International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

20:19 [News] President's letter


It is a great honor for me to have been elected as the President of the IACR and a challenge at the same time. Today cryptography is a vibrant research field that offers important and exciting questions to work on. It has not lost any of its fascination to me over the last 20 years since I entered the field as a graduate student -- quite to the contrary. In the age of cloud computing, cryptology continues to be a key technology for securing the digital world. Starting with the Snowden revelations in 2013, cryptography has also regained a level of political visibility that reminds me of the debates that were taking place in the 1990's. This gives us, as cryptologists and members of the IACR, an exposure that is hard to match.

In 2013 cryptology demonstrated (again) the power of its contributions to society, science, and technology by Shafi Goldwasser and Silvio Micali winning the ACM Turing Award, the highest distinction in computer science. As the ACM Turing Award page shows very visibly (, cryptology is one of the most promising research topics for winning the Turing Award. Congratulations, Shafi and Silvio!

The IACR's events were well-attended and well-organized in 2013. The first two of our 2014 events, TCC in San Diego and FSE in London, are already over with about 120 and about 160 attendees, respectively. For the upcoming Eurocrypt in Copenhagen, everyone is advised to book early. Due to Eurovision Song Contest 2014 in the week just before Eurocrypt, hotels may be difficult to find or expensive.

The composition of the Board of Directors has changed for 2014. New members of the Board are: Ivan Damgaard, as new JoC Editor-in-Chief; Steven Galbraith, Asiacrypt 2015 General Chair; Svetla Petkova-Nikova, Eurocrypt 2015 General Chair; and Thomas Ristenpart, Crypto 2015 General Chair. Matt Franklin will stay on the Board in 2014 for easing the transition of the Journal to Ivan Damgaard.

IACR exists only through the work of volunteers, who bring our conferences, events, online systems, and publications to life. I'd like to thank everyone for contributing their time to IACR. It is hard work but important for our organization. At the same time, I am looking forward to hearing about your future plans and ideas for how you would like to help and to improve IACR.

Very concretely, the European members of the Board of Directors are currently looking for a proposal to host Eurocrypt 2016. If you are inclined and would like to know more about exposing your skills as a conference organizer, please step forward and contact Michel Abdalla or any other member of the Board.

For 2014 and beyond, the IACR will have to address the challenges to scientific publishing posed by two factors, by the Internet and by the growing field. The IACR has a long tradition of operating with a liberal, author-friendly attitude to copyright. This has made it possible, among other things, that all IACR publications starting from 1982 are now openly available over the Internet via the IACR website; only the last two years are restricted to IACR members. Second, the growth in our field has boosted the number of paper submissions and conference attendees, but also led to record low acceptance rates and excessive reviewing load. We will resume the open discussion on the future of IACR's publications, in order to address these challenges.

With my new role as President, I have to cut back on other ends. I am glad that Nigel Smart has taken over my job as co-editor of the Cryptology ePrint Archive, or "eprint" as called by most. He shares this workload with Tal Rabin. Almost 15 years ago, when I had created the online system that still runs today, it had not occurred to me that the eprint archive would ever play such a useful role for research in cryptology.

Shortly before writing this, the sad news reached us that Scott Vanstone has passed away on March 2nd. He was a giant in the field, and the IACR will honor his contributions separately. Let me only mention that he was a past Director of the IACR and had helped to grow the organization, and he became an IACR Fellow in 2011.

I look forward to interacting with you in 2014.

Christian Cachin
IACR President

This letter had stated erroneously that Scott Vanstone was past President of the IACR; in fact, he was a member of the Board of Directors.

15:17 [Pub][ePrint] Crypto-Multimedia, by Benlcouiri Younes and Azizi Abdelmalek and Moulay Chrif Ismaili

  This paper is structured on securing of storage, transmission and the traceability of digital images. It consists in the design of the cryptographic algorithms appropriate to the case of fixed and moving images.

In this sense, we have introduced two approaches that is different in the synthesis of confusion and diffusion on using the principles of substitu-tion and/or transposition to secure JPEG and MPEG format.

15:17 [Pub][ePrint] Breaking POET Authentication with a Single Query, by Jian Guo and Jérémy Jean and Thomas Peyrin and Wang Lei

  In this short article, we describe a very practical and simple attack on the authentication part of POET authenticated encryption mode proposed at FSE 2014. POET is a provably secure scheme that was designed to resist various attacks where the adversary is allowed to repeat the nonce, or even when the message is output before verifying the validity of the tag when querying the decryption oracle. However, we demonstrate that using only a single encryption query and a negligible amount of computations, even without any special misuse from the attacker, it is possible to generate many valid ciphertext/tag pairs for POET. Our work shows that one should not use POET for any application where authentication property is required. Furthermore, we propose a possible patch to overcome this particular issue, yet without backing up this patch with a security proof.

