IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
13 July 2016
Zvika Brakerski, David Cash, Rotem Tsabary, Hoeteck Wee
ePrint ReportWe present an ABE scheme where homomorphic operations can be performed compactly across attributes. Of course, decrypting the resulting ciphertext needs to be done with a key respective to a policy $f$ with $f(x_i)=0$ for all attributes involved in the computation. In our scheme, the target policy $f$ needs to be known to the evaluator, we call this targeted homomorphism. Our scheme is secure under the polynomial hardness of learning with errors (LWE) with sub-exponential modulus-to-noise ratio.
We present a second scheme where there needs not be a single target policy. Instead, the decryptor only needs a set of keys representing policies $f_j$ s.t.\ for any attribute $x_i$ there exists $f_j$ with $f_j(x_i)=0$. In this scheme, the ciphertext size grows (quadratically) with the size of the set of policies (and is still independent of the number of inputs or attributes). Again, the target set of policies needs to be known at evaluation time. This latter scheme is secure in the random oracle model under the polynomial hardness of LWE with sub-exponential noise ratio.
Myrto Arapinis, Véronique Cortier, Steve Kremer
ePrint Report12 July 2016
Tingting Cui, Keting Jia, Kai Fu, Shiyao Chen, Meiqin Wang
ePrint ReportAntonio Marcedone, Rafael Pass, abhi shelat
ePrint ReportMartin Albrecht, Christian Rechberger, Thomas Schneider, Tyge Tiessen, Michael Zohner
ePrint ReportHere we focus, for the first time, on an extreme corner of the design space and initiate a study of symmetric-key primitives that minimize the multiplicative size and depth of their descriptions. This is motivated by recent progress in practical instantiations of secure multi-party computation (MPC), fully homomorphic encryption (FHE), and zero-knowledge proofs (ZK) where linear computations are, compared to non-linear operations, essentially ``free''.
We focus on the case of a block cipher, and propose the family of block ciphers ``LowMC'', beating all existing proposals with respect to these metrics. As examples, we give concrete instatiations for 80-bit, 128-bit, and 256-bit security. We sketch several applications for such ciphers and give implementation comparisons suggesting that when encrypting larger amounts of data the new design strategy translates into improvements in computation and communication complexity by up to a factor of 5 compared to AES-128, which incidentally is one of the most competitive classical designs. Furthermore, we identify cases where ``free XORs'' can no longer be regarded as such but represent a bottleneck, hence refuting this commonly held belief with a practical example.
Jian Bai, Dingkang Wang
ePrint ReportW. Sean Kennedy, Vladimir Kolesnikov, Gordon Wilfong
ePrint ReportWe show how to improve Garbled Circuit (GC) and GMW-based secure function evaluation (SFE) of circuits with if/switch clauses using such S-universal circuit.
The most interesting case here is the application to the GMW approach. We provide a novel observation that in GMW the cost of processing a gate is almost the same for 5 (or more) Boolean inputs, as it is for the usual case of 2 Boolean inputs. While we expect this observation to greatly improve general GMW-based computation, in our context this means that GMW gates can be programmed almost for free, based on the secret-shared programming of the clause.
Our approach naturally and cheaply supports nested clauses. Our algorithm is a heuristic; we show that solving the circuit embedding problem is NP-hard. Our algorithms are in the semi-honest model and are compatible with Free-XOR.
We report on experimental evaluations and discuss achieved performance in detail. For 32 diverse circuits in our experiment, our construction results 6.1x smaller circuit than prior techniques.
Aurore Guillevic
ePrint ReportThe method we propose improves the initial splitting phase and applies to any finite field of composite extension degree. It exploits the available subfields with a cheap (polynomial-time) linear algebra step, resulting in a much more smooth decomposition of the target. This leads to a new trade-off in the asymptotic complexity of the initial splitting step: for instance it is improved by a factor 2 in the exponent for FFS and $2^{1/3}$ in the exponent for NFS, for any finite field of even extension degree, and with a much smaller smoothness bound. In medium and large characteristic, it can be combined with Pomerance's Early Abort strategy. In small characteristic, it replaces the Waterloo algorithm of Blake, Fuji-Hara, Mullin and Vanstone. Moreover it reduces the width and the height of the subsequent descent tree.
