Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via
To receive your credentials via mail again, please click here.
You can also access the full news archive.
The threshold gap $g$ is defined as $r-t$, where $r$ is minimal and $t$ is maximal such that
the following holds: for a secret with arbitrary a priori distribution, each $r$-subset of players can
reconstruct this secret from their joint shares without error ($r$-reconstruction) and the information
gain about the secret is nil for each $t$-subset of players jointly ($t$-privacy).
Our first bound, which is completely general, implies that if $1\\leq t
A premier center for commercial innovation, PARC, a Xerox company, is in the business of breakthroughs. We work closely with global enterprises, entrepreneurs, government agencies and partners, and other clients to invent, co-develop, and bring to market game-changing innovations by combining imagination, investigation, and return on investment for our clients. For 40 years, we have lived at the leading edge of innovation, merging inquiry and strategy to pioneer technological change. PARC was incorporated in 2002 as a wholly owned independent subsidiary of Xerox Corporation – enabling us to continue pioneering technological change but across a broader set of industries and clients today.
Depending on seniority, the successful candidate will be responsible for one or more of the following roles:
. Formulating research problems based on real-world needs and independently conducting high-quality research
. Working with existing research and development staff on a broad range of research topics
. Working with business development team in identifying important business opportunities with industry and government agencies.
. Identifying new promising research directions and contributing them to the group’s long-term research agenda.
Candidates in all areas of cyber security will be considered, however, the following areas are of particular interest:
. Systems & network security
. Security in cloud computing
. Data mining and machine learning applied to security and privacy
. Security and privacy in ubiquitous and mobile computing environments
. Formal methods and software
Our method is based on the researches in key-leakage resilience. It thus gives an interesting and rather surprised connection between the rich domain of key-leakage resilient cryptography and Pirates 2.0. We first formalize the notion of key-leakage resilient revoke system and then identify sufficient conditions so that a key-leakage resilient revoke scheme can resist Pirates 2.0 in any form. We finally propose a construction of a secure key-leakage resilient identity-based revoke system that fulfills the required conditions. The main ingredient in the construction relies on the identity-based encryption with wildcards ($\\WIBE$) and our construction of key-leakage resilient $\\WIBE$ could be useful in its own right.
interactive proofs of knowledge over multiple parties. Interactive proofs of knowledge (PoK) are widely used
primitives of cryptographic protocols, including important user-centric protocols, such as identification schemes,
electronic cash (e-cash), and anonymous credentials.
We present a security model for threshold proofs of knowledge and develop threshold versions of well-known
primitives such as range proofs, zero-knowledge proofs for preimages of homomorphisms (which generalizes PoKs
of discrete logarithms, representations, p-th roots, etc.), as well as OR statements. These building blocks are proven
secure in our model.
Furthermore, we apply the developed primitives and techniques in the context of user-centric protocols. In particular,
we construct distributed-user variants of Brands\' e-cash system and the bilinear anonymous credential scheme by
Camenisch and Lysyanskaya. Distributing the user party in such protocols has several practical advantages: First, the
security of a user can be increased by sharing secrets and computations over multiple devices owned by the user. In
this way, losing control of a single device does not result in a security breach. Second, this approach also allows
groups of users to jointly control an application (e.g., a joint e-cash account), not giving a single user full control.
The distributed versions of the protocols we propose in this paper are relatively efficient (when compared to a general
MPC approach). In comparison to the original protocols only the prover\'s (or user\'s) side is modified while the other
side stays untouched. In particular, it is oblivious to the other party whether it interacts with a distributed prover (or
user) or one as defined in the original protocol.
In this paper, we consider encapsulation of several ephemeral keys, for various groups and thus various channels, in one header only, and we call this new primitive Multi-Channel Broadcast Encryption: one can hope for a much shorter global overhead and a short zapping time since the decoder already has the information to decrypt any available channel at once. Our candidates are private variants of the Boneh-Gentry-Waters scheme, with a constant-size global header, independently of the number of channels. In order to prove the CCA security of the scheme, we introduce a new dummy-helper technique and implement it in the random oracle model.
by means of rigorous programming language techniques and verification
methods. EasyCrypt is a framework that realizes the verified security
paradigm and supports the machine-checked construction and
verification of cryptographic proofs using state-of-the-art SMT
solvers, automated theorem provers and interactive proof assistants.
Previous experiments have shown that EasyCrypt is effective for a
posteriori validation of cryptographic systems. In this paper, we
report on the first application of verified security to a novel
cryptographic construction, with strong security properties and
interesting practical features. Specifically, we use EasyCrypt to
prove the IND-CCA security of a redundancy-free public-key encryption
scheme based on trapdoor one-way permutations. Somewhat surprisingly,
we show that even with a zero-length redundancy, Boneh\'s SAEP scheme
(an OAEP-like construction with a single-round Feistel network rather
than two) converts a trapdoor one-way permutation into an
IND-CCA-secure scheme, provided the permutation satisfies two
additional properties. We then prove that the Rabin function and RSA
with short exponent enjoy these properties, and thus can be used to
instantiate the construction we propose to obtain efficient encryption
schemes. The reduction that justifies the security of our construction
is tight enough to achieve practical security with reasonable key