International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

00:17 [Pub][ePrint] Information-flow control for programming on encrypted data, by J.C. Mitchell, R. Sharma, D. Stefan and J. Zimmerman

  Using homomorphic encryption and secure multiparty computation, cloud

servers may perform regularly structured computation on encrypted

data, without access to decryption keys. However, prior approaches

for programming on encrypted data involve restrictive models such as

boolean circuits, or standard languages that do not guarantee secure

execution of all expressible programs. We present an expressive

core language for secure cloud computing, with primitive types,

conditionals, standard functional features, mutable state, and a

secrecy preserving form of general recursion. This language, which

uses an augmented information-flow type system to prevent

control-flow leakage, allows programs to be developed and tested

using conventional means, then exported to a variety of secure

cloud execution platforms, dramatically reducing the amount of

specialized knowledge needed to write secure code. We present a

Haskell-based implementation and prove that cloud implementations

based on secret sharing, homomorphic encryption, or other

alternatives satisfying our general definition meet precise security


15:59 [Event][New] Eurocrypt 2013

  From May 26 to May 30
Location: Athens, Greece
More Information:

18:11 [Event][New] CANS 2012: The 11th International Conference on Cryptology and Network Security

  Submission: 2 July 2012
Notification: 17 September 2012
From December 12 to December 14
Location: Darmstadt, Germany
More Information:

06:46 [Event][Update] FDTC: Workshop on Fault Diagnosis and Tolerance in Cryptography

  Submission: 10 May 2012
Notification: 18 June 2012
From September 9 to September 9
Location: Leuven, Belgium
More Information:

18:17 [Pub][ePrint] Comment an Anonymous Multi-receiver Identity-based Encryption Scheme, by J.H.Zhang, Y.B.cui

  Anonymous receiver encryption is an important cryptographic

primitive. It can protect the privacy of the receiver. In 2010, Fan

\\emph{et al} proposed an anonymous multi-receiver ID-based

encryption by using Lagrange interpolating polynomial. Recently,

Wang \\emph{et al} showed that Fan \\emph{et al}\'s scheme satisfied

anonymity of the receivers. Then they provided an improved scheme to

fix it and showed that the improved scheme was secure.

Unfortunately, we pointed out that Wang \\emph{et al}\'s improved

scheme did\'t satisfy the receiver\'s anonymity by analyzing the

security of the scheme yet. After analyzing the reason to produce

such flaw, we give an improved method to repair it and show that our

improved scheme satisfies the receiver\'s anonymity.

18:17 [Pub][ePrint] Secure Similarity Coefficients Computation with Malicious Adversaries, by Bo Zhang and Fangguo Zhang

  Similarity coefficients play an important role in many application aspects. Recently, a privacy-preserving similarity coefficients protocol for binary data was proposed by Wong and Kim (Computers and Mathematics with Application 2012). In this paper, we show that their protocol is not secure, even in the semi-honest model, since the client can retrieve the input of the server without deviating from the protocol. Also we propose a secure similarity coefficients computation in the presence of malicious adversaries, and prove it using the standard simulation-based security definitions for secure two-party computation. We also discuss several extensions of our protocol for settling other problems. Technical tools in our protocol include zero-knowledge proofs and distributed ElGamal encryption.

18:17 [Pub][ePrint] Robust biometric-based user authentication scheme for wireless sensor networks, by Debiao He

  Wireless sensor networks (WSNs) are applied widely a variety of areas such as real-time traffic monitoring, measurement of seismic activity, wildlife monitoring and so on. User authentication in WSNs is a critical security issue due to their unattended and hostile deployment in the field. In 2010, Yuan et al. proposed the first biometric-based user authentication scheme for WSNs. However, Yoon et al. pointed out that Yuan et al.\'s scheme is vulnerable to the insider attack, user impersonation attack, GW-node impersonation attack and sensor node impersonate attack. To improve security, Yoon et al.\'s proposed an improved scheme and claimed their scheme could withstand various attacks. Unfortunately, we will show Yoon et al.\'s scheme is vulnerable to the denial-of-service attack (DoS) and the sensor node impersonation attack. To overcome the weaknesses in Yoon et al.\'s scheme, we propose a new biometric-based user authentication scheme for WSNs. The analysis shows our scheme is more suitable for practical applications.

