International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

16:48 [Conf][Crypto] Report on Crypto 2012


Crypto 2012 was held August 19-23 on the beautiful campus of the University of California, Santa Barbara. The Program Co-chairs were Rei Safavi-Naini and Ran Canetti, and the General Chair was Yiqun Lisa Yin.

A total of 225 papers were submitted, and 48 were accepted for publication, a record number for IACR flagship conferences. For the Best Paper Award, the PC overwhelmingly selected “Efficient Dissection of Composite Problems, with Applications to Cryptanalysis, Knapsacks and Combinatorial Search Problems” by Itai Dinur, Orr Dunkelman, Nathan Keller, and Adi Shamir.

There were two invited talks and one tutorial session at the conference. Professor Jonathan Zittrain from Harvard gave a talk entitled “The End of Crypto”. Dr. Ernie Brickell from Intel spoke about “Recent Advances and Existing Research Questions in Platform Security”. Professor Adam Smith from Penn State delivered a tutorial on “Pinning Down ‘Privacy’ in Statistical Databases”. Dan Bernstein and Tanja Lange co-chaired yet another entertaining Rump Session. Almost all of the talks were video recorded. These videos, along with author's slides and full versions of the papers, are available on the conference program webpage.

Generous donations were given by five industry sponsors Google, Microsoft Research, Qualcomm, RIM, and Voltage Security, as well as the Marconi Fund. In addition, the conference applied and received a special funding of $10,000 from the National Science Foundation (NSF). With all the financial support, stipends were offered to over 40 students, both domestic and international.

The Chairs of Crypto 2012 were very grateful for the wonderful work of Sally Vito and the UCSB conference services staff.

12:36 [Pub] IACR Publication Reform - Open Discussion

  At the ePrint forum (, there is currently a discussion going on about possible changes to the IACR publication system.
Some of the latest postings:
  • Assigning Papers to Talks (cbw)
  • Some issues + Counter proposal (Orr)
  • Change is needed, but slow change is important (lindell)
  • How to handle resubmissions? (ivandamgard)
  • Questions (nigel)
You can access the full text at the link given above.
In case you want to contribute, you need to request a login/password via the same link.

08:53 [Conf] Report on Inscrypt 2012


Inscrypt 2012, Nov. 28-30, 2012 in Beijing, China

The 8th China International Conference on Information Security and Cryptology was held at Beijing International Convention Center, Nov. 28 - Nov. 30, 2012, Beijing, China. See for the web-site.

The program co-chairs were Miroslaw Kutylowski and Moti Yung, and the general chair was Dongdai Lin. Inscrypt 2012 received 73 submissions from 24 countries, and 23 were selected for presentation at the conference. These accepted papers, after revision, appeared in the conference post-proceeding which was published as Lecture Notes in Computer Science vol. 7763.

Two invited talks were given by Jung Hee Cheon (Seoul National University) and Goichiro Hanaoka (AIST) on the topics "Open Questions for the Discrete Logarithm" and "Toward Shorter Ciphertext in ElGamal-type CCA-secure Public Key Encryption", respectively. Additionally, the conference was featured with two tutorials given by Junfeng Fan (KU Leuven) and Miroslaw Kutylowski (Wroclaw University of Technology) on the topics "Cryptographic hardware: design for low power, low area and security against physical attacks" and "Electronic Personal Identity Documents", respectively.

The conference banquet was a traditional Chinese one, with Chinese rice wine (Baijiu) served. The registration fee was 450 USD for regular and 350 USD for full-time student. About 90 attendees enjoyed the 3-day conference sessions and Beijing in winter.

08:48 [Conf] Report on TCC 2012


The 9th IACR Theory of Cryptography Conference (TCC'12) was held at the Hotel "Villa Diodoro" in Taormina, Italy, on March 19-21, 2012. The organizing committee included Rosario Gennaro and Nelly Fazio (General Co-chairs) and Dario Catalano (Local Arrangements Chair).

The technical program featured 36 papers selected from 131 submissions, along with two invited lectures: "Locally Decodable Codes" by Sergey Yekhanin of Microsoft Research and "Non-Interactive Zero-Knowledge" by Jens Groth of the University College of London. The program was assembled by a 20-member Program Committee led by Ronald Cramer as Program Chair.

The conference attracted 108 delegates, including 29 students of which 16 were given financial aid to attend the conference in the form of free registration and free housing.

The generous financial support of the conference sponsors (Bell Labs, IBM Research, Microsoft, AT&T and Oxford University Press) was also an important factor for the success of the event, and is gratefully acknowledged.

This was the first IACR workshop or conference where printed proceedings were optional, and had to be ordered at the time of registration for an extra fee of $50. Conference delegates received an electronic copy of the proceedings stored on a USB stick which was donated by DEShaw.

08:42 [Job][New] Research fellow in computer security, University of Bergen, Norway, EEA


The Department of Informatics has a vacancy for 2 research fellows (PhD positions) in computer security for a period of 4 years. The recruited students will work in a new research group, named Simula@UiB, that is headed by Professor Kjell Jørgen Hole. The group is a joint venture between Simula Research Laboratory ( and University of Bergen. It currently consists of two professors, two research scientists, one PhD student and several master students.

Candidates must have good analytical skills and be able to generate their own research ideas. They must have good communication skills and be fluent in English. Experience in computer security is an advantage. Candidates with experience from one or more of the areas Cyber Security, Software Security, Network Science, Game Theory, or Information Theory are of special interest.

In total, the fellowship period is 4 years. For positions with a 4-year duration 25 pct of the period will be designated to teaching and/or administrative duties. The fellowship period may be reduced if the successful applicant has held previous employment as research fellow or similar.

