Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via
To receive your credentials via mail again, please click here.
You can also access the full news archive.
field $GF(2^m)$ generated with an irreducible all-one polynomial.
Redundant representation is used to reduce the time delay of the
proposed multiplier, while a three-term Karatsuba-like formula is
combined with this representation to decrease the space complexity.
As a result, the proposed multiplier requires about 10 percent fewer
AND/XOR gates than the most efficient bit-parallel multipliers using
an all-one polynomial, while it has almost the same time delay as
the previously proposed ones.
key bits in the diffusion path of round function.
This reminds us of the importance of the diffusion\'s relation between key schedule and round function.
We present new cryptanalysis results by exploring such diffusion relation and propose a new criterion for necessary key schedule diffusion.
We discuss potential attacks and summarize the causes for key schedules without satisfying this criterion.
One major cause is that overlapping between the diffusion of key schedule and round function leads to information leakage of key bits.
Finally, a measure to estimate our criterion for recursive key schedules is presented.
Today designing key schedule still lacks practical and necessary principles.
For a practical key schedule with limited diffusion, our work adds more insight to its requirements and helps to maximize the security level.
We propose two new game-based security models for KE protocols. First, we formalize a slightly stronger variant of the eCK security model that we call eCKw. Second, we integrate perfect forward secrecy into eCKw, which gives rise to the even stronger eCK-PFS model. We propose a security-strengthening transformation (i.e., a compiler) between our new models. Given a two-message Diffie-Hellman type protocol secure in eCKw, our transformation yields a two-message protocol that is secure in eCK-PFS. As an example, we show how our transformation can be applied to the NAXOS protocol.
variety of different cryptographic devices to reveal the imported
key. The attacks are padding oracle attacks, where error messages
resulting from incorrectly padded plaintexts are used as a side
channel. In the asymmetric encryption case, we modify and improve
Bleichenbacher\'s attack on RSA PKCS#1v1.5 padding, giving new
cryptanalysis that allows us to carry out the `million message
attack\' in a mean of 49 000 and median of 14 500 oracle calls in the
case of cracking an unknown valid ciphertext under a 1024 bit key
(the original algorithm takes a mean of 215 000 and a median of 163
000 in the same case). We show how implementation details of certain
devices admit an attack that requires only 9 400 operations on
average (3 800 median). For the symmetric case, we adapt Vaudenay\'s
CBC attack, which is already highly efficient. We demonstrate the
vulnerabilities on a number of commercially available cryptographic
devices, including security tokens, smartcards
and the Estonian electronic ID card. The attacks are
efficient enough to be practical: we give timing details for all
the devices found to be vulnerable, showing how our optimisations make a qualitative difference to the practicality of the attack.
We give mathematical analysis of the effectiveness of the attacks,
extensive empirical results, and a discussion of countermeasures and manufacturer reaction.
Ciphertext-Policy Attribute-based Encryption (CP-ABE) is a promising technique for access control of encrypted data. It requires a trusted authority manages all the attributes and distributes keys in the system. In cloud storage systems, there are multiple authorities co-exist and each authority is able to issue attributes independently.
However, existing CP-ABE schemes cannot be directly applied to the access control for multi-authority cloud storage systems, due to the inefficiency of decryption and revocation. In this paper, we propose DAC-MACS (Data Access Control for Multi-Authority Cloud Storage), an effective and secure data access control scheme with efficient decryption and revocation. Specifically, we construct a new multi-authority CP-ABE scheme with efficient decryption and also design an efficient attribute revocation method that can achieve both forward security and backward security. The analysis and the simulation results show that our DAC-MACS is highly efficient and provably secure under the security model.
Abstract Three time-memory tradeoff algorithms are compared in this paper. Specifically, the classical tradeoff algorithm by Hellman, the distinguished point tradeoff method, and the rainbow table method, in their non-perfect table versions, are treated. We show that, under parameters and assumptions that are typically considered in theoretic discussions of the tradeoff algorithms, the Hellman and distinguished point tradeoffs perform very close to each other and the rainbow table method performs somewhat better than the other two algorithms. Our method of comparison can easily be applied to other situations, where the conclusions could be different. The analysis of tradeoff efficiency presented in this paper does not ignore the effects of false alarms and also covers techniques for reducing storage, such as ending point truncations and index tables. Our comparison of algorithms fully takes into account success probabilities and precomputation efforts.
- Participate to the specification of the next generation security devices in collaboration with the design team, propose new security features
- Customer support for security and security promotion
- Support CC/EMV certification
- Attend & follow-up the smart card security related standard & organization (JHAS...)
- Survey and study the up-to-date attack/countermeasure techniques and the relevant result from crypto/security research communities
The successful candidates are expected to have expertise in one or more of the following areas:
- strong experience in smart card security and more generally embedded device security (SW or HW)
- security architecture specification
- security evaluation and the attack technologies including various side channel analysis attacks
- firmware design
- EMVco / Common Criteria certifications.
The candidates are preferred to work in South Korea but it is negotiable.
The application should include the current curriculum vitae.
Royal Holloway is located in Egham, in the convenient and attractive area between London Heathrow and Windsor Great Park.
Please apply at http://rhul.engageats.co.uk/ The screening of the candidates will begin on August 20th, and will continue until the positions are filled. Please email Dusko.Pavlovic (at) rhul.ac.uk for informal discussions about the posts. For inquiries about the application process please contact Claire.Hudson (at) rhul.ac.uk.