International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-03-07
19:17 [Pub][ePrint] Yet Another Attack On the Chinese Remainder Theorem Based Hierarchical Access Control Scheme, by Niu Liu and Shaohua Tang and Lingling Xu

  The hierarchical access control scheme based on Chinese Reminder

Theorem [49] (CRTHACS) was supposed to be capable of hiding

hierarchical structure, but Geiselmann et al. [18] showed practical attacks on CRTHACS to reveal the hierarchies it hides. Then, Zou et al. modified it, and gave a new CRTHACS [50] to resist those attacks. Nevertheless, we find that the modified version is still defective if it permits changes of structure, i.e. the scheme works in a dynamic scenario. In this paper, we describe our attack on the modified version of CRTHACS. We extend the description of the CRTHACS in a more proper form making it easier for us to look into the problem it has. We find the key character of the vulnerability which we name as double-invariance. We generalize our attack in an algebraic form and apply it to a series of hierarchical cryptographic

access control schemes that share the same vulnerability with CRTHACS. We also give the countermeasure to fix this vulnerability.



19:17 [Pub][ePrint] New Lattice Based Signature Using The Jordan Normal Form, by Hemlata Nagesh and Birendra Kumar Sharma

  In this paper it is shown that the use of Jordan normal form instead of

Hermite normal form would improve substantially the efficiency and the security

of the lattice based signature scheme. In this scheme we also use a new

hash function in such a way that the efficiency improved is obtain without

decreasing the security of the function.



19:17 [Pub][ePrint] Hardcore Predicates for a Diffie-Hellman Problem over Finite Fields, by Nelly Fazio and Rosario Gennaro and Irippuge Milinda Perera and William E. Wkeith III

  A long-standing open problem in cryptography is proving the existence of (deterministic) hard-core predicates for the Diffie-Hellman problem defined over finite fields. In this paper we make progress on this problem by defining a very natural variation of the Diffie-Hellman problem over $\\mathbb{F}_{p^2}$ and proving the unpredictability of every single bit of one of the coordinates of the secret DH value.

To achieve our result we modify an idea presented at CRYPTO\'01 by Boneh and Shparlinski [4] originally developed to prove that the LSB of the Elliptic Curve Diffie-Hellman problem is hard. We extend this idea in two novel ways:

1. We generalize it to the case of finite fields $\\mathbb{F}{p^2}$;

2. We prove that any bit, not just the LSB, is hard using the list decoding techniques of

Akavia et al. [1] (FOCS\'03) as generalized at CRYPTO\'12 by Duc and Jetchev [6].

In the process we prove several other interesting results:

- Our result hold also for a larger class of predicates, called segment predicates in [1];

- We extend the result of Boneh and Shparlinski to prove that every bit (and every segment predicate) of the Elliptic Curve Diffie-Hellman problem is hard-core;

- We define the notion of partial one-way function over finite fields $\\mathbb{F}{p^2}$ and prove that every bit (and every segment predicate) of one of the input coordinate for these functions is hard-core.



19:17 [Pub][ePrint] An MQ/Code Cryptosystem Proposal, by Leonard J. Schulman

  We describe a new trap-door (and PKC) proposal. The proposal is ``multivariate quadratic\'\' (relies on the hardness of solving systems of quadratic equations); it is also code-based, and uses the code-scrambling technique of McEliece (1978). However, in the new proposal, the error-correcting code is not revealed in the public key, which protects against the leading attacks on McEliece\'s method.



16:17 [Pub][ePrint] Attribute-Based Encryption for Circuits from Multilinear Maps, by Sanjam Garg and Craig Gentry and Shai Halevi and Amit Sahai and Brent Waters

  In this work, we provide the first construction of Attribute-Based

Encryption (ABE) for general circuits. Our construction is based on

the existence of multilinear maps. We prove selective security of

our scheme in the standard model under the natural multilinear

generalization of the BDDH assumption. Our scheme achieves both

Key-Policy and Ciphertext-Policy variants of ABE.

