International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

03:17 [Pub][ePrint] CCBKE - Session Key Negotiation for Fast and Secure Scheduling of Scientific Applications in Cloud Computing, by Chang Liu and Xuyun Zhang and Chi Yang and Jinjun Chen

  Instead of purchasing and maintaining their own computing infrastructure, scientists can now run data-intensive scientific applications in a hybrid environment such as cloud computing by facilitating its vast storage and computation capabilities. During the scheduling of such scientific applications for execution, various computation data flows will happen between the controller and computing server instances. Amongst various quality-of-service (QoS) metrics, data security is always one of the greatest concerns to scientists because their data may be intercepted or stolen by malicious parties during those data flows, especially for less secure hybrid cloud systems. An existing typical method for addressing this issue is to apply Internet Key Exchange (IKE) scheme to generate and exchange session keys, and then to apply these keys for performing symmetric-key encryption which will encrypt those data flows. However, the IKE scheme suffers from low efficiency due to its low performance of asymmetric-key cryptological operations over a large amount of data and high-density operations which are exactly the characteristics of scientific applications. In this paper, we propose Cloud Computing Background Key Exchange (CCBKE), a novel authenticated key exchange scheme that aims at efficient security-aware scheduling of scientific applications. Our scheme is designed based on randomness-reuse strategy and Internet Key Exchange (IKE) scheme. Theoretical analyses and experimental results demonstrate that, compared with the IKE scheme, our CCBKE scheme can significantly improve the efficiency by dramatically reducing time consumption and computation load without sacrificing the level of security.

03:17 [Pub][ePrint] Cryptanalysis of Sood et al.\'s Authentication Scheme using Smart Cards, by Rafael Martínez-Peláez and Francisco Rico-Novella

  In 2010, Sood-Sarje-Singh proposed a dynamic ID-based remote user authentication scheme and claimed that their scheme is more secure than Das et al.\'s scheme and Liao et al.\'s scheme. However, we show that Sood et al.\'s scheme is still vulnerable to malicious user attack, man-in-the-middle attack, stolen smart card attack, off-line ID guessing attack, impersonation attack, and server spoofing attack, making the scheme unfeasible for practical implementation.

03:17 [Pub][ePrint] New cryptographic constructions using generalized learning with errors problem, by Jintai ding

  We present a generalized learning with errors (LWE) problem, which is essentially a simple and direct extension of the original LWE problem to the case of matrices.

Then we use this new version of LWE problem, which we call matrix LWE problem to build new cryptographic schemes, which include a new scalable key distribution scheme, a new key exchanges scheme and a new simple identity-based encryption scheme.

03:17 [Pub][ePrint] The Arithmetic Codex, by Ignacio Cascudo and Ronald Cramer and Chaoping Xing

  We introduce the notion of {\\em arithmetic codex}, or {\\em codex} for short.

It encompasses several well-established notions from cryptography (arithmetic secret sharing schemes, i.e., enjoying additive as well as multiplicative properties) and algebraic complexity theory (bilinear complexity of multiplication) in a natural mathematical framework.

Arithmetic secret sharing schemes have important applications to secure multiparty computation and even to {\\em two}-party cryptography. Interestingly, several recent applications to two-party cryptography rely crucially on the existing results on ``{\\em asymptotically good} families\'\' of suitable such schemes. Moreover, the construction of these schemes requires asymptotically good towers of function fields over finite fields: no elementary (probabilistic) constructions are known in these cases. Besides introducing the notion, we discuss some of the constructions, as well as some limitations.

03:17 [Pub][ePrint] Wide Strong Private RFID Identification based on Zero-Knowledge, by Roel Peeters and Jens Hermans

  We present the first wide-strong RFID identification protocol that is based on zero-knowledge. Until now this notion has only been achieved by schemes based on IND-CCA2 encryption. Rigorous proofs in the standard model are provided for the security and privacy properties of our protocol. Furthermore our protocol is the most efficient solution presented in the literature. Using only Elliptic Curve Cryptography (ECC), the required circuit area can be minimized such that our protocol even fits on small RFID tags. Concerning computation on the tag, we only require two scalar-EC point multiplications.

03:17 [Pub][ePrint] Regular Ternary Algorithm for Scalar Multiplication on Elliptic Curves over Finite Fields of Characteristic Three, by Chol-Sun Sin

  In this paper we propose an efficient and regular ternary algorithm for scalar multiplication on elliptic curves over finite fields of characteristic three.

This method is based on full signed ternary expansion of a scalar to be multiplied. The cost per bit of this algorithm is lower than that of all previous ones.

