International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

15:17 [Pub][ePrint] A Variant of Coppersmith\'s Algorithm with Improved Complexity and Efficient Exhaustive Search, by Jean-Sébastien Coron and Jean-Charles Faugère and Guénaël Renault and Rina Zeitoun

  Coppersmith described at Eurocrypt 96 a polynomial-time algorithm for finding small roots of univariate modular equations, based on lattice reduction. In this paper we describe the first improvement of the asymptotic complexity of Coppersmith\'s algorithm. Our method consists in taking advantage of Coppersmith\'s matrix structure, in order to apply LLL algorithm on a matrix whose elements are smaller than those of Coppersmith\'s original matrix. Using the $L^2$ algorithm, the asymptotic complexity of our method is $O(\\log^{6+\\epsilon} N)$ for any $\\epsilon > 0$, instead of $O(\\log^{8+\\epsilon} N)$ previously. Furthermore, we devise a method that allows to speed up the exhaustive search which is usually performed to reach Coppersmith\'s theoretical bound. Our approach takes advantage of the LLL performed to test one guess, to reduce complexity of the LLL performed for the next guess. Experimental results confirm that it leads to a considerable performance improvement.

15:17 [Pub][ePrint] Efficient Public Integrity Checking for Cloud Data Sharing with Multi-User Modification, by Jiawei Yuan and Shucheng Yu

  In past years a body of data integrity checking techniques have been proposed for securing cloud data services. Most of these work assume that only the data owner can modify cloud-stored data. Recently a few attempts started considering more realistic scenarios by allowing multiple cloud users to modify data with integrity assurance. However, these attempts are still far from practical due to the tremendous computational cost on cloud users. Moreover, collusion between misbehaving cloud servers and revoked users is not considered. This paper proposes a novel data integrity checking scheme characterized by multi-user modification, collusion resistance and a constant computational cost of integrity checking for cloud users, thanks to our novel design of polynomial-based authentication tags and proxy tag update techniques. Our scheme also supports public checking and efficient user revocation and is provably secure. Numerical analysis and extensive experimental results show the efficiency and scalability of our proposed scheme.

15:17 [Pub][ePrint] A New Object Searching Protocol for Multi-tag RFID, by Subhasish Dhal and Indranil Sengupta

  Searching an object from a large set is a tedious task. Radio Frequency IDentification (RFID) technology helps us to search the desired object efficiently. In this technology, a small chip called RFID tag, that contains the identification information about an object is attached to the same object. In general, a set of objects are attached with RFID tags. To find out a particular object preserving the possible security requirements, the RFID reader requests the tag in desired object to respond with its encrypted identification information. Since there is a response only from the tag in desired object the adversary gets the knowledge of existence of the desired object. Fake response from tag in undesired objects may fool the adversary. However, computation for fake responses is

an overhead. In this paper, we propose a search technique which has