International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

12:17 [Pub][ePrint] Cross-Domain Password-Based Authenticated Key Exchange Revisited, by Liqun Chen and Hoon Wei Lim and Guomin Yang

  We revisit the problem of cross-domain secure communication between two users belonging to different security domains within an open and distributed environment. Existing approaches presuppose that either the users are in possession of public key certificates issued by a trusted certificate authority (CA), or the associated domain authentication servers share a long-term secret key. In this paper, we propose a four-party password-based authenticated key exchange (4PAKE) protocol that takes a different approach from previous work. The users are not required to have public key certificates, but they simply reuse their login passwords they share with their respective domain authentication servers. On the other hand, the authentication servers, assumed to be part of a standard PKI, act as ephemeral CAs that ``certify\'\' some key materials that the users can subsequently exchange and agree on a session key. Moreover, we adopt a compositional approach. That is, by treating any secure two-party password-based key exchange protocol and two-party asymmetric-key based key exchange protocol as black boxes, we combine them to obtain a generic and provably secure 4PAKE protocol.

12:17 [Pub][ePrint] PIRMAP: Efficient Private Information Retrieval for MapReduce, by Travis Mayberry and Erik-Oliver Blass and Agnes Hui Chan

  Private Information Retrieval (PIR) allows for retrieval of bits from a

database in a way that hides a user\'s access pattern from the server. However, its practicality in a cloud computing setting has recently been questioned. In such a

setting, PIR\'s enormous computation and communication overhead is

expected to outweigh any cost saving advantages of cloud computing.

This paper presents PIRMAP, a practical, highly efficient protocol for

PIR in MapReduce, a widely supported cloud computing API. PIRMAP focuses especially on the retrieval of

large files from the cloud, where it achieves optimal communication

complexity ($O(l)$ for retrieval of an $l$ bit file) with query times significantly faster than previous schemes. To achieve this, PIRMAP arranges files so parallel evaluation can be done during the ``Map\'\' phase

of MapReduce and aggregation can be carried out via an efficient additively

homomorphic encryption scheme in the ``Reduce\'\' phase. PIRMAP has been implemented and tested in Amazon\'s public cloud with total database sizes of up to 1~TByte. Our performance evaluations show that

PIRMAP is more than one order of magnitude cheaper and faster than

``trivial PIR\'\' on Amazon and adds only $20\\%$ overhead to a

theoretical optimal PIR.

12:17 [Pub][ePrint] Differential Fault Analysis on Block Cipher Piccolo, by Kitae Jeong

  Piccolo is a 64-bit block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose differential fault analysis on Piccolo. Based on a random byte fault model, our attack can recover the secret key of Piccolo-80 by using an exhaustive search of 2^{24} and six random byte fault injections on average. It can be simulated on a general PC within a few seconds. In the case of Piccolo-128, we require an exhaustive search of 2^{40} and eight random byte fault injections on average. This attack can be simulated on a general PC within one day. These results are the first known side-channel attack results on them.

12:17 [Pub][ePrint] An Algebraic Fault Attack on the LED Block Cipher, by Philipp Jovanovic and Martin Kreuzer and Ilia Polian

  In this paper we propose an attack on block ciphers where we combine techniques derived from algebraic and fault based cryptanalysis. The recently introduced block cipher LED serves us as a target for our attack. We show how to construct an algebraic representation of the encryption map and how to cast the side channel information gained from a fault injection into polynomial form. The resulting polynomial system is converted into a logical formula in conjunctive normal form and handed over to a SAT solver for reconstruction of the secret key. Following this approach we were able to mount a new, successful attack on the version of LED that uses a 64-bit secret key, requiring only a single fault injection.

12:17 [Pub][ePrint] An All-In-One Approach to Differential Cryptanalysis for Small Block Ciphers, by Martin Albrecht and Gregor Leander

  We present a framework that unifies several standard differential techniques. This unified view allows us to consider many, potentially all, output differences for a given input difference and to combine the information derived from them in an optimal way. We then propose a new attack that implicitly mounts several standard, truncated, impossible, improbable and possible future variants of differential attacks in parallel and hence allows to significantly improve upon known differential attacks using the same input difference. To demonstrate the viability of our techniques, we apply them to KATAN-32. In particular, our attack allows us to break 115 rounds of KATAN-32, which is 37 rounds more than previous work. For this, our attack exploits the non-uniformity of the difference distribution after 91 rounds which is 20 rounds more than the previously best known differential characteristic.

