IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
13 March 2018
Amsterdam, Netherlands, 13 September 2018
Submission deadline: 25 May 2018
Notification: 22 June 2018
12 March 2018
Daan Leermakers, Boris Skoric
Seyyed Mahdi Sedaghat, Mohammad Hassan Ameri, Mahshid Delavar, Javad Mohajeri, Mohammad Reza Aref
Joachim Zahnentferner
1 January - 30 June 2019
Submission deadline: 31 March 2018
Bucharest, Romania, 8 November - 9 November 2018
Submission deadline: 17 September 2018
Notification: 16 October 2018
Seoul, Korea, 28 November - 30 November 2018
Submission deadline: 29 August 2018
Notification: 17 October 2018
09 March 2018
Dan Boneh, Saba Eskandarian, Ben Fisch
Sébastien Duval, Gaëtan Leurent
Zheng Yang, Kimmo Järvinen
Alya Geogiana Buja, Shekh Faisal Abdul-Latip, Rabiah Ahmad
Tore Vincent Carstens, Ehsan Ebrahimi, Gelo Noel Tabia, Dominique Unruh
Edward Eaton, Matthieu Lequesne, Alex Parent, Nicolas Sendrier
At Asiacrypt 2016, Guo, Johansson and Stankovski (GJS) exploited these failures to perform a key recovery attack. They introduced the notion of the distance spectrum of a sparse vector and showed that the knowledge of the spectrum is enough to find the vector. By observing many failing plaintexts they recovered the distance spectrum of the QC-MDPC secret key.
In this work, we explore the underlying causes of this attack, ways in which it can be improved, and how it can be mitigated.
We prove that correlations between the spectrum of the key and the spectrum of the error induce a bias on the distribution of the syndrome weight. Hence, the syndrome weight is the fundamental quantity from which secret information leaks. Assuming a side-channel allows the observation of the syndrome weight, we are able to perform a key-recovery attack, which has the advantage of exploiting all known plaintexts, not only those leading to a decryption failure. Based on this study, we derive a timing attack. It performs well on most decoding algorithms, even on the recent variants where the decryption failure rate is low, a case which is more challenging to the GJS attack. To our knowledge, this is the first timing attack on a QC-MDPC scheme.
Finally, we show how to construct a new KEM, called ParQ that can reduce the decryption failure rate to a level negligible in the security parameter, without altering the QC-MDPC parameters. This is done through repeated encryption. We formally prove the IND-CCA2 security of ParQ, in a model that considers decoding failures. This KEM offers smaller key sizes and is suitable for purposes where the public key is used statically.
Department of computer science, Aarhus University
The department is one of the strongest CS departments in Europe, with world class research groups in cryptography, algorithms, programming languages and verification, and HCI.
Closing date for applications: 3 May 2018
Contact: Ivan Damgård
More information: http://www.au.dk/en/about/vacant-positions/scientific-positions/stillinger/Vacancy/show/965870/5283/
Newcastle University, UK
Fixed term for 2 years, full time.
Closing date: 7 April 2018
You will work on the project “Practical Data-intensive Secure Computation: a Data Structural Approach”. This is a project funded by the EPSRC. The aim of the project is to investigate how data structures can be used as an efficiency and scalability booster in the context of secure computation. The project has a particular emphasis on putting theory into practice. The project will investigate both data structures and cryptography.
You will design novel cryptographic data structures and associated protocols for efficient secure computation, as well as apply them in domains such as cloud computing and data mining in order to solve real-world security/privacy problems. Other responsibilities include: writing papers, presenting work at international conferences, and contributing to an open source software package. There will be opportunities to collaborate with industrial research labs and other leading universities.
The candidate must have:
* a PhD (or equivalent) in a relevant area;
* a strong background in cryptography/security;
* good programming skills (C++/Java, parallel/GPU computing experience is a plus).
* good communication and time management skills.
Experience/knowledge in one or more of the following areas would be desirable but not essential: computer networks, operating systems, databases, statistics and data mining.
The post is available from now. The post is based in the Security & Resilient Systems (SRS) Group within the School of Computing Science. The School is one of the Academic Centres of Excellence in Cyber Security Research (ACE-CSR) in the UK. In the latest 2014 Research Excellence Framework (REF) assessment, the School ranked 9th overall and 1st for Research Impact among computer science departments in the UK.
Closing date for applications: 7 April 2018
Contact: Dr Changyu Dong (changyu.dong AT ncl.ac.uk)
More information: https://goo.gl/JtaMwe
07 March 2018
Singapore, Singapore, 8 August - 10 August 2018
Submission deadline: 20 April 2018
Notification: 15 May 2018
Indian Institute of Technology Jammu
This is a rolling advertisement and there is no last date. However, the applications received by the 15 March 2018 will be considered in the present round of selection process.
Closing date for applications: 7 March 2018
Contact: faculty.recruitment (at) iitjammu.ac.in
More information: http://www.iitjammu.ac.in/
Rio Lavigne, Chen-Da Liu-Zhang, Ueli Maurer, Tal Moran, Marta Mularczyk, Daniel Tschudi
Previously proposed protocols could only tolerate so-called passive corruption. This paper proposes protocols that can also tolerate so-called fail-corruption (i.e., the adversary can crash any player at any point in time) and so-called semi-malicious corruption (i.e., the adversary can control a corrupted party's randomness), without leaking more than an arbitrarily small fraction of a bit of information about the topology. A small-leakage protocol was recently proposed by Ball et al. [Eurocrypt'18], but only under the unrealistic set-up assumption that each party has a trusted hardware module containing secret correlated pre-set keys, and with the further two restrictions that only passively corrupted parties can be crashed by the adversary, and semi-malicious corruption is not tolerated. Since leaking a small amount of information is unavoidable, as is the need to abort the protocol in case of failures, our protocols seem to achieve the best possible goal in a model with fail-corruption.
Further contributions of the paper are applications of the protocol to obtain secure MPC protocols, which requires a way to bound the aggregated leakage when multiple small-leakage protocols are executed in parallel or sequentially. Moreover, while previous protocols are based on the DDH assumption, a new so-called PKCR public-key encryption scheme based on the LWE assumption is proposed, allowing to base topology-hiding computation on LWE. Furthermore, a protocol using fully-homomorphic encryption achieving very low round complexity is proposed.
Andrey Kim, Yongsoo Song, Miran Kim, Keewoo Lee, Jung Hee Cheon
Nadim Kobeissi
Capsule is the first formalized and formally verified protocol standard that addresses secure collaborative document editing. Capsule provides confidentiality and integrity on encrypted document data, while also guaranteeing the ephemeral identity of collaborators and preventing the server from adding new collaborators to the document. Capsule also, to an extent, prevents the server from serving different versions of the document being collaborated on.
In this paper, we provide a full protocol description of Capsule. We also provide formal verification results on the Capsule protocol in the symbolic model. Finally, we present a full software implementation of Capsule, which includes a novel formally verified signing primitive implementation.