IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
25 July 2017
Hugues Thiebeauld, Georges Gagnerot, Antoine Wurcker, Christophe Clavier
ikaterini Mitrokotsa, Cristina Onete, Elena Pagnin, Mahesh Perera
Nieuwpoort, Curacao, 26 February - 2 March 2018
Submission deadline: 15 September 2017
Notification: 17 November 2017
University of South Florida, Tampa, FL
USF is an R1 university and among the leading institutions in Florida. We are looking for motivated, talented, and hardworking applicants who have background and are interested in working on different aspects of Cryptographic Engineering with emphasis on:
- Cryptographic hardware systems
- Side-channel attacks, particularly fault and power analysis attacks
The required expertise includes:
- Masters (or Bachelors with outstanding background) in Computer Engineering or Electrical Engineering
- Solid background in digital design, VLSI, computer arithmetic, and ASIC/FPGA implementations
- Solid HDL expertise
- Outstanding English (if English tests are taken) to be eligible for department funding
- Motivation to work beyond the expectations from an average Ph.D. student and publish in top tier venues
Please closely observe the admission requirement details here before emailing:
http://www.usf.edu/engineering/cse/graduate/phd-program.aspx
Please send me your updated CV (including list of publications, language test marks, and references), transcripts for B.Sc. (and/or M.Sc.), and a statement of interest at mmozaff (at) gmail.com as soon as possible.
NOTE: At this time, I consider only the applicants who have already taken TOEFL/IELTS and GRE exams with excellent marks (application deadline: Sep. 15th, 2017). The successful candidate will be asked to apply formally very soon to the USF CSE department, so all the material has to be ready.
Closing date for applications: 15 September 2017
Contact: Prof. Mehran Mozaffari-Kermani
Assistant Professor, CSE @ USF
23 July 2017
Zhongxiang Zheng, Chunhuan Zhao, Haining Fan, Xiaoyun Wang
Helger Lipmaa
Shay Gueron, Yehuda Lindell
In this paper, we show that key-derivation at every encryption significantly improves the security bounds in many cases. We present a new key-derivation method that utilizes a truncated block cipher, and show that this is far better than standard block-cipher based key derivation. We prove that by using our key derivation method, we obtain greatly improved bounds for many modes of operation, with a result that the lifetime of a key can be significantly extended. We demonstrate this for AES-CTR (CPA-security), AES-GCM (authenticated encryption) and AES-GCM-SIV (nonce-misuse resistance). Finally, we demonstrate that when using modern hardware with AES instructions (AES-NI), the performance penalty of deriving keys at each encryption is insignificant for most uses.
Marie-Sarah Lacharité, Brice Minaud, Kenneth G. Paterson
- We first consider full reconstruction, which asks to recover the value of every record, fully negating encryption. We show that full reconstruction is possible within an expected number of queries $N \log N + O(N)$, where $N$ is the number of distinct plaintext values. This attack assumes that the dataset is dense, in the sense that every plaintext value occurs in some record; but it does not assume any a priori knowledge of the distribution of the values among records. This bound improves on an $O(N^2 \log N)$ bound in the same setting by Kellaris et al. (CCS 2016). We also provide efficient algorithms that succeed with the minimum possible number of queries (in a strong, information theoretical sense), prove a matching data lower bound for the number of queries required, and study in more detail the setting where rank information leakage is available in addition to the access pattern. - We show another efficient attack able to recover all plaintext values within a constant ratio of error (such as a 1% error), requiring only the access pattern leakage of $O(N)$ queries. More precisely, recovering all plaintext values within an additive margin of error $\epsilon N$ for any arbitrary $\epsilon$ requires an expected number of $\frac{5}{4} N\log(1/\epsilon) + O(N)$ queries. As before, this result comes with a matching lower bound. - Finally, we consider the common situation where the adversary has access to an auxiliary distribution for the targeted values. This enables us to convert rank leakage into approximate range information, leading to an accelerated attack. This attack does not require a dense dataset. Since it is not amenable to a rigorous analysis, we report the results of experiments using this third attack against age data from real-world medical data sets. We show that the attack is highly effective at reconstructing the association between values and records, even with imperfect auxiliary information. In our experiments, observing only 50 queries was sufficient to reconstruct 55% of records to within 5 years, and 35% of records to within 3 years.
In combination, our attacks suggest that the practical impact of the leakage suffered by all schemes supporting range queries is more severe than previously thought, particularly so for schemes like Arx and FH-OPE which also leak rank. Our attacks cast doubt on the practical viability of current approaches to enabling range queries when the threat model goes beyond snapshot attacks to include a persistent server-side adversary.
Johannes Buchmann, Denise Demirel, Lucas Schabhüser, Patrick Struck
Damien Couroussé, Thierno Barry, Bruno Robisson, Philippe Jaillon, Olivier Potin, Jean-Louis Lanet
Sean Murphy, Rachel Player
Liliya R. Ahmetzyanova, Evgeny K. Alekseev, Igor B. Oshkin, Stanislav V. Smyshlyaev
Hai Zhou
In this paper, we present a theory on logic encryption that provides a complete understanding on the design space and the trade-o between error rate and attack complexity. An e cient general design scheme is derived from the theory and some speci c designs are also suggested. We also suggest a method to insert one-way function to burden the SAT engine, and a method to obfuscate the whole design. In addition, as an application of the theory, we also develop a scienti c encryption benchmark for approximate attacks. We test our encryption designs and obfuscation techniques by the SAT-based attack, and the results have veri ed the robustness of our approach.
Christian Cachin, Jan Camenisch, Eduarda Freire-Stoegbuchner, Anja Lehmann
Patrick McCorry, Ethan Heilman, Andrew Miller
Carlos Cid, Tao Huang, Thomas Peyrin, Yu Sasaki, Ling Song
Deepesh Data, Manoj Prabhakaran
Our main result is a complete combinatorial characterization of randomized functions with `ternary output' kernels, that have information-theoretic semi-honest secure 2-party computation protocols. In particular, we show that there exist simple randomized functions with ternary output that do not have secure computation protocols. (For deterministic functions, the smallest output alphabet size of such a function is 5, due to an example given by Beaver, DIMACS Workshop on Distributed Computing and Cryptography 1989.)
Also, we give a complete combinatorial characterization of randomized functions that have `2-round' information-theoretic semi-honest secure 2-party computation protocols.
We also give a counter-example to a natural conjecture for the full characterization, namely, that all securely computable simple functions have secure protocols with a unique transcript for each output value. This conjecture is in fact true for deterministic functions, and -- as our results above show -- for ternary functions and for functions with 2-round secure protocols.
Fanbao Liu, Fengmei Liu
In the quantum model, by utilizing the Simon's algorithm, we propose an efficient universal forgery attack to FKS, FKD and Keyak with complexity of $O(c)$. Moreover, we also propose an efficient key recovery attack that can be implemented in $O(c)$. Such attacks show that FKS, FKD and Keyak is completely broken in the quantum model.