18:17 [Pub][ePrint] Unique Group Signatures, by Matthew Franklin and Haibin Zhang

  We initiate the study of unique group signature such that signatures of the same message by the same user will always have a large common component (i.e., unique identifier). We present a number of unique group signature schemes under a variety of security models that extend the standard security models of ordinary group signatures (without random oracles). Our work is a beneficial step towards mitigating the well-known group signature paradox, and it also has many other interesting applications and efficiency implications.

09:17 [Pub][ePrint] On the Security of an Improved Password Authentication Scheme Based on ECC, by Ding Wang and Chun-guang Ma

  The design of secure remote user authentication schemes for mobile applications is still an open and quite challenging problem, though many schemes have been published lately. Recently, Islam and Biswas pointed out that Lin and Hwang et al.\'s password-based authentication scheme is vulnerable to various attacks, and then presented an improved scheme based on elliptic curve cryptography (ECC) to overcome the drawbacks. Based on heuristic security analysis, Islam and Biswas claimed that their scheme is secure and can withstand all related attacks. In this paper, however, we show that Islam and Biswas\'s scheme cannot achieve the claimed security goals and report its flaws: (1) It is vulnerable to offline password guessing attack, stolen verifier attack and denial of service (DoS) attack; (2) It fails to preserve user anonymity. The cryptanalysis demonstrates that the scheme under study is unfit for practical use.

09:17 [Pub][ePrint] Security Analysis and Enhancement for Prefix-Preserving Encryption Schemes, by Liangliang Xiao and I-Ling Yen

  Prefix-preserving encryption (PPE) is an important type of encryption scheme, having a wide range of applications, such as IP addresses anonymization, prefix-matching search, and rang search. There are two issues in PPE schemes, security proof and single key requirement.

Existing security proofs for PPE only reduce the security of a real PPE scheme to that of the ideal PPE object by showing their computational indistinguishability \\cite{Ama07,Xu02}. Such security proof is incomplete since the security of the ideal encryption object is unknown. Also, existing prefix-preserving encryption schemes only consider a single encryption key, which is infeasible for a practical system with multiple users (Implying that all users should have the single encryption key in order to encrypt or decrypt confidential data).

In this paper we develop a novel mechanism to analyze the security of the ideal PPE object. We follow the modern cryptographic approach and create a new security notion IND-PCPA. Then, we show that such weakened security notion is necessary and the ideal PPE object is secure under IND-PCPA.

We also design a new, security-enhanced PPE protocol to support its use in multi-user systems, where no single entity in the system knows the PPE key. The protocol secret shares and distributes the PPE key to a group of key agents and let them ``distributedly encrypt\'\' critical data. We develop a novel distributed PPE algorithm and the corresponding request and response protocols. Experimental results show that the protocol is feasible in practical systems.

09:17 [Pub][ePrint] Extending Order Preserving Encryption for Multi-User Systems, by Liangliang Xiao and I-Ling Yen and Dung T. Huynh

  Several order preserving encryption (OPE) algorithms have been developed in the literature to support search on encrypted data. However, existing OPE schemes only consider a single encryption key, which is infeasible for a practical system with multiple users (implying that all users should have the single encryption key in order to encrypt or decrypt confidential data). In this paper, we develop the first protocols, DOPE and OE-DOPE, to support the use of OPE in multi-user systems. First, we introduce a group of key agents into the system and invent the DOPE protocol to enable \"distributed encryption\" to assure that the OPE encryption key is not known by any entity in the system. However, in DOPE, if a key agent is compromised, the share of the secret data that is sent to this key agent is compromised. To solve the problem, we developed a novel oblivious encryption (OE) protocol based on the oblivious transfer concept to deliver and encrypt the shares obliviously. Then, we integrate it with DOPE to obtain the OE-DOPE protocol. Security of OE-DOPE is further enhanced with additional techniques. Both DOPE and OE-DOPE can be used with any existing OPE algorithms while retaining all the advantages of OPE without requiring the users to share the single encryption key, making the OPE approach feasible in practical systems.