International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2014-02-18
15:48 [Job][New] Lecturer/Associate Professor/Researcher in Cryptology and Security, Hangzhou Normal University, China, Pacific Area

  The group for Cryptography and Network Security at Hangzhou Normal University, China chaired by Prof. Dr. Qi Xie is looking for two faculty members with strong crypto/security background. Candidates should have a PhD degree in mathematics, computer science, or related disciplines, be highly motivated with strong R&D capability and also a good team player, have good presentation and communication skills, be able to perform deep system-level investigations of security mechanisms. The candidates are expected to publish high-quality papers OR develop security-related projects. Any prior experience in e-health or WSN/VANETs security is certainly an asset..

Interested candidates please send CV to Shengbao Wang {shengbaowang (at) hznu.edu.cn}. The positions offer a competitive salary. All candidates will be contacted for further infomation.



2014-02-17
06:27 [Event][New] NSS 2014: The 8th International Conference on Network and System Security

  Submission: 8 April 2014
Notification: 10 June 2014
From October 15 to October 17
Location: Xi'an, China
More Information: http://anss.org.au/nss2014/index.htm




2014-02-16
22:17 [Pub][ePrint] Quantum position verification in the random oracle model, by Dominique Unruh

  We present a quantum position verification scheme in the random oracle model. In contrast to prior work, our scheme does not require bounded storage/retrieval/entanglement assumptions. We also give an efficient position-based authentication protocol. This enables secret and authenticated communication with an entity that is only identified by its position in space.



16:17 [Pub][ePrint] Halka: A Lightweight, Software Friendly Block Cipher Using Ultra-lightweight 8-bit S-box, by Sourav Das

  This paper presents the design of a lightweight, yet software friendly, block cipher. Most of the lightweight block ciphers are nibble-oriented as the implementation of a 4-bit S-box is much more compact than an 8-bit S-box. This paper uses a novel implementation of multiplicative inverse for 8-bit S-boxes using LFSR requiring only 138 gate-equivalent. With this powerful scheme, we design a lightweight block cipher competitive with existing standards in terms of hardware gate equivalent first time using an 8-bit S-box.



16:17 [Pub][ePrint] A Note on the CLRW2 Tweakable Block Cipher Construction, by Gordon Procter

  In this note, we describe an error in the proof for CLRW2 given by Landecker et al. in their paper at CRYPTO 2012 on the beyond-birthday-bound security for tweakable block ciphers.

We are able to resolve the issue, give a new bound for the security of CLRW2, and identify a potential limitation of this proof technique when looking to extend the scheme to provide asymptotic security.



16:17 [Pub][ePrint] Polynomial Time Attack on Wild McEliece Over Quadratic Extensions, by Alain Couvreur and Ayoub Otmani and Jean-Pierre Tillich

  We present a polynomial time structural attack against the McEliece system based on Wild Goppa codes from a quadratic finite field extension. This attack uses the fact that such codes can be distinguished from random codes to compute some filtration, that is to say a family of nested subcodes which will reveal their secret algebraic description.



16:17 [Pub][ePrint] Secure Compression: Theory \\& Practice, by James Kelley and Roberto Tamassia

  Encryption and compression are frequently used together in both network and storage systems, for example in TLS. Despite often being used together, there has not been a formal framework for analyzing these combined systems; moreover, the systems are usually just a simple chaining of compression followed by encryption. In this work, we present the first formal framework for proving security in combined compression-encryption schemes and relate it to the traditional notion of semantic security. We call this entropy-restricted semantic security. Additionally, we present a new, efficient cipher, called the squeeze cipher, that combines compression and encryption into a single primitive and provably achieves our entropy-restricted security.



16:17 [Pub][ePrint] Prover Anonymous and Deniable Distance-Bounding Authentication, by Sebastien Gambs and Cristina Onete and Jean-Marc Robert

  In distance-bounding authentication protocols, a verifier confirms that a prover is (1) legitimate and (2) in the verifier\'s proximity. Proximity checking is done by running time-critical exchanges between both parties. This enables the verifier to detect relay attacks (a.k.a. mafia fraud). While most distance-bounding protocols

offer resistance to mafia and distance fraud as well as to impersonation attacks, only few protect the privacy of the authenticating prover.

One exception is the protocol due to Hermans, Peeters, and Onete developed in 2013, which offers strong privacy guarantees with respect to a Man-in-the-Middle adversary. However, this protocol provides no privacy guarantees for the prover with respect to a malicious verifier, who can fully identify the prover. Having in

mind possible verifier corruption or data leakage from verifiers to a centralized server, we suggest that stronger privacy properties are needed.

In this paper, we propose an efficient distance-bounding protocol that gives strong prover privacy guarantees even with respect to the verifier or to a centralized back-end server, storing prover information and managing revocation and registration. Specifically, we formally model and define prover anonymity, a property guaranteeing that verifiers infer only the legitimacy of the prover but not his identity, and deniability, which ensures that the back-end server cannot distinguish prover behavior from malicious verifier behavior (i.e., provers can deny that they authenticated). Finally, we present an efficient protocol that achieves these strong guarantees, give exact bounds for each of its security properties, and prove these statements formally.



16:17 [Pub][ePrint] Comments on a novel user authentication and key agreement scheme, by Jia-Lun Tsai

  In 2013, Sun et al. showed that the related works\' authentication schemes proposed by [2-7] are vulnerable to an insider attack and fail to provide mutual authentication. These two attacks can be successfully plotted by an adversary, since the private key of the server can compute all the legal users\' private keys. They then proposed a new remote user authentication and key agreement scheme for the mobile client-server environment. However, we find that their scheme is still vulnerable to insider attack (Sun et al.) and how to avoid such an insider attack on the client-server environment is still an open problem.



16:17 [Pub][ePrint] Optimal Algebraic Manipulation Detection Codes, by Ronald Cramer and Carles Padr{\\\'o} and Chaoping Xing

  Algebraic manipulation detection (AMD) codes, introduced at EUROCRYPT 2008, may, in some sense, be viewed as {\\em keyless} combinatorial authentication codes that provide security in the presence of an {\\em oblivious}, {\\em algebraic} attacker.

Its original applications included robust fuzzy extractors, secure message transmission and robust secret sharing.

In recent years, however, a rather diverse array of additional applications in cryptography has emerged. In this paper we consider, for the first time, the regime of arbitrary positive constant error probability $\\epsilon$ in combination with unbounded cardinality $M$ of the message space. Adapting a known bound to this regime, it follows that the binary length $\\rho$ of the tag satisfies $\\rho\\geq \\log \\log M + \\Omega_{\\epsilon}(1)$. We shall call AMD codes meeting this lower bound {\\em optimal}. Known constructions, notably a construction based on dedicated polynomial evaluation codes, are a multiplicative factor~2 {\\em off} from being optimal. Bridging the gap to optimality efficiently turns out to be surprisingly nontrivial. Owing to our refinement of the mathematical perspective on AMD codes, which focuses on symmetries of codes, we propose novel constructive principles. This leads to an explicit construction of almost-optimal AMD codes and to an efficient randomized construction of optimal AMD codes, as we show in our main results. In all our results, the error probability $\\epsilon$ can be chosen as an arbitrarily small positive real number.



16:17 [Pub][ePrint] An Applicable Public-Key-Cryptosystem Based on NP-Complete Problems, by Bjoern Grohmann

  A new Public-Key-Cryptosystem is presented from which we think that it will survive against possible attacks by Quantum-Computers in the future. We analyse its performance and its expected security.