International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-09-23
03:17 [Pub][ePrint] Invariance-Based Concurrent Error Detection for Advanced Encryption Standard, by Xiaofei Guo and Ramesh Karri

  Naturally occurring and maliciously injected faults reduce the reliability of Advanced Encryption Standard (AES) and may leak confidential information. We developed an invariance-based concurrent error detection (CED) scheme which is independent of the implementation of AES encryption/decryption. Additionally, we improve the security of our scheme with Randomized CED Round Insertion and adaptive checking. Experimental results show that the invariance-based CED scheme detects all single-bit, all single-byte fault, and 99.99999997% of burst faults. The area and delay overheads of this scheme are compared with those of previously reported CED schemes on two Xilinx Virtex FPGAs. The hardware overhead is in the 13.2-27.3% range and the throughput is between 1.8-42.2Gbps depending on the AES architecture, FPGA family, and the detection latency. One can im-

plement our scheme in many ways; designers can trade off performance, reliability, and security according to the available resources.





2013-09-22
14:26 [Job][New] Assistant Professor (Lecturer, Senior Lecturer), Ariel University, Israel

  The Department of Electrical and Electronic Engineering at Ariel University (Israel) invites applications for a tenure-track Lecturer or Senior Lecturer (Assistant Professor) post to begin in 2014. Positions are full-time, tenure-track, with eligible benefits. The candidate will lead a new Cyber Security Program in association with the Center for Homeland Security at Ariel University.



2013-09-19
15:17 [Pub][ePrint] Efficient Pairings Computation on Jacobi Quartic Elliptic Curves, by Sylvain Duquesne, Nadia El Mrabet and Emmanuel Fouotsa

  This paper proposes the computation of the Tate pairing,

Ate pairing and its variations on the special Jacobi quartic elliptic curve

Y^2 = dX^4 +Z^4. We improve the doubling and addition steps in Miller\'s

algorithm to compute the Tate pairing. We use the birational equivalence

between Jacobi quartic curves and Weierstrass curves, together with a

specific point representation to obtain the best result to date among

curves with quartic twists. For the doubling and addition steps in Miller\'s

algorithm for the computation of the Tate pairing, we obtain a theoretical

gain up to 27% and 39%, depending on the embedding degree and the

extension field arithmetic, with respect to Weierstrass curves [2] and

previous results on Jacobi quartic curves [3]. Furthermore and for the

first time, we compute and implement Ate, twisted Ate and optimal

pairings on the Jacobi quartic curves. Our results are up to 27% more

ecient, comparatively to the case of Weierstrass curves with quartic

twists [2].



15:17 [Pub][ePrint] Fuming Acid and Cryptanalysis: Handy Tools for Overcoming a Digital Locking and Access Control System - Full Version, by Daehyun Strobel and Benedikt Driessen and Timo Kasper and Gregor Leander and Da

  We examine the widespread SimonsVoss digital locking system

3060 G2 that relies on an undisclosed, proprietary protocol to mutually authenticate transponders and locks. For assessing the security of the system, several tasks have to be performed: By decapsulating the used microcontrollers with acid and circumventing their read-out protection with UV-C light, the complete program code and data contained in door lock and transponder are extracted. As a second major step, the multi-pass challenge-response protocol and corresponding cryptographic primitives are recovered via low-level reverse-engineering. The primitives turn out to be based on DES in combination with a proprietary construction.

Our analysis pinpoints various security vulnerabilities that enable practical key-recovery attacks. We present two different approaches for unauthorizedly gaining access to installations. Firstly, an attacker having physical access to a door lock can extract a master key, allowing to mimic transponders, in altogether 30 minutes. A second, purely logical attack exploits an implementation flaw in the protocol and works solely via the wireless interface. As the only prerequisite, a valid ID of a transponder needs to be known (or guessed). After executing a few (partial) protocol runs in the vicinity of a door lock, and some seconds of computation, an adversary obtains all of the transponder\'s access rights.



15:17 [Pub][ePrint] Factoring RSA keys from certified smart cards: Coppersmith in the wild, by Daniel J. Bernstein and Yun-An Chang and Chen-Mou Cheng and Li-Ping Chou and Nadia Heninger and Tanja Lange and Nicko van Som

  An attacker can efficiently factor at least 184 distinct 1024-bit RSA keys from Taiwan\'s national \"Citizen Digital Certificate\" database. The big story here is that these keys were generated by government-issued smart cards that were certified secure. The certificates had all the usual buzzwords: FIPS certification from NIST (U.S. government) and CSE (Canadian government), and Common Criteria certification from BSI (German government).

These 184 keys include 103 keys that share primes and that are efficiently factored by a batch-GCD computation. This is the same type of computation that was used last year by two independent teams (USENIX Security 2012: Heninger, Durumeric, Wustrow, Halderman; Crypto 2012: Lenstra, Hughes, Augier, Bos, Kleinjung, Wachter) to factor tens of thousands of cryptographic keys on the Internet.