21:17 [Pub][ePrint] Cryptanalysis and Security Enhancement of Two Advanced Authentication Protocols, by Sai Raghu Talluri and Swapnoneel Roy

  In this work we consider two protocols for performing cryptanalysis and security enhancement. The first one by Jiang et al., is a password-based authentication scheme which does not use smart cards. We note that this scheme is an improvement over Chen et al.\'s scheme shown vulnerable to the off-line dictionary attack by Jiang et al. We perform a cryptanalysis on Jiang at al.\'s improved protocol and observe that it is prone to the clogging attack, a kind of denial of service (DoS) attack. We then suggest an improvement on the protocol to prevent the clogging attack.

The other protocol we consider for analysis is by Wang et al. This is a smart card based authentication protocol. We again perform the clogging (DoS) attack on this protocol via replay. We observe that all smart card based authentication protocols which precede the one by Wang et al., and require the server to compute the computationally

intensive modular exponentiation are prone to the clogging attack. We suggest (another) improvement on the protocol to prevent the clogging attack, which also applies to the protocol by Jiang et. al.

21:17 [Pub][ePrint] Low Overhead Broadcast Encryption from Multilinear Maps, by Dan Boneh and Brent Waters and Mark Zhandry

  We use multilinear maps to provide a solution to the long-standing problem of public-key broadcast encryption where all parameters in the system are small. In our constructions, ciphertext overhead, private key size, and public key size are all poly-logarithmic in the total number of users. The systems are fully secure against any number of colluders. All our systems are based on an O(logN)-way multilinear map to support a broadcast system for N users. We present three constructions based on different types of multilinear maps and providing different security guarantees. Our systems naturally give identity-based broadcast systems with short parameters.

18:14 [Event][New] ESORICS 2014: 19th European Symposium on Research in Computer Security

  Submission: 2 April 2014
Notification: 10 June 2014
From September 7 to September 11
Location: Wroclaw, Poland
More Information:

15:17 [Pub][ePrint] JHAE: An Authenticated Encryption Mode Based on JH, by Javad Alizadeh, Mohammad Reza Aref and Nasour Bagheri

  In this paper we present JHAE, an authenticated encryption (AE) mode based on the JH hash mode. JHAE is a dedicated AE mode based on permutation. We prove that this mode, based on ideal permutation, is provably secure.

10:43 [Job][New] Ph.D. students, TELECOM-ParisTech

  TELECOM-ParisTech crypto group seeks 4 PhD students

TELECOM-ParisTech crypto group develops prototype solutions to fight against cyber and physical penetration of embedded devices.

Our contributions in this field of research are:

  • Security building blocks:

    • with security / cost tradeoffs (quantifiable), e.g. \\\"Low Entropy Masking Schemes\\\" (LEMS), where security and cost are tunable by the amount of injected randomness,

    • resistance against invasive attacks (e.g., circuit editing, backside probing),

    • processor aware of malware usual attack strategies

  • Security policies:

    How to implement a responsive \\\"security driver\\\" that collects all the alarms and take adequate actions?

    Such piece of software is critical: it must be functionally validated and tamper resistant

  • Formal proofs:

    • Both security-oriented hardware and software codes must be proven, as compliant with their specification and implementing indeed the properties they are assumed to have

    • Mathematical analysis of proposed countermeasures (e.g. LEMS)

We seek four PhD candidates on those subjects:

  1. \\\"Calculer dans les codes comme contremesure aux attaques physiques\\\",

  2. \\\"Native Protection of Processors against Cyber-Attacks\\\",

  3. \\\"Insertion automatique de contre-mesures dans des circuits de sécurité\\\",

  4. \\\"Attaques FIRE : Rétroconception de cryptographie secrète\\\",

Working language is French or English.

Positions are open until Aug 2014.

To ap

10:33 [Event][New] BalkanCryptSec: International Conference on Cryptography and Information Security

  Submission: 1 August 2014
Notification: 15 September 2014
From October 16 to October 17
Location: Istanbul, Turkey
More Information:

21:17 [Pub][ePrint] A Second Look at Fischlin\'s Transformation, by Özgür Dagdelen and Daniele Venturi

  Fischlin\'s transformation is an alternative to the standard Fiat-Shamir transform to turn a certain class of public key identification schemes into digital signatures (in the random oracle model).

We show that signatures obtained via Fischlin\'s transformation are existentially unforgeable even in case the adversary is allowed to get arbitrary (yet bounded) information on the entire state of the signer (including the signing key and the random coins used to generate signatures). A similar fact was already known for the Fiat-Shamir transform, however, Fischlin\'s transformation allows for a significantly higher leakage parameter than Fiat-Shamir.

Moreover, in contrast to signatures obtained via Fiat-Shamir, signatures obtained via Fischlin enjoy a tight reduction to the underlying hard problem. We use this observation to show (via simulations) that Fischlin\'s transformation, usually considered less efficient, outperforms the Fiat-Shamir transform in verification time for a reasonable choice of parameters. In terms of signing Fiat-Shamir is faster for equal signature sizes. Nonetheless, our experiments show that the signing time of Fischlin\'s transformation becomes, e.g., 22% of the one via Fiat-Shamir if one allows the signature size to be doubled.