International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

06:46 [PhD][New] John E. Hopcroft

  Name: John E. Hopcroft

16:03 [PhD][New] Nicolas Guillermin: Implémentation matérielle de coprocesseurs haute performance pour la cryptographie asymétrique

  Name: Nicolas Guillermin
Topic: Implémentation matérielle de coprocesseurs haute performance pour la cryptographie asymétrique
Category: implementation

Description: In this PhD thesis I propose coprocessors architectures for high performance computations\r\nof asymmetric primitives like RSA, Elliptic Curves and Pairing. Coprocessors have\r\nbeen implemented in FPGA, and propose the lowest latency ever showed in public litterature on such targets. The novelty of these architectures is the usage of the Residue\r\nNumber System (RNS), an alternate way to represent big numbers. The work presented\r\nhere confirms with experimentation the theoretical advantages of this system previously emphasized by [14, 13, 43]. Together with this theoretical advantage RNS computation can be efficiently parallelized, and getting highly regular and parallelized architectures to reach high frequency while computing modular operations in few cycles is possible, whatever is the size of the numbers. For example, a scalar multiplication on a generic 160 elleptic curve can be executed in 0.57 ms on an Altera Stratix, and in 4 ms on a 512 bits curve, compared with classical representations which hardly do the same in twice this time with comparable technologies (except for particular curves). For Pairing the results are even more interesting, since a 4 times division of the latency had been reached by the time [35] was published, and the first time a Pairing over large characteristic fields was executed in less than 1 ms on a FPGA. Eventually, I demonstrate the ability RNS to provide original solutions to protect computations against side channel and perturbation threats. I propose 2 countermeasures to thwart faults and power analysis which can be used on every primitives\r\nrelying on big number modular arithmetic. These countermeasures are designed to be efficiently adapted on the RNS coprocessors.[...]

16:03 [PhD][New] Sylvain Duquesne

  Name: Sylvain Duquesne

09:30 [PhD][New] Luk Bettale: Algebraic Cryptanalysis: Tools and Applications

  Name: Luk Bettale
Topic: Algebraic Cryptanalysis: Tools and Applications
Category: applications

09:29 [PhD][New] Jean-Charles Faugère

  Name: Jean-Charles Faugère

09:29 [PhD][New] Ludovic Perret

  Name: Ludovic Perret

15:28 [Job][New] Cryptographer, Sphinx Solutions and Washington, DC, USA

  We are seeking someone with specialized experience developing cryptographic and hash algorithms including but not limited to triple DES,AES, SHA, etc. Demonstrated experience in developing, analyzing, testing, and researching Public Key Infrastructures using X.509 certificates, symmetric and public key algorithms, hash functions and quantum cryptography.

Duties may include but are not limited to: Performs complex analysis, design, development, integration, testing and debugging cryptographic and hashing algorithms. Apply cryptography-based solutions to contemporary use cases such as evaluating for FIPS 140 compliance, electronic voting, smart grid, health care, and resource constrained environments including but not limited to smart meters, smart cards, and medical devices.

We have two positions: Intermediate Cryptographer (5yrs exp) and Senior Cryptographer (10+ years exp)

05:41 [Event][New] NPSec 2012: 7th Workshop on Secure Network Protocols

  Submission: 2 July 2012
Notification: 31 August 2012
From October 30 to October 30
Location: Austin, TX, USA
More Information:

00:17 [Pub][ePrint] The Linux Psedorandom Number Generator Revisited, by Patrick Lacharme and Andrea Röck and Vincent Strubel and Marion Videau

  The Linux pseudorandom number generator (PRNG) is a PRNG with entropy

inputs which is widely used in many security related applications and

protocols. This PRNG is written as an open source code which is

subject to regular changes. It was last analyzed in the work of

Gutterman et al. in 2006 [GPR06] but since then no new

analysis has been made available, while in the meantime several changes have been applied to the code,

among others, to counter the attacks presented

[GPR06]. Our work describes the Linux PRNG of kernel

versions and upwards. We detail the PRNG architecture

in the Linux system and provide its first accurate mathematical

description and a precise analysis of the building blocks, including entropy estimation and extraction. Subsequently, we give a security analysis including the feasibility of cryptographic attacks and an empirical test of the entropy estimator..

Finally, we underline some important changes to the previous

versions and their consequences.

00:17 [Pub][ePrint] Fair Private Set Intersection with a Semi-trusted Arbiter, by Changyu Dong and Liqun Chen and Jan Camenisch and Giovanni Russello

  A private set intersection (PSI) protocol allows two parties to compute the intersection of their input sets privately. Most of the previous PSI protocols only output the result to one party and the other party gets nothing from running the protocols. However, a mutual PSI protocol in which both parties can get the output is highly desirable in many applications. A major obstacle in designing a mutual PSI protocol is how to ensure fairness. In this paper we present the first fair mutual PSI protocol which is efficient and secure. Fairness of the protocol is obtained in an optimistic fashion, i.e. by using an offline third party arbiter. In contrast to many optimistic protocols which require a fully trusted arbiter, in our protocol the arbiter is only required to be semi-trusted, in the sense that we consider it to be a potential threat to both parties\' privacy but believe it will follow the protocol and not collude with any of the two parties. The arbiter can resolve disputes blindly without knowing any private information belongs to the two parties. This feature is appealing for a PSI protocol in which privacy may be of ultimate importance.

00:17 [Pub][ePrint] Cryptanalysis of pairing-free certificateless authenticated key agreement protocol, by Zhian Zhu

  Recently, He et al. [D. He, J. Chen, J. Hu, A pairing-free certificateless authenticated key agreement protocol, International Journal of Communication Systems, 25(2), pp. 221-230, 2012] proposed a pairing-free certificateless authenticated key agreement protocol and demonstrated that their protocol is provable security in the random oracle model. However, in this paper, we show that t He et al. protocol is completely broken.