International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

19:53 [Conf] Report on FDTC 2012


FDTC 2012 was held in Leuven, on Sun. 9-th of September 2012, by the Auditorium "Zeger Van Hee" in the "College De Valk" of K.U.Leuven. The workshop attracted 103 participants from 17 countries, in descending order, from Europe, Asia and North America. The technical program included 12 papers: two invited presentations, and 10 regular papers, categorized into four sessions, that were selected from 20 submissions. Each paper was reviewed by at least 3 reviewers and detailed discussions were later conducted to reach final decisions. Most of the presentation slides for the technical sessions are now available on the workshop website ( The workshop proceedings were published by IEEE CS Press and are available on the IEEE Digital Library. Philippe Maurine from Université Montpellier 2 (France) and Bart Preneel from KU Leuven (Belgium), delivered the two invited lectures on the topics "Techniques for EM Fault Injection: Equipments and Experimental Results" and "It's not my Fault – on Fault Attacks on Symmetric Cryptography" respectively.

Guido Bertoni from STMicroelectronics (Italy) and Benedikt Gierlichs from K.U.Leuven (Belgium), were the program co-chairs. David Naccache from École Normale Supérieure (France) was the invited presentations chair. We thank the sponsors CNRS ParisTech and Riscure for their generous support and contributions to the success of the conference, as well as the staff of KU Leuven for their continuous support of FDTC and help with the local arrangements.

19:50 [Conf][CHES] Report CHES 2012


CHES 2012 was held in Leuven, Belgium, September 9-12, organized by the COSIC research group of the KU Leuven.

This year, there were 2 events co-located with CHES right before and after the CHES workshop, FDTC (as usual on Sunday before CHES, Sept. 9) and a new workshop, PROOFS (on Thursday, Sept. 13). Also there were two tutorials on Sunday aiming at students and newcomers to the community. The tutorials were no-profit events so we were charging only what was needed to cover lunch, coffee breaks and the material distributed and all students got free registration.

The workshops started with the welcome reception on Sunday evening in the garden of Pauscollege (Pope’s college). The conference banquet was held on Tuesday at the Faculty Club and the rump session ttook place on Monday at the workshop venue followed by the concert of Big Band (conducted by Bart Preneel). The participants could choose between Stella Artois brewery visit and the city tour for the social events on Monday afternoon. All details about the CHES program can be found at:

The workshop had a total of 416 registrations, out of which 92 were students. This is a new record as the co-location with CRYPTO in 2010 resulted in the attendance of 361 participants (out of which 60 were students).

We have raised close to 50,000 $ from sponsors that were mainly spent on students stipends. All together 33 students received free registration (11 student speakers + 22 stipends). In addition, 21 students got free accommodation and 4 students received full support for traveling.

14:56 [Conf] Report CANS 2012


Cryptology and Network Security 2012 (CANS), December 12-14, 2012, Darmstadt, Germany

The 11th International Conference on Cryptology and Network Security (CANS 2012) was held in cooperation with IACR at the Darmstadtium Congress Center in Darmstadt, Germany, on December 12--14, 2012. The organizing committee included Josef Pieprzyk and Ahmad-Reza Sadeghi (Program co-Chairs) and Mark Manulis (General Chair).

The technical program featured 22 papers selected from 99 submissions, along with two invited lectures on "Confined Guessing: Practical Signatures from Standard Assumptions" by Dennis Hofheinz of Karlsruhe Institute of Technology and "Cryptographic Failures and Successes" by Bart Preneel of KU Leuven. The conference attracted 39 delegates (including 9 students) from 17 countries. The social program included a walk through the Christmas Market and a conference dinner in the Hotel Brandhof.

The generous support of the conference sponsors was also an important factor for the success of the event, and is gratefully acknowledged.

14:54 [Conf][PKC] Report PKC 2012


Public Key Cryptography 2012 (PKC), May 21-23, 2012, Darmstadt, Germany

The 15th IACR International Conference on Practice and Theory of Public Key Cryptography (PKC 2012) was held at the Darmstadtium Congress Center in Darmstadt, Germany, on May 21--23, 2012. The organizing committee included Marc Fischlin (Program Chair) and Johannes Buchmann and Mark Manulis (General co-Chairs).