Our scheme and its proof of security directly translate to the recent multilinear map

framework of Garg, Gentry, and Halevi.

This paper is the result of a merge of the works of Garg, Genry, and Halevi and of Sahai and Waters,

and subsumes both these works.



16:17 [Pub][ePrint] An Ideal-Security Protocol for Order-Preserving Encoding, by Raluca Ada Popa and Frank H. Li and Nickolai Zeldovich

  Order-preserving encryption - an encryption scheme where the sort order of ciphertexts matches the sort order of the corresponding plaintexts - allows databases and other applications to process queries involving order over encrypted data efficiently. The ideal security guarantee for order-preserving encryption put forth in the literature is for the ciphertexts to reveal no information about the plaintexts besides order. Even though more than a dozen schemes were proposed, all these schemes leak more information than order.

This paper presents the first order-preserving scheme that achieves ideal security. Our main technique is mutable cipher- texts, meaning that over time, the ciphertexts for a small number of plaintext values change, and we prove that mutable ciphertexts are needed for ideal security. Our resulting protocol is interactive, with a small number of interactions.

We implemented our scheme and evaluated it on microbenchmarks and in the context of an encrypted MySQL database application. We show that in addition to providing ideal security, our scheme achieves 1-2 orders of magnitude higher performance than the state-of-the-art order-preserving encryption scheme, which is less secure than our scheme.





2013-03-06
19:51 [Event][New] SeCIHD'13: 3rd Inter. Work. on Security and Cognitive Informatics for Homeland Defense

  Submission: 15 April 2013
Notification: 20 May 2013
From September 2 to September 6
Location: Regensburg, Germany, Germany
More Information: http://isyou.info/conf/secihd13/


19:51 [Event][New] RFIDsec'13 Asia: The 2013 Workshop on RFID and IoT Security

  Submission: 1 July 2013
Notification: 12 August 2013
From November 27 to November 27
Location: Guangzhou, China
More Information: http://www.inscrypt.cn/2013/Inscrypt_2013/CFP-RFIDsecAsia.htm


19:50 [Event][New] ICITS 2013: The 7th International Conference on Information Theoretic Security

  Submission: 5 July 2013
Notification: 30 August 2013
From November 28 to November 30
Location: Singapore, Singapore
More Information: http://www.spms.ntu.edu.sg/mas/conference/icits2013/


00:07 [Job][New] Assistant Professor Position, Crypto Group - University of Versailles-St-Quentin-en-Yvelines (France)

  In view of its ongoing development, the crypto group of the University of Versailles St-Quentin-en-Yvelines (France) invites applications for the following full-time position.

A faculty position at the tenured Assistant Professor (\\\"Maître de Conférences\\\") level is open to highly qualified candidates who are committed to a career in research and teaching. Preference will be given to candidates with strong research achievements in one or several of the areas related to the general fields of cryptology and/or information security.

Responsibilities include research, supervision of undergraduates and graduate students, preparation and management of research projects, and teaching in various study programs.

IMPORTANT NOTE: A \\\"qualification aux fonctions de Maître de Conférences\\\" certificate from to the French \\\"Conseil National des Universités\\\" is usually required to apply. However candidates who already hold an Assistant Professor (or equivalent) position may be exempted from this certificate.

00:07 [Job][New] Post-Doc, University of Waterloo, Canada

  The Cryptography, Security, and Privacy (CrySP) research group at the University of Waterloo is seeking applications for a postdoctoral research position in the field of security and privacy for location-based or mobile systems and applications. This position will be held in the Cheriton School of Computer Science, and there will be the possibility for collaboration with Google Waterloo.

Applicants must hold a PhD in a related field and should have a convincing publication record.

The start date of the position is negotiable. The position may be for one or two years.

Applicants should submit a CV, a research plan, two or three selected papers, and the names and contact information of three references.