IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
09 September 2017
Ling Sun, Wei Wang, Meiqin Wang
Jie Chen, Junqing Gong
In this work, we proposed a generic framework for tag-based ABE which is based on JR-IBE and compatible with Chen et al.'s (attribute-hiding) predicate encoding [EuroCrypt, 2015]. The adaptive security in the standard model relies on the k-linear assumption in the asymmetric prime-order bilinear group. This is the first framework showing how to extend JR-IBE systematically. In fact our framework and its simple extension are able to cover most concrete tag-based ABE constructions in previous literature. Furthermore, since Chen et al.'s predicate encoding supports a large number of predicates including boolean span program, we can now give the first (both key-policy and ciphertext-policy) tag-based ABE for boolean span program in the standard model. Technically our framework is based on a simplified version of JR-IBE. Both the description and its proof are quite similar to the prime-order IBE derived from Chen et al.'s framework. This not only allows us to work with Chen et al.'s predicate encoding but also provides us with a clear explanation of JR-IBE and its proof technique.
Pei Luo, Yunsi Fei, Liwei Zhang, A. Adam Ding
Anthony Barnett, Jay Santokhi, Michael Simpson, Nigel P. Smart, Charlie Stainton-Bygrave, Srnivas Vivek, Adrian Waller
Benoît Libert, San Ling, Khoa Nguyen, Huaxiong Wang
Xiaojuan Zhang, Xiutao Feng, Dongdai Lin
Khoa Nguyen, Benjamin Hong Meng Tan, Huaxiong Wang
Cyprien de Saint Guilhem, Nigel P. Smart, Bogdan Warinschi
Yusuke Naito
Luykx et al. (FSE2016) proposed LightMAC, the first blockcipher-based MAC with such security and a variant of PMAC, where for each $n$-bit blockcipher call, an $m$-bit counter and an $(n-m)$-bit message block are input. By the presence of counters, LightMAC becomes a secure PRF up to $O(2^{n/2})$ tagging queries. Iwata and Minematsu (TOSC2016, Issue1) proposed F_t, a keyed hash function-based MAC, where a message is input to $t$ keyed hash functions (the hash function is performed $t$ times) and the $t$ outputs are input to the xor of $t$ keyed blockciphers. Using the LightMAC's hash function, F_t becomes a secure PRF up to $O(2^{t n/(t+1)})$ tagging queries. However, for each message block of $(n-m)$ bits, it requires $t$ blockcipher calls.
In this paper, we improve F_t so that a blockcipher is performed only once for each message block of $(n-m)$ bits. We prove that our MACs with $t \leq 7$ are secure PRFs up to $O(2^{t n/(t+1)})$ tagging queries. Hence, our MACs with $t \leq 7$ are more efficient than F_t while keeping the same level of PRF-security.
Ivica Nikolić
Evgenios M. Kornaropoulos, Petros Efstathopoulos
In the semi-honest model the input to the sketching algorithm is independent of the common randomness. We, however, consider a new threat model where a party is allowed to use the common randomness to perturb her input 1) offline, and 2) before the execution of any secure protocol so as to steer the approximation result to a maliciously chosen output. We formally define perturbation attacks under this adversarial model and propose two attacks on the well-studied techniques of minhash and cosine sketching. We demonstrate the power of perturbation attacks by measuring their success on synthetic and real data.
To mitigate such perturbation attacks we propose a server- aided architecture, where an additional party, the server, assists in the secure similarity approximation by handling the common randomness as private data. We revise and introduce the necessary secure protocols so as to apply minhash and cosine sketching techniques in the server-aided architecture. Our implementation demonstrates that this new design can mitigate offline perturbation attacks without sacrificing the efficiency and scalability of the reconstruction protocol.
Seoul, Republic of Korea, 29 November - 1 December 2017
Submission deadline: 15 September 2017
Notification: 20 October 2017
08 September 2017
Debrup Chakraborty, Sebati Ghosh, Cuauhtemoc Mancillas Lopez, Palash Sarkar
Nilanjan Datta, Avijit Dutta, Mridul Nandi, Goutam Paul, Liting Zhang
06 September 2017
CipherCloud India Pvt Ltd, Hyderabad, India
Cryptography Architect will lead and contribute to our core technology. This senior engineering position requires demonstrated capabilities in cryptography, encryption, programming, and the associated computational sciences, while also serving the role of cryptography lead for the product teams. The position also requires leading associated research and patent activities and staging of foundational cryptographic technologies for security products.
