International Association for Cryptologic Research

# IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2012-07-14
07:01 [Job][New]

Seagate delivers advanced digital storage solutions to meet the needs of today\\\'s consumers and tomorrow\\\'s applications. Through technology, leadership and innovation, Seagate continues to help individuals and businesses maximize the potential of their digital content in an ever-evolving, on-demand world.

Seagate is seeking candidates for positions in the exciting and rapidly growing field of security and storage security. Successful candidates will have a minimum 5-10 years of experience in the cryptography and security industry. Join a worldwide team architecting, developing, and deploying storage security products, including Hard Disc Drives (HDDs), Silicon Storage Devices (SSDs), and Silicon Storage Hybrids (SSHs), across the Seagate market space.

The senior level position of Cryptography Lead requires demonstrated capabilities in cryptography, entropy, and the associated computational/programming sciences, while also requiring leadership and direction of other worldwide technical team members, and serving the role of cryptography lead on the security architecture team. As well the position requires leading associated research and patent activities and staging of foundational cryptographic technologies for security products.

Our culture is focused on our Corporate Values --People, Customer Success, Excellence, Innovation, Teamwork, Openness, Social Responsibility and Sustained Profitability. Join a worldwide team of talented, collaborative, innovative people who thrive in a work environment where people can share knowledge and learn from one another. You won\\\'t find a more exciting place to build your career and challenge yourself. Accept the challenge and Go where innovation leads...Join Seagate. Apply now!

To get started, please join the Seagate Talent Community and Apply Online!

2012-07-12
18:17 [Pub][ePrint]

We provide a functional encryption system that supports functionality

for regular languages. In our system a secret key is associated with

a Deterministic Finite Automata (DFA) M. A ciphertext, CT,

encrypts a message m and is associated with an arbitrary length string w. A user is able to decrypt the ciphertext CT if

and only if the DFA M associated with his private key accepts the string w.

Compared with other known functional encryption systems, this is

the first system where the functionality is capable of recognizing an

unbounded language. For example, in (Key-Policy) Attribute-Based

Encryption (ABE) a private key SK is associated with a single

boolean formula which operates over a fixed number of

boolean variables from the ciphertext. In contrast, in our system a

DFA M will meaningfully operate over an arbitrary length input w.

We propose a system that utilizes bilinear groups. Our solution is a

\"public index\" system, where the message m is hidden, but the

string w is not. We prove security in the selective model under a

variant of the decision l-Bilinear Diffie-Hellman Exponent

(BDHE) assumption that we call the decision l-Expanded BDHE problem.

14:03 [Event][New]

From September 3 to September 7
Location: Bochum, Germany

13:01 [Conf][Crypto]

We are excited to announce that for the first time the National Science Foundation (NSF) is offering stipends to students attending CRYPTO!

All students who are currently studying in a US university are eligible to receive support from the NSF. Students in under-represented groups are especially encouraged to apply. Given the new NSF funding, together with existing funding from our industry sponsors, we are now able to award a second round of stipends to student attendees, both *domestic* and *international*.

To apply, you must be a student enrolled in a US or foreign university, and please ask your PhD supervisor or Department Head to email a brief justification to the General Chair (crypto2012@iacr.org) before the new deadline of July 27th, 2012.

2012-07-11
18:17 [Pub][ePrint]

Malicious insider security of authenticated key exchange (AKE) protocol addresses the situation that an AKE protocol is secure even with existing dishonest parties established by adversary in corresponding security experiment. In the eCK model, the $\\EstablishParty$ query is used to model the malicious insider setting. However such strong query is not clearly formalized so far. We show that the proof of possession assumptions for registering public keys are of prime importance to malicious insider security. In contrast to previous schemes, we present an eCK secure protocol in the standard model, without assuming impractical, strong, concurrent zero-knowledge proofs of knowledge of secret keys done to the CA at key registration. The security proof of our scheme is based on standard pairing assumption, collision resistant hash functions, bilinear decision Diffie-Hellman (BDDH) and decision linear Diffie-Hellman (DLIN) assumptions, and pseudo-random functions with pairwise independent random source $\\pi\\prf$.\\\\

18:17 [Pub][ePrint]

We extend the work of Bellare, Boldyreva and Staddon on the systematic analysis of randomness reuse to construct multi-recipient

encryption schemes to the case where randomness is reused across different cryptographic primitives. We find that through the additional binding introduced through randomness reuse, one can actually obtain a security amplification with respect to the standard black-box compositions, and achieve a stronger level of security. We introduce stronger notions of security for encryption and signatures,

where challenge messages can depend in a restricted way on the random coins used in encryption, and show that two variants of the KEM/DEM paradigm give rise to encryption schemes that meet this enhanced notion of security. We obtain a very efficient signcryption scheme that is

secure against insider attackers without random oracles.

