IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
08 March 2017
Alexander Chepurnoy, Tuyet Duong, Lei Fan, Hong-Sheng Zhou
ePrint ReportWe implement our new design. Our implementation uses a recent modular development framework for blockchains, called Scorex. It allows us to change only certain parts of an application leaving other codebase intact. In addition to the blockchain implementation, a testnet is deployed. Source code is publicly available.
Sergey Agievich
ePrint ReportYaron Velner, Jason Teutsch, Loi Luu
ePrint ReportClaude Cr\'epeau, Nan Yang
ePrint ReportJoão Sá Sousa, Cédric Lefebvre, Zhicong Huang, Jean Louis Raisaro, Carlos Aguilar, Marc-Olivier Killijian, Jean-Pierre Hubaux
ePrint ReportHubert Ritzdorf, Claudio Soriente, Ghassan O. Karame, Srdjan Marinovic, Damian Gruber, Srdjan Capkun
ePrint ReportIn this paper, we first formally define a notion of shared ownership within a file access control model. We then propose two possible instantiations of our proposed shared ownership model. Our first solution, called Commune, relies on secure file dispersal and collusion-resistant secret sharing to ensure that all access grants in the cloud require the support of an agreed threshold of owners. As such, Commune can be used in existing clouds without modifications to the platforms. Our second solution, dubbed Comrade, leverages the blockchain technology in order to reach consensus on access control decision. Unlike Commune, Comrade requires that the cloud is able to translate access control decisions that reach consensus in the blockchain into storage access control rules, thus requiring minor modifications to existing clouds. We analyze the security of our proposals and compare/evaluate their performance through implementation integrated with Amazon S3.
Ruiyu Zhu, Yan Huang
ePrint ReportIn this paper, we propose an efficient construction of LEGO protocols that does not use homomorphic commitments but is able to guarantee security as long as at least one of the garbled gate in each bucket is correct. Additionally, the faulty gate detection rate in our protocol doubles that of the state-of-the-art LEGO constructions. We have implemented our protocol and our experiments on several benchmark applications show that the performance of our approach is highly competitive in comparison with existing implementations.
Ling Ren, Srinivas Devadas
ePrint ReportHao Chen, Kim Laine, Rachel Player
ePrint ReportHavana, Cuba, 20 September - 22 September 2017
Event CalendarSubmission deadline: 26 June 2017
Notification: 10 August 2017
06 March 2017
Singapore University of Technology and Design (SUTD), Singapore
Job PostingI am looking for promising PhD students who are interested in working in the area of cyber security. The position is fully funded up to 4 years with very competitive scholarship. Candidates should have an excellent background (with Bachelor or Master degree) in mathematics, computer science or electrical engineering and the ability to work on inter-disciplinary research projects. Acquaintance with cryptography and network/system security concepts as well as some programming skills will be considered as strong assets. More information of the PhD program is available at https://istd.sutd.edu.sg/phd/phd-overview/.
I am also looking for PhD interns on cyber security, especially on cyber-physical system security (IoT, autonomous vehicle, and power grid etc.). The attachment will be at least 6 months. Allowance will be provided for local expenses. More information of cyber-physical system security is available at http://jianying.space/cpss/.
Interested candidates please send your CV with a research statement to Prof. Jianying Zhou. Please also provide the names of two referees.
Closing date for applications: 30 April 2017
Contact: Contact: Prof. Jianying Zhou
Email: zhou_jianying (at) yahoo.com
Home: http://jianying.space/
More information: http://jianying.space/
05 March 2017
Warsaw, Poland, 28 June - 30 June 2017
Event CalendarSubmission deadline: 30 April 2017
Notification: 31 May 2017
04 March 2017
Felix Günther, Britta Hale, Tibor Jager, Sebastian Lauer
ePrint ReportIntrinsically, the main challenge in a 0-RTT key exchange is to achieve forward secrecy and security against replay attacks for the very first payload message sent in the protocol. According to cryptographic folklore, it is impossible to achieve forward secrecy for this message, because the session key used to protect it must depend on a non-ephemeral secret of the receiver. If this secret is later leaked to an attacker, it should intuitively be possible for the attacker to compute the session key by performing the same computations as the receiver in the actual session.
In this paper we show that this belief is actually false. We construct the first 0-RTT key exchange protocol which provides full forward secrecy for all transmitted payload messages and is automatically resilient to replay attacks. In our construction we leverage a puncturable key encapsulation scheme which permits each ciphertext to only be decrypted once. Fundamentally, this is achieved by evolving the secret key after each decryption operation, but without modifying the corresponding public key or relying on shared state.
Our construction can be seen as an application of the puncturable encryption idea of Green and Miers (S&P 2015). We provide a new generic and standard-model construction of this tool that can be instantiated with any selectively secure hierarchical identity-based key encapsulation scheme.