International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

00:17 [Pub][ePrint] The Transformation from the Galois NLFSR to the Fibonacci Configuration, by Lin Zhiqiang

  The Galois configuration of Nonlinear Feedback Shift Registers

(NLFSRs) is attractive for stream ciphers for which high throughput

is very important. In this paper, we prove that any Galois NLFSR can be transformed into an equivalent NLFSR in the Fibonacci configuration, which is the conventional conguration of NLFSRs. The transformation is mentioned in the proof. The mapping between the initial states of the Galois NLFSR and its equivalent Fibonacci configuration is also derived. Moreover, some properties of Galois NLFSRs are presented.

00:17 [Pub][ePrint] Full Proof Cryptography: Verifiable Compilation of Efficient Zero-Knowledge Protocols, by José Bacelar Almeida and Manuel Barbosa and Endre Bangerter and Gilles Barte and Stephan Krenn and Santiago Z

  Developers building cryptography into security-sensitive applications

face a daunting task. Not only must they understand the security

guarantees delivered by the constructions they choose,

they must also implement and combine them correctly and


Cryptographic compilers free developers from having to implement

cryptography on their own by turning high-level specifications

of security goals into efficient implementations. Yet, trusting such

tools is hard as they rely on complex mathematical

machinery and claim security properties that are subtle and difficult

to verify.

In this paper, we present ZKCrypt, an optimizing cryptographic compiler that achieves an unprecedented level of assurance without sacrificing

practicality for a comprehensive class of cryptographic protocols, known

as Zero Knowledge Proofs of Knowledge. The pipeline of ZKCrypt tightly

integrates purpose-built verified compilers and verifying compilers

producing formal proofs in the CertiCrypt framework. By combining the

guarantees delivered by each stage in the pipeline, ZKCrypt provides

assurance that the implementation it outputs securely

realizes the high-level proof goal given as input. We report on the

main characteristics of ZKCrypt, highlight new definitions and concepts

at its foundations, and illustrate its applicability through a

representative example of an anonymous credential system.

00:17 [Pub][ePrint] A Novel Strong Designated Verifier Signature Scheme without Random Oracles, by Maryam Rajabzadeh Asaar and Mahmoud Salmasizadeh

  In this study, a novel pairing based strong designated verifier signature

scheme based on non-interactive zero knowledge proofs is proposed. The security of

the proposal is presented by sequences of games without random oracles; furthermore,

this scheme has a security proof for the property of privacy of the signer\'s identity in

comparison with the scheme proposed by Zhang et al. in 2007. In addition, this proposal

compared to the scheme presented by Huang et al. in 2011 supports non-delegatability.

The non-delegatability of our proposal is achieved since we do not use the common secret

key shared between the signer and the designated verifier in our construction. Furthermore,

if a signer delegates her signing capability which is derived from her secret key on

a specific message to a third party, then, the third party cannot generate a valid designated

verifier signature due to the relaxed special soundness of the non-interactive zero

knowledge proof. To the best of our knowledge, this construction is the first attempt to

generate a designated verifier signature scheme with non-delegatability in the standard

model, while satisfying of non-delegatability property is loose.

00:17 [Pub][ePrint] Transposition of AES Key Schedule, by Jialin Huang, Xuejia Lai

  In this paper, we point out a new weakness of the AES key schedule by revisiting an old observation exploited by many known attacks. We also discover a major cause for this weakness is that the column-by-column word-wise property in the key schedule matches nicely with the MixColumns operation in the cipher\'s diffusion layer. Then we propose a new key schedule by minor modification to increase the security level for AES. First, it reduces the number of rounds that some attacks are effective, such as SQUARE attacks and meet-in-the-middle attacks; Second, it is interesting that our new key schedule also protects AES from the most devastating related-key differential type attacks, which work against AES-192 and AES-256 with the full number of rounds. Compared with the original key schedule, ours just does a transposition on the output matrix of the subkeys. Compared with other proposed modifications of AES key schedule, our modification adds no non-linear operations, no need to complicate the diffusion method, or complicate the iteration process of generating subkeys. Finally, our results suggest that the route of diffusion propagation should get more attention in the design of key schedules.