08:33 [Event][New] Pairing 2013: The 6th International Conference on Pairing-Based Cryptography

  Submission: 20 August 2013
Notification: 1 October 2013
From November 22 to November 24
Location: Beijing, People's Republic of China
More Information:

15:17 [Pub][ePrint] A method for obtaining lower bounds on the higher order nonlinearity of Boolean function, by Mikhail S. Lobanov

  Obtainment of exact value or high lower bound on the $r$-th order nonlinearity of Boolean function is a very complicated problem (especial if $r > 1$). In a number of papers lower bounds on the $r$-th order nonlinearity of Boolean function via its algebraic immunity were obtain for different $r$. This bounds is rather high for function with maximum near maximum possible algebraic immunity. In this paper we prove theorem, which try to obtain rather high lower bound on the $r$-th order nonlinearity for many functions with small algebraic immunity.

15:17 [Pub][ePrint] Double-authentication-preventing signatures, by Bertram Poettering and Douglas Stebila

  Digital signatures are often used by trusted authorities to make unique bindings between a subject and a digital object; for example, certificate authorities certify a public key belongs to a domain name, and time-stamping authorities certify that a certain piece of information existed at a certain time. Traditional digital signature schemes however impose no uniqueness conditions, so a malicious or coerced authority can make multiple certifications for the same subject but different objects. We propose the notion of a \\emph{double-authentication-preventing signature}, in which a value to be signed is split into two parts: a \\emph{subject} and a \\emph{message}. If a signer ever signs two different messages for the same subject, enough information is revealed to allow anyone to compute valid signatures on behalf of the signer. This double-signature forgeability property prevents, or at least strongly \\emph{discourages}, signers misbehaving. We give a generic construction using a new type of trapdoor functions with extractability properties, which we show can be instantiated using the group of sign-agnostic quadratic residues modulo a Blum integer.

15:17 [Pub][ePrint] Protecting PUF Error Correction by Codeword Masking, by Dominik Merli and Frederic Stumpf and Georg Sigl

  One of the main applications of Physical Unclonable Functions~(PUFs) is unique key generation. While the advantages of PUF-based key extraction and embedding have been shown in several papers, physical attacks on it have gained only little interest until now. In this work, we demonstrate the feasibility of a differential power analysis attack on the error correction module of a secure sketch. This attack can also be applied to code-offset fuzzy extractors because they build upon secure sketches. We propose a codeword masking scheme to protect key generation algorithms used for PUFs. Our proposed countermeasure enables masking of linear Error-Correcting Codes~(ECCs) without impact on their error correction capabilities while keeping the overhead low. This is achieved by random masking codewords, which can be efficiently generated by the ECC\'s encoding function. Further, it allows to consistently protect the PUF-based key generation process and can provide the masked key and its mask to a subsequent crypto module which implements masking as well. We demonstrate the practical protection of our codeword masking scheme by attacking a masked secure sketch implementation. We emphasize that, besides protecting code-offset algorithms, the proposed masking scheme can also be applied to index-based syndrome coding and other security-critical error correction modules.

15:17 [Pub][ePrint] Parallel and Dynamic Searchable Symmetric Encryption, by Seny Kamara and Charalampos Papamanthou

  Searchable symmetric encryption (SSE) enables a client to outsource a collection of encrypted documents in the cloud and retain the ability to perform keyword searches without revealing information about the contents of the documents and queries. Although efficient SSE constructions are known, previous solutions are highly sequential. This is mainly due to the fact that, currently, the only method for achieving sub-linear time search is the inverted index approach (Curtmola, Garay, Kamara and Ostrovsky, CCS \'06) which requires the search algorithm to access a sequence of memory locations, each of which is unpredictable and stored at the previous location in the


Motivated by advances in multi-core architectures, we present a new method for constructing sub-linear SSE schemes. Our approach is highly parallelizable and dynamic. With roughly a logarithmic number of cores in place, searches for a keyword w in our scheme execute in o(r) parallel time, where r is the number of documents containing keyword w (with more cores, this bound can go down to O(log n), i.e., independent of the result size r). Such time complexity outperforms the optimal \\theta(r) sequential search time--a similar bound holds for the updates.

Our scheme also achieves the following important properties: (a) it enjoys a strong notion of security, namely security against adaptive chosen-keyword attacks; (b) compared to existing sub-linear dynamic SSE schemes (e.g., Kamara, Papamanthou, Roeder, CCS \'12), updates in our scheme do not leak any information, apart from information that can be inferred from previous search tokens; (c) it can be implemented efficiently in external memory (with logarithmic I/O overhead). Our technique is simple and uses a red-black tree data structure; its security is proven in the random oracle model.

15:17 [Pub][ePrint] A Novel Technique in Linear Cryptanalysis, by Wen-Long Sun Jie Guan Lin Ding

  In this paper, we focus on a novel technique called cube-linear attack, which is obtained by combining the cube and linear attacks together, is first proposed to deal with the probabilistic polynomial, aiming to furthermore mine the available secret information. Based on different combination ways of the two attacks, moreover, two cube-linear schemes are discussed. Naturally, we can use cube-linear attack as an unordinary trick in linear cryptanalysis, which has never been considered by the previous linear cryptanalysis yet. As a new contribution to linear cryptanalysis, it is beneficial to allow for a reduction in the amount of data required for a successful attack in specific circumstances. Applying our method to a reduced-round Trivium, as an example, we get better linear cryptanalysis results. More importantly, we believe that the novel linear cryptanalysis technique introduced in this paper can be extended to other ciphers. In other words, it is worth considering for our method in linear cryptanalysis.