The technical program featured 41 papers selected from 188 submissions, along with an invited lecture on "Password-Based Authenticated Key Exchange" by David Pointcheval of ENS Paris. The conference attracted 128 delegates (including 50 students) from 22 countries. The social program included an excursion to the Schloss Auerbach including a welcome drink, followed by the conference dinner in the Hotel Brandhof.

The generous support of the conference sponsors was also an important factor for the success of the event, and is gratefully acknowledged.

11:54 [Conf][AC] Asiacrypt 2012 Report


Asiacrypt 2012 General Chair Report

Xuejia Lai, March, 2013

Asiacrypt 2012 was held in Beijing, China from Dec.2 to Dec.6 2012. The conference organization was supported by China Association for Cryptologic Research, Shanghai Jiao Tong University, Tsinghua University and Labs of Information Security, China Academi of Science.


There are 325 registed participants from 31 countries in total, including 104 students.


Asiacrypt 2012 received funding with a total amount about $36,000, from 6 sponsors: Natural Science Foundation of China, Huawei Technologies, INTEL, NationZ Technologies and Aisino. With their generous support we were able to provide registrations for 36 students from China, besides the free registration for 10 student speakers.

Conference facilities

This year year, the conferece hall and the main hotel are at the same site, avoided walking through the cold wind in Beijing.


We made a conference stamp to produce formal invitation letters for 30 participants to obtain the visa, the process went quite smoothly, without "hard case", except for a few cases where we need to provide phone call, fax back confirmations.


Asiacrypt 2012 Proceedings was produced following the new IACR policy. The registration fee includeed a USB drive containing an electronic copy of the proceedings, and attendees need to pay extra for a paper proceedings. 70 copies of paper proceeding were all sold out at the conference.

Other events

Together with Asiacrypt 2012, The 8th China International Conference on Information Security and Cryptology (INSCRYPT 2012) was held before the main confernce, and the 2nd Workshop on International View of Cryptography and Security and Their Use in Practice: Focus on Mobile and Embedded Computing was held after the main confernce.

08:52 [Event][New] DIAC 2013: Directions in Authenticated Ciphers 2013

  Submission: 20 June 2013
From August 11 to August 13
Location: Chicago, USA
More Information:

05:22 [Pub][ePrint] The analytical property for $\\zeta(s)$, by Sheng-Ping Wu

  In this article it\'s discussed the analytic property of $\\zeta(s)$.

The popular opinion is denied.

05:22 [Pub][ePrint] Authenticated Key Exchange with Synchronized State, by Zheng Yang

  We study the problem on how to either prevent identity impersonation (IDI) attacks or limit its consequences by on-line detecting previously unidentified IDI attacks, where IDI attacks are normally caused by the leakage of identity related long-term key. Such problem has, up until now, lacked a provably good solution. We deal with this problem through the scenario on authenticated key exchange with synchronized state (AKESS). This work provides a security model for AKESS protocols, in which we particularly formalize the security of the synchronized state. We propose a two party execution state synchronization framework for symmetric case, based on which we propose a generic compiler for AKESS protocols. Our goal is to compile any existing passively secure key exchange (KE) protocol to AKESS protocol using synchronized state, without any modification on those KE protocols. The proposal is probably secure in the standard model under standard assumptions.

05:22 [Pub][ePrint] Reset Indifferentiability from Weakened Random Oracle Salvages One-pass Hash Functions, by Yusuke Naito and Kazuki Yoneyama and Kazuo Ohta

  Ristenpart et al. showed that the limitation of the indifferentiability

theorem of Maurer et al. which does not cover all multi stage security notions

but covers only single stage security notions, defined a new concept (reset

indifferentiability), and proved the reset indifferentiability theorem, which

is an analogy of the indifferentiability theorem covers all security

notions S: if H^U is reset indifferentiable from RO, for any security notion,

a cryptosystem C is at least as secure in the U model as in the RO model.

