IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
22 September 2015
Kai Zhang, Jie Guan, Bin Hu, Dongdai Lin, Wentao Zhang
ePrint Report
Maxime Lecomte, Jacques Fournier, Philippe Maurine
ePrint Report
Pratish Datta, Ratna Dutta, Sourav Mukhopadhyay
ePrint Reportmulti-user scenario, while functional signature (FS) allows to enforce complex constraints on signing
capabilities. This paper introduces the concept of functional signcryption (FSC) that aims to
provide the functionalities of both FE and FS in an unified cost-effective primitive. FSC provides
a solution to the problem of achieving confidentiality and authenticity simultaneously in digital
communication and storage systems involving multiple users with better efficiency compared to a
sequential implementation of FE and FS. We begin by providing formal definition of FSC and formulating
its security requirements. Next, we present a generic construction of this challenging primitive
that supports arbitrary polynomial-size signing and decryption functions from known cryptographic
building blocks, namely, indistinguishability obfuscation (IO) and statistically simulation-sound noninteractive
zero-knowledge proof of knowledge (SSS-NIZKPoK). Finally, we exhibit a number of representative
applications of FSC: (I) We develop the first construction of attribute-based signcryption
(ABSC) supporting signing and decryption policies representable by general polynomial-size circuits
from FSC. (II) We show how FSC can serve as a tool for building SSS-NIZKPoK system and IO, a
result which in conjunction with our generic FSC construction can also be interpreted as establishing
an equivalence between FSC and the other two fundamental cryptographic primitives.
Benjamin Dowling, Marc Fischlin, Felix Günther, Douglas Stebila
ePrint ReportWe give a cryptographic analysis of the primary ephemeral Diffie-Hellman-based handshake protocol, which authenticates parties and establishes encryption keys, of both TLS 1.3 candidates. We show that both candidate handshakes achieve the main goal of providing secure authenticated key exchange according to an augmented multi-stage version of the Bellare-Rogaway model. Such a multi-stage approach is convenient for analyzing the design of the candidates, as they establish multiple session keys during the exchange.
An important step in our analysis is to consider compositional security guarantees. We show that, since our multi-stage key exchange security notion is composable with arbitrary symmetric-key protocols, the use of session keys in the record layer protocol is safe. Moreover, since we can view the abbreviated TLS resumption procedure also as a symmetric-key protocol, our compositional analysis allows us to directly conclude security of the combined handshake with session resumption.
We include a discussion on several design characteristics of the TLS 1.3 drafts based on the observations in our analysis.
Mohammmad Hassan Ameri, Maryam Rajabzadeh Assar, Javad Mohajeri, Mahmoud Salmasizadeh
ePrint Report
Subhabrata Samajder, Palash Sarkar
ePrint Reportof a sum of random variables using the normal distribution. Expressions for data complexity using such an approach are
{\\em inherently approximate}. In contrast, this paper takes a rigorous approach to analysing attacks on block ciphers.
In particular, no approximations are used. Expressions for upper bounds on the data complexities of several basic and advanced
attacks are obtained. The analysis is based on the hypothesis testing framework. Probabilities of Type-I and Type-II errors
are upper bounded using standard tail inequalities. In the cases of single linear and differetial cryptanalysis, the Chernoff bound
is used. For the cases of multiple linear and multiple differential cryptanalysis, the theory of martingales is required. A
Doob martingale satisfying the Lipschitz condition is set up so that the Azuma-Hoeffding inequality can be applied. This allows
bounding the error probabilities and obtaining expressions for data complexities. We believe that our method provides important
results for the attacks considered here and more generally, the techniques that we develop have much wider applicability.
Constantinos Patsakis, Panayiotis Kotzanikolaou, M ́elanie Bouroche
ePrint Report
Md Iftekhar Salam, Kenneth Koon-Ho Wong, Harry Bartlett, Leonie Simpson, Ed Dawson, Josef Pieprzyk
ePrint Reporta given set of key and initialization vector values we can construct two distinct input messages which result in a collision in the ACORN internal state. Using a standard PC the collision can be found almost instantly when the secret key is known.
Hung Dang, Anh Dinh, Ee-Chien Chang, Beng Chin Ooi, Shruti Tople, Prateek Saxena
ePrint ReportThis paper proposes a practical system for privacy-preserving data management, called PRAMOD, in which data is stored in encrypted form and data-dependent computations are carried out inside a trusted environment. The system supports popular algorithms underlying many data management applications, including sort, compaction, join
and group aggregation. Data privacy is ensured even when data movement between different components (caused by limited private memory) is observed by the adversary. For many algorithms, this is achieved by appending a component called scrambler which breaks the linkage between the input and output. Our experimental study indicates reasonable overheads over a baseline system with a weaker level of security. In addition, PRAMOD shows better performance
than state-of-the-art solutions with similar levels of security. For example, PRAMOD achieves 4.4× speedup over the alternative data-oblivious sorting algorithm.
Giuseppe Ateniese, Antonio Faonio, Seny Kamara
ePrint Reportzero-knowledge PoS to a leakage-resilient ID protocol in the BRM.
We then describe a ZK-PoS based on RSA which, under our transformation,
yields the first ID protocol in the BRM based on RSA (in the ROM). The resulting protocol relies on a different computational assumption and is more efficient than previously-known constructions.
