IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
18 December 2021
Je Sen Teh, Li Jing Tham, Norziana Jamil, Wun-She Yap
ePrint ReportCharles Bouillaguet, Claire Delaplace, Monika Trimoska
ePrint ReportNguyen Thoi Minh Quan
ePrint ReportIn the same codebase, there is an independent critical ECDSA bug where (r, s) = (0, 0) is a valid signature for arbitrary keys and messages, but we won’t discuss it further because it’s a known ECDSA attack vector in the Google Wycheproof project that I worked on a few years ago.
All bugs have been responsibly disclosed through the vendor’s bug bounty program with total reward ~ $15,000 (thank you).
Hilarie Orman
ePrint ReportLeo de Castro, Rashmi Agrawal, Rabia Yazicigil, Anantha Chandrakasan, Vinod Vaikuntanathan, Chiraag Juvekar, Ajay Joshi
ePrint ReportNibesh Shrestha, Adithya Bhat, Aniket Kate, Kartik Nayak
ePrint ReportAndre Esser, Alexander May, Floyd Zweydinger
ePrint ReportWe provide the first concrete implementations for representation-based ISD, such as May-Meurer-Thomae (MMT) or Becker-Joux-May-Meurer (BJMM), that are parameter-optimized for the McEliece and quasi-cyclic setting. Although MMT and BJMM consume more memory than naive ISD algorithms like Prange, we demonstrate that these algorithms lead to significant speedups for practical cryptanalysis on medium-sized instances (around 60 bit). More concretely, we provide data for the record computations of McEliece-1223 and McEliece-1284 (old record: 1161), and for the quasi-cyclic setting up to code length 2918 (before: 1938).
Based on our record computations we extrapolate to the bit-security level of the proposed BIKE, HQC and McEliece parameters in NIST's standardization process. For BIKE/HQC, we also show how to transfer the Decoding-One-Out-of-Many (DOOM) technique to MMT/BJMM. Although we achieve significant DOOM speedups, our estimates confirm the bit-security levels of BIKE and HQC.
For the proposed McEliece round-3 parameter sets of 192 and 256 bit, however, our extrapolation indicates a security level overestimate by roughly 20 and 10 bits, respectively, i.e., the high-security McEliece instantiations may be a bit less secure than desired.
Nitin Singh, Pankaj Dayama, Vinayaka Pandit
ePrint ReportMeryem Cherkaoui-Semmouni, Abderrahmane Nitaj, Willy Susilo, Joseph Tonien
ePrint ReportNicolas Sendrier
ePrint ReportAbderahmanne Nitaj, Muhammad Rezal Kamel Ariffin, Nurul Nur Hanisah Adenan, Domenica Stefania Merenda, Ali Ahmadian
ePrint ReportWan Nur Aqlili Ruzai, Abderrahmane Nitaj, Muhammad Rezal Kamel Ariffin, Zahari Mahad, Muhammad Asyraf Asbullah
ePrint ReportCarsten Baum, James Hsin-yu Chiang, Bernardo David, Tore Kasper Frederiksen, Lorenzo Gentile
ePrint ReportDaniel Masny, Gaven Watson
ePrint ReportIn this work, we provide a framework for efficiently establishing channels for MPC over the Internet. We focus on MPC protocols in the oblivious transfer (OT) hybrid model such that it is sufficient to establish OT correlations for such a channel. We revisit and combine different notions of UC security proposed in both the MPC and authenticated key exchange settings. Through this work, we show how an OT protocol can be composed with a secure authenticator to ensure the authenticity of messages sent during the OT.
In addition, we adapt and analyse non-interactive OTs based on dense key encapsulation mechanisms (KEMs) in the random oracle model, where the first message, i.e. public key, can be reused. These KEMs can be instantiated based on CDH, RSA and LWE and after a performance and security evaluation, it turns out that the resulting OT protocols are very competitive with the state of the art and are able to leverage existing PKIs.
Martha Norberg Hovd
ePrint ReportEmil SIMION, Elena-Corina CIPU, Vasile-Laurențiu DOSAN, Andrei-Voicu TOMUȚ
ePrint ReportPrastudy Fauzi, Martha Norberg Hovd, Håvard Raddum
ePrint Report15 December 2021
Real World Crypto
More information can be found here: https://rwc.iacr.org/2022/
Valletta, Malta, 25 April - 29 April 2022
SchoolMultiple academic teaching positions (Lecturer/ Assistant Professor/ Associate Professor/ Professor)
Xiamen University Malaysia, Sepang, Malaysia
Job PostingXiamen University Malaysia is now seeking highly motivated, committed and qualified individuals for academic teaching positions in computer science and cyber security.
Candidates in any areas of computer science and cyber security are welcome to apply. Preferences will be given to candidates with expertise in, but not limited to, cyber security, mathematics, cryptology, network security, digital forensics. Applicants must possess a PhD degree in a related discipline.
Applicants with specific teaching and research interests in TWO OR MORE of the following areas are encouraged to apply:
- Calculus
- Linear Algebra
- Discrete Mathematics
- Probability and Statistics
- Design & Analysis of Algorithms
- Computer Composition
- Operating Systems
- Cyber Security
- Modern Cryptography
- Digital Forensics and Investigation
- Network Attack and Defence Technology
- Big Data Analytics
- Malware Analysis
- Cryptanalysis
HOW TO APPLY
Applicants are invited to submit a digital application packet to: recruit_academic@xmu.edu.my
The subject line of your email must include: your name, relevant academic discipline, and the specific position for which you are applying for. All application packets must include the following attachments:
- Your detailed and current CV with publication (*Asterisk to indicate corresponding author, include Indexing & Quartile);
- Cover letter stating the source of job advertisement;
- Evidence of academic qualifications (Bachelor, Master & PhD Certificate; Bachelor, Master & PhD Transcripts and Professional Certificates);
- 3-5 Full-Text publications (if applicable);
- Teaching evaluation (if applicable);
- Two academic references (at least one of them is the applicant’s current/most recent employer).
Closing date for applications:
Contact: recruit_academic@xmu.edu.my
More information: http://www.xmu.edu.my/2019/1010/c16257a379935/page.htm