Rasmus Dahlberg, Tobias Pulls, Roel Peeters
ePrint ReportSteven D. Galbraith, Joel Laity, Barak Shani
ePrint ReportRonald Cramer, Ivan Damgard
ePrint Report08 July 2016
Institute of Networks and Security, Johannes Kepler University Linz, Austria
Job PostingMain research topics are clusterered in two strategic areas: digital identity (including smart cards and NFC, secure execution environments, cryptographic signatures and revocation protocols, scalable communication between provers and verifiers on a global scale, user interaction, etc.) and secure code (formal modeling and verification, code generation, source code annotations, compiler and runtime based verification, virtualization, hardware support for secure execution, etc.). Previous experience in either (or even both) of these areas is not strictly required, but helpful.
INS (together with the research center on user-friendly secure mobile environments) currently hosts 14 staff members and supervises a number of external PhD and Master\'s students. Applicants are expected to integrate with the team and co-operate on research projects, but are free to develop their own research focus. Teaching duties currently involve introductory low-level systems programming and networking with the option to offer advanced courses on specific research areas. Although some courses are primarily tought in German, exceptions for teaching in English are possible.
The Austrian University collective contract currently grants €3.546,00 per month (with 2 extra payments amounting to 14 monthly payments per year) before taxes. Organizational support for relocation is available. Interested applicants should send their resume and relevant proofs of qualification via email to office (at) ins.jku.at until 31. July 2016 with decisions expected within the first two weeks of August. Funding is open from 1. September, but later starting dates (until November) are possible.
Closing date for applications: 31 July 2016
Contact: Rene Mayrhofer, Head of Institute, rm (at) ins.jku.at
More information: https://ins.jku.at/news/ins-job-posting
07 July 2016
CRYPTO
- The program committee has chosen Breaking the Circuit Size Barrier for Secure Computation Under DDH by Elette Boyle, Niv Gilboa, and Yuval Ishai as the best paper of Crypto 2016. The paper can be found on ePrint at https://eprint.iacr.org/2016/585.
- The program committee has also recognized Mark Zhandry with the early career award for his paper The Magic of ELFs. The award recognizes the best paper authored exclusively by early-career researchers (current student or PhD awarded in 2014 or later). A full version of the paper can be found on ePrint at https://eprint.iacr.org/2016/114.
06 July 2016
Colin Boyd, Christopher Carr
ePrint ReportWe propose a construction for client puzzles requiring widely distributed computational effort for their solution. These puzzles can be solved using the mining process of Bitcoin, or similar cryptocurrencies. Adapting existing definitions, we show that our puzzle construction satisfies formal requirements of client puzzles under reasonable assumptions. We describe a way of transforming our client puzzles for use in denial of service scenarios and demonstrate a practical construction.
Jihoon Cho, Kyu Young Choi, Orr Dunkelman, Nathan Keller, Dukjae Moon, Aviya Vaidberg
ePrint ReportIn this paper we present a new threat model for white-box cryptography which corresponds to the practical abilities of the adversary in a wide range of applications. Furthermore, we study design criteria for white-box primitives that are important from the industry point of view. Finally, we propose a class of new primitives that combine a white-box algorithm with a standard block cipher to obtain white-box protection for encrypting long messages, with high security and reasonable performance.
Michael Backes, Amir Herzberg, Aniket Kate, Ivan Pryvalov
ePrint ReportMohamed Sabt, Jacques Traor\'{e}
ePrint ReportXiaoyang Dong
ePrint ReportAngela Jäschke, Frederik Armknecht
ePrint ReportWe show that the choice of the encoding can already incur a significant slowdown of the overall process, which is independent of the efficiency of the employed FHE scheme. We compare different methods for representing signed rational numbers and investigate their impact on the effort needed for processing encrypted values. In addition to forming a new encoding technique which is superior under some circumstances, we also present further techniques to speed up computations on encrypted data under certain conditions, each of independent interest. We confirm our results by experiments.