International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

00:17 [Pub][ePrint] Families of fast elliptic curves from Q-curves, by Benjamin Smith

  We construct new families of elliptic curves over \\(\\FF_{p^2}\\) with efficiently computable endomorphisms, which can be used to accelerate elliptic curve-based cryptosystems in the same way as Gallant--Lambert--Vanstone (GLV) and Galbraith--Lin--Scott (GLS) endomorphisms.

Our construction is based on reducing \\(\\QQ\\)-curves---curves over quadratic number fields without complex multiplication, but with isogenies to their Galois conjugates---modulo inert primes.

As a first application of the general theory we construct, for every \\(p > 3\\), two one-parameter families of elliptic curves over \\(\\FF_{p^2}\\) equipped with endomorphisms that are faster than doubling.

Like GLS (which appears as a degenerate case of our construction), we offer the advantage over GLV of selecting from a much wider range of curves, and thus finding secure group orders when \\(p\\) is fixed. Unlike GLS, we also offer the possibility of constructing twist-secure curves.

Among our examples are prime-order curves equipped with fast endomorphisms, with almost-prime-order twists, over \\(\\FF_{p^2}\\) for \\(p = 2^{127}-1\\) and \\(p = 2^{255}-19\\).

00:17 [Pub][ePrint] Reducing Pairing Inversion to Exponentiation Inversion\\\\using Non-degenerate Auxiliary Pairing, by Seunghwan Chang and Hoon Hong and Eunjeong Lee and Hyang-Sook Lee

  The security of pairing-based cryptosystems is closely related to the difficulty of the pairing inversion problem. Building on previous works, we provide further contributions on the difficulty of pairing inversion.

In particular, we revisit the approach of Kanayama-Okamoto who modified exponentiation inversion and Miller inversion by considering an ``auxiliary\'\' pairing. First, by generalizing and simplifying Kanayama-Okamoto\'s approach, we provide a simpler approach for inverting generalized ate pairings of Vercauteren. Then we provide a complexity of the modified Miller inversion, showing that the complexity depends on the sum-norm of the integer vector defining the auxiliary pairing.

Next, we observe that the auxiliary pairings (choice of integer vectors) suggested by Kanayama-Okamoto are degenerate and thus the modified exponentiation inversion is expected to be harder than the original exponentiation inversion. We provide a

sufficient condition on the integer vector, in terms of its max norm, so that the corresponding auxiliary paring is non-degenerate.

Finally, we define an infinite set of curve parameters, which includes those of typical pairing friendly curves, and we show that, within those parameters, pairing inversion of arbitrarily given generalized ate pairing can be reduced to exponentiation inversion in polynomial time.

00:17 [Pub][ePrint] Keyed Side-Channel Based Hashing for IP Protection using Wavelets, by Timo Bartkewitz

  The protection of intelligent property (IP) is a challenging task, especially in secured embedded systems where program code that is supposed to be a plagiarism cannot be simply read-out for further inspection. This is even more aggravated if the original source code was modified to prevent comparisons of any kind. For instance, watermarks that are actually hidden in the code are at risk to be rendered useless if the attacker has full access to the original code and some knowledge about the watermark. The unlicensed use of patented algorithms is a further problem that belongs to IP plagiarism as well. A Recent work presented a framework based on perceptual hashing to detect intelligent property in hardware and software designs. In this work we consequently extend this framework to detect IP plagiarism in embedded systems that can reliably match contents even in the presence of attacks. Therefore, we propose an adapted signal feature extraction method, the wavelet transform, to form a keyed side-channel hash function.

00:17 [Pub][ePrint] Hybrid Approach for the Fast Verification for Improved Versions of the UOV and Rainbow Signature Schemes, by Albrecht Petzoldt

  Multivariate cryptography is one of the main candidates to guarantee the security of communication in the post-quantum era. Especially in the area of digital signatures, multivariate cryptography offers a wide range of practical schemes. In \\cite{PB12} and \\cite{PB13} Petzoldt et al. showed a way to speed up the verification process of improved variants of the UOV and Rainbow signature schemes. In this paper we show how we can do even better by a slight variation of their algorithms.

00:17 [Pub][ePrint] Certified computer-aided cryptography: efficient provably secure machine code from high-level implementations, by José Bacelar Almeida and Manuel Barbosa and Gilles Barthe and François Dupressoir

  We present a computer-aided framework for proving concrete security bounds for cryptographic machine code implementations. The front-end of the framework is an interactive verification tool that extends the EasyCrypt framework to reason about relational properties of C-like programs extended with idealised probabilistic operations in the style of code-based security proofs. The framework also incorporates an extension of the CompCert certified compiler to support trusted libraries providing complex arithmetic calculations or instantiating idealised components such as sampling operations. This certified compiler allows us to carry to executable code the security guarantees established at the high-level, and is also instrumented to detect when compilation may interfere with side-channel countermeasures deployed in source code.

We demonstrate the applicability of the framework with the RSA-OAEP encryption scheme, as standardized in PKCS#1 v2.1. The outcome is a rigorous analysis of the advantage of an adversary to break the security of assembly implementations of the algorithms specified by the standard. The example also provides two contributions of independent interest: it is the first application of computer-aided cryptographic tools to real-world security, and the first application of CompCert to cryptographic software.

19:53 [Conf] Report on FDTC 2012


FDTC 2012 was held in Leuven, on Sun. 9-th of September 2012, by the Auditorium "Zeger Van Hee" in the "College De Valk" of K.U.Leuven. The workshop attracted 103 participants from 17 countries, in descending order, from Europe, Asia and North America. The technical program included 12 papers: two invited presentations, and 10 regular papers, categorized into four sessions, that were selected from 20 submissions. Each paper was reviewed by at least 3 reviewers and detailed discussions were later conducted to reach final decisions. Most of the presentation slides for the technical sessions are now available on the workshop website ( The workshop proceedings were published by IEEE CS Press and are available on the IEEE Digital Library. Philippe Maurine from Université Montpellier 2 (France) and Bart Preneel from KU Leuven (Belgium), delivered the two invited lectures on the topics "Techniques for EM Fault Injection: Equipments and Experimental Results" and "It's not my Fault – on Fault Attacks on Symmetric Cryptography" respectively.

Guido Bertoni from STMicroelectronics (Italy) and Benedikt Gierlichs from K.U.Leuven (Belgium), were the program co-chairs. David Naccache from École Normale Supérieure (France) was the invited presentations chair. We thank the sponsors CNRS ParisTech and Riscure for their generous support and contributions to the success of the conference, as well as the staff of KU Leuven for their continuous support of FDTC and help with the local arrangements.

19:50 [Conf][CHES] Report CHES 2012


CHES 2012 was held in Leuven, Belgium, September 9-12, organized by the COSIC research group of the KU Leuven.

This year, there were 2 events co-located with CHES right before and after the CHES workshop, FDTC (as usual on Sunday before CHES, Sept. 9) and a new workshop, PROOFS (on Thursday, Sept. 13). Also there were two tutorials on Sunday aiming at students and newcomers to the community. The tutorials were no-profit events so we were charging only what was needed to cover lunch, coffee breaks and the material distributed and all students got free registration.

The workshops started with the welcome reception on Sunday evening in the garden of Pauscollege (Pope’s college). The conference banquet was held on Tuesday at the Faculty Club and the rump session ttook place on Monday at the workshop venue followed by the concert of Big Band (conducted by Bart Preneel). The participants could choose between Stella Artois brewery visit and the city tour for the social events on Monday afternoon. All details about the CHES program can be found at:

The workshop had a total of 416 registrations, out of which 92 were students. This is a new record as the co-location with CRYPTO in 2010 resulted in the attendance of 361 participants (out of which 60 were students).