18:17 [Pub][ePrint]

In this paper, we revisit formalizations of information-theoretic security for symmetric-key encryption and key agreement protocols. In general, we can formalize information-theoretic security in various ways: some of them can be formalized as stand-alone security by extending (or relaxing) Shannon\'s perfect secrecy; some of them can be done based on composable security. Then, a natural question about this is: what is the gap between the formalizations? To answer the question, we investigate relationships between several formalizations of information-theoretic security for symmetric-key encryption and key agreement protocols. Specifically, for symmetric-key encryption protocols which may have decryption-errors, we deal with the following formalizations of security: formalizations extended (or relaxed) from Shannon\'s perfect secrecy by using mutual information and statistical distance; information-theoretic analogue of indistinguishability by Goldwasser and Micali; and the ones of composable security by Maurer et al. and Canetti. Then, we show that those formalizations are essentially equivalent under both one-time and multiple-use models. Under the both models, we also derive lower bounds of the adversary\'s (or distinguisher\'s) advantage and secret-key size required under all of the above formalizations. Although some of them are already known, we can derive them all at once through our relationships between the formalizations. In addition, we briefly observe impossibility results which easily follow from the lower bounds. The similar results are also shown for key agreement protocols which may have agreement-errors.

12:23 [Job][Update]

At the RUB a teaching position (tenured) is open. The German job name is \\\"Akademischer Rat\\\", with a teaching load of 13 hours per week. This is a postdoc position, a Ph.D. degree is required.

This teching position is located at the chair for Network and Data Security (www.nds.rub.de). Applicants should have a strong publication record in the areas of cryptographic protocols, web security, or webservice security.

Due to the large teaching load, excellent knowledge of German language is reqired.

2012-07-09
11:49 [Job][New]

At the RUB a teaching position (tenured) is open. The German job name is \"Akademischer Rat\", with a teaching load of 13 hours per week. This is a postdoc position, a Ph.D. degree is required.

This teching position is located at the chair for Network and Data Security (www.nds.rub.de). Applicants should have a strong publication record in the areas of cryptographic protocols, web security, or webservice security.

Due to the large teaching load, excellent knowledge of German language is reqired.

05:48 [PhD][New]

Name: Tal Malkin

05:47 [PhD][New]

Name: Ilya Kizhvatov
Topic: Physical Security of Cryptographic Algorithm Implementations
Category: implementation

Description:

This thesis deals with physical attacks on implementations of cryptographic algorithms and countermeasures against these attacks. Physical attacks exploit properties of an implementation such as leakage through physically observable parameters (side-channel analysis) or susceptibility to errors (fault analysis) to recover secret cryptographic keys. In the absence of adequate countermeasures such attacks are often much more efficient than classical cryptanalytic attacks. Particularly vulnerable to physical attacks are embedded devices that implement cryptography in a variety of security-demanding applications.

\r\n

In the area of side-channel analysis, this thesis addresses attacks that exploit observations of power consumption or electromagnetic leakage of the device and target symmetric cryptographic algorithms (at the notable example of the Advanced Encryption Standard (AES)). First, this work proposes a new combination of two well-known techniques of such attacks: differential side-channel analysis and side-channel collision attacks. The combination is more efficient than each of the attacks individually. As a further improvement, new dimension reduction techniques for side-channel acquisitions are introduced for side-channel collision detection and compared using an information-theoretic metric. Second, this work studies attacks exploiting leakage induced by microprocessor cache mechanism. We present an algorithm for cache-collision attacks that can recover the secret key in the presence of uncertainties in cache event detection from side-channel acquisitions, which may happen in a noisy measurement environment. Third, practical side-channel attacks are discovered against the AES engine of the AVR XMEGA, a recent versatile microcontroller for a variety of embedded applications.

\r\n

In the area of fault analysis, this thesis extends existing attacks against the RSA digital signature algorithm implemented with the Chinese remainder theorem to a setti[...]