo
ePrint ReportSaikrishna Badrinarayanan, Sanjam Garg, Yuval Ishai, Amit Sahai, Akshay Wadia
ePrint ReportKaisa Nyberg
ePrint ReportNilanjan Datta, Atul Luykx, Bart Mennink, Mridul Nandi
ePrint ReportIlaria Chillotti, Nicolas Gama, Mariya Georgieva, Malika Izabachène
ePrint ReportChristian Badertscher, Christian Matt, Ueli Maurer
ePrint ReportThis paper shows that in order to be resilient against realistic attacks, the security definition of ACE must be considerably strengthened in several ways. A new, substantially stronger security definition is proposed, and an ACE scheme is constructed which provably satisfies the strong definition under standard assumptions.
Three aspects in which the security of ACE is strengthened are as follows. First, CCA security (rather than only CPA security) is guaranteed, which is important since senders can be dishonest in the considered setting. Second, the revealing of an (unsanitized) ciphertext (e.g., by a faulty sanitizer) cannot be exploited to communicate more in a policy-violating manner than the information contained in the ciphertext. We illustrate that this is not only a definitional subtlety by showing how in known ACE schemes, a single leaked unsanitized ciphertext allows for an arbitrary amount of policy-violating communication. Third, it is enforced that parties specified to receive a message according to the policy cannot be excluded from receiving it, even by a dishonest sender.
Douglas R. Stinson
ePrint ReportGregor Leander, Alexander May
ePrint ReportMasahiro Yagisawa
ePrint ReportAkihiro Nishimura, Takuya Nishida, Yu-ichi Hayashi, Takaaki Mizuki, Hideaki Sone
ePrint ReportMarkku-Juhani O. Saarinen
ePrint ReportAlexander Koch, Stefan Walzer
ePrint ReportRecently, Mizuki and Shizuya (Int. J. Inf. Secur., 2014) defined a model meant to encompass all card-based protocols. This permits rigorous proofs of lower bounds and impossibility results. However, up to now, no general implementation of the shuffling operations in the model have been proposed and active security, e.g. ensuring that the players cannot deviate in the shuffling steps, has remained largely un-addressed.
In this paper we give a more strict characterization of card-based protocols, taking meticulous care that each involved operation can be implemented under a small set of plausible assumptions even if one of the players is dishonest. The resulting model is still powerful enough to admit an actively secure implementation of the model of Mizuki and Shizuya, restricted to shuffles with a uniform distribution on a permutation group. A linear number of helping cards is needed in the reduction.
Urbi Chatterjee, Vidya Govindan, Rajat Sadhukhan, Debdeep Mukhopadhyay, Rajat Subhra Chakraborty, Debashis Mahata, Mukesh Prabhu
ePrint Report\'Eric Brier, R\'emi G\'eraud, David Naccache
ePrint ReportGiven this scheme's algebraic structure it is interesting to systematically explore its variants and generalizations. In particular it might be useful to enhance NS with features such as semantic security, re-randomizability or an extension to higher-residues.
This paper addresses these questions and proposes several such variants.
Shiyi Zhang, Yongjuan Wang, Yang Gao, Tao Wang
ePrint Report20 May 2017
Alessandro Budroni, Federico Pintore
ePrint Report19 May 2017
Singapore University of Technology and Design, established in collaboration with MIT, USA
Job PostingCandidates for Post-Doc should have completed (or close to completing) a PhD in computer science, mathematics, or a related discipline with solid publication record. He/she should have solid experience in any of the following areas:
1. Public Key/Private key Cryptography and Provable Security.
2. Information and Network Security.
3.Privacy and Authentication
Successful candidates are expected to contribute to one of the following topics:
- Security in Decentralized application
- IoT Security
- network security
The candidate must have strong publication list (At least one top journal paper with high impact factor in IEEE/ACM Transactions)
The post has a flexible starting date. The initial appointment will be for one year, with a strong possibility for further appointment.
Review of applications will start immediately until the positions are filled.
Contact: How to apply:
Interested candidates kindly send their CV to Dr. Jemin Lee (email: jmnlee (at) ieee.org) and cc Dr. Prosanta Gope (email: gope_prosanta (at) sutd.edu.sg). Initial screening of applications
will begin immediately and the position will remain open until
filled. Only shortlist will be notified.
Closing date for applications: 31 July 2017
18 May 2017
Oslo, Norway, 14 September - 15 September 2017
Event CalendarSubmission deadline: 17 June 2017
Notification: 27 July 2017
15 May 2017
Rongmao Chen, Yi Mu, Guomin Yang, Willy Susilo, Fuchun Guo
ePrint ReportIn this work, we revisit the modelling and design of authenticated key exchange (AKE) protocols with leakage resilience. We show that the prior works on this topic are inadequate in capturing realistic leakage attacks. To close this research gap, we propose a new security notion named leakage-resilient eCK model w.r.t. auxiliary inputs (AI-LR-eCK) for AKE protocols, which addresses the limitations of the previous models. Our model allows computationally hard-to-invert leakage of both the long-term secret key and the randomness, and also addresses a limitation in the previous models where the adversary is disallowed to make leakage queries during the challenge session. As another major contribution of this work, we present a generic framework for the construction of AKE protocols that are secure under the proposed AI-LR-eCK model. An instantiation based on the Decision Diffie-Hellman (DDH) assumption in the standard model is also given to demonstrate the feasibility of our proposed framework.