International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

09:00 [Job][Update] PhD Positions in Applied Cryptology, Worcester Polytechnic Institue, MA, USA

  The Vernam Group for Security and Privacy at WPI in Worcester, MA has open PhD positions in applied cryptology. In particular there are two openings in side channel analysis and leakage resilient implementation.

Candidates should have a Master’s degree in electronics, computer science or applied mathematics, with strong interest in algorithms and signal processing. Prior experience in side channel analysis and embedded software or hardware design is an asset.

We offer a competitive salary and an international cutting-edge research program in an attractive working environment. WPI is one of the highest-ranked technical colleges in the US. Located in the greater Boston area, it maintains close interaction with many of the nearby universities and companies.

05:47 [Job][New] Lecturer, Computer Engineering and Systems, University of Washington, Tacoma Washington USA

  The Institute of Technology at the University of Washington Tacoma has been undergoing unprecedented growth due to the high demand for its programs. We are seeking a highly motivated, full-time lecturer for its Computer Engineering and Systems program. This position requires a Master’s degree or higher or foreign equivalent in Computer Engineering or a closely related field. Commitment to high-quality teaching and excellent communication skills are also required. This is a 9-month renewable position with appointment terms of 1-5 years and begins on September 16, 2014. Candidates with experience in the industry, especially with embedded systems design are encouraged to apply. The successful candidate will have demonstrated capabilities teaching embedded and real-time systems, digital system design, or VLSI design. We seek individuals who have a balance of hardware and software teaching experience (MATLAB, Verilog, VHDL, C/C++). Currently the emphasis of the program is on embedded systems; however we anticipate developing additional tracks in the near future to accommodate the breadth of demand for our graduates.Applicants should include (1) a cover letter describing academic qualifications and professional experiences and how they specifically relate to the Computer Engineering and Systems curriculum, and previous activities mentoring minorities and/or advancing minorities, women, or members of other under-represented groups, (2) a description of teaching philosophy (including a list of courses the candidate is qualified to teach, refer to, (3) evidence of teaching effectiveness (4) a curriculum vitae, and (5) contact information for three references.

22:17 [Pub][ePrint] An Effective RC4 Stream Cipher, by T.D.B Weerasinghe

  RC4 is the most widely used stream cipher around. A lot of modifications of RC4 cipher can be seen in open literature. Most of them enhance the secrecy of the cipher and the security levels have been analyzed theoretically by using mathematics. In this paper, a new effective RC4 cipher is proposed and the security analysis has been done using Shannon\'s Secrecy theories where numerical values are obtained to depict the secrecy. The proposed cipher is a combination of Improved RC4 cipher proposed by Jian Xie et al and modified RC4 cipher proposed by T.D.B Weerasinghe, which were published prior to this work. Combination is done in such a way that the concept used in the modified RC4 algorithm is used in the Improved RC4 cipher by Jian Xie et al. Importantly, an immense improvement of performance and secrecy are obtained by this combination. Hence this particular modification of RC4 cipher can be used in software applications where there is a need to improve the throughput as well as secrecy.

22:17 [Pub][ePrint] Secure Lightweight Entity Authentication with Strong PUFs: Mission Impossible?, by Jeroen Delvaux and Dawu Gu and Dries Schellekens and Ingrid Verbauwhede

  Physically unclonable functions (PUFs) exploit the unavoidable manufacturing variations of an integrated circuit (IC). Their input-output behavior serves as a unique IC \'fingerprint\'. Therefore, they have been envisioned as an IC authentication mechanism, in particular for the subclass of so-called strong PUFs. The protocol proposals are typically accompanied with two PUF promises: lightweight and an increased resistance against physical attacks. In this work, we review eight prominent proposals in chronological order: from the original strong PUF proposal to the more complicated converse and slender PUF proposals. The novelty of our work is threefold. First, we employ a unied notation and framework for ease of understanding. Second, we initiate direct comparison between protocols, which has been neglected in each of the proposals. Third, we reveal numerous security and practicality issues. To such an extent, that we can not support the use of any proposal in its current form. All proposals aim to compensate the lack of cryptographic properties of the strong PUF. However, proper compensation seems to oppose the lightweight objective.

22:17 [Pub][ePrint] Continuous Non-malleable Codes, by Sebastian Faust and Pratyay Mukherjee and Jesper Buus Nielsen and Daniele Venturi

  Non-malleable codes are a natural relaxation of error correcting/detecting codes that have useful applications in the context of tamper resilient cryptography. Informally, a code is non-malleable if an adversary trying to tamper with an encoding of a given message can only leave it unchanged or modify it to the encoding of a completely unrelated value. This paper introduces an extension of the

standard non-malleability security notion - so-called continuous non-malleability - where we allow the adversary to tamper continuously with an encoding. This is in contrast to the standard notion of

non-malleable codes where the adversary only is allowed to tamper a single time with an encoding. We show how to construct continuous non-malleable codes in the common split-state model where an encoding consist of two parts and the tampering can be arbitrary but has to be independent with both parts. Our main contributions are outlined below:

1. We propose a new uniqueness requirement of split-state codes which states that it is computationally hard to find two codewords C = (X0;X1) and C0 = (X0;X1\') such that both codewords are valid, but X0 is the same in both C and C0. A simple attack shows that uniqueness

is necessary to achieve continuous non-malleability in the split-state model. Moreover, we illustrate that none of the existing constructions satisfies our uniqueness property and hence is not secure in the continuous setting.