Kwangsu Lee, Jong Hwan Park
ePrint Report
Thalia M. Laing, Keith M. Martin, Maura B. Paterson, Douglas R. Stinson
ePrint Report
Sikhar Patranabis, Yash Shrivastava, Debdeep Mukhopadhyay
ePrint Reportit imperative to have efficient and secure cryptographic schemes for online data sharing. Data owners would ideally want to store their data/files online in an encrypted manner, and delegate decryption rights for some of these to users with appropriate credentials. An efficient and recently proposed solution in this regard is to use the concept of aggregation that allows users to decrypt multiple classes of data using a single key of constant size. In this paper, we propose a secure and dynamic key aggregate encryption scheme for online data sharing that operates on elliptic curve subgroups while allowing dynamic revocation of user access rights. We augment this basic construction to a generalized two-level hierarchical structure that achieves optimal space and time complexities, and also
efficiently accommodates extension of data classes. Finally, we propose an extension to the generalized scheme that allows use of efficiently computable bilinear pairings for encryption and decryption operations. Each scheme is formally proven to be semantically secure. Practical experiments have been conducted to validate all claims made in the paper.
Cong Chen, Thomas Eisenbarth, Ingo von Maurich, Rainer Steinwandt
ePrint Report
Poulami Das, Debapriya Basu Roy, Debdeep Mukhopadhyay
ePrint Reporthow changing the sequence in which the operands are passed to the multiplication algorithm introduces dissimilarity in the information leakage. This disparity has been utilized in constructing a zero-cost countermeasure against HCCA. This countermeasure integrated with an effective randomization method has been shown to successfully thwart HCCA. Additionally we provide experimental validation for our proposed countermeasure technique on a SASEBO platform. To the best of our knowledge, this is the first time that asymmetry in information leakage has been utilized in designing a side channel countermeasure.
21 September 2015
Announcement
Hello IACR members,
We hope this news update finds you well. There are several items of news to report from the world of IACR:
- IACR Museum of Historic Papers in Cryptology
- Nominations for 2015 Election
- Streamlined Access to IACR Publications
- ia.cr URL Shortener
- Membership Meetings & Upcoming Events
IACR Museum of Historic Papers in Cryptology
We are pleased to announce a new Museum of Historic Papers in Cryptology. In the past century, the intertwining of cryptology with national security has made it difficult to get access to some original source material from the beginnings of modern cryptology. Beyond that, the fragility of paper and human memory have further obscured the picture. The IACR's Museum of Cryptology will try to fill in some of the gaps by being a repository for older research papers that have not been otherwise published for the public.
The first paper in the museum is Claude Shannon's 1945 report, A Mathematical Theory of Cryptography. It has been re-typeset in LaTeX by IACR fellow Whitfield Diffie, and is available in the museum with permission from Alcatel. We are in the process of adding several more papers in the following months, and welcome further suggestions.
The museum is available at iacr.org/museum/.
Nominations for 2015 Election
The 2015 IACR election is being held to fill 3 of 9 elected IACR Director positions. Nominations for the election are due very soon, September 24! Information about the open positions and the nomination process is available at iacr.org/elections/2015/.
Streamlined Access to IACR Publications
We remind all IACR members that they can access Journal of Cryptology and conference/workshop proceedings volumes for free, as part of the IACR agreement with Springer. In addition, the "IACR version" of many proceedings volumes older than two years are available for free to the general public.
We have created a new centralized portal to access all of these IACR publications. Check it out at iacr.org/publications/access.php. If you use old bookmarks to access the IACR publications, they should automatically redirect to this new portal.
ia.cr URL Shortener
We have recently acquired the ia.cr domain name and are now using it to offer short URLs for all ePrint reports. You will now see a "Short URL" listed among the information for each ePrint report, for example: ia.cr/2005/187. We expect that the time saved from this 41% decrease in characters will significantly advance the state of the art of cryptology in the upcoming years.
Membership Meetings & Upcoming Events
The President's slides from the CRYPTO 2015 membership meeting and the minutes from the Eurocrypt 2015 membership meeting are available at www.iacr.org/docs/minutes/. Highlights from the CRYPTO membership meeting include the announcement of several new events:
- CHES 2016 will take place 16-19 Aug in UCSB.
- Eurocrypt 2017 will take place 15-18 May in Paris.
- TCC 2016-B will take place 1-3 Nov in Beijing.
Thanks for reading! We hope to see you at an IACR event soon,
Mike Rosulek (IACR communications secretary)
20 September 2015
Chalmers University of Technology, Sweden
Job PostingThe PhD student is expected to have a MSc degree or equivalent, and strong background in mathematics and/or theoretical computer science, with some background in cryptography. Successful candidates will help to design and evaluate cryptographically reliable and privacy-preserving authentication protocols.
The position is fully funded for five years. The call for expressions of interest will remain open until a suitable candidate is appointed. To Apply and for more information: http://www.chalmers.se/en/about-chalmers/vacancies/?rmpage=job&rmjob=3333
Crypto.Sec Group - National and Kapodistrian University of Athens, Greece
Job PostingSuccessful candidates will help to design and evaluate cryptographically secure mix-nets and perform other research duties to help with the project, coordinate and advise partners on implementing research prototypes (the candidate may or may not participate in implementing), and ensure the smooth administration of the project including the timely delivery of research output.
The EU H2020 project PANORAMIX supports travel to and collaboration with colleagues throughout the European Union. Full travel and equipment budget is available to support the activities of the project.
For any inquiries or to apply for the position, submit a full research curriculum-vitae (cv), names of two references, and a research statement to Prof Aggelos Kiayias (firstname (at) di.uoa.gr).
The call for expressions of interest will remain open until a suitable candidate is appointed.The position is available immediately.
University College London
Job PostingUniversity College London is one of Europe\'s highest ranked universities and the Department of Computer Science is ranked as the best in the UK and recognized by the EPSRC and GCHQ as an Academic Centre of Excellence in Cyber Security Research. We are located at UCL\'s main campus in the centre of London.
17 September 2015
Kexin Qiao, Lei Hu, Siwei Sun
ePrint Report