00:17 [Pub][ePrint] Dual Form Signatures: An Approach for Proving Security from Static Assumptions, by Michael Gerbush and Allison Lewko and Adam O\'Neill and Brent Waters

  In this paper, we introduce the abstraction of Dual Form Signatures as a useful framework for proving security (existential unforgeability) from static assumptions for schemes with special structure that are used as a basis of other cryptographic protocols and applications. We demonstrate the power of this framework by proving security under static assumptions for close variants of pre-existing schemes:


\\item the LRSW-based Camenisch-Lysyanskaya signature scheme

\\item the identity-based sequential aggregate signatures of Boldyreva, Gentry, O\'Neill, and Yum.


The Camenisch-Lysyanskaya signature scheme was previously proven only under the interactive LRSW assumption, and our result can be viewed as a static replacement for the LRSW assumption. The scheme of Boldyreva, Gentry, O\'Neill, and Yum was also previously proven only under an interactive assumption that was shown to hold in the generic group model. The structure of the public key signature scheme underlying the BGOY aggregate signatures is quite distinctive, and our work presents the first security analysis of this kind of structure under static assumptions.

We view our work as enhancing our understanding of the security of these signatures, and also as an important step towards obtaining proofs under the weakest possible assumptions.

Finally, we believe our work also provides a new path for proving security of signatures with embedded structure. Examples of these include:

attribute-based signatures, quoteable signatures, and signing group elements.

09:58 [PhD][New] Christophe Giraud: Attacks on embedded cryptosystems and corresponding countermeasures

  Name: Christophe Giraud
Topic: Attacks on embedded cryptosystems and corresponding countermeasures
Category: implementation

Description: Side channel attacks are a very powerful tool used to recover secrets stored in embedded devices such as smart cards. By analysing the power consumption, the electromagnetic radiations or by disturbing the device, an attacker can easily obtain secret keys used by non protected embedded cryptosystems. The subject of this thesis is to extend the impact of side channel analysis by presenting new attacks and new countermeasures. The latter must have a very small impact on the performance of the algorithm since the embedded environment is limited in terms of both memory space and computation power.\r\nFirstly, we focus on Power Analysis countermeasures. We describe a method to protect the elliptic curve scalar multiplication from Simple Analysis. Then, we propose a countermeasure against Di?erential Analysis on DES and AES and a generic method to protect S-Box access. Secondly, we deal with Fault Attacks. After presenting a general overview of this ?eld, we propose new fault attacks on cryptosystems such as AES and XTR which haven’t yet been successfully impacted. Then, we improve some existing attacks on several signature schemes in order to be able to put these attacks into practice. Finally, we present new countermeasures on XTR and on the RSA cryptosystem.[...]

04:32 [Event][New] QCRYPT 2012: 2nd Annual Conference on Quantum Cryptography

  Submission: 20 May 2012
Notification: 6 July 2012
From September 10 to September 14
Location: Singapore, Singapore
More Information:

18:51 [PhD][New] Nicolás González-Deleito: Trust relationships in exchange protocols

  Name: Nicolás González-Deleito
Topic: Trust relationships in exchange protocols
Category: cryptographic protocols

18:50 [PhD][New] Yves Roggeman

  Name: Yves Roggeman

18:49 [PhD][New] Olivier Markowitch: Non-repudiation protocols

  Name: Olivier Markowitch
Topic: Non-repudiation protocols
Category: cryptographic protocols

18:49 [PhD][New] Gilles Piret: Block Ciphers: Security Proofs, Cryptanalysis, Design, and Fault Attacks

  Name: Gilles Piret
Topic: Block Ciphers: Security Proofs, Cryptanalysis, Design, and Fault Attacks
Category: secret-key cryptography