International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2012-10-02
15:17 [Pub][ePrint] Aggregating CL-Signatures Revisited: Extended Functionality and Better Efficiency, by Kwangsu Lee and Dong Hoon Lee and Moti Yung

  Aggregate signature is public-key signature that allows anyone to aggregate different signatures generated by different signers on different messages into a short aggregate signature. Although aggregate signatures have many applications like secure routing protocols and software module authentications, it is not easy to devise a suitable aggregate signature scheme that satisfies the conditions of real applications such that the size of public keys should be short, the size of aggregate signatures should be short, and the aggregate signing and aggregate verification should be efficient.

In this paper, we propose two aggregate signature schemes based on the Camenisch-Lysyanskaya signature scheme that sufficiently satisfy the conditions of real applications. At first, we construct an efficient sequential aggregate signature scheme and prove its security under the LRSW assumption without random oracles. The proposed scheme has the shortest size of public keys among the sequential aggregate signature schemes and very short size of aggregate signatures. Additionally, the aggregate verification of this scheme is very efficient since it only requires constant number of pairing operations and $l$ number of exponentiations where $l$ is the number of signers in an aggregate signature. Next, we construct an efficient synchronized aggregate signature scheme and prove its security under the LRSW assumption in the random oracle model. The proposed scheme has very short size of public keys and the shortest size of aggregate signatures among the synchronized aggregate signature schemes. The signing and aggregate verification is also very efficient since these requires constant number of pairing operations and $l$ number of exponentiations.

Furthermore, a signer of our aggregate signature schemes can use two mode of aggregation ``sequential\'\' and ``synchronized\'\' at the same time just using the same private key and the public key since the private keys and the public keys of two schemes are the same.



14:26 [Job][New] Postdoc, EPFL, Lausanne, Switzerland

  The Laboratory for Security and Cryptography (LASEC) at EPFL is hiring a post doctoral researcher. Applicants are encouraged to apply to job_lasec (at) epfl.ch by sending a detailed CV and a research plan.

LASEC is active in research on cryptography and security. More specifically, our main interests span (but are not limited to) the following:

  • Cryptographic analysis

  • Design of cryptographic algorithms and protocols

  • Lightweight cryptography

  • Secure communication

  • Wireless security

  • Composability and setup assumptions

  • Methodology and theory for cryptography

  • Number theory and cryptography.

The selection of applicants will be made on a competitive basis.

Besides conducting top-quality research, postdocs are required to participate the the lab activities such as training students at all levels, running projects, fund raising, etc.

EPFL is a top-ranked research and teaching institution that attracts some of the best intellects in the world. EPFL offers excellent facilities, environment, and salaries. The EPFL campus is a multi cultural, idyllic spot overlooking Lake Geneva and facing the Alps.

14:26 [Job][New] PhD student, EPFL, Lausanne, Switzerland

  The Laboratory for Security and Cryptography (LASEC) and the Laboratory for Cryptologic Algorithms (LACAL) at EPFL are hiring PhD students for Fall 2013. Applicants are encouraged to apply to the EDIC doctoral school (the application deadline is January 15, 2013) and, in parallel, to notify us at job_lasec (at) epfl.ch.

LASEC and LACAL are active in research on cryptography and security. More specifically, our main interests span (but are not limited to) the following:

  • Efficient cryptologic calculations

  • Cryptographic analysis

  • Design of cryptographic algorithms and protocols

  • Lightweight cryptography

  • Secure communication

  • Wireless security

  • Composability and setup assumptions

  • Methodology and theory for cryptography

  • Number theory and cryptography.

The selection of applicants will be made on a competitive basis.

EPFL is a top-ranked research and teaching institution that attracts some of the best intellects in the world. EPFL offers excellent facilities, environment, and salaries. The EPFL campus is a multi cultural, idyllic spot overlooking Lake Geneva and facing the Alps.

09:05 [Event][New] ECRYPT II AES Day

  From October 18 to October 18
Location: Bruges, Belgium
More Information: https://www.cosic.esat.kuleuven.be/ecrypt/AESday/


07:01 [Job][Update] Tenure track Assistant Professor, Digital Security, Radboud University Nijmegen

  The Digital Security group at the Radboud University Nijmegen has a

vacancy for a full-time assistant professorship (Universitair Docent

UD in Dutch).