Since our results still cover less than 1/2 of the cipher, they further strengthen our confidence in KATAN-32\'s resistance against differential attacks.

00:17 [Pub][ePrint] A Certificateless Multiple-key Agreement Protocol Based on Bilinear Pairings, by Mohammad Sabzinejad Farash and Mahmoud Ahmadian Attari and Majid Bayat

  Certificateless cryptosystems were proposed by Al-Riyami and Paterson in 2003 [1] to solve problems of public key cryptosystems based on PKI and based on identity. Up to now, various types of certificateless cryptographic primitives as encryption functions, signature schemes, key agreement protocols and etc, have been designed. But to the best of our knowledge, multiple-key agreement protocols have not been proposed based on certificateless cryptosystem yet. So in this paper we propose a certificateless authenticated multiple-key agreement protocol with bilinear pairings.

21:17 [Pub][ePrint] ID Based Signcryption Scheme in Standard Model, by S. Sharmila Deva Selvi and S. Sree Vivek and Dhinakaran Vinayagamurthy and C. Pandu Rangan

  Designing an ID based signcryption scheme in the standard model is among the most interesting and important problems in cryptography. However, all the existing systems in the ID based setting, in the standard model, do not have either the unforgeability property or the indistinguishability property or both of them. In this paper, we present the first provably secure ID based signcryption scheme in the standard model with both these properties. The unforgeability property of this scheme is based on the hardness of Computational Diffie-Hellman problem and the indistinguishability property of this scheme is based on the hardness of Decisional Bilinear Diffie-Hellman problem. Our scheme is strongly unforgeable in the strong attack mode called insider security. Moreover, our scheme possess an interesting property called public verifiability of the ciphertext. Our scheme integrates cleverly, a modified version of Waters\' IBE and a suitably modified version of the ID based signature scheme in the standard model proposed by Paterson et al. However, our security reductions are more efficient. Specifically, while the security reductions for indistinguishability is similar to the bounds of Waters\' scheme, the unforgeability reductions are way better than the bounds for Paterson et al.\'s scheme.

06:17 [Pub][ePrint] Analysis and Construction of Efficient RFID Authentication Protocol with Backward Privacy, by Shaohui Wang,Sujuan Liu,Danwei Chen

  Privacy of RFID systems is receiving increasing attentions in the

RFID community and an important issue required as to the security of RFID system. Backward privacy means the adversary can not trace the tag later even if he reveals the internal states of the tag sometimes before. In this paper, we analyze two recently proposed RFID authentication schemes: Randomized GPS and Randomized Hashed GPS scheme. We show both of them can not provide backward privacy in Juels and Weis privacy model, which allows the adversary to know whether the reader authenticates the tag successfully or not. In addition, we present a new protocol, called Challenge-Hiding GPS, based on the Schnorr identification scheme. The challenge is hidden from the eavesdropping through the technique of Diffie-Hellman key agreement protocol. The new protocol can satisfy backward privacy, and it has less communication overheads and almost the same computation, compared with the two schemes analyzed.

18:17 [Event][New] ICDIPC: 3rd Inter. Conf. on Digital Information Processing & Communications

  Submission: 15 December 2012
Notification: 1 January 2013
From January 30 to February 1
Location: Dubai, United Arab Emirates
More Information:

08:35 [Event][New] Inscrypt 2012: The 8th China International Conference on Information Security and Cryptology

  Submission: 20 August 2012
Notification: 20 August 2012
From November 28 to December 1
Location: Beijing, China
More Information:

08:35 [Event][New] Inscrypt'2012: The 8th China International Conference on Information Security and Cryptology

  Submission: 20 August 2012
Notification: 20 August 2012
From November 28 to December 1
Location: Beijing, China
More Information: