International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-06-02
18:17 [Pub][ePrint]

It is important to be able to evaluate information security systems involving humans. We propose an approach in which we consider the system as a cryptographic protocol, and users are modeled as ordinary players. To model the fact that users make mistakes that affect security, we introduce protocol variants that model mistakes or combinations of mistakes. By analysing the base protocol and its variants, and at the same time considering how likely each variant is, we get a reasonable estimate of the real security of the system.

Our work takes the form of a case study of four Norwegian federated identity systems, as well as two proposals for improved systems. The four systems span a good mix of various types of federated identity systems.

18:17 [Pub][ePrint]

We investigate the open problem, namely trapdoor privacy, in

asymmetric searchable encryption (ASE) schemes. We first present two trapdoor privacy definitions (i.e. 2-TRAP-PRIV and poly-TRAP-PRIV) which provide different levels of security guarantee. Motivated by the generic transformation from IBE to ASE, we introduce two key anonymity properties (i.e. 2-KEY-ANO and poly-KEY-ANO) for IBE schemes, so that these properties directly lead to the resulting ASE\'s 2-TRAP-PRIV and poly-TRAP-PRIV properties respectively at the end of a transformation. We then present a simplified

Boyen-Waters scheme and prove that it achieves IBE-IND-CPA, IBEANO

(anonymity), and 2-KEY-ANO security in the random oracle model. Finally, we extend the simplified Boyen-Waters scheme to be based on pairings over composite-order groups and prove that the extended scheme achieves poly-KEY-ANO security without random oracles.

18:17 [Pub][ePrint]

Trapdoor Decisional Diffie-Hellman (TDDH) groups, introduced by Dent and Galbraith (ANTS 2006), are groups where the DDH problem is hard, unless one is in possession of a secret trapdoor which enables solving it efficiently. Despite their intuitively appealing properties, they have found up to now very few cryptographic applications. Moreover, among the two constructions of such groups proposed by Dent and Galbraith, only a single one based on hidden pairings remains unbroken.

In this paper, we extend the set of trapdoor DDH groups by giving a construction based on composite residuosity. We also introduce a more restrictive variant of these groups that we name \\emph{static} trapdoor DDH groups, where the trapdoor only enables to solve the DDH problem with respect to a fixed pair $(G,G^x)$ of group elements. We give two constructions for such groups whose security relies respectively on the RSA and the factoring assumptions. Then, we show that static trapdoor DDH groups yield elementary constructions of convertible undeniable signature schemes allowing delegatable verification. Using our constructions of static trapdoor DDH groups from the RSA or the factoring assumption, we obtain slightly simpler variants of the undeniable signature schemes of respectively Gennaro, Rabin, and Krawczyk (J. Cryptology, 2000) and Galbraith and Mao (CT-RSA 2003). These new schemes are conceptually more satisfying since they can strictly be viewed as instantiations, in an adequate group, of the original undeniable signature scheme of Chaum and van Antwerpen (CRYPTO~\'89).

17:27 [Job][New]

For a project on attribute based credentials / identity management on smart cards that is about to start, we are looking for a postdoc for one year. The postdoc should be a good coder, have some experience with smart card programming, and know about crypto and security. The project is related to the IRMA project, about which more info can be found at the link below.

If you think you qualify, please apply. If know anyone that fits this description, and that can start july, august or september 2013, let us know as well.

Also, feel free to forward this question to anyone you know that may be able to help.

2013-05-30
17:27 [News]

Recently, the Turing award was presented to the IACR members Shafi Goldwasser and Silvio Micali. They were honoured for their fundamental work in theoretical mathematics and cryptology. Congratulations from the IACR!

17:22 [Conf]

### Africacrypt 2012, July 10-12, Ifrane Morocco

Africacrypt 2012 was held on the campus of the Al Akhawayn University in Ifrane, Morocco, on July 10-12. The Program Chair was Serge Vaudenay, the General co-Chairs were Abdelhak Azhari and Tajje-eddine Rachidi, and the Publication Chair was Aikaterini Mitrokotsa. Africacrypt 2012 was organized jointly by Al Akhawayn University in Ifrane and the Moroccan Association for Cryptography. The conference was held in cooperation with IACR (International Association for Cryptologic Research) and in partnership with the Région Meknès Tafilalet, Morocco. The technical program included 24 regular papers categorized into ten sessions that were selected from 56 submissions 12 of which had at least one co-author from Africa. In addition 3 invited talks were presented, by Willi Meier (University of Applied Sciences and Arts Northwestern Switzerland), Craig Gentry (IBM), and Marc Fischlin (The Darmstadt University of Technology, Germany). The conference proceedings were published by Springer's LNCS and most of the presentation slides for the technical sessions, including the invited talks, are now available on the conference website: http://www.aui.ma/africacrypt2012/home/africacrypt-2012-presentations.html. Delegates from the Moroccan National Security agencies also attend the conference. The best paper award, went to Elena Andreeva, Bart Mennink, Bart Preneel, and Marjan Skrobot for their paper "Security Analysis and Comparison of the SHA-3 Finalists BLAKE, Groestl, JH, Keccak, and Skein." The social program included a cedar tree planting session, and an optional conference banquet and an excursion to the Imperial city of Fes.

16:50 [News]

ACM's Special Interest Group on Algorithms and Computation Theory (SIGACT) and the European Association for Theoretical Computer Science (EATCS) award the "Gödel Prize" to three of our members, namely Antoine Joux, Dan Bonehn and Matthew K. Franklin for their work in cryptology and security. Congratulations from the IACR!

2013-05-29
07:10 [Conf][EC]

Eurocrypt 2012 was held in Cambridge, UK, from April 15th to April 19th. The meeting was held in the UK to coincide with the 100th anniversary year of the birth of Alan Turing.

The Program co-Chairs were David Pointcheval and Thomas Johansson. The Eurocrypt 2012 Program Committee (PC) consisted of 32 members. There were 195 papers submitted to the conference. The PC eventually selected 41 submissions for presentation during the conference. The PC decided to give the Best Paper Award to Antoine Joux and Vanessa Vitse for their paper “Cover and Decomposition Index Calculus on Elliptic Curves made practical. Application to a previously unreachable curve over Fp6 .” The conference program also included two invited lectures: one by Antoine Joux entitled “A Tutorial on High-Performance Computing Applied to Cryptanalysis,” and the other by Alfred Menezes on “Another Look at Provable Security.”

The conference programme was augmented by a trip to Bletchley Park on Thursday afternoon, with the traditional free Tuesday afternoon being dispensed with. Attendance at Eurocrypt 2012 was quite high, with 412 registered attendees, up from 300 at Eurocrypt 2010.

The conference was supported by donations from BAE Systems/Detica, CESG, Cryptomathic, Good Technologies, Microsoft Research, Qualcomm, RIM, Trend Micro, Visa International and Voltage. The generous donations allowed the organizers to sponsor the attendance of around 60 young researchers.

05:30 [Job][New]

The focus is on research with industrial and academic partners in collaborative European projects and towards NEC internal product and prototype development. You will contribute to the design and development of new concepts in security. Your responsibilities include publications, IPR creation, and supervising students and interns.

We are looking for individuals with a broad background in Security and a good understanding of most of the following areas:

• Security protocols and applied cryptography

• Network and Cyber Security, especially secure management of distributed resources,

• Software Security and Web Security

• Resource monitoring and machine learning techniques for security applications

We expect a PhD. degree with an excellent publication record and some relevant professional experience in the security area.

The NEC Laboratories in Heidelberg (Germany) provide an excellent working environment supporting individual creativity as well as strong teamwork. English is the working language in the Laboratories.