The remaining 81 keys do not share primes. Factoring these 81 keys requires taking deeper advantage of randomness-generation failures: first using the shared primes as a springboard to characterize the failures, and then using Coppersmith-type partial-key-recovery attacks. This is the first successful public application of Coppersmith-type attacks to keys found in the wild.



15:17 [Pub][ePrint] Improved Cryptanalysis of Reduced RIPEMD-160, by Florian Mendel and Thomas Peyrin and Martin Schläffer and Lei Wang and Shuang Wu

  In this article, we propose an improved cryptanalysis of the double-branch hash function standard RIPEMD-160. Using a carefully designed non-linear path search tool, we study the potential differential paths that can be constructed from a difference in a single message word and show that some of these message words can lead to very good differential path candidates. Leveraging the recent freedom degree utilization technique from Landelle and Peyrin to merge two branch instances, we eventually manage to obtain a semi-free-start collision attack for 42 steps of the RIPEMD-160 compression function, while the previously best know result reached 36 steps. In addition, we also describe a 36-step semi-free-start collision attack which starts from the first step.



15:17 [Pub][ePrint] Two-round secure MPC from Indistinguishability Obfuscation, by Sanjam Garg and Craig Gentry and Shai Halevi and Mariana Raykova

  One fundamental complexity measure of an MPC protocol is its {\\em round complexity}. Asharov et al. recently constructed the first three-round protocol for general MPC in the CRS model. Here, we show how to achieve this result with only two rounds. We obtain UC security with abort against static malicious adversaries, and fairness if there is an honest majority. Additionally the communication in our protocol is only proportional to the input and output size of the function being evaluated and independent of its circuit size. Our main tool is indistinguishability obfuscation, for which a candidate construction was recently proposed by Garg et al.

The technical tools that we develop in this work also imply virtual black box obfuscation of a new primitive that we call a \\emph{dynamic point function}. This primitive may be of independent interest.



15:17 [Pub][ePrint] On the Efficacy of Solving LWE by Reduction to Unique-SVP, by Martin R. Albrecht and Robert Fitzpatrick and Florian G ̈opfert

  We present a study of the concrete complexity of solving instances of the unique shortest vector problem (uSVP). In particular, we study the complexity of solving the Learning with Errors (LWE) problem by reducing the Bounded-Distance Decoding (BDD) problem to uSVP and attempting to solve such instances using the \'embedding\' approach. We experimentally derive a model for the success of the approach, compare to alternative methods and demonstrate that for the LWE instances considered in this work, reducing to uSVP and solving via embedding compares favorably to other approaches.





2013-09-18
22:03 [Job][New] Tenure-track Assistant Professors , Florida State University, Tallahassee, Florida, Southern USA

  The Department of Computer Science at the Florida State University invites applications for multiple tenure-track Assistant Professor positions to begin August 2014. Positions are 9-mo, full-time, tenure-track, and benefits eligible. Outstanding applicants with strengths in the areas of Big Data and Cyber Security are particularly encouraged to apply. Outstanding applicants specializing in other emerging research areas are also welcome to apply. Applicants should hold a PhD in Computer Science or closely related field, and have excellent research and teaching accomplishments or potential. The department offers degrees at the BS, MS, and PhD levels. The department is an NSA/DHS Center of Academic Excellence in Information Assurance Education (CAE-IAE) and Research (CAE-R).

FSU is classified as a Carnegie Research I university. Its primary role is to serve as a center for advanced graduate and professional studies while emphasizing research and providing excellence in undergraduate education.

Screening will begin January 1, 2014 and will continue until the position is filled. Please apply online with curriculum vitae, statements of teaching and research philosophy, and the names of five references, at

http://www.cs.fsu.edu/positions/apply.html

Questions can be e-mailed to Prof. Mike Burmester, Faculty Search Committee Chair, recruitment (at) cs.fsu.edu or to Prof. Robert van Engelen, Department Chair, chair (at) cs.fsu.edu.

The Florida State University is a Public Records Agency and an Equal Opportunity/Access/Affirmative Action employer, committed to diversity in hiring.

13:32 [Job][New] Ph.D./Post-Docs, University of Haifa, Israel

  I am looking for a few excellent Ph.D. candidates (preferably with proven research capabilities) and post-docs in cryptography (mostly cryptanalysis of symmetric-key primitives), privacy (privacy of biometric databases/schemes) and computer security.

13:32 [Job][New] MSc Student, University of Warsaw, Poland, European Union

  An MSc position in the area of cryptography in the Cryptography and Data Security Group at the Department of Mathematics, Informatics and Mechanics at University of Warsaw is available. The position is supported by the EU FNP Welcome Grant \\\"Cryptographic Protocols Provably-Secure Against Physical Attacks\\\". This project is about the design of cryptographic schemes that are provably-secure against physical attacks, such as side-channel leakages, tampering, or malware intrusion. We offer excellent networking and training opportunities, including participation in international workshops and conferences.

Job profile: All candidates with background in theoretical computer science and mathematics are encouraged to apply and will be carefully considered. Knowledge of Polish is not required, but a good knowledge of English is essential.

Successful candidates can start from 10.2013. Funding is available until 5.2015 (extensions are possible depending on the funding availability)