International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

18:17 [Pub][ePrint] Yet Another SHA-3 Round 3 FPGA Results Paper, by Brian Baldwin and William P. Marnane

  The NIST run SHA-3 competition is nearing completion. Currently in its final round, the five remaining competitors are still being examined in hardware, software and for security metrics in order to select a final winner. While there have been many area and speed results reported, one such metric that does not appear to be covered in very great detail is that of power and energy measurements on FPGA. This work attempts to add some new results to this section, namely, measured area, power, energy and iteration time results thereby giving NIST further metrics on which to base their selection decision.

18:17 [Pub][ePrint] Modular Design and Analysis Framework for Multi-Factor Authentication and Key Exchange, by Nils Fleischhacker and Mark Manulis and Amir Sadr-Azodi

  Multi-Factor Authentication (MFA), often coupled with Key Exchange (KE), offers very strong protection for secure communication and has been recommended by many major governmental and industrial bodies for the use in highly sensitive applications. Instantiations of the MFA concept vary in practice and in the research literature and various efforts in designing secure MFA protocols were unsuccessful.

This paper introduces a modular approach to the design and analysis of arbitrary MFAKE protocols, in form of an $(\\alpha,\\beta,\\gamma)$-MFAKE framework, that can accommodate multiple types and quantities of authentication factors, focusing on the three widely adopted categories that provide evidence of knowledge, possession, and physical presence. The framework comes with (i) a model for \\emph{generalized MFAKE} that implies many known flavors of single- and multi-factor Authenticated Key Exchange (AKE), and (ii) offers generic and modular constructions of secure MFAKE protocols that can be tailored to the needs of a particular application.

Our generic $\\mfake$ protocol is based on the new notion of \\emph{tag-based MFA} that in turn implies tag-based versions of many existing single-factor authentication schemes. We show examples and discuss generic ways to obtain tag-based flavors of password-based, public key-based, and biometric-based authentication protocols. By combining various tag-based single-factor authentication-only protocols, whose executions can be parallelized, with a single run of an Unauthenticated Key Exchange (UKE) we construct $\\mfake$ that is superior to a na{\\\"i}ve black-box combination of multiple single-factor AKE schemes.

18:17 [Pub][ePrint] How to Construct Quantum Random Functions, by Mark Zhandry

  In the presence of a quantum adversary, there are two possible definitions of security for a pseudorandom function. The first, which we call standard-security, allows the adversary to be quantum, but requires queries to the function to be classical. The second, quantum-security, allows the adversary to query the function on a quantum superposition of inputs, thereby giving the adversary a superposition of the values of the function at many inputs at once. Existing proof techniques for proving the security of pseudorandom functions fail when the adversary can make quantum queries. We give the first quantum-security proofs for pseudorandom functions by showing that some classical constructions of pseudorandom functions are quantum-secure. Namely, we show that the standard constructions of pseudorandom functions from pseudorandom generators or pseudorandom synthesizers are secure, even when the adversary can make quantum queries. We also show that a direct construction from lattices is quantum-secure. To prove security, we develop new new tools to prove the indistinguishability of distributions under quantum queries.

In light of these positive results, one might hope that all standard-secure pseudorandom functions are quantum-secure. To the contrary, we show a separation - there exist pseudorandom functions secure against adversaries with only classical access to the function, but insecure once the adversary can make quantum queries.

18:17 [Pub][ePrint] Differentially Private Smart Metering with Battery Recharging, by Michael Backes and Sebastian Meiser

  The energy industry has recently begun using smart meters to take fine-grained readings of energy usage. These smart meters enable flexible time-of-use billing, forecasting, and demand response, but they also raise serious user privacy concerns. We propose a novel technique for provably hiding sensitive power consumption information in the overall power consumption stream. Our technique relies on a rechargeable battery that is connected to the household\'s power supply. This battery is used to modify the household\'s power consumption by adding or subtracting noise (i.e., increasing or decreasing power consumption), in order to establish strong privacy guarantees in the sense of differential privacy. To achieve these privacy guarantees in realistic settings, we first investigate the influence of, and the interplay between, capacity and throughput bounds that batteries face in reality. We then propose an integrated method based on noise cascading that allows for recharging the battery on-the-fly so that differential privacy is retained, while adhering to capacity and throughput constraints, and while keeping the additional consumption of energy induced by our technique to a minimum.

18:17 [Pub][ePrint] Asymptotic fingerprinting capacity in the Combined Digit Model, by Dion Boesten and Boris Skoric

  We study the channel capacity of $q$-ary fingerprinting in the limit of large attacker coalitions.

We extend known results by considering the Combined Digit Model, an attacker model that captures signal processing attacks such as averaging and noise addition.

For $q=2$ we give results for various attack parameter settings.

For $q \\geq 3$ we present the relevant equations without providing a solution.

We show how the channel capacity in the Restricted Digit Model

is obtained as a limiting case of the Combined Digit Model.

07:42 [News] Web-Site Update of the IACR


The IACR website has a new look. A team of cryptologists has recently started an effort to advance the online services of the IACR, and has formed a new online content team for this task. What you see today is the result of the first two months of steady improvements. We hope that you like it and that you find the new organization useful.

This is only a start, and we know that many things are not yet as integrated as we would wish. We are working on improving the site and you should visit often to see further improvements.

Please send your feedback, praise, or bug reports to webbugs(at)

The online content core team:
Christian Cachin, Kevin McCurley, Nigel Smart, Christopher Wolf.

The online content extended team:
Shai Halevi, Hilarie Orman, Bart Preneel, abhi shelat.

16:20 [Job][New] Senior Lecturer of Theoretical Computer Science, University of Tartu, Estonia

  We are seeking a candidate for the position of Senior Lecturer in Theoretical Computer Science (including cryptography).

A successful candidate will have extensive university-level teaching experience and didactic skills, experience in academic supervision of graduate students, as well as experience in research and a strong international publication track record.

The candidate will be able to teach courses in the area of theoretical computer science on Master level and advanced Bachelor level, in particular a course on discrete mathematics.

We are interested both in candidates who can contribute to existing research groups (cryptography, semantics) as well as in candidates who bring in new areas of research expertise.

Furthermore, the senior lecturer is expected to supervise Master and Ph.D. students.

For applying, please follow the instructions here: and send you application to personal (at)

16:19 [Event][New] ASK 2012: The Second Asian Workshop on Symmetric Key Cryptography

  From August 27 to August 29
Location: Nagoya, Japan
More Information:

16:18 [Event][New] ACSAT: Conference on Advanced Computer Science Applications and Technology

  Submission: 1 August 2012
From November 26 to November 28
Location: Kuala Lumpur, Malaysia
More Information:

06:17 [Job][New] Postdoctoral Research Associate in Hardware Trust and Security, Polytechnic Institute of New York University, USA

  Hardware trust and security. For specific research focus please visit

18:07 [Event][New] ICISC '12: International Conference on Information Security and Cryptology

  Submission: 28 August 2012
Notification: 15 October 2012
From November 28 to November 30
Location: Seoul, Korea
More Information: