International Association for Cryptologic Research

# IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2012-04-16
07:53 [Conf][FSE]

The 19th annual Fast Software Encryption workshop (FSE 2012) was held at the Washington Marriott Hotel in Washington DC, USA, on March 19-21, 2012. The general chair was Bruce Schneier and the program chair was Anne Canteaut.

The conference attracted 143 delegates from 30 countries, including 27 students.

The technical program featured 24 papers selected from 90 submissions, along with two invited lectures, one on "Provable" security against differential and linear cryptanalysis" by Kaisa Nyberg (Aalto University and Nokia), and one on "The history of linear cryptanalysis" by Mitsuru Matsui (Mitsubishi Electric Corporation).

As last year, FSE 2012 did not have printed pre-proceedings, but instead made the papers available online, before and during the conference. Revised versions of the accepted papers are going to appear in the proceedings of the conference published by Springer. The presentation slides for the technical sessions and the rump session can be found on the conference website at: http://fse2012.inria.fr/index.php?page=program http://fse2012.inria.fr/index.php?page=rump

00:17 [Pub][ePrint]

Using homomorphic encryption and secure multiparty computation, cloud

servers may perform regularly structured computation on encrypted

data, without access to decryption keys. However, prior approaches

for programming on encrypted data involve restrictive models such as

boolean circuits, or standard languages that do not guarantee secure

execution of all expressible programs. We present an expressive

core language for secure cloud computing, with primitive types,

conditionals, standard functional features, mutable state, and a

secrecy preserving form of general recursion. This language, which

uses an augmented information-flow type system to prevent

control-flow leakage, allows programs to be developed and tested

using conventional means, then exported to a variety of secure

cloud execution platforms, dramatically reducing the amount of

specialized knowledge needed to write secure code. We present a

Haskell-based implementation and prove that cloud implementations

based on secret sharing, homomorphic encryption, or other

alternatives satisfying our general definition meet precise security

requirements.

2012-04-15
15:59 [Event][New]

From May 26 to May 30
Location: Athens, Greece

2012-04-14
18:11 [Event][New]

Submission: 2 July 2012
Notification: 17 September 2012
From December 12 to December 14

06:46 [Event][Update]

Submission: 10 May 2012
Notification: 18 June 2012
From September 9 to September 9
Location: Leuven, Belgium

2012-04-13
18:17 [Pub][ePrint]

Anonymous receiver encryption is an important cryptographic

primitive. It can protect the privacy of the receiver. In 2010, Fan

\\emph{et al} proposed an anonymous multi-receiver ID-based

encryption by using Lagrange interpolating polynomial. Recently,

Wang \\emph{et al} showed that Fan \\emph{et al}\'s scheme satisfied

anonymity of the receivers. Then they provided an improved scheme to

fix it and showed that the improved scheme was secure.

Unfortunately, we pointed out that Wang \\emph{et al}\'s improved

scheme did\'t satisfy the receiver\'s anonymity by analyzing the

security of the scheme yet. After analyzing the reason to produce

such flaw, we give an improved method to repair it and show that our

improved scheme satisfies the receiver\'s anonymity.

18:17 [Pub][ePrint]

Similarity coefficients play an important role in many application aspects. Recently, a privacy-preserving similarity coefficients protocol for binary data was proposed by Wong and Kim (Computers and Mathematics with Application 2012). In this paper, we show that their protocol is not secure, even in the semi-honest model, since the client can retrieve the input of the server without deviating from the protocol. Also we propose a secure similarity coefficients computation in the presence of malicious adversaries, and prove it using the standard simulation-based security definitions for secure two-party computation. We also discuss several extensions of our protocol for settling other problems. Technical tools in our protocol include zero-knowledge proofs and distributed ElGamal encryption.

18:17 [Pub][ePrint]

Wireless sensor networks (WSNs) are applied widely a variety of areas such as real-time traffic monitoring, measurement of seismic activity, wildlife monitoring and so on. User authentication in WSNs is a critical security issue due to their unattended and hostile deployment in the field. In 2010, Yuan et al. proposed the first biometric-based user authentication scheme for WSNs. However, Yoon et al. pointed out that Yuan et al.\'s scheme is vulnerable to the insider attack, user impersonation attack, GW-node impersonation attack and sensor node impersonate attack. To improve security, Yoon et al.\'s proposed an improved scheme and claimed their scheme could withstand various attacks. Unfortunately, we will show Yoon et al.\'s scheme is vulnerable to the denial-of-service attack (DoS) and the sensor node impersonation attack. To overcome the weaknesses in Yoon et al.\'s scheme, we propose a new biometric-based user authentication scheme for WSNs. The analysis shows our scheme is more suitable for practical applications.

18:17 [Pub][ePrint]

We initiate the study of unique group signature such that signatures of the same message by the same user will always have a large common component (i.e., unique identifier). We present a number of unique group signature schemes under a variety of security models that extend the standard security models of ordinary group signatures (without random oracles). Our work is a beneficial step towards mitigating the well-known group signature paradox, and it also has many other interesting applications and efficiency implications.

09:17 [Pub][ePrint]

The design of secure remote user authentication schemes for mobile applications is still an open and quite challenging problem, though many schemes have been published lately. Recently, Islam and Biswas pointed out that Lin and Hwang et al.\'s password-based authentication scheme is vulnerable to various attacks, and then presented an improved scheme based on elliptic curve cryptography (ECC) to overcome the drawbacks. Based on heuristic security analysis, Islam and Biswas claimed that their scheme is secure and can withstand all related attacks. In this paper, however, we show that Islam and Biswas\'s scheme cannot achieve the claimed security goals and report its flaws: (1) It is vulnerable to offline password guessing attack, stolen verifier attack and denial of service (DoS) attack; (2) It fails to preserve user anonymity. The cryptanalysis demonstrates that the scheme under study is unfit for practical use.

09:17 [Pub][ePrint]

Prefix-preserving encryption (PPE) is an important type of encryption scheme, having a wide range of applications, such as IP addresses anonymization, prefix-matching search, and rang search. There are two issues in PPE schemes, security proof and single key requirement.

Existing security proofs for PPE only reduce the security of a real PPE scheme to that of the ideal PPE object by showing their computational indistinguishability \\cite{Ama07,Xu02}. Such security proof is incomplete since the security of the ideal encryption object is unknown. Also, existing prefix-preserving encryption schemes only consider a single encryption key, which is infeasible for a practical system with multiple users (Implying that all users should have the single encryption key in order to encrypt or decrypt confidential data).

In this paper we develop a novel mechanism to analyze the security of the ideal PPE object. We follow the modern cryptographic approach and create a new security notion IND-PCPA. Then, we show that such weakened security notion is necessary and the ideal PPE object is secure under IND-PCPA.

We also design a new, security-enhanced PPE protocol to support its use in multi-user systems, where no single entity in the system knows the PPE key. The protocol secret shares and distributes the PPE key to a group of key agents and let them distributedly encrypt\'\' critical data. We develop a novel distributed PPE algorithm and the corresponding request and response protocols. Experimental results show that the protocol is feasible in practical systems.