International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

09:17 [Pub][ePrint] Non-interactive zero-knowledge proofs in the quantum random oracle model, by Dominique Unruh

  We present a construction for non-interactive zero-knowledge proofs of

knowledge in the random oracle model from general sigma-protocols. Our

construction is secure against quantum adversaries. Prior

constructions (by Fiat-Shamir and by Fischlin) are only known to be

secure against classical adversaries, and Ambainis, Rosmanis, Unruh

(FOCS 2014) gave evidence that those constructions might not be secure

against quantum adversaries in general.

To prove security of our constructions, we additionally develop new

techniques for adaptively programming the quantum random oracle.

09:17 [Pub][ePrint] A Punctured Programming Approach to Adaptively Secure Functional Encryption, by Brent Waters

  We propose a new construction for achieving adaptively secure functional encryption for poly-sized circuits from indistinguishability obfuscation. Our reduction has polynomial loss to the underlying primitives. We develop a punctured programming approach to constructing and proving systems where outside of obfuscation we rely only on primitives constructable from pseudo random generators.

09:17 [Pub][ePrint] Authenticated Key Exchange from Ideal Lattices, by Jiang Zhang, Zhenfeng Zhang, Jintai Ding, Michael Snook

  In this paper, we propose an authenticated key exchange (AKE) protocol

from Ideal lattices. The protocol

is simple since it does not involve any other cryptographic primitives

to achieve authentication (e.g., signatures). This allows us

to establish a security proof solely based on the hardness of

the well-known ring-LWE problems, thus on some hard lattice problems in the worst-case (e.g., SVP and SIVP). We give the security proof of the proposed

AKE protocol in an enhanced variant of the original

Bellare-Rogaway (BR) model,

which additionally captures weak Perfect Forward Secrecy (wPFS),

in the random oracle (RO) model.

18:09 [Job][New] Research Associate, Faculty of Computer Science, University of New Brunswick, Fredericton, Canada

  The Information Security Centre of Excellence (ISCX) at the Faculty of Computer Science, University of New Brunswick’s Fredericton Campus invites application for a Research Associate in the field of Cyber Security. The successful candidate will work with the members of ISCX to conduct original research, design, and development for the Intelligent Tools for an Automated Security Analysis and Risk Management for Large-Scale Systems project. This project will be carried out in collaboration with IBM Security Division and is mainly funded under the Atlantic Innovation Foundation (AIF) program. For more information on the project and ISCX, please see

To be considered for the position the applicant should have a PhD degree in Computer Science. Some postdoctoral research experience is an asset. Good oral and written communication skills and the ability to work on a team project are essential.

This is a full-time position, available as of October 1, 2014 and will initially be for one year, with the possibility of renewal for three more years. Salary will depend upon the qualifications and experience of the successful applicant.

Interested applicants should submit a covering letter, along with a resume, and the name, address, phone and e-email addresses of three academic references. Review of applications will begin in August 1, 2014 and will continue until the position is filled.

03:52 [Event][New] ICCICS2014: The International Conference on Cyber-Crime Investigation and Cyber Securit

  Submission: 17 October 2014
From November 17 to November 19
Location: Kuala Lumpur, Malaysia
More Information:

03:52 [Event][New] EECEA2014: The International Conference on Electrical, Electronics, Computer Engineeri

  Submission: 17 October 2014
From November 17 to November 19
Location: Kuala Lumpur, Malaysia
More Information:

09:57 [Job][New] Post-Doc, HASLab, INESC TEC, Braga, Portugal

  The High Assurance Software Laboratory (HASLab) at INESC TEC has an opening for a 2 year Post-Doc position.

The position is within the cryptography and information security group in the HASLab.

The group is actively working on: provable security, domain-specific languages and software development tools for cryptography, efficient implementation of cryptographic software, and formal verification of cryptographic proofs and implementations.

We are looking for a highly motivated researcher with a recent Ph.D. and background in at least one of the following fields:

provable security,

efficient implementation of cryptography,

programming languages and verification,

and an interest in carrying out research at their intersection.

The position starts from November 2014. The salary is around 18K euros per year after tax. The working language is English.

