IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
28 September 2021
Pratish Datta, Tapas Pal
(a) We first present a one-slot scheme that achieves adaptive security in the simulation-based security model against a bounded number of ciphertext queries and an arbitrary polynomial number of secret key queries both before and after the ciphertext queries. This is the best possible level of security one can achieve in the adaptive simulation-based framework. From the relations between the simulation-based and indistinguishability-based security frameworks for FE, it follows that the proposed FE scheme also achieves indistinguishability- based adaptive security against an a-priori unbounded number of ciphertext queries and an arbitrary polynomial number of secret key queries both before and after the ciphertext queries. Moreover, the scheme enjoys compact ciphertexts that do not grow with the number of appearances of the attributes within the weight functions.
(b) Next, bootstrapping from the one-slot scheme, we present an unbounded-slot scheme that achieves simulation-based adaptive security against a bounded number of ciphertext and pre-ciphertext secret key queries while supporting an a-priori unbounded number of post-ciphertext secret key queries. The scheme achieves public parameters and secret key sizes independent of the number of slots N and a secret key can decrypt a ciphertext for any a-priori unbounded N. Further, just like the one-slot scheme, this scheme also has the ciphertext size independent of the number of appearances of the attributes within the weight functions. However, all the parameters of the scheme, namely, the master public key, ciphertexts, and secret keys scale linearly with the bound on the number of pre-ciphertext secret key queries.
Our schemes are built upon asymmetric bilinear groups of prime order and the security is derived under the standard (bilateral) k-Linear (k-Lin) assumption. Our work resolves an open problem posed by Abdalla, Gong, and Wee in CRYPTO 2020, where they presented an unbounded-slot FE scheme for attribute-weighted sum achieving only semi-adaptive simulation security. At a technical level, our work extends the recent adaptive security framework of Lin and Luo [EUROCRYPT 2020], devised to achieve compact ciphertexts in the context of indistinguishability-based payload-hiding security, into the setting of simulation-based adaptive attribute-hiding security.
Chunming Tang, Peng Han, Qi Wang, Jun Zhang, Yanfeng Qi
Sebastian H. Faller, Pascal Baumer, Michael Klooß, Alexander Koch, Astrid Ottenhues, Markus Raiber
Sajad Meisami , Mohammad Beheshti-Atashgah , Mohammad Reza Aref
Karim Baghery, Daniele Cozzo, Robi Pedersen
Ashley Fraser, Elizabeth A. Quaglia
Markus Dürmuth, Maximilian Golla, Philipp Markert, Alexander May, Lars Schlieper
In this work, we study those quantum large-scale password guessing attacks for the first time. In comparison to classical attacks, we still gain a square-root speedup in the quantum setting when attacking a constant fraction of all passwords, even considering strongly biased password distributions as they appear in real-world password breaches. We verify the accuracy of our theoretical predictions using the LinkedIn leak and derive specific recommendations for password hashing and password security for a quantum computer era.
Henrique Faria, José Manuel Valença
Endres Puschner, Christoph Saatjohann, Markus Willing, Christian Dresen, Julia Köbe, Benjamin Rath, Christof Paar, Lars Eckardt, Uwe Haverkamp, Sebastian Schinzel
This paper analyzes the security of this Ecosystem, from technical gateway aspects, via the programmer, to configure the implanted device, up to the processing of personal medical data from large cardiological device producers. Based on a real-world attacker model, we evaluated different devices and found several severe vulnerabilities. Furthermore, we could purchase a fully functional programmer for implantable cardiological devices, allowing us to re-program such devices or even induce electric shocks on untampered implanted devices.
Additionally, we sent several Art. 15 and Art. 20 GDPR inquiries to manufacturers of implantable cardiologic devices, revealing non-conforming processes and a lack of awareness about patients rights and companies obligations. This, and the fact that many vulnerabilities are still to be found after many vulnerability disclosures in recent years, present a worrying security state of the whole ecosystem.
