Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via
To receive your credentials via mail again, please click here.
You can also access the full news archive.
The primary goal of cryptography is to protect the confidentiality of data and communications. Stream ciphers is one of the two most popular families of symmetric encryption algorithms that allow to guaranty\r\nconfidentiality and to achieve high performances.\r\n\r\n
In the first part of this thesis, we present different cryptanalysis techniques against stream ciphers: correlation\r\nattack against the stream cipher GRAIN, guess and determine attack against the BSG mechanism, algebraic attack against special\r\nkinds of non-linear feedback shift registers, and chosen IV attack against a reduced version of the stream cipher SALSA.\r\n\r\n
In a second part, we focus on proofs of security for stream ciphers: we introduce the new algorithm QUAD and give some \r\nprovable security arguments in order to link its security to the conjectured intractability of Multivariate Quadratic problem. We also try to extend the security requirements of stream ciphers to the case where initialisation values (IV) are used: we present a construction which allows us\r\nto build a secure IV dependent stream cipher from a number generator and apply it to QUAD, which becomes the first IV dependent\r\nstream cipher with provable security arguments. We also present the algorithms DECIM and SOSEMANUK, to which we made\r\ndesign contributions.\r\n\r\n
Finally in a third part, we present efficient software and hardware implementations of the QUAD algorithm.[...]
Want to store your data online securely? Want a fair Internet? What about outsourcing your job while still being assured of the result?
If you want to secure the cloud through the use of provable cryptographic techniques, then you should definitely apply to the Cryptography, Security & Privacy Research Group at Koç University, ?stanbul, Turkey. We have multiple openings for both M.Sc. and Ph.D. level applications. All accepted applicants will receive competitive scholarships.
Koç University has a beautiful campus in the middle of a forest, with a nice view of the Black Sea and the Bosporus, and is very close to the Istanbul city center. The application deadline is 15th of April for early applications and 15th of June for late applications.
For more information about our group, visit
For applying online, visit
Late applications will be considered in exceptional cases.
have long been understood as a cryptographic technique, not a
cryptographic goal. Here we cull out a primitive corresponding to
this technique. We call it a garbling scheme. We provide a
provable-security treatment for garbling schemes, endowing them with a
versatile syntax and multiple security definitions. The most basic of
these, privacy, suffices for two-party secure function evaluation
(SFE) and private function evaluation (PFE). Starting from a PRF, we
provide an efficient garbling scheme achieving privacy and we analyze
its concrete security. We next consider obliviousness and
authenticity, properties needed for private and verifiable outsourcing
of computation. We extend our scheme to achieve these ends. We
provide highly efficient blockcipher-based instantiations of both
schemes. Our treatment of garbling schemes presages more efficient
garbling, more rigorous analyses, and more modularly designed
performing encrypted computation on Boolean circuits, i.e., the
user specifies encrypted inputs to the program, and the server computes on the encrypted inputs. Applying these techniques to general programs with recursive procedures and data-dependent loops
has not been a focus of attention. In this paper, we take a first
step toward building a compiler that, given programs with complex
control flow, generates efficient code suitable for the application of
We first describe how programs written in a small Turing-complete instruction set can be executed with encrypted data and
point out inefficiencies in this methodology. We then provide examples of transforming (a) the greatest common divisor (GCD)
problem using Euclid\'s algorithm and (b) the 3-Satisfiability
(3SAT) problem using a recursive backtracking algorithm into a
path-levelized form to which FHE can be applied. We describe
how path levelization reduces control flow ambiguity and improves
encrypted computation efficiency. Using these techniques and data-dependent loops as a starting point, we then build support for hierarchical programs made up of phases, where each phase corresponds to a fixed point computation that can be used to further improve the efficiency of encrypted computation.
In our setting, the adversary learns an estimate of the number of
steps required to complete the computation, which we show is the
least amount of leakage possible.
Abstract The need for lightweight (that is, compact, low-power, low-energy) cryptographic hash functions has been repeatedly expressed by professionals, notably to implement cryptographic protocols in RFID technology. At the time of writing, however, no algorithm exists that provides satisfactory security and performance. The ongoing SHA-3 Competition will not help, as it concerns general-purpose designs and focuses on software performance. This paper thus proposes a novel design philosophy for lightweight hash functions, based on the sponge construction in order to minimize memory requirements. Inspired by the stream cipher Grain and by the block cipher KATAN (amongst the lightest secure ciphers), we present the hash function family Quark, composed of three instances: u-Quark, d-Quark, and s-Quark. As a sponge construction, Quark can be used for message authentication, stream encryption, or authenticated encryption. Our hardware evaluation shows that Quark compares well to previous tentative lightweight hash functions. For example, our lightest instance u-Quark conjecturally provides at least 64-bit security against all attacks (collisions, multicollisions, distinguishers, etc.), fits in 1379 gate-equivalents, and consumes on average 2.44 μW at 100 kHz in 0.18 μm ASIC. For 112-bit security, we propose s-Quark, which can be implemented with 2296 gate-equivalents with a power consumption of 4.35 μW.