Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:
To receive your credentials via mail again, please click here.
You can also access the full news archive.
The University of Luxembourg in collaboration with the Luxembourg Government (CTIE) will start a new research project “Supporting e-Democracy” for which we have two PhD candidates and one Research Associate (post-doc) positions available. The positions are within the APSIA (Applied Security and Information Assurance) (http://wwwen.uni.lu/snt/research/apsia) research group led by Prof. Dr. P.Y. Ryan.
The successful candidates will be working in an exciting, international and multicultural environment in the heart of Europe.
The successful candidates will be working within the research project “Supporting e-Democracy”, collaboration between the University of Luxembourg and the Luxembourg Government (CTIE).
The research will focus on (a) design and security analysis of accurate and robust communication systems in specific electoral systems (b) design of reliable and secure computer assisted counting of paper ballots, (c) design and analysis of verifiable, computer assisted voting systems and a broader e-democracy platform.
The candidates are expected to have:
• A previous degree in computer science or related subject;
• A proven (theoretical and practical) interest in security;
• Knowledge of Network and System security;
• Fluent written and oral English skills;
The candidates must apply online at the following addresses:
PhD positions (open until July 31st, 2013): http://recruitment.uni.lu/en/details.html?id=QMUFK026203F3VBQB7V7VV4S8&nPostingID=2253&nPostingTargetID=2935&mask=karriereseiten&lg=UK
Research Associate position (open until June 20th, 2013): http://recruitment.uni.lu/en/details.html?id=QMUFK026203F3VBQB7V7VV4S8&nPostingID=2254&nPostingTargetID=2893&mask=karriereseiten&lg=UK
For further inquiries, please contact Prof. Dr. Peter Y. A. Ryan
We describe a refinement of a powerful interactive proof protocol due to Goldwasser, Kalai, and Rothblum. Cormode, Mitzenmacher, and Thaler show how to implement the prover in this protocol in time $O(S \\log S)$, where $S$ is the size of an arithmetic circuit computing the function of interest. Our refinements apply to circuits with sufficiently ``regular\'\' wiring patterns; for these circuits, we bring the runtime of the prover down to $O(S)$. That is, our prover can evaluate the circuit with a guarantee of correctness, with only a constant-factor blowup in work compared to evaluating the circuit with no guarantee.
We argue that our refinements capture a large class of circuits, and we complement our theoretical results with experiments on problems such as matrix multiplication and determining the number of distinct elements in a data stream. Experimentally, our refinements yield a 200x speedup for the prover over the implementation of Cormode et al., and our prover is less than 10x slower than a C++ program that simply evaluates the circuit. Along the way, we describe a special-purpose protocol for matrix multiplication that is of interest in its own right.
Our final contribution is the design of an interactive proof protocol targeted at general data parallel computation. Compared to prior work, this protocol can more efficiently verify complicated computations as long as that computation is applied independently to many different pieces of data.
constrained PRFs. In a standard PRF there is a master key k that enables one to evaluate the function at all points in the domain of the
function. In a constrained PRF it is possible to derive constrained keys kS from the master key k. A constrained key kS enables the
evaluation of the PRF at a certain subset S of the domain and
nowhere else. We present a formal framework for this concept and show
that constrained PRFs can be used to construct powerful primitives such as identity-based key exchange and an optimal private broadcast
encryption system. We then construct constrained PRFs for several natural set systems needed for these applications. We conclude with several open problems relating to this new concept.
To demonstrate their usefulness, we show how our (standard-model) PHFs can replace random oracles in several well-known cryptographic constructions. Namely, we obtain standard-model versions of the Boneh-Franklin identity-based encryption scheme, the Boneh-Lynn-Shacham signature scheme, and the Sakai-Ohgishi-Kasahara identity-based non-interactive key exchange (ID-NIKE) scheme. The ID-NIKE scheme is the first scheme of its kind in the standard model.
Our abstraction also allows to derive hierarchical versions of the above schemes in settings with multilinear maps. This in particular yields simple and efficient hierarchical generalizations of the BF, BLS, and SOK schemes. In the case of hierarchical ID-NIKE, ours is the first such scheme with full security, in either the random oracle model or the standard model.
While our constructions are formulated with respect to a generic multilinear map, we also outline the necessary adaptations required for the recent ``noisy\'\' multilinear map candidate due to Garg, Gentry, and Halevi.
mostly been overlooked in the previous analyses and is largely preserved by the proposed transformations. The attacks are efficient in practice and cast serious doubt to the viability of transformation-based approaches in general.
third-parties, a key issue for clients is the ability to
verify the results. Recent work in proof-based verifiable
computation, building on deep results in complexity theory
and cryptography, has made significant progress on this
problem. However, all existing systems require computational
models that do not incorporate state. This limits these
systems to simplistic programming idioms and rules out
computations where the client cannot materialize all of the
input (e.g., very large MapReduce instances or database
This paper describes Pantry, the first built system that
incorporates state. Pantry composes the machinery of
proof-based verifiable computation with ideas from untrusted
storage: the client expresses its computation in terms of
digests that attests to state, and verifiably outsources
that computation. Besides the boon to expressiveness, the
client can gain from outsourcing even when the computation
is sublinear in the input size. We describe a verifiable
MapReduce application and a queriable database, among other
simple applications. Although the resulting applications
result in server overhead that is higher than we would like,
Pantry is the first system to provide verifiability for
realistic applications in a realistic programming model.
We use a differential attack based on a local collision, which exploits the availability of extracted state bytes to the adversary. Our approach allows for a time-data complexity tradeoff, with an extreme case of a forgery produced after $2^119 attempts and based on a single authenticated message. Our attack is further turned into a state recovery and a universal forgery attack with a time complexity of 2^120 verification attempts using only a single authenticated 48-byte message.