Unfortunately, they also proved the impossibility of H^U being reset

indifferentiable from a RO where H is a one-pass hash function such as ChopMD

and Sponge constructions.

In this paper, we will propose a new proof of molular approach instead of the

RO methodology, Reset Indifferentiability from Weakened Random Oracle, called

as the WRO methodology, in order to ensure the security of C with H^U,

salvaging ChopMD and Sponge. The concrete proof procedure of the WRO

methodology is as follows:

1. Define a new concept of WRO instead of RO,

2. Prove that H^U is reset indifferentiable from a WRO, (here an example of H

is ChopMD and Sponge), and

3. Prove that C is secure in the WRO model.

As a result we can prove that C with H^U is secure by combining the results of

Steps 2, 3, and the theorem of Ristenpart et al. Moreover, for public-key

encryption (as cryptosystem C) and chosen-distribution attack we will prove

that C(WRO) is secure, which implies the appropriateness of the new concept of

the WRO model.

05:22 [Pub][ePrint] Attacks and Security Proofs of EAX-Prime, by Kazuhiko Minematsu and Stefan Lucks and Hiraku Morita and Tetsu Iwata

  EAX$\'$ (EAX-prime) is an authenticated encryption (AE) specified by ANSI C12.22 as a standard security function for Smart Grid.

EAX$\'$ is based on EAX proposed by Bellare, Rogaway, and Wagner.

While EAX has a proof of security based on the pseudorandomness of the internal blockcipher, no published security result is known for EAX$\'$.

This paper studies the security of EAX$\'$ and shows that there is a sharp distinction in security of EAX$\'$ depending on the input length. EAX$\'$ encryption takes two inputs, called cleartext and plaintext,

and we present various efficient attacks against EAX$\'$ using single-block cleartext and plaintext.

At the same time we prove that if cleartexts are always longer than one block, it is provably secure

based on the pseudorandomness of the blockcipher.

05:22 [Pub][ePrint] Universally Composable Secure Computation with (Malicious) Physically Uncloneable Functions, by Rafail Ostrovsky, Alessandra Scafuro, Ivan Visconti, Akshay Wadia

  Physically Uncloneable Functions (PUFs) [Pap01] are noisy physical sources of randomness. As such, they are naturally appealing for cryptographic applications, and have caught the interest of both theoreticians and practitioners. A major step towards understanding and securely using PUFs was recently taken in [Crypto 2011] where Brzuska, Fischlin, Schröder and Katzenbeisser model PUFs in the Universal Composition (UC) framework of Canetti [FOCS 2001]. Their model considers trusted PUFs only, and thus real-world adversaries can not create malicious PUFs, and can access the physical object only via the prescribed procedure. However,this does not accurately reect real-life scenarios, where an adversary could be able to create and use malicious PUFs, or access the PUF through other procedures.

The goal of this work is to extend the model proposed in [Crypto 2011] in order to capture such real-world attacks. The main contribution of this work is the study of the Malicious PUFs model. Namely, we extend the PUF functionality of Brzuska et al. so that it allows the adversary to create arbitrarily malicious PUFs. Then, we provide positive results in this, more realistic, model. We show that, under computational assumptions, it is possible to UC-securely realize any functionality. Furthermore, we achieve unconditional (not UC) security with malicious PUFs, by showing a statistically hiding statistically binding commitment scheme that uses one PUF only, and such PUF can be malicious.

As an additional contribution, we investigate another attack model, where adversaries access to a trusted PUF in a dierent way (i.e., not following the prescribed procedure). Technically this attack translates into the fact that the simulator cannot observe the queries made to an honest PUF. In this model, queries are oblivious to the simulator, and we call it the Oblivious Query model. We are able to achieve unconditionally UC-secure computation, even in this more severe model. This protocol is secure against stronger adversaries compared to the ones of Brzuska et al.

Finally, we show the impossibility of UC secure computation in the combination of the above two new models, where the real-world adversary can create malicious PUFs and maliciously access to honest PUFs.

Our work sheds light on the signicant power and applicability of PUFs in the design of cryptographic protocols modeling adversaries that misbehave with PUFs.