2. We construct a split-state code satisfying continuous non-malleability. Our scheme is based

on the inner product function, collision-resistant hashing and non-interactive zero-knowledge

proofs of knowledge and requires an untamperable common reference string.

3. We apply continuous non-malleable codes to protect arbitrary cryptographic primitives against tampering attacks. Previous applications of non-malleable codes in this setting required to

perfectly erase the entire memory after each execution and and required the adversary to be restricted in memory. We show that continuous non-malleable codes avoid these restrictions.

10:17 [Pub][ePrint] Encryption Quality Analysis of the RCBC Block Cipher Compared with RC6 and RC5 Algorithms , by Abdul Hamid M. Ragab, Osama S. Farag Alla, Amin Y. Noaman

  In this paper, we investigate the encryption quality of the robust chaotic block cipher (RCBC) algorithm; which is based on chaotic map. In addition to visual inspection of images encryption testing, five analytical metrics are developed for analyzing the encryption quality. These metrics are used to evaluate several encrypted images factors include: maximum deviation, irregular deviation, information entropy, correlation coefficients, and avalanche effect. Comparison of the encryption quality for RCBC, RC6 and RC5 implantations to digital images are performed. In the experimental results, we have made our tests using color images Lena, Cman, and Peppers, each of size 512x512 pixels, as the original images (plain-images). Results show better quality of the RCBC.

10:17 [Pub][ePrint] Parallelized hashing via j-lanes and j-pointers tree modes, with applications to SHA-256, by Shay Gueron

  The j-lanes tree hashing is a tree mode that splits an input message to j slices, computes j independent digests of each slice, and outputs the hash value of their concatenation. The j-pointers tree hashing is a similar tree mode that receives, as input, j pointers to j messages (or slices of a single message), computes their digests and outputs the hash value of their concatenation. Such modes have parallelization capabilities on a hashing process that is serial by nature. As a result, they have performance advantage on modern processor architectures. This paper provides precise specifications for these hashing modes, proposes a setup for appropriate IV\'s definition, and demonstrates their performance on the latest processors. Our hope is that it would be useful for standardization of these modes.

09:19 [Event][New] Asiacrypt 2014

  Submission: 27 May 2014
Notification: 22 August 2014
From December 7 to December 11
Location: Kaohsiung, Taiwan
More Information:

09:18 [Event][New] Asiacrypt 2014: The 20th Annual Conference on the Theory and Application of Cryptography

  Submission: 27 May 2014
Notification: 22 August 2014
From December 7 to December 11
Location: Kaohsiung, Taiwan
More Information:

01:17 [Pub][ePrint] TRUESET: Nearly Practical Verifiable Set Computations, by Ahmed E. Kosba and Dimitrios Papadopoulos and Charalampos Papamanthou and Mahmoud F. Sayed and Elaine Shi and Nikolaos Triandopoulos

  Verifiable computation (VC) enables thin clients to efficiently verify the computational results produced by a powerful server. Although VC was initially considered to be mainly of theoretical interest, over the last two years, impressive progress has been made on implementing VC. Specifically, we now have open-source implementations of VC systems that can handle all classes of computations expressed either as circuits or in the RAM model. However, despite this very encouraging progress, new enhancements in the design and implementation of VC protocols are required in order to achieve truly practical VC for real-world applications. In this work, we show that for functionalities that can be expressed efficiently in terms of set operations (e.g., a subset of SQL queries) VC can be enhanced to become drastically more practical: We present the design and prototype implementation of a novel VC scheme that achieves orders of magnitude speed-up in comparison with the state of the art. Specifically, we build and evaluate TRUESET, a system that can verifiably compute any polynomial-time function expressed as a circuit consisting of \"set gates\" such as union, intersection, difference and set cardinality. Moreover, TRUESET supports hybrid circuits consisting of both set gates and traditional arithmetic gates and, therefore, does not lose any of the expressiveness of the previous schemes (allowing, at the same time, the user to choose the most efficient way to represent different parts of a computation task). By expressing set computations as polynomial operations and introducing a novel Quadratic Polynomial Program technique, TRUESET achieves prover performance speed-up ranging from 30x to 150x and yields up to 97% evaluation key size reduction.

01:17 [Pub][ePrint] ``Ooh Aah... Just a Little Bit\'\' : A small amount of side channel can go a long way, by Naomi Benger and Joop van de Pol and Nigel P. Smart and Yuval Yarom

  We apply the Flush-Reload side-channel attack based on cache hits/misses to extract a small amount of data from OpenSSL ECDSA signature requests. We then apply a ``standard\'\' lattice technique to extract the private key, but unlike previous attacks we are able to make use of the side-channel information from almost all of the observed executions. This means we obtain private key recovery by observing a relatively small number of executions, and by expending a relatively small amount of post-processing via lattice reduction. We demonstrate our analysis via experiments using the curve secp256k1 used in the Bitcoin protocol. In particular we show that with as little as 200 signatures we are able to achieve a reasonable level of success in recovering the secret key for a 256-bit curve. This is significantly better than prior methods of applying lattice reduction techqniques to similar side channel information.