IACR Newsletter

Vol. 23, No. 2, Winter 2006.

Contents

• 2006 elections
• New website for IACR organizational discussions
• Visas for IACR events
• Nominations for IACR Fellow deadline
• Calendar of events in cryptology
• Top Downloads from the Cryptology ePrint Archive
• Meeting minutes for the Board of Directors
• Open Positions in Cryptology

2006 elections are complete

The 2006 election is now complete. There were two items on the ballot, a vote on the creation of an anonymity policy, and the normal election of directors. The issue of anonymity for the review process has been approved by the membership with a 216 to 83 majority (with 25 choosing not to vote on this issue). The exact wording of the policy is:

Submissions to all IACR conferences (Asiacrypt, Crypto, and Eurocrypt) should normally be anonymous to program committee members throughout the reviewing process. Authorship should only be disclosed by the program chair in rare instances involving conflicts or other special circumstances.

The following directors have been elected to a three year term, January 2007 through December 2009.

• Tom Berson
• Arjen Lenstra
• Serge Vaudenay

There was a strong ballot vying for the three open seats. Congratulations to the electees, and our thanks to all eight qualified candidates for participating.

There were 324 ballots that arrived before the December 1 deadline. All were counted and none were spoiled. The web page for the election is here and the sample ballot is here . The detailed results are here .

New website for IACR organizational discussions

A new wiki website has now been set up to serve as a stage for discussions on IACR-related topics. The IACR does not formally maintain this site or endorse the opinions on it. This site is maintained by Shai Halevi and the opinions on it belong to the respective contributors.

Current discussion topics:

• Should the IACR switch to an electronic voting system?
• IACR electronic publishing

Anyone is encouraged to contribute to the discussions on this site. The only request is that contributions be related to the discussion topics.

Shai Halevi, Dec 22, 2006

Visas for IACR events

The issue of Visas to attend IACR events continues to be significant. Information on the US visas can be found here , The time to obtain a US visa is variable, and may involve a visit to the Consulate for an interview. This has taken over 3 months for some individuals in the past. It is advisable to submit Visa applications as soon as possible to avoid last minute problems.

For all IACR conferences and workshops, please check the relevant web page for visa information or contact that conference's General Chair.

Nominations for IACR Fellow

We hope that you will consider devoting some of your time and effort to nominating or endorsing an IACR-Fellow candidate. IACR members can nominate or endorse other IACR members for this prestigious position. Nominations and endorsements are due on December 31, 2006. More information can be found here .

Calendar of IACR events

IACR Conferences

• Eurocrypt 2007 , May 20-24, 2007, Barcelona, Spain.
• Crypto 2007 , August 19-23, 2007, Santa Barbara, California, USA.
• Asiacrypt 2007 , December 2-6, 2007, Kuching, Sarawak, MALAYSIA.

IACR Workshops

• The fourth Theory of Cryptography Conference (TCC'07), February 21-24, 2007, Amsterdam, The Netherlands.
• FSE 2007 , March 26-28, Luxemburg, Luxemburg.
• International Workshop on Practice and Theory in Public Key Cryptography (PKC 2007), April 16-20, Beijing, P.R.China.
• Workshop on Cryptographic Hardware and Embedded Systems (CHES 2007), September 10-13, 2007, Vienna, Austria.

Events In Cooperation with IACR

• 2007 IEEE Symposium on Security and Privacy , May 20-23, 2007, Oakland, California, USA

Complete Calendar of Events in Cryptology

Top downloads from the Cryptology ePrint Archive

The top papers downloaded from August through December of 2006 are listed below.

• On the Power of Simple Branch Prediction Analysis , Onur Aciicmez and Cetin Kaya Koc and Jean-Pierre Seifert
  This paper describes and concludes that a Simple Branch Prediction Attacks are much more dangerous than previously anticipated as they empower an unprivileged process to successfully attack other processes running in parallel on the same processor.
  

• Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD , X. Wang, D. Feng, X. Lai and H. Yu
  This is the paper for a series of collisions in the hash functions MD4, MD5, HAVAL-128 and RIPEMD that were announced at CRYPTO 2004 Rump Session by Ms. X. Wang.

• A Technical Comparison of IPSec and SSL , AbdelNasir Alshamsi and Takamichi Saito
  Not finding any papers comparing IPSec and SSL in terms of characteristic and functionality, the authors created this paper focused on presenting an analysis of security and performance properties for IPSec and SSL.

• How to Cheat at Chess: A Security Analysis of the Internet Chess Club , J. Black, M. Cochran and R. Gardner
  The Internet Chess Club (ICC) is a popular online chess server with more than 30,000 members. While the security protocol used between client and server claims sufficient security for sensitive information to be transmitted, this paper shows that this is not true.

• How to Build a Low-Cost, Extended-Range RFID Skimmer , Ilan Kirschenbaum and Avishai Wool
  Describes how to build a device that can skim widely adopted RFID tags from a distance that does not require the attacker to touch the victim. The device can also be the leech part of a relay-attack system by which an attacker can make purchases using a victim’s RFID-enhanced credit card—despite any cryptographic protocols that may be used.
  

• The Misuse of RC4 in Microsoft Word and Excel , H. Wu
  Reports a flaw in Microsoft Word and Excel's use of the stream cipher RC4. When an encrypted document gets modified and saved, the initialization vector remains the same allowing information to be recovered.
  

Complete list of recent papers in the IACR ePrint Archive

Meeting minutes for the Board of Directors

The past minutes of the meetings here . Additions to the list this year include:

Date	Board meeting
Crypto 2006	Agenda	Minutes
Eurocrypt 2006	Agenda	Minutes

Open positions in Cryptology

Current announcements on the IACR Website for Open Positions in Cryptology .

• Eindhoven University of Technology
• Microsoft Research
• Stevens Institute of Technology
• University College London
• National Mathematics cluster DIAMANT
• Eindhoven University of Technology
• Horst Goertz Institute for IT Security (HGI)
• Groupe des Écoles des Télécommunications
• Palo Alto Research Center (PARC)

You may opt out of the newsletter either by editing your contact information and preferences here or by sending an email to the newsletter editor at newsletter (at) iacr.org .

Contributions, announcements, book announcements or reviews, calls for papers ... are most welcome! Please include a URL and/or e-mail address for any item submitted (if possible). For things that are not on the Web, please submit a one-page ASCII version. Send your contributions to newsletter (at) iacr.org .

IACR contact information