IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
12 July 2017
Rajkumar Ramasamy, S.Sree Vivek, Praveen George, Bharat S. Rawal Kshatriya
Searchable Symmetric Encryption (SSE) is a technique to securely outsource the data, which is encrypted using symmetric key primitives, while maintaining search functionality. While several solutions have been proposed to realize SSE over various data structures, the efficient solution using inverted index is due to Curtmola et.al. Hwang et.al. introduced a SSE scheme based on bitmaps in-order to reduce the index size.
In this paper, we consider Searchable Symmetric Encryption (SSE) in the presence of a Semi-Honest-But-Curious Cloud Service Provider (SHBC-CSP). We have defined a new security notion for SSE in presence of SHBC-CSP, contrived two new SSE schemes and proved their security formally in the proposed security notion. Dynamic Verifiable Encrypted Keyword Search (DVSSE), is the first SSE scheme to the best of our knowledge, which is both dynamic and verifiable. We have implemented our schemes, compared their performance and complexity with existing schemes.
11 July 2017
Amsterdam, Netherlands, 9 September - 12 September 2018
Submission deadline: 15 April 2018
Notification: 15 June 2018
Amsterdam, Netherlands, 9 September - 12 September 2017
Submission deadline: 15 January 2018
Notification: 15 March 2018
Amsterdam, Netherlands, 9 September - 12 September 2018
Submission deadline: 15 October 2017
Notification: 15 December 2017
Nancy, France, 23 October - 25 October 2017
Submission deadline: 23 July 2017
Notification: 15 September 2017
Graz University of Technology
In order to extend our interdisciplinary team we are looking for two postdoctoral researchers with experience/interest in at least one of the following fields:
- Side Channels
- Operating system security
- Software isolation techniques
- Cryptography
- Formal methods
- Code analysis and compilers
As a postdoctoral researcher in our team you will have the opportunity to conduct ERC-funded basic research as well as to work on applied topics with one of our many industry partners. We offer a vibrant working environment that in total comprises more than 60 researchers in the area of information security at Graz University of Technology.
The position is for at least one year.
In case you are interested in joining our team, please apply by submitting your application at https://www.iaik.tugraz.at/content/about_iaik/jobs/vacant_jobs/.
Applications should include a curriculum vitae, a statement of motivation, a transcript of records as well as names and email addresses of two persons that can provide references. We are looking forward to your application.
Closing date for applications: 30 September 2017
Contact: Stefan Mangard, Stefan.Mangard (at) iaik.tugraz.at
More information: https://www.iaik.tugraz.at/content/about_iaik/jobs/vacant_jobs/
Visa Research, Palo Alto, California, USA
Interested candidates should kindly email their CV to research (at) visa (dot) com with the subject line Security Research Position.
Closing date for applications: 31 December 2017
RMIT University, Melbourne, Australia
We offer five Ph.D. scholarships to support Ph.D. students to work on projects aiming to explore the novel methods of artificial intelligence, data mining and machine learning for the applications in defending cyber security. The successful candidates are expected to submit their Ph.D. thesis based on the research.
Candidates should have
- a Bachelor degree with Honours (BSc Hons) in computer science with good programming skills; or a Masters degree in computing, information technology or related discipline,
- good English (e.g., IELTS 6.5 or TOEFL 90),
- knowledge of cryptographic protocols, data mining or machine learning algorithms, and cloud computing architecture. Publications in cyber security and privacy will be regarded as an additional merit.
Please send your CV and publication record to andrei.kelarev (at) rmit.edu.au.
Please include \"PhD scholarship\" in the subject of email.
Closing date for applications: 15 September 2017
Contact: Dr. Andrei Kelarev
School of Science, RMIT University, GPO Box 2476, Melbourne, VIC 3001, Australia
andrei.kelarev (at) rmit.edu.au
More information: https://www.rmit.edu.au/
Benedikt Auerbach, David Cash, Manuel Fersch, Eike Kiltz
07 July 2017
Rio de Janeiro, Brazil, 25 March - 28 March 2018
Submission deadline: 6 October 2017
Notification: 15 December 2017
06 July 2017
Mario Werner, Thomas Unterluggauer, Robert Schilling, David Schaffenrath, Stefan Mangard
To solve this issue, we present an open-source framework for building transparent RAM encryption and authentication pipelines, suitable for both FPGAs and ASICs. The framework supports various ciphers and modes of operation as shown by our comprehensive evaluation on a Xilinx Zynq-7020 SoC. For encryption, the ciphers Prince and AES are used in the ECB, CBC and XTS mode. Additionally, the authenticated encryption cipher Ascon is used both standalone and within a TEC tree. Our results show that the data processing of our encryption pipeline is highly efficient with up to 94% utilization of the read bandwidth that is provided by the FPGA interface. Moreover, the use of a cryptographically strong primitive like Ascon yields highly practical results with 54% bandwidth utilization.
