IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
22 December 2017
Christina Boura, Ilaria Chillotti, Nicolas Gama, Dimitar Jetchev, Stanislav Peceny, Alexander Petric
ePrint ReportGilles Barthe, Benjamin Grégoire, Vincent Laporte
ePrint ReportWe consider the problem of preserving side-channel countermeasures by compilation, and present a general method for proving that compilation preserves software-based side-channel countermeasures. The crux of our method is the notion of 2-simulation, which adapts to our setting the notion of simulation from compiler verification. Using the Coq proof assistant, we verify the correctness of our method and of several representative instantiations.
Motahhareh Gharahi, Shahram Khazaei
ePrint ReportHouda Ferradi, David Naccache
ePrint ReportMarcel Keller, Valerio Pastro, Dragos Rotaru
ePrint Report- We present a protocol that uses semi-homomorphic (addition-only) encryption. For two parties, our BGV-based implementation is 6 times faster than MASCOT on a LAN and 20 times faster in a WAN setting. The latter is roughly the reduction in communication.
- We show that using the proof of knowledge in the original work by Damgård et al. (Crypto '12) is more efficient in practice than the one used in the implementation mentioned above by about one order of magnitude.
- We present an improvement to the verification of the aforementioned proof of knowledge that increases the performance with a growing number of parties, doubling it for 16 parties.
Akinori Hosoyamada, Yu Sasaki
ePrint ReportGottfried Herold, Elena Kirshanova, Thijs Laarhoven
ePrint ReportOur results extend and improve upon previous work of Bai-Laarhoven-Stehl{\'e} [ANTS'16] and Herold-Kirshanova [PKC'17], with better complexities for arbitrary tuple sizes and offering tunable time-memory trade-offs. The trade-offs we obtain stem from the generalization and combination of two algorithmic techniques: the configuration framework introduced by Herold-Kirshanova, and the spherical locality-sensitive filters of Becker-Ducas-Gama-Laarhoven [SODA'16].
When the available memory scales quasi-linearly with the list size, we show that with triple sieving we can solve SVP in dimension $n$ in time $2^{0.3588n + o(n)}$ and space $2^{0.1887n + o(n)}$, improving upon the previous best triple sieve time complexity of $2^{0.3717n + o(n)}$ of Herold-Kirshanova. Using more memory we obtain better asymptotic time complexities. For instance, we obtain a triple sieve requiring only $2^{0.3300n + o(n)}$ time and $2^{0.2075n + o(n)}$ memory to solve SVP in dimension $n$. This improves upon the best double Gauss sieve of Becker-Ducas-Gama-Laarhoven, which runs in $2^{0.3685n + o(n)}$ time when using the same amount of space.
Victor Arribas, Svetla Nikova, Vincent Rijmen
ePrint ReportNavid Alamati, Chris Peikert, Noah Stephens-Davidowitz
ePrint ReportWe show that GapSPP admits SZK proofs for *remarkably low* approximation factors, improving on prior work by up to roughly $\sqrt{n}$. Specifically:
-- There is a *noninteractive* SZK proof for $O(\log(n) \sqrt{\log (1/\varepsilon)})$-approximate GapSPP. Moreover, for any negligible $\varepsilon$ and a larger approximation factor $\tilde{O}(\sqrt{n \log(1/\varepsilon)})$, there is such a proof with an *efficient prover*.
-- There is an (interactive) SZK proof with an efficient prover for $O(\log n + \sqrt{\log(1/\varepsilon)/\log n})$-approximate coGapSPP. We show this by proving that $O(\log n)$-approximate GapSPP is in coNP.
In addition, we give an (interactive) SZK proof with an efficient prover for approximating the lattice *covering radius* to within an $O(\sqrt{n})$ factor, improving upon the prior best factor of $\omega(\sqrt{n \log n})$.
Yehuda Lindell, Avishay Yanai
ePrint ReportKeita Xagawa
ePrint ReportThis paper gives practical key-recovery and message-recovery attacks against those parameter sets of IEC through lattice basis-reduction algorithm. We exploit the fact that $n = 80$ is composite and adopt the idea of Gentrys attack against NTRU-Composite (EUROCRYPT2001) to this setting. The summary of our attacks follows:
* for (n,p,deg X) = (80,3,1); we recover 84 private keys from 100 public keys in 30--40 seconds per key.