Applications should arrive no later than September 19, 2014 and should include a CV, a cover letter, and the names and contact details for two references.

15:17 [Pub][ePrint] Scan Based Side Channel Attack on Grain v1, by Sonu Kumar Jha

  In this paper we study a scan based side channel attack

against the Grain family of stream ciphers. The attack works

because scan chain test of circuits can be transformed into a

powerful cryptographic attack due to the properties of scan

based technique. So as a result the attack targets the test

circuitry. We show how the attacker gains the knowledge about

the locations of internal state bits of the NFSR and the LFSR and

how he finds the secret key.

15:17 [Pub][ePrint] The Hunting of the SNARK, by Nir Bitansky and Ran Canetti and Alessandro Chiesa and Shafi Goldwasser and Huijia Lin and Aviad Rubinstein and Eran Tromer

  The existence of succinct non-interactive arguments for NP (i.e.,

non-interactive computationally-sound proofs where the verifier\'s

work is essentially independent of the complexity of the NP

nondeterministic verifier) has been an intriguing question for the

past two decades. Other than CS proofs in the random oracle model

[Micali, FOCS \'94], the only existing candidate construction is

based on an elaborate assumption that is tailored to a specific

protocol [Di Crescenzo and Lipmaa, CiE \'08].

We formulate a general and relatively natural notion of an

\\emph{extractable collision-resistant hash function (ECRH)} and show

that, if ECRHs exist, then a modified version of Di Crescenzo and

Lipmaa\'s protocol is a succinct non-interactive argument for

NP. Furthermore, the modified protocol is actually a succinct

non-interactive \\emph{adaptive argument of knowledge (SNARK).} We

then propose several candidate constructions for ECRHs and

relaxations thereof.

We demonstrate the applicability of SNARKs to various forms of delegation of computation, to succinct non-interactive zero knowledge arguments, and to succinct two-party secure computation. Finally, we show that SNARKs essentially imply the existence of ECRHs, thus demonstrating the necessity of the assumption.

Going beyond $\\ECRH$s, we formulate the notion of {\\em extractable

one-way functions ($\\EOWF$s)}. Assuming the existence of a natural

variant of $\\EOWF$s, we construct a $2$-message

selective-opening-attack secure commitment scheme and a 3-round

zero-knowledge argument of knowledge. Furthermore, if the $\\EOWF$s are

concurrently extractable, the 3-round zero-knowledge protocol is also

concurrent zero-knowledge.

Our constructions circumvent previous black-box impossibility

results regarding these protocols by relying on $\\EOWF$s as the non-black-box component in the security reductions.

13:35 [Event][New] COST Action IC1306 - School on Cryptographic Attacks

  From October 13 to October 16
Location: Porto, Portugal
More Information:

15:17 [Pub][ePrint] Deja Q: Using Dual Systems to Revisit q-Type Assumptions, by Melissa Chase and Sarah Meiklejohn

  After more than a decade of usage, bilinear groups have established their place in the cryptographic canon by enabling the construction of many advanced cryptographic primitives. Unfortunately, this explosion in functionality has been accompanied by an analogous growth in the complexity of the assumptions used to prove security. Many of these assumptions have been gathered under the umbrella of the \"uber-assumption,\" yet certain classes of these assumptions -- namely, q-type assumptions -- are stronger and require larger parameter sizes than their static counterparts.

In this paper, we show that in certain groups, many classes of q-type assumptions are in fact implied by subgroup hiding (a well-established, static assumption). Our main tool in this endeavor is the dual-system technique, as introduced by Waters in 2009. As a case study, we first show that in composite-order groups, we can prove the security of the Dodis-Yampolskiy PRF based solely on subgroup hiding and allow for a domain of arbitrary size (the original proof only allowed a polynomially-sized domain). We then turn our attention to classes of q-type assumptions and show that they are implied -- when instantiated in appropriate groups -- solely by subgroup hiding. These classes are quite general and include assumptions such as q-SDH. Concretely, our result implies that every construction relying on such assumptions for security (e.g., Boneh-Boyen signatures) can, when instantiated in appropriate composite-order bilinear groups, be proved secure under subgroup hiding instead.