General information

Research in the group covers a range of topics including correctess

and security of software, smartcards and RFID, design and analysis of

security protocols, applied crypto, privacy and anonimity, quantum

logic and computing. Members of the group are also active in the

broader societal issues surrounding security & privacy, and regulary

carry out commercial contract research to apply and inspire high

quality academic research.

The group runs a joint Master programme in Computer Security in

collaboration with the universities of Twente and Eindhoven, named the

Kerckhoffs Institute (www.kerckhoffs-institute.org). In Nijmegen the

Institute for Computing and Information Sciences runs Bachelor and

Master courses in Computer Science (Informatica) and Information

Science (Informatiekunde).

For this position we are looking for the best candidate in the broader

field of security, who can be a good addition to the group and has

good synergy with ongoing research in the group, who is a team player,

and who can teach computer security to a broad range of students.



05:35 [Job][New] Post-doctoral Researcher, Queen’s University Belfast, Centre for Secure Information Technologies (CSIT), UK

  Applications are invited for a post-doctoral researcher to carry out research in the area of physical unclonable functions (PUFs) (new constructions, protocol design and implementations) and, in general, to contribute to the research activity of the Data Security Systems research group within the Centre for Secure Information Technology (CSIT: www.csit.qub.ac.uk) at Queen’s University Belfast.

Applicants must hold a 2.1 Honours Degree (or equivalent) in Electrical and Electronic Engineering/Computer Science/Mathematics or a related discipline and hold, or be about to obtain, a PhD in a relevant subject.

Further information and the application process are available at the University’s job vacancies website (see link below under Research Fellow, Ref: 12/102270)



05:35 [Job][New] Faculty Members, Indian Statistical Institute, Kolkata

  INDIAN STATISTICAL INSTITUTE

203 B. T. ROAD, KOLKATA - 7OO 108

The R. C. Bose Centre for Cryptology and Security at Indian Statistical Institute is looking for suitable candidates from Indian nationals in the following academic positions.

Essential Requirements:

Lecturers:

Lecturers are not part of the regular faculty cadre in the institute.

Appointment at this level may be made as Lecturer-cum-Post Doctoral Fellow on contractual basis to enable bright young researchers with a Ph.D. degree to teach and earn experience in a premier institution.

Appointment of lecturers will be purely on temporary basis for a maximum period of 3 (three) years.

Assistant, Associate and Full Professors:

These are permanent positions. One should have a Ph.D. with first class or equivalent in the appropriate branch in the preceeding degrees with a very good academic record throughout and at least three, six and ten years (respectively) of industrial/research/teaching experience, excluding however, the experience gained while pursuing Ph.D.

The gross emolument in this position is approximately INR 80,000/-,

1,05,000/-, 1,20,000/- (respectively) per month at this point of time and it is expected to increase at a rate of 6% in each year.

This advertisement is primarily for candidates with strong background in the area of cryptology and data security. However, candidates with

background in computer science, mathematics, or statistics with interest in the area of cryptology and data security are also encouraged to apply.

Suitable relaxations may be granted for outstanding and reserved

(SC, ST, OBC, PH) candidates.

Interested candidates may send the resume by email to coec (at) isical.ac.in attached as a PDF file or by post to \\\"The Director, Indian Statistical Institute, 203 B T Road, Kolkata 700 108\\\". Documents, such as pre



2012-09-30
03:17 [Pub][ePrint] PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon (Extended Version), by Stefan Katzenbeisser, Ünal Kocabas, Vladimir Rozic, Ahmad-Reza Sadeg

  Physically Unclonable Functions~(PUFs) are an emerging technology and have been proposed as central building blocks in a variety of cryptographic protocols and security architectures. However, the security features of PUFs are still under investigation: Evaluation results in the literature are difficult to compare due to varying test conditions, different analysis methods and the fact that representative data sets are publicly unavailable.

In this paper, we present the first large-scale security analysis of ASIC implementations of the five most popular intrinsic electronic PUF types, including arbiter, ring oscillator, SRAM, flip-flop and latch PUFs. Our analysis is based on PUF data obtained at different operating conditions from $96$ ASICs housing multiple PUF instances, which have been manufactured in TSMC 65nm CMOS technology. In this context, we present an evaluation methodology and quantify the robustness and unpredictability properties of PUFs. Since all PUFs have been implemented in the same ASIC and analyzed with the same evaluation methodology, our results allow for the first time a fair comparison of their properties.



