International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-07-13
06:17 [Pub][ePrint] Full Domain Hash from (Leveled) Multilinear Maps and Identity-Based Aggregate Signatures, by Susan Hohenberger and Amit Sahai and Brent Waters

  In this work, we explore building constructions with full domain hash structure, but with standard model proofs that do not employ the random oracle heuristic. The launching point for our results will be the utilization of a ``leveled\'\' multilinear map setting for which Garg, Gentry, and Halevi (GGH) recently gave an approximate candidate. Our first step is the creation of a standard model signature scheme that exhibits the structure of the Boneh, Lynn and Shacham signatures. In particular, this gives us a signature that admits unrestricted aggregation.

We build on this result to offer the first *identity-based* aggregate signature scheme that admits unrestricted aggregation. In our construction, an arbitrary-sized set of signatures on identity/message pairs can be aggregated into a single group element, which authenticates the entire set. The identity-based setting has important advantages over regular aggregate signatures in that it eliminates the considerable burden of having to store, retrieve or verify a set of verification keys, and minimizes the total cryptographic overhead that must be attached to a set of signer/message pairs. While identity-based signatures are trivial to achieve, their aggregate counterparts are not. To the best of our knowledge, no prior candidate for realizing unrestricted identity-based aggregate signatures exists in either the standard or random oracle models.

A key technical idea underlying these results is the realization of a hash function with a Naor-Reingold-type structure that is publicly computable using repeated application of the multilinear map. We present our results in a generic ``leveled\'\' multilinear map setting and then show how they can be translated to the GGH graded algebras analogue of multilinear maps.



06:17 [Pub][ePrint] Efficient Cryptosystems From $2^k$-th Power Residue Symbols, by Marc Joye and Benoit Libert

  Goldwasser and Micali (1984) highlighted the importance of randomizing the plaintext for public-key encryption and introduced the notion of semantic security. They also realized a cryptosystem meeting this security notion under the standard complexity assumption of deciding quadratic residuosity modulo a composite number. The Goldwasser-Micali cryptosystem is simple and elegant but is quite wasteful in bandwidth when encrypting large messages. A number of works followed to address this issue and proposed various modifications. This paper revisits the original Goldwasser-Micali cryptosystem using 2^k-th power residue symbols. The so-obtained cryptosystems appear as a very natural generalization for k >= 2 (the case k = 1 corresponds exactly to the Goldwasser-Micali cryptosystem). Advantageously, they are efficient in both bandwidth and speed; in particular,they allow for fast decryption. Further, the cryptosystems described in this paper inherit the useful features of the original cryptosystem (like its homomorphic property) and are shown to be secure under a similar complexity assumption. As a prominent application, this paper describes an efficient lossy trapdoor function based thereon.





2013-07-09
21:17 [Pub][ePrint] Practical-Time Attacks Against Reduced Variants of MISTY1, by Orr Dunkelman and Nathan Keller

  MISTY1 is a block cipher designed by Matsui in 1997. It is widely deployed in Japan where it is an e-government standard, and is recognized internationally as a NESSIE-recommended cipher as well as

an ISO standard and an RFC. Moreover, MISTY1 was selected to be the blueprint on top of which KASUMI, the GSM/3G block cipher, was based. Since its introduction, and especially in recent years, MISTY1 was subjected to extensive cryptanalytic efforts, which resulted in numerous attacks on its reduced variants. Most of these attacks aimed at maximizing the number of attacked rounds, and as a result, their complexities are highly impractical.

In this paper we pursue another direction, by focusing on attacks with a practical time complexity. The best previously-known attacks with practical complexity against MISTY1 could break either 4 rounds (out of 8), or 5 rounds in a modified variant in which some of the FL functions are removed. We present an attack on 5-round MISTY1 with all the FL functions present whose time complexity is 2^38 encryptions. When the FL functions are removed, we present a devastating (and experimentally verified) related-key attack on the full 8-round variant, requiring only 2^18 data and time.

While our attacks clearly do not compromise the security of the full

MISTY1, they expose several weaknesses in MISTY1\'s components, and

improve our understanding of its security. Moreover, future designs which rely on MISTY1 as their base, should take these issues into close consideration.



10:18 [Job][New] Scientific Assistant (m/f, E13 TV-G-U), Deutsche Telekom Chair, Goethe University Frankfurt, Germany, EEA

  The Deutsche Telekom Chair of Mobile Business & Multilateral Security at Goethe University Frankfurt offers a position of a Scientific Assistant (m/f, E13 TV-G-U). To strengthen our team we are looking for a committed, creative and flexible PhD candidate (male/female) with advanced professional knowledge in Information Technology and interest in the current development in business informatics.

We are looking for people with advanced knowledge and special skills in at least three of the following areas:

- Network and System Security

- Privacy-Enhancing Technologies and data protection

- Identity Management

- Mobile Platforms, Smartcards and Trusted Computing

- Mobile Application Development (e.g. in Android, etc.)

