IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
31 October 2017
Divya Gupta, Hemanta K. Maji, Mingyuan Wang
ePrint ReportOne of the fundamental research directions in the field of non-malleable code construction considers encoding the message into $k$ separates states, where $k\geq 2$, such that each state can be tampered separately by an arbitrary function. The goal of this research effort is to reduce the number of states $k$, while achieving high encoding rate, i.e., the ratio of the message length to the cumulative size of all the $k$ encoded states. The current state-of-the-art provides non-malleable code constructions for 2-states at $1/\log\ell$ rate (Li, STOC--2017), where $\ell$ is the length of the encoded message, and, very recently, for 4-states at $\approx 1/3$ rate (Kanukurthi, Obbattu, and Sekar, TCC--2017). However, there are no known non-malleable code constructions for $k=2$ or $k=3$ with a constant rate. This work contributes to this research endeavor by providing a rate $\approx 1/3$ non-malleable code for $k=3$.
Reducing the number of states $k$ in a non-malleable code is notoriously hard. However, our work succeeds in reducing the number of states required by the construction of Kanukurthi et al. by leveraging a unique characteristic of the non-malleable code for 2-states provided by Aggarwal, Dodis, and Lovett (STOC, 2014).
Josep Balasch, Sebastian Faust, Benedikt Gierlichs, Clara Paglialonga, François-Xavier Standaert
ePrint ReportBryon Marohn, Charles V. Wright, Wu-chi Feng, Mike Rosulek, Rakesh B. Bobba
ePrint ReportIn this work we present three new approximate TPE encryption schemes. In our schemes, ciphertexts and plaintexts have perceptually similar, but not identical, thumbnails. Our constructions are the first TPE schemes designed to work well with JPEG compression. In addition, we show that they also have provable security guarantees that characterize precisely what information about the plaintext is leaked by the ciphertext image.
We empirically evaluate our schemes according to the similarity of plaintext and ciphertext thumbnails, increase in file size under JPEG compression, preservation of perceptual image hashes, among other aspects. We also show how approximate TPE can be an effective tool to thwart inference attacks by machine-learning image classifiers, which have shown to be effective against other image obfuscation techniques.
30 October 2017
Nanyang Technological University, Singapore
Job PostingInterested candidates are invited to send your CV and reference letters to Asst Prof. Jian Guo.
Closing date for applications: 31 December 2017
Contact: guojian (at) ntu.edu.sg
More information: http://catf.crypto.sg
University of Stuttgart, Department of Hardware-oriented Computer Science
Job PostingThe Institute offers you an inspiring working atmosphere in a successful international team. A substantial part of our research is conducted in cooperation with national and international partners from academic institutions in, among others, the USA, Japan, Israel, and France, and with our partners in the industry. In addition to research activities, we expect from you contributions to our teaching program, supervising of student theses and participation in administrative duties, such as organization of scientific conferences.
If interested, please send your comprehensive application including CV and copies of certificates and grades to the following email address: ilia.polian (at) informatik.uni-stuttgart.de
Closing date for applications: 1 December 2017
Contact: Prof. Dr. Ilia Polian
Institut für Technische Informatik
Pfaffenwaldring 47
D-70569 Stuttgart, Germany
ilia.polian (at) informatik.uni-stuttgart.de
More information: http://www.iti.uni-stuttgart.de/en/institute/available-jobs.html
29 October 2017
CRYPTO
IACR is soliciting for affiliated events to be held in conjunction with Crypto 2018 on Saturday, August 18, and/or Sunday, August 19. Each such event is expected to provide a forum discussing a specific topic of the broad cryptographic world (theory, practice, implementation, standardizations, etc.). The format of the event (e.g., workshop, tutorial, etc.) is up to the organizers.
Information on proposing an affiliated event can be found at: https://crypto.iacr.org/2018/callforworkshops.html.