* for (n,p,deg X) = (80,3,1); we recover partial information of all message from 100 ciphertexts in a second per ciphertext.
* for (n,p,deg X) = (80,3,2); we recover partial information of all message from 100 ciphertexts in 30 seconds per ciphertext.
Moreover, we also give message-recovery and distinguishing attacks against the parameter sets with prime n, say, n = 83. We exploit another subring to reduce the dimension of lattices in our lattice-based attacks and our attack succeed in the case of deg X = 2.
* for (n,p,deg X) = (83,3,2), we recover 7 messages from 10 random ciphertexts within 61,000 seconds \approx 17 hours per ciphertext.
* Even for larger n, we can find short vector from lattices to break the underlying assumption of IEC. In our experiment, we can found such vector within 330,000 seconds \approx 4 days for n = 113.
Hannes Gross, Rinat Iusupov, Stefan Mangard, Roderick Bloem
ePrint ReportMuslum Ozgur Ozmen, Thang Hoang, Attila A. Yavuz
ePrint ReportWe propose a new DSSE scheme that we refer to as Forward-private Sublinear DSSE (FS-DSSE). FS-DSSE harnesses special secure update strategies and a novel caching strategy to reduce the computation cost of repeated queries. Therefore, it achieves forward-privacy, sublinear search complexity, low end-to-end delay, and parallelization capability simultaneously. We fully implemented our proposed method and evaluated its performance on a real cloud platform. Our experimental evaluation results showed that the proposed scheme is highly secure and highly efficient compared with state-of-the-art DSSE techniques. Specifically, FS-DSSE is one to three magnitude of times faster than forward-secure DSSE counterparts.
Marten van Dijk, Chenglu Jin, Hoda Maleki, Phuong Ha Nguyen, Reza Rahaeimehr
ePrint ReportLynn Batten, Xun Yi
ePrint ReportSubhabrata Samajder, Palash Sarkar
ePrint ReportDimitris Mouris, Nektarios Georgios Tsoutsos, Michail Maniatakos
ePrint ReportCarmit Hazay, Gert L{\ae}ss{\o}e Mikkelsen, Tal Rabin, Tomas Toft, Angelo Agatino Nicolosi
ePrint ReportOur RSA key generation is comprised of the following: (i) a distributed protocol for generation of an RSA composite, and (ii) a biprimality test for verifying the validity of the generated composite. Our Paillier threshold encryption scheme uses the RSA composite as public key and is comprised of: (i) a distributed generation of the corresponding secret-key shares and, (ii) a distributed decryption protocol for decrypting according to Paillier.
20 December 2017
Centre for Secure Information Technologies (CSIT), Queen’s University Belfast, UK
Job PostingBased in Centre for Secure Information Technology (CSIT) within the ECIT Global Research Institute Queens University Belfast, CSIT is host to the UK Research Institute in Hardware Security and Embedded Systems (RISE), and is recognised by NCSC as an Academic Centre of Excellence (ACE) in Cyber Security Research. This affords staff the opportunity to apply for studentships and small grants only available to ACE institutions
Successful candidates will inspire students and facilitate motivational learning. In particular you will be expected to teach on the MSc in Applied Cyber Security. You will also work with engineering and commercial teams in partnership with local and international industry partners to translate research into real-world impact.
There is significant potential for future career development in:
(1) Hardware Security (hardware cryptographic architectures e.g. for post-quantum or advanced cryptographic techniques, physical unclonable functions, hardware Trojans and/or side channel attacks and countermeasures)
(2) Software Security (security protocol and cryptographic algorithm implementation, instruction set extensions for crypto, software analysis, and/or software vulnerability detection);
(3) Embedded Systems Security (embedded OS security, lightweight communication security, embedded malware, embedded system penetration testing and vulnerability analysis and/or securing ARM based embedded platforms)
Further information about CSIT can be obtained at www.csit.qub.ac.uk/ and information on the Data Security Systems group can be obtained at https://tinyurl.com/DataSecuritySystems
Closing date for applications: 22 January 2018
Contact: Professor Máire O’Neill, Research Director, CSIT; Email: m.oneill (at) ecit.qub.ac.uk
More information: http://www.jobs.ac.uk/job/BGK533/lecturer-senior-lecturer-professor-in-cyber-security/