IACR News
If you have a news item you wish to distribute, they should be sent to the communications secretary. See also the events database for conference announcements.
Here you can see all recent updates to the IACR webpage. These updates are also available:
27 November 2015
Hiraku Morita, Jacob C.N. Schuldt, Takahiro Matsuda, Goichiro Hanaoka, Tetsu Iwata
Saikrishna Badrinarayanan, Divya Gupta, Abhishek Jain, Amit Sahai
In this work, we overcome this limitation by introducing the notion of unbounded input MI-FE that supports the computation of functions with unbounded arity. We construct such an MI-FE scheme with indistinguishability security in the selective model based on the existence of public-coin differing-inputs obfuscation for turing machines and collision-resistant hash functions.
Our result enables several new exciting applications, including a new paradigm of on-the-fly secure multiparty computation where new users can join the system dynamically.
Mengce Zheng, Honggang Hu
Hong Kong Applied Science and Technology Research Institute Company Limited
•To develop cryptographic protocols and schemes.
•To develop secure cloud computing systems.
•To design, analyze and implement security systems and e-commerce systems.
Requirements
•Master’s degree in Computer Science, Electronic Engineering or other relevant disciplines with 3+ years experience; less experience for PhD holders.
•Experience in cryptographic system design and cryptanalysis.
•Deep knowledge on number theory and security proofs.
•Hands-on experience with C/C++ and Java.
•Preferably having experiences on using cryptographic libraries such as OpenSSL, MIRACL, PBC, etc.
•Experience in developing cloud computing systems an advantage, but not a must.
•Strong interpersonal and communications skills.
•Good command of both written and spoken English.
University of Bristol, Cryptography Group, Side Channel Lab
We have an active and well funded side channel community within the Cryptography Group, working on both theoretical aspects and practical attacks. Our lab features state of the art equipment and we benefit from friendly relationships to both local as well as international companies and institutions with an interest in all aspects of side channel research. Any new student will have rich opportunities for their development alongside making contacts within the wider cryptographic community.
If you are interested then please get in touch as soon as possible by an email to the contact below containing a transcript, and/or (predicted) degree classification, alongside some information about any final year project that you have finished (or are currently working on), and internships you may have concluded.
Elena Dubrova, Mats Näslund, Göran Selander, Fredrik Lindqvist
26 November 2015
Jian Liu, Sihem Mesnager, and Lusheng Chen
Our second construction significantly enhance the efficiency of the system, where the shares are distributed by the trusted center (TC).
Pranjal Dutta
Boneh, Halevi and Howgrave-Graham in Asiacrypt 2001 (BHH\'01). They provided
two heuristics - in Method I, two-third of the output bits are required to solve the
problem, whereas the more efficient heuristic (Method II) requires only one-third of
the bits of the output. After more than a decade, here Sarkar in [28] identified that
the claim in Method II is actually not correct and a detailed calculation justified that
this method too requires two-third of the bits of the output, contrary to the claim in
BHH\'01. He reconstructed the lattice and give a bound which heuristically solve with
half of the output bits. Although J.Xu et al in [29] solved it with only one-third of the
output bits asymptotically but that technique is difficult to understand and implement.
Here we essentially use similar idea of [28] but in a clever way such that it is a better
bound although we solve the problem heuristically with only half of the output bits in
asymptotic sense. This is lot easier to understand and implement.
Also experimental results support the claim corresponding to our heuristics. In the last
section we actually talk about a variant of this which seems to be hard to solve under
lattice attack.
Thomas Allan, Billy Bob Brumley, Katrina Falkner, Joop van de Pol, Yuval Yarom
We describe a new microarchitectural performance-degradation attack that can slow victims down by a factor of over 150. We identify a new information leak in the OpenSSL implementation of the ECDSA digital signature algorithm. We show how to use the performance-degradation attack to amplify a side-channel enough to enable exploiting the new information leak. Using the combined attack, an adversary can break a private key of the secp256k1 curve, used in the Bitcoin protocol, after observing only 6 signatures. This result is over four times better than any previously described attack.
Bochum, Germany, March 17 - March 19
Location: Bochum, Germany
More Information: http://fse.rub.de/summerschool/
Tokyo, Japan, September 12 - September 14
Notification: 27 May 2016
From September 12 to September 14
Location: Tokyo, Japan
More Information: http://http://www.iwsec.org/2016/
24 November 2015
23 November 2015
Anja Becker, Léo Ducas, Nicolas Gama, Thijs Laarhoven
For small A, these filters are very similar to the spherical locality-sensitive hash (LSH) family previously studied by Andoni et al. For larger A bounded away from 0, these filters potentially achieve a superior performance, provided we have access to an efficient oracle for finding relevant filters. Whereas existing LSH schemes are limited by a performance parameter of P \\geq 1/(2c^2 - 1) to solve approximate NNS with approximation factor c, with spherical LSF we potentially achieve smaller asymptotic values of P, depending on the density of the data set. For sparse data sets where the dimension is super-logarithmic in the size of the data set, we asymptotically obtain P = 1/(2c^2 - 1), while for a logarithmic dimensionality with density constant K we obtain asymptotics of P \\sim 1/(4 K c^2).