27 September 2021
Status.im
Closing date for applications:
Contact: Angel via discord @ LilChiChi#0021 Or LinkedIn https://www.linkedin.com/in/angelrgutierrez/
More information: https://jobs.status.im/jobs/23946
University of Wollongong, Australia
Closing date for applications:
Contact: Prof. Willy Susilo and Dr. Yannan Li
Cape Privacy, North America, Fully Remote
Closing date for applications:
Contact: David Besemer, VP Engineering
More information: https://capeinc.bamboohr.com/jobs/view.php?id=32
Spanish National Research Council (CSIC)
Closing date for applications:
Contact: David Arroyo Guardeño, Ph. D. Research group on Cryptology and Information Security (GiCSI) Institute of Physical and Information Technologies (ITEFI) Spanish National Research Council (CSIC) https://dargcsic.github.io/
More information: https://dargcsic.github.io/posts/2021-09-21-spirs
Marcel Armour, Carlos Cid
Weak key forgeries were given a systematic treatment in the work of Procter and Cid (FSE'13), who showed how to construct MAC forgeries that effectively test whether the decryption key is in some (arbitrary) set of target keys. Consequently, it would appear that weak key forgeries naturally lend themselves to constructing partition oracles; we show that this is indeed the case, and discuss some practical applications of such an attack. Our attack applies in settings where AE schemes are used with static session keys, and has the particular advantage that an attacker has full control over the underlying plaintexts, allowing any format checks on underlying plaintexts to be met -- including those designed to mitigate against partitioning oracle attacks.
Prior work demonstrated that key commitment is an important security property of AE schemes, in particular settings. Our results suggest that resistance to weak key forgeries should be considered a related design goal. Lastly, our results reinforce the message that weak passwords should never be used to derive encryption keys.
Max Heiser
We present an improvement to the quantum algorithm, which improves the time complexity to \(2^{0.2571d+o(d)}\). Essentially, we provide a way to use Grover's algorithm to speed up another part of the process, providing a better tradeoff. This improvement affects the security of lattice-based encryption schemes, including NIST PQC Round 3 finalists.
Daniel M. Kane, Shahed Sharif, Alice Silverberg
Angelique Faye Loe, Liam Medley, Christian O'Connell, Elizabeth A. Quaglia
The properties of our VDF allow us to establish the design of the first practical Delay Encryption scheme, a primitive introduced at EUROCRYPT 2021. We provide a formal security analysis of our results, as well as an implementation study detailing the practical performance of our VDF.
Kavya Sreedhar, Mark Horowitz, Christopher Torng
24 September 2021
Malika Izabachène, Anca Nitulescu, Paola de Perthuis, David Pointcheval
We introduce a scheme for OPE in the presence of malicious senders, enforcing honest sender behavior and consistency by adding verifiability to the calculations.
The main tools used are FHE for input privacy and arguments of knowledge for the verifiability property. MyOPE deploys sublinear communication costs in the sender's polynomial degree and one to five rounds of interaction.
In other words, it can be used as a verifiable computation scheme for polynomial evaluation over FHE ciphertexts. While classical techniques in pairing-based settings allow generic succinct proofs for such evaluations, they require large prime order subgroups which highly impact the communication complexity, and prevent the use of FHE with practical parameters. MyOPE builds on generic secure encodings techniques that allow composite integers and enable real-world FHE parameters and even RNS-based optimizations. It is best adapted for the unbalanced setting where the degree of the polynomial and the computing power of the sender are large.
MyOPE can be used as a building block in specialized two-party protocols such as PSI (this use-case is hereafter described), oblivious keyword search, set membership and more using the OPE instantiation.
As another contribution, our techniques are generalized to applications other than OPE, such as Symmetric Private Information Retrieval (SPIR), to make them secure against a malicious sender.
Andreas Erwig, Sebastian Faust, Siavash Riahi
In this work, we initiate the study of large-scale threshold cryptosystems. We present novel protocols for distributed key generation, threshold encryption, and signature schemes that guarantee security in large-scale environments with complexity independent of $N$. One of our key contributions is to show how to generically transform threshold encryption and signature schemes, which are secure against static adversaries (and satisfy certain additional properties), to secure threshold cryptosystems that offer strong security in the large-scale setting.