03:17 [Pub][ePrint] Domain-Specific Pseudonymous Signatures for the German Identity Card, by Jens Bender and Özgür Dagdelen and Marc Fischlin and Dennis Kügler

  The restricted identication protocol for the new German identity card basically provides a method to use pseudonyms such that they can be linked by individual service providers, but not across different service providers (even not malicious ones). The protocol can be augmented to allow also for signatures under the pseudonyms. In this paper, we thus view---and define---this idea more abstractly as

a new cryptographic signature primitive with some form of anonymity, and use the term domain-specific pseudonymous signatures. We then analyze the restricted identication solutions in terms of the formal

security requirements.



03:17 [Pub][ePrint] Plaintext Awareness in Identity-Based Key Encapsulation, by Mark Manulis and Bertram Poettering and Douglas Stebila

  The notion of plaintext awareness (PA) has many applications in public key cryptography: it offers unique, stand-alone security guarantees for public key encryption schemes, has been used as a sufficient condition for proving indistinguishability against adaptive chosen ciphertext attacks (INDCCA), and can be used to construct privacy-preserving protocols such as deniable authentication. Unlike many other security notions, plaintext awareness is very fragile when it comes to differences between the random oracle and standard models; for example, many implications involving PA in the random oracle model are not valid in the standard model and vice versa. Similarly, strategies for proving PA of schemes in one model cannot be adapted to the other model. Existing research addresses PA in detail only in the public key setting.

This paper gives the first formal exploration of plaintext awareness in the identity-based setting and, as initial work, proceeds in the random oracle model. The focus is laid mainly on identity-based key encapsulation mechanisms (IB-KEMs), for which the paper presents the first definitions of plaintext awareness, highlights the role of PA in proof strategies of INDCCA security, and explores relationships between PA and other security properties.

On the practical side, our work offers the first, highly efficient, general approach for building IB-KEMs that are simultaneously plaintext-aware and INDCCA-secure. Our construction is inspired by the Fujisaki-Okamoto (FO) transform, but demands weaker and more natural properties of its building blocks. This result comes from a new look at the notion of gamma-uniformity that was inherent in the original FO transform. We show that for IB-KEMs (and PK-KEMs) this assumption can be replaced with a weaker computational notion, which is in fact implied by one-wayness. Finally, we give the first concrete IB-KEM scheme that is PA and INDCCA-secure by applying our construction to a popular IB-KEM and optimizing it for better performance.



03:17 [Pub][ePrint] Computational Soundness of Coinductive Symbolic Security under Active Attacks, by Mohammad Hajiabadi, Bruce M. Kapron

  In Eurocrypt 2010, Miccinacio initiated an investigation of cryptographically sound, symbolic security analysis with respect to coinductive adversarial knowledge, and demonstrated that under an adversarially passive model, certain security criteria (e.g. indistinguishability) may be given a computationally sound symbolic characterization, without the assumption of key acyclicity. Left open in his work was the fundamental question of ``the viability of extending the coinductive approach to prove computational soundness results in the presence of active adversaries.\'\' In this paper we make some initial steps toward answering this question in the affirmative with respect to an extension of a trace-based security model (proposed by Micciancio and Warinschi in TCC 2004) including asymmetric and symmetric encryption; in particular we prove that a random computational trace can be soundly abstracted by a coinductive symbolic trace with overwhelming probability, provided that both the underlying encryption schemes provide IND-CCA2 security (plus {ciphertext integrity} for the symmetric scheme), and that the diameter of the underlying coinductively-hidden subgraph is constant in every symbolic trace. This result holds even if the protocol allows arbitrarily nested applications of symmetric/asymmetric encryption, unrestricted transmission of symmetric keys, and adversaries who adaptively corrupt users, along with other forms of active attack.

As part of our proof, we formulate a game-based definition of encryption security allowing adaptive corruptions of keys and certain forms of adaptive key-dependent plaintext attack, along with other common forms of CCA2 attack. We prove that (with assumptions similar to above,) security under this game is implied by IND-CCA2 security. This also characterizes a provably benign form of cyclic encryption which can be achieved under standard notions of encryption security, which may be of independent interest.