Sayandeep Saha, Ujjawal Kumar, Debdeep Mukhopadhyay, Pallab Dasgupta
Anat Paskin-Cherniavsky, Slava Radune
All previous work in coding for interactive communication considered error correction (that is, $g(x,y)$ must be recovered correctly with high probability), which puts a limit of corrupting up to a $1/4$ of the symbols (Braverman and Rao 11'). In this work, we initiate the study of CIC for non-threshold families. We first come up with a robustness notion both meaningful and achievable by CIC for interesting non-threshold families. As a test case, we consider $\mathcal{F}_{\text{bit}}$, where each bit of the codeword is modified independently of the other bits (and all bits can be modified). Our robustness notion is an enhanced form of error-detection, where the output of the protocol is distributed over $\{\bot,f(x,y)\}$, and the distribution does not depend on $x,y$. This definition can be viewed as enhancing error detection by non malleability (as in the setting of non-malleable codes introduced by Dzembowski et. al. 10'). We devise CIC for several interesting tampering families (including $\mathcal{F}_{\text{bit}}$). As a building block, we introduce the notion of MNMC (non malleable codes for multiple messages), which may be of independent interest.
Alex Biryukov, Daniel Feher, Dmitry Khovratovich
Ágnes Kiss, Jian Liu, Thomas Schneider, N. Asokan, Benny Pinkas
In this paper, we analyze and optimize the efficiency of existing PSI protocols to support precomputation so that they can efficiently deal with such input sets. We transform four existing PSI protocols into the precomputation form such that in the setup phase the communication is linear only in the size of the larger input set, while in the online phase the communication is linear in the size of the smaller input set. We implement all four protocols and run experiments between two PCs and between a PC and a smartphone and give a systematic comparison of their performance. Our experiments show that a protocol based on securely evaluating a garbled AES circuit achieves the fastest setup time by several orders of magnitudes, and the fastest online time in the PC setting where AES-NI acceleration is available. In the mobile setting, the fastest online time is achieved by a protocol based on the Diffie-Hellman assumption.
05 July 2017
Kwang Ho Kim, Junyop Choe, Song Yun Kim, Namsu Kim, Sekung Hong
Sikhar Patranabis, Debdeep Mukhopadhyay
Andreas Hülsing, Joost Rijneveld, John Schanck, Peter Schwabe
Katriel Cohn-Gordon, Cas Cremers, Luke Garratt, Jon Millican, Kevin Milner
One reason for this discrepancy in security guarantees is that most existing group messaging protocols are fundamentally synchronous, and thus cannot be used in the asynchronous world of mobile communications. In this paper we show that this is not necessary, presenting a design for a tree-based group key exchange protocol in which no two parties ever need to be online at the same time. Our design achieves strong security guarantees, in particular including post-compromise security.
We give a computational security proof for our core design as well as a proof-of-concept implementation, showing that it scales efficiently even to large groups. Our results show that strong security guarantees for group messaging are achievable even in the modern, asynchronous setting, without resorting to using inefficient point-to-point communications for large groups. By building on standard and well-studied constructions, our hope is that many existing solutions can be applied while still respecting the practical constraints of mobile devices.
Michael Raskin
The article [DNPR] contains various communications lower bounds for unconditionally secure multiparty computation. In particular, it contains a linear lower bound for communication complexity of a regular parallel multiplication protocol using an ideal secret sharing scheme. These conditions mean that the protocol starts with the input being secret-shared with each share of each input field element being a field element, all combinations are used, and the output is shared in the same way as input.
In this report a weaker property of the secret sharing scheme that still allows to prove a linear (w.r.t. the number of multiplications) lower bound on communication is presented. Namely, if we have two (out of three) sides and two options for each party's shares and three possible combinations decode as the same value, the remaining combination should also be a valid pair of shares and reveal the same value.