International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-02-20
10:17 [Pub][ePrint]

We initiate the study of broadcast steganography (BS), an extension of steganography to the multi-recipient setting. BS enables a sender to communicate covertly with a dynamically designated set of receivers, so that the recipients recover the original content, while unauthorized users and outsiders remain \\emph{unaware} of the covert communication. One of our main technical contributions is the introduction of a new variant of anonymous broadcast steganography that we term \\emph{anonymous identity-based encryption with pseudorandom ciphertexts} (oABE$). Our oABE$ construction achieves sublinear ciphertext size and is secure in the standard model. Besides being of interest in its own right, oABE$enables an efficient construction of BS secure in the standard model against adaptive adversaries that also features sublinear ciphertexts. 10:17 [Pub][ePrint] In the setting of secure two-party computation, two parties wish to securely compute a joint function of their private inputs, while revealing only the output. One of the primary techniques for achieving efficient secure two-party computation is that of Yao\'s garbled circuits (FOCS 1986). In the semi-honest model, where just one garbled circuit is constructed and evaluated, Yao\'s protocol has proven itself to be very efficient. However, a malicious adversary who constructs the garbled circuit may construct a garbling of a different circuit computing a different function, and this cannot be detected (due to the garbling). In order to solve this problem, many circuits are sent and some of them are opened to check that they are correct while the others are evaluated. This methodology, called \\emph{cut-and-choose}, introduces significant overhead, both in computation and in communication, and is mainly due to the number of circuits that must be used in order to prevent cheating. In this paper, we present a cut-and-choose protocol for secure computation based on garbled circuits, with security in the presence of malicious adversaries, that vastly improves on all previous protocols of this type. Concretely, for a cheating probability of at most$2^{-40}$, the best previous works send between 125 and 128 circuits. In contrast, in our protocol 40 circuits alone suffice (with some additional overhead). Asymptotically, we achieve a cheating probability of$2^{-s}$where$s$is the number of garbled circuits, in contrast to the previous best of$2^{-0.32s}$. We achieve this by introducing a new cut-and-choose methodology with the property that in order to cheat, \\emph{all} of the evaluated circuits must be incorrect, and not just the \\emph{majority} as in previous works. 10:17 [Pub][ePrint] L\\\"ondahl and Johansson proposed last year a variant of the McEliece cryptosystem which replaces Goppa codes by convolutional codes. This modification is supposed to make structural attacks more difficult since the public generator matrix of this scheme contains large parts which are generated completely at random. They proposed two schemes of this kind, one of them consists in taking a Goppa code and extending it by adding a generator matrix of a time varying convolutional code. We show here that this scheme can be successfully attacked by looking for low-weight codewords in the public code of this scheme and using it to unravel the convolutional part. It remains to break the Goppa part of this scheme which can be done in less than a day of computation in the case at hand. 10:17 [Pub][ePrint] Beginning with the work of Lindell and Pinkas, researchers have proposed several protocols for secure two-party computation based on the cut-and-choose paradigm. In existing instantiations of this paradigm, one party generates$\\kappa$garbled circuits; some fraction of those are checked\'\' by the other party, and the remaining fraction are evaluated. We introduce here the idea of symmetric cut-and-choose protocols, in which each party generates$\\kappa$circuits to be checked by the other party. The main advantage of our technique is that the number$\\kappa\$ of garbled circuits can be reduced by a factor of 3 while attaining the same statistical security level as in prior work. Since the number of garbled circuits dominates the costs of the protocol, especially as larger circuits are evaluated, our protocol is expected to run up to 3 times faster than existing schemes. Preliminary experiments validate this claim.

10:17 [Pub][ePrint]

Beimel and Orlov proved that all information inequalities on four or five variables, together with all information inequalities on more than five variables that are known to date, provide lower bounds on the size of the shares in secret sharing schemes that are at most linear on the number of participants. We present here another negative result about the power of information inequalities in the search for lower bounds in secret sharing. Namely, we prove that all information inequalities on a bounded number of variables only can provide lower bounds that are polynomial on the number of participants.

2013-02-19
23:46 [Job][New]

* The Chair for Information Security and Cryptography at University of Trier, Germany, offers a full-time PhD/Postdoc position.

* The position involves both research and teaching in the area of cryptography/information security. The successful candidate is expected to contribute to research in applied cryptography.

* The position is available immediately and is fully funded. The salary scale for the position is TV-L E13. The gross income depends on the candidate\\\'s experience level. At the lowest level it corresponds to approx. 40,000 EUR per year.

* Contracts are initially offered for two years. An extension to a total duration of up to six years is possible.

* He or she is given the possiblity to carry out a Ph.D. or, for Postdocs, a Habilitation.

* The successful candidate should have a Master\\\'s degree or a Ph.D. (or should be very close to completion thereof) in Computer Science, Mathematics, Information Security, or a related field, with a strong background in Theoretical Computer Science/Mathematics. Knowledge in cryptography is an asset. Since teaching is mostly done in German, sufficient knowledge of German is required.

* The deadline for applications is March 17th, 2013. However, late applications will be considered until the position is filled.

* See http://infsec.uni-trier.de/job-openings.html for the official job announcement (in German).

23:41 [Event][New]

Submission: 31 March 2013
From July 15 to July 19
Location: Providence, RI, United States

2013-02-18
09:51 [Event][New]

Submission: 10 May 2013
From August 14 to August 16

09:50 [Event][New]

Submission: 30 March 2013
From September 2 to September 6
Location: Regensburg, Germany

2013-02-14
12:19 [Event][New]

Submission: 8 March 2013