To instantiate the filters and prove the existence of an efficient decoding oracle, we replace the independent filters by filters taken from certain structured random product codes. We show that the additional structure in these concatenation codes allows us to decode efficiently using techniques similar to lattice enumeration, and we can find the relevant filters with low overhead, while at the same time not significantly changing the collision probabilities of the filters.
We finally apply spherical LSF to sieving algorithms for solving the shortest vector problem (SVP) on lattices, and show that this leads to a heuristic time complexity for solving SVP in dimension n of (3/2)^{n/2 + o(n)} ~ 2^{0.292 n + o(n)}. This asymptotically improves upon the previous best algorithms for solving SVP which use spherical LSH and cross-polytope LSH and run in time 2^{0.298 n + o(n)}. Experiments with the GaussSieve validate the claimed speedup and show that this method may be practical as well, as the polynomial overhead is small. Our implementation is available under an open-source license.
Martin R. Albrecht, Kenneth G. Paterson
The second part deals with the randomised delays that were put in place in s2n as an additional countermeasure to Lucky 13. Our work highlights the challenges of protecting implementations against sophisticated timing attacks. It also illustrates that standard code audits are insufficient to uncover all cryptographic attack vectors.
Mikhail Anokhin
In this paper, we initiate the study of (weakly) pseudo-free families of computational elementary abelian p-groups, where p is an arbitrary fixed prime. We restrict ourselves to families (G_d)_{d\\in D} of computational elementary abelian p-groups such that for every index d, each element of G_d is represented by a single bit string of length polynomial in the length of d.
First, we prove that pseudo-freeness and weak pseudo-freeness for families of computational elementary abelian p-groups are equivalent. Second, we give some necessary and sufficient conditions for a family of computational elementary abelian p-groups to be pseudo-free (provided that at least one of two additional conditions holds). These necessary and sufficient conditions are formulated in terms of collision-intractability or one-wayness of certain homomorphic families of knapsack functions. Third, we establish some necessary and sufficient conditions for the existence of pseudo-free families of computational elementary abelian p-groups. With one exception, these conditions are the existence of certain homomorphic collision-intractable families of p-ary hash functions or certain homomorphic one-way families of functions.
As an example, we construct a Diffie-Hellman-like key agreement protocol from an arbitrary family of computational elementary abelian p-groups. Unfortunately, we do not know whether this protocol is secure under reasonable assumptions.
22 November 2015
Tenerife, Spain, January 25 - January 29
Location: Tenerife, Spain
More Information: http://www.cosic.esat.kuleuven.be/school-iot/venue.shtml
Longyearbyen, Norway, July 17 - July 22
Notification: 1 April 2016
From July 17 to July 22
Location: Longyearbyen, Norway
More Information: http://arcticcrypt.b.uib.no/
Nathan Chenette, Kevin Lewi, Stephen A. Weis, David J. Wu
ciphertexts that preserve the order of their plaintexts. Order-preserving
encryption schemes have been studied intensely in the last decade, and yet not
much is known about the security of these schemes. Very recently, Boneh et
al. (Eurocrypt 2015) introduced a generalization of order-preserving
encryption, called order-revealing encryption, and presented a construction
which achieves this notion with best-possible security. Because their
construction relies on multilinear maps, it is too impractical for most
applications and therefore remains a theoretical result.
In this work, we build efficiently implementable order-revealing encryption
from pseudorandom functions. We present the first efficient order-revealing
encryption scheme which achieves a simulation-based security notion with
respect to a leakage function that precisely quantifies what is leaked by the
scheme. Moreover, we show how composing our construction with existing order-
preserving encryption schemes results in order-revealing encryption that is
strictly more secure than all preceding order-preserving encryption schemes.
Daniel S. Roche, Adam J. Aviv, Seung Geol Choi
We implement and measure the performance of our system using Amazon Web Services, and the single-operation time for a realistic database (up to $2^{18}$ entries) is less than 1 second. This represents a 100x speed-up compared to the current best oblivious map data structure (which provides neither secure deletion nor history independence) by Wang et al. (CCS 14).
Juan Carlos Ku-Cauich, Guillermo Morales-Luna
bounds for its minimal distance. Then the use of the introduced code
for building vector space secret sharing schemes is explained and an
estimation of the robustness of the schemes against cheaters is provided.