We have raised close to 50,000 $ from sponsors that were mainly spent on students stipends. All together 33 students received free registration (11 student speakers + 22 stipends). In addition, 21 students got free accommodation and 4 students received full support for traveling.

14:56 [Conf] Report CANS 2012


Cryptology and Network Security 2012 (CANS), December 12-14, 2012, Darmstadt, Germany

The 11th International Conference on Cryptology and Network Security (CANS 2012) was held in cooperation with IACR at the Darmstadtium Congress Center in Darmstadt, Germany, on December 12--14, 2012. The organizing committee included Josef Pieprzyk and Ahmad-Reza Sadeghi (Program co-Chairs) and Mark Manulis (General Chair).

The technical program featured 22 papers selected from 99 submissions, along with two invited lectures on "Confined Guessing: Practical Signatures from Standard Assumptions" by Dennis Hofheinz of Karlsruhe Institute of Technology and "Cryptographic Failures and Successes" by Bart Preneel of KU Leuven. The conference attracted 39 delegates (including 9 students) from 17 countries. The social program included a walk through the Christmas Market and a conference dinner in the Hotel Brandhof.

The generous support of the conference sponsors was also an important factor for the success of the event, and is gratefully acknowledged.

14:54 [Conf][PKC] Report PKC 2012


Public Key Cryptography 2012 (PKC), May 21-23, 2012, Darmstadt, Germany

The 15th IACR International Conference on Practice and Theory of Public Key Cryptography (PKC 2012) was held at the Darmstadtium Congress Center in Darmstadt, Germany, on May 21--23, 2012. The organizing committee included Marc Fischlin (Program Chair) and Johannes Buchmann and Mark Manulis (General co-Chairs).

The technical program featured 41 papers selected from 188 submissions, along with an invited lecture on "Password-Based Authenticated Key Exchange" by David Pointcheval of ENS Paris. The conference attracted 128 delegates (including 50 students) from 22 countries. The social program included an excursion to the Schloss Auerbach including a welcome drink, followed by the conference dinner in the Hotel Brandhof.

The generous support of the conference sponsors was also an important factor for the success of the event, and is gratefully acknowledged.

11:54 [Conf][AC] Asiacrypt 2012 Report


Asiacrypt 2012 General Chair Report

Xuejia Lai, March, 2013

Asiacrypt 2012 was held in Beijing, China from Dec.2 to Dec.6 2012. The conference organization was supported by China Association for Cryptologic Research, Shanghai Jiao Tong University, Tsinghua University and Labs of Information Security, China Academi of Science.


There are 325 registed participants from 31 countries in total, including 104 students.


Asiacrypt 2012 received funding with a total amount about $36,000, from 6 sponsors: Natural Science Foundation of China, Huawei Technologies, INTEL, NationZ Technologies and Aisino. With their generous support we were able to provide registrations for 36 students from China, besides the free registration for 10 student speakers.

Conference facilities

This year year, the conferece hall and the main hotel are at the same site, avoided walking through the cold wind in Beijing.


We made a conference stamp to produce formal invitation letters for 30 participants to obtain the visa, the process went quite smoothly, without "hard case", except for a few cases where we need to provide phone call, fax back confirmations.


Asiacrypt 2012 Proceedings was produced following the new IACR policy. The registration fee includeed a USB drive containing an electronic copy of the proceedings, and attendees need to pay extra for a paper proceedings. 70 copies of paper proceeding were all sold out at the conference.

Other events

Together with Asiacrypt 2012, The 8th China International Conference on Information Security and Cryptology (INSCRYPT 2012) was held before the main confernce, and the 2nd Workshop on International View of Cryptography and Security and Their Use in Practice: Focus on Mobile and Embedded Computing was held after the main confernce.

08:52 [Event][New] DIAC 2013: Directions in Authenticated Ciphers 2013

  Submission: 20 June 2013
From August 11 to August 13
Location: Chicago, USA
More Information: