IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
24 July 2019
CHES
Atlanta, GA, August 25-28, 2019
https://ches.iacr.org/2019/
The Cryptographic Hardware and Embedded Systems (CHES) conference is the premier venue for research on design and evaluation of cryptographic implementations and secure embedded systems. CHES 2019 marks the 20th anniversary of the CHES conference and will take place in the city of Atlanta, U.S.A., August 25–28, 2019, immediately following CRYPTO 2019.
Due to a recent health hazard with Sheraton Atlanta, CHES 2019 will change its venue to the nearby Westin Peachtree Plaza. Please find updated information below regarding registration and hotel booking.
Registration
CHES 2019 registrations are open at https://ches.iacr.org/2019/registration.shtml
The early registration deadline has been extended from July 24, 2019 to Aug. 7th, 2019 to accommodate the venue change.
Hotel
The conference venue is the Westin Peachtree Plaza, a 70th-floor prime location in downtown Atlanta. The hotel provides a time-limited block rate to CHES 2019 attendees until Aug. 7th, 2019, 5pm (EST).
Book a hotel room at the regular CHES 2019 rate ($159/night and up)
Please let us know in your registration form if you plan to stay at the Westin.
For people who have made hotel reservation with Sheraton Atlanta, please follow the guidelines on the CHES 2019 venue page for actions to adapt.
Program
CHES 2019 offers a broad collection of events:
- Three days of conference with top-notch paper presentations, with papers accepted and published by TCHES
- Two invited keynote talks
- Six half-day tutorials by experts in the field
- Two co-located pre-conference events, FDTC and PROOFS
- A banquet at Sundial Restaurant, situated on the uppermost floors of the Westin Peachtree Plaza
- A social event at the Martin Luther King National Historical Park
CHES 2019 is organized in Downtown Atlanta and is easily reachable from the Atlanta International Airport (ATL). Consult the CHES 2019 Travel Information Page for additional guidelines.
23 July 2019
Karl Wüst, Loris Diana, Kari Kostiainen, Ghassan Karame, Sinisa Matetic, Srdjan Capkun
ePrint ReportIn this paper we propose Bitcontracts, a novel solution to enable generic and expressive smart contracts on legacy cryptocurrencies. The starting point of our solution is a common off-chain execution model, where the contract's issuers appoints a set of service providers to execute the contract's code; the contract's execution results are accepted if a quorum of service providers reports the same result; and clients are free to choose which such contracts they trust and use. The main technical challenge of this paper is how to realize such a trust model securely and efficiently without modifying the underlying blockchain. Bitcontracts achieves this using two main techniques. First, the state of each contract is stored on the chain which avoids the need to run expensive consensus protocols between the service providers. Second, the validity of each execution result is bound to the latest state of the chain to prevent double-spending attacks. Bitcontracts can be used to retrofit contracts to currencies like Bitcoin or to extend the contract execution capabilities of systems like Ethereum. We also identify a set of generic properties that a blockchain system must support so that expressive smart contracts can be added safely and efficiently, and analyze existing blockchains based on these criteria.
Subhadeep Banik, Yuki Funabiki, Takanori Isobe
ePrint ReportIn the second part of the paper, we observe that most standard cell libraries contain both 2 and 3-input xor gates, with the silicon area of the 3-input xor gate being smaller than the sum of the areas of two 2-input xor gates. Hence when linear circuits are synthesized by logic compilers (with specific instructions to optimize for area), most of them would return a solution circuit containing both 2 and 3-input xor gates. Thus from a practical point of view, reducing circuit size in presence of these gates is no longer equivalent to solving the shortest linear program. In this paper we show that by adopting a graph based heuristic it is possible to convert a circuit constructed with 2-input xor gates to another functionally equivalent circuit that utilizes both 2 and 3-input xor gates and occupies less hardware area. As a result we obtain more lightweight implementations of all the matrices listed in the ToSC paper.
Dominic Dams, Jeff Lataille, John Wade
ePrint ReportBrandon Langenberg, Hai Pham, Rainer Steinwandt
ePrint ReportAshley Fraser, Elizabeth A. Quaglia, Ben Smyth
ePrint ReportLorenzo Grassi, Gregor Leander, Christian Rechberger, Cihangir Tezcan, Friedrich Wiemer
ePrint ReportUsing this framework, we perform an extensive analysis of weak-key distinguishers (in the single-key setting) for AES with several key schedule variants. Among others, we show that for the new key-schedule proposed at ToSC/FSE'18 - which is faster than the standard key schedule and ensures a higher number of active S-Boxes - it is possible to set up an invariant subspace distinguisher for any number of rounds. Finally, we describe a property for full AES-128 and AES-256 in the chosen-key setting with complexity 2^64 without requiring related keys. These chosen-key distinguishers are set up by exploiting the multiple-of-n property introduced at Eurocrypt'17, adapted to the case of AES instantiated with weak-keys.
22 July 2019
Munich, Germany, 14 November - 15 November 2019
Event CalendarSubmission deadline: 25 August 2019
Masoumeh Safkhani, Ygal Bendavid, Samad Rostampour, Nasour Bagheri
ePrint ReportMorteza Adeli, Nasour Bagheri
ePrint ReportAmbili K N, Jimmy Jose
ePrint ReportAnne Canteaut, Lukas Kölsch, Friedrich Wiemer
ePrint ReportThe DLCT entries correspond to the autocorrelation spectrum of the component functions and thus the DLCT is nothing else as the ACT. We note that the ACT spectrum is invariant under some equivalence relations. Interestingly the ACT spectrum is not invariant under inversion (and thus not under CCZ equivalence), implying that it might be beneficial to look at the decryption for a differential-linear cryptanalysis.
Furthermore, while for Boolean functions a lower bound for the maximal absolute autocorrelation, the absolute indicator, is not known, the case for vectorial Boolean functions is different. Here, we prove that for any vectorial Boolean function, its absolute indicator is lower bounded by $2^{n/2}$. Eventually, for APN functions we show a connection of the absolute indicator to the linearity of balanced Boolean functions, and exhibit APN permutations with absolute indicator bounded by $2^{(n+1)/2}$.
Quan Quan Tan, Thomas Peyrin
ePrint ReportYuechen Chen, Linru Zhang, Siu-Ming Yiu
ePrint Report19 July 2019
Simona Samardjiska, Paolo Santini, Edoardo Persichetti, Gustavo Banegas
ePrint ReportMatthias J. Kannwischer, Joost Rijneveld, Peter Schwabe, Ko Stoffelen
ePrint ReportTomoki Moriya, Hiroshi Onuki, Tsuyoshi Takagi
ePrint ReportIn this paper, we prove a number of theorems on the properties of Edwards curves. By using these theorems, we devise a new CSIDH algorithm that uses only Edwards curves while calculating over $\mathbb{F}_p$. This algorithm is as fast as (or a little bit faster than) the algorithm proposed by Meyer and Reith.
Sreyosi Bhattacharyya, Palash Sarkar
ePrint ReportDaniel Smith-Tone
ePrint ReportIn this work, we provide a practical attack breaking all k-ary C* schemes. The attack is based on differential techniques and requires nothing but the ability to evaluate the public key and solve linear systems. In particular, the attack breaks the parameters provided in CryptoChallenge11 by constructing and solving linear systems of moderate size in a few minutes.