28 October 2017
Jos\'{e} Becerra, Vincenzo Iovino, Dimiter Ostrev, Petra \v{S}ala, Marjan \v{S}krobot
ePrint ReportErik-Oliver Blass, Florian Kerschbaum
ePrint ReportYi Liu, Qi Wang
ePrint ReportRené Bødker Christensen
ePrint ReportIvan Damgård, Ji Luo, Sabine Oechsner, Peter Scholl, Mark Simkin
ePrint ReportNaina Gupta, Arpan Jati, Anupam Chattopadhyay, Somitra Kumar Sanadhya, Donghoon Chang
ePrint ReportNowadays, security of ciphers using a side channel countermeasure is of utmost importance. This is due to the wide range of security critical applications from smart cards, battery operated IOT devices to accelerated crypto-processors. Such applications have different requirements (higher speed, energy efficiency, low latency, small area etc.) and hence need different implementation techniques. This paper presents an in-depth analysis of the various ways in which TI can be implemented for a lightweight cipher. We chose GIFT for our analysis as it is currently the most energy-efficient lightweight cipher. We present nine different profiles using different implementation techniques and show that no single technique is good for all scenarios. For example, the direct-shares technique is good for high throughputs whereas 3-shares is suitable for constrained environments with less area and moderate throughput requirements. The techniques presented in the paper are also applicable to other blockciphers. For security evaluation, we performed CPA on the 3-shares technique as it has good area versus speed trade-off. Experiments using 3 million traces show that it is protected against first-order attacks.
Muslum Ozgur Ozmen, Attila A. Yavuz
ePrint ReportIn this paper, {\em we propose a new cryptographic framework for small aerial drones, which offers significant energy efficiency and speed advantages over standard cryptographic techniques}: (i) We create (to the best of our knowledge), the first highly optimized public key infrastructure (PKI) based framework for small aerial drones, which provides energy efficient digital signature and public key encryption techniques by harnessing special pre-computation methods and optimized elliptic curves. (ii) We also integrate some of the most recent light-weight symmetric primitives into our PKI techniques to provide a full-fledged cryptographic framework. (iii) We implemented standard counterparts and our proposed techniques on an actual small aerial drone (Crazyflie 2.0), and provided an in-depth energy consumption analysis. Our experiments showed that {\em our new cryptographic framework achieves up to 35$\times$ lower energy consumption than its standard counterpart}. To the best of our knowledge, this is the first realization of an ultra-light cryptographic framework targeting small aerial drones. We make our framework open-source for public testing and adaptation purposes.
Hervé Chabanne, Julien Keuffer, Refik Molva
ePrint ReportPierre-Louis Cayrel, Edoardo Persichetti, Cheikh Thiecoumba Gueye, Ousmane N'diaye, Jean Belo Klamti, Gilbert Ndollane Dione, Brice Odilon Boidje
ePrint ReportYunwen Liu, Glenn De Witte, Adrián Ranea, Tomer Ashur
ePrint ReportTassos Dimitriou
ePrint ReportIn this paper, we develop a privacy-preserving rewarding scheme which allows campaign administrators to reward users for the data they contribute. Our system of anonymous tokens allow users to enjoy the benefits of participation while at the same time ensuring their anonymity. Moreover, rewards can be accumulated together thus further increasing the level of privacy offered by the system. Our proposal is coupled with a security analysis showing the privacy-preserving character of the system along with an efficiency analysis demonstrating the feasibility of our approach in realistic deployment settings.
Sebastian Meiser, Esfandiar Mohammadi
ePrint ReportThis work improves on previous work by providing upper and lower bounds for approximate DP, which enables us to quantify how untight our upper bound is. We introduce a numerical method and an implementation for computing provable upper and lower bounds for approximate DP for a given number of observations. In contrast to previous work, our bucketing method retains the shape of the distributions which enables us to compute tighter bounds. We show that, while previous work seems to be tight for the Laplace mechanism on statistical queries, our work is significantly tighter for other scenarios, such as the Gaussian mechanism on statistical queries or for real-world timing leakage data. We show that it is worth to conduct a tight privacy analysis by improving, as a case study, the privacy analysis of the anonymous communication system Vuvuzela. We show that for the same privacy target as in the original Vuvuzela paper, 5 to 10 times less noise already suffices, which significantly reduces Vuvuzela's overall bandwidth requirement.
T-H. Hubert Chan, Kai-Min Chung, Bruce Maggs, Elaine Shi
ePrint ReportInspired by the elegant notion of differential privacy, we initiate the study of a new notion of access pattern privacy, which we call ``$(\epsilon, \delta)$-differential obliviousness''. We separate the notion of $(\epsilon, \delta)$-differential obliviousness from classical obliviousness by considering several fundamental algorithmic abstractions including sorting small-length keys, merging two sorted lists, and range query data structures (akin to binary search trees). We show that by adopting differential obliviousness with reasonable choices of $\epsilon$ and $\delta$, not only can one circumvent several impossibilities pertaining to the classical obliviousness notion, but also in several cases, obtain meaningful privacy with little overhead relative to the non-private baselines (i.e., having privacy ``almost for free''). On the other hand, we show that for very demanding choices of $\epsilon$ and $\delta$, the same lower bounds for oblivious algorithms would be preserved for $(\epsilon, \delta)$-differential obliviousness.