DESIRED SKILLS & EXPERIENCE
• MS or PhD with at least few credits in advanced cryptography, mathematics and computer science combined with at least 2 years of software development experience in a related discipline is required
• In-depth hands-on implementation experience of at least few cryptography algorithms from scratch is required
• A very good understanding of symmetric and asymmetric key cryptography, key management techniques, PKI, SSL, X.509 Certificates and all the related technologies is needed
• Strong theoretical bend and academic connections is a plus
• Understanding of latest cryptographic techniques such as as Homomorphic and Split Key Encryption, Function and Format preserving Encryption techniques is a big plus
• Experience with various character sets and character encoding techniques is required
• Hands-on programming experience in C or Java. Java development experience is a plus
• Entrepreneurial drive and work ethic, self-motivated, results oriented and demonstrated ability to add value and succeed in a fast paced environment.
• Team player with strong communications and writing skills.
Closing date for applications: 1 November 2017
Contact: Harshiika Upadhyay Sahu
Mananger - Recruitment
husahu (at) ciphercloud.com
More information: https://ciphercloud.com/
University of York, UK
We welcome applications from researchers with a track record as an international leader in Cybersecurity, with some emphasis on pragmatic aspects of Cybersecurity. You will actively engage and collaborate with colleagues leading the development of Cybersecurity research and teaching. You’ll develop relationships across the wider University and beyond, to help build a distinctive and positive working environment that emphasises excellence.
To support this appointment we are appointing up to 10 lectureships within the department to further grow Cybersecurity research and our other core themes. Our intentions is to build our Cybersecurity research into an accredited centre. We would offer the appointed candidate support through these additional appointment and reduced teaching load in the first instance.
Closing date for applications: 8 October 2017
Contact: Professor Neil Audsley
Head of Department - Computer Science
neil.audsley (at) york.ac.uk
More information: https://jobs.york.ac.uk/wd/plsql/wd_portal.show_job?p_web_site_id=3885&p_web_page_id=325060
University of York, UK
Ten posts are available over the next two years and will be phased according to the quality of applications. The posts are at the lecturer (Research and Teaching) grade, equivalent to Assistant Professor.
We are looking to the new staff to reinforce our existing strengths, e.g. in Human Computer Interaction and Real-Time Systems, to expand in areas such as Cybersecurity, and to enable us to build up our range of interdisciplinary themes and research centres.
Closing date for applications: 1 October 2017
Contact: Candidates are invited to email cs-lectureships (at) york.ac.uk for confidential informal enquiries.
More information: https://www.york.ac.uk/professorial-jobs/computer-science
Tel Aviv, Israel, 11 February - 15 February 2018
Andr\'e Chailloux, Mar\'ia Naya-Plasencia, Andr\'e Schrottenloher
Symmetric primitives, at first sight, seem less impacted by the arrival of quantum computers: Grover's algorithm (Grover, 1996) for searching in an unstructured database finds a marked element among $2^{n}$ in time $\widetilde{O}(2^{n / 2})$, providing a quadratic speedup compared to the classical exhaustive search, essentially optimal. Cryptographers then commonly consider that doubling the length of the keys used will be enough to maintain the same level of security.
From similar techniques, quantum collision search is known to attain $\widetilde{O}(2^{n / 3})$ query complexity (Brassard et al., 1998), compared to the classical $O(2^{n / 2})$. However, as Bernstein pointed out (Bernstein, 2009), this quantum speedup is illusory: the actual quantum computation performed is actually more expensive than in the classical algorithm.
In this paper, we investigate quantum collision and multi-target preimage search and present a new algorithm, that uses the amplitude amplification technique. As such, it relies on the same principle as Grover's search.
Our algorithm is the first to propose a time complexity that improves upon $O(2^{n/2})$, in a simple setting with a single processor. This time complexity is $\widetilde{O}(2^{2n/5})$ (equal to its query complexity), with a polynomial quantum memory needed ($O(n)$), and a small classical memory complexity of $\widetilde{O}(2^{n/5})$. For multi-target preimage attacks, these complexities become $\widetilde{O}(2^{3n/7})$, $O(n)$ and $\widetilde{O}(2^{n/7})$ respectively. To the best of our knowledge, this is the first proof of an actual quantum time speedup for collision search. We also propose a parallelization of these algorithms.
This result has an impact on several symmetric cryptography scenarios: we detail how to improve upon previous attacks for hash function collisions and multi-target preimages, how to perform an improved key recovery in the multi-user setting, how to improve the collision attacks on operation modes, and point out that these improved algorithms can serve as basic tools for some families of cryptanalytic techniques.
In the end, we discuss the implications of these new attacks on post-quantum security.