07:01 [Job][New] Senior Level Cryptography Lead at Seagate, Seagate, Longmont, CO, USA

  Seagate delivers advanced digital storage solutions to meet the needs of today\\\'s consumers and tomorrow\\\'s applications. Through technology, leadership and innovation, Seagate continues to help individuals and businesses maximize the potential of their digital content in an ever-evolving, on-demand world.

Seagate is seeking candidates for positions in the exciting and rapidly growing field of security and storage security. Successful candidates will have a minimum 5-10 years of experience in the cryptography and security industry. Join a worldwide team architecting, developing, and deploying storage security products, including Hard Disc Drives (HDDs), Silicon Storage Devices (SSDs), and Silicon Storage Hybrids (SSHs), across the Seagate market space.

The senior level position of Cryptography Lead requires demonstrated capabilities in cryptography, entropy, and the associated computational/programming sciences, while also requiring leadership and direction of other worldwide technical team members, and serving the role of cryptography lead on the security architecture team. As well the position requires leading associated research and patent activities and staging of foundational cryptographic technologies for security products.

Our culture is focused on our Corporate Values --People, Customer Success, Excellence, Innovation, Teamwork, Openness, Social Responsibility and Sustained Profitability. Join a worldwide team of talented, collaborative, innovative people who thrive in a work environment where people can share knowledge and learn from one another. You won\\\'t find a more exciting place to build your career and challenge yourself. Accept the challenge and Go where innovation leads...Join Seagate. Apply now!

To get started, please join the Seagate Talent Community and Apply Online!

18:17 [Pub][ePrint] Functional Encryption for Regular Languages, by Brent Waters

  We provide a functional encryption system that supports functionality

for regular languages. In our system a secret key is associated with

a Deterministic Finite Automata (DFA) M. A ciphertext, CT,

encrypts a message m and is associated with an arbitrary length string w. A user is able to decrypt the ciphertext CT if

and only if the DFA M associated with his private key accepts the string w.

Compared with other known functional encryption systems, this is

the first system where the functionality is capable of recognizing an

unbounded language. For example, in (Key-Policy) Attribute-Based

Encryption (ABE) a private key SK is associated with a single

boolean formula which operates over a fixed number of

boolean variables from the ciphertext. In contrast, in our system a

DFA M will meaningfully operate over an arbitrary length input w.

We propose a system that utilizes bilinear groups. Our solution is a

\"public index\" system, where the message m is hidden, but the

string w is not. We prove security in the selective model under a

variant of the decision l-Bilinear Diffie-Hellman Exponent

(BDHE) assumption that we call the decision l-Expanded BDHE problem.

14:03 [Event][New] CSE2012: ECRYPT Summer School: Challenges in Security Engineering 2012

  From September 3 to September 7
Location: Bochum, Germany
More Information:

13:01 [Conf][Crypto] GREAT NEWS: More Stipends are available to Students Attending CRYTPO

  We are excited to announce that for the first time the National Science Foundation (NSF) is offering stipends to students attending CRYPTO!

All students who are currently studying in a US university are eligible to receive support from the NSF. Students in under-represented groups are especially encouraged to apply. Given the new NSF funding, together with existing funding from our industry sponsors, we are now able to award a second round of stipends to student attendees, both *domestic* and *international*.

To apply, you must be a student enrolled in a US or foreign university, and please ask your PhD supervisor or Department Head to email a brief justification to the General Chair ( before the new deadline of July 27th, 2012.

18:17 [Pub][ePrint] Strongly Authenticated Key Exchange Protocol from Bilinear Groups without Random Oracles, by Zheng Yang and J\\\"org Schwenk

  Malicious insider security of authenticated key exchange (AKE) protocol addresses the situation that an AKE protocol is secure even with existing dishonest parties established by adversary in corresponding security experiment. In the eCK model, the $\\EstablishParty$ query is used to model the malicious insider setting. However such strong query is not clearly formalized so far. We show that the proof of possession assumptions for registering public keys are of prime importance to malicious insider security. In contrast to previous schemes, we present an eCK secure protocol in the standard model, without assuming impractical, strong, concurrent zero-knowledge proofs of knowledge of secret keys done to the CA at key registration. The security proof of our scheme is based on standard pairing assumption, collision resistant hash functions, bilinear decision Diffie-Hellman (BDDH) and decision linear Diffie-Hellman (DLIN) assumptions, and pseudo-random functions with pairwise independent random source $\\pi\\prf$.\\\\