- Cryptography

- Programming languages and experiences in software projects

- Administration skills in different platforms (e.g. UNIX, Linux, Windows)

- Web technologies and development

- Project management

The position is available immediately and has a fixed-term of 3 years with an extension option.

Deadline for applications: 2013-07-31

Contact for applications: Prof. Dr. Kai Rannenberg, bewerbungen(at)m-chair(dot)net

Documents recommended to be submitted: personal statement of purpose, current resume, official references, list of publications, official test scores

More Information: http://www.m-chair.net/wps/wse/home/rannenberg/career/

09:33 [Job][Update] Assistant/Associate Professors, University of Washington Tacoma, USA

  The Institute of Technology at the University of Washington Tacoma is seeking applications for five full-time, tenure-track Associate/Assistant Professor positions for the Computer Science and Systems program and the Information Technology and Systems program. A Ph.D. or foreign equivalent in Computer Science, Information Technology, Information Systems or related field is required. Applicants should have experience in teaching and in externally-funded research. Our priority areas for research are (1) information assurance and cybersecurity – 2 positions, (2) data analytics – AI/intelligent systems, (3) CS theory/algorithms, and (4) spatial data/GIS; other areas will also be considered, especially if they are related to needs of the other Institute of Technology programs. Successful candidates will have demonstrated experience or promise for strong potential in research (as evidenced by publications). Evidence of potential to build strong relationships with partners in the technology industry and in developing collaborative research programs is highly desirable.

Applications should be submitted electronically to https://secure.interfolio.com/apply/21679 and include (1) a cover letter describing academic qualifications and experience for this position, (2) a statement of the candidate’s research program, (3) a list of publications, (4) a description of teaching philosophy, including a list of courses the candidate is qualified to teach, (5) evidence of teaching effectiveness, (6) a curriculum vitae, and (7) at least three letters of reference. Screening of applications will begin on October 15, 2013, and will continue until the positions are filled. Salary is competitive and will be commensurate with experience and qualifications.

09:32 [Event][New] VizSec '13: 10th Visualization for Cyber Security Workshop

  Submission: 22 July 2013
Notification: 23 August 2013
From October 14 to October 14
Location: Atlanta, United States
More Information: http://www.vizsec.org/


09:31 [Event][New] DIPECC2013: The International Conference on Digital Information Processing, E-Business

  Submission: 1 September 2013
Notification: 15 September 2013
From October 23 to October 25
Location: Dubai, United Arab Emirates
More Information: http://sdiwc.net/conferences/2013/dipecc2013/




2013-07-07
17:43 [Job][New] Fully Funded PhD Student, Université Paris II Panthéon-Assas, PRES Sorbonne Universités, France, European Union

  We are seeking for candidates for four funded theses.

The candidates will work on the following topics:

Thesis 1 - Faut and side-channel attacks.

Thesis 2 - Formal proofs of hardware and software implementations.

Thesis 3 - Lightweight cryptography (theory and practice).

Thesis 4 - Embedded equipment securit.

Due to employment visa constraints, the candidates must be of EU citizenship or Swiss.

The candidate will be based in the Paris area with access to very advanced laboratory equipment.



2013-07-05
18:17 [Pub][ePrint] Security of the Misty Structure Beyond the Birthday Bound, by Jooyoung Lee

  In this paper, we first prove beyond-birthyday-bound security for the Misty structure. Specifically, we show that an $r$-round Misty structure is secure against CCA attacks up to $O(2^{\\frac{rn}{r+7}})$ query complexity, where $n$ is the size of each round permutation. So for any $\\epsilon>0$, a sufficient number of rounds would guarantee the security of the Misty structure up to $2^{n(1-\\epsilon)}$ query complexity.



09:01 [Job][New] Post-Doc in System Security, University of Twente, The Netherlands

  The Centre for Telematics and Information Technology (CTIT) at the University of Twente invites applications for a Post-Doc position in system security with a strong focus on security of industrial control and SCADA systems.

We search for a candidate with a strong background in practical system level security. The candidate is expected to support supervision of PhD students, contribute to our on-going projects, and also contribute to future project proposals to strengthen our research profile. Our group is member of multiple national and European research projects with strong links to industry. One example is the currently ongoing CRISALIS FP7 project (http://www.crisalisproject.eu/).

Successful candidates must hold a PhD degree in computer science or a closely related discipline and have demonstrated their excellence by top-class publications.

Please submit your application via the link provided below including:

  • motivation letter specifically addressing our position,

  • full curriculum vitae including a list of all courses and marks,

  • publication list incl. a one-page summary of your PhD thesis,

  • two recommendation letters (or alternatively the names and email addresses of two references).

The position will be closed as soon as a suitable candidate is found.



2013-07-03
17:22 [Event][New] WAMPC: Workshop on Applied Multi-Party Computation

  Submission: 15 November 2013
From February 20 to February 21
Location: Redmond, USA
More Information: http://research.microsoft.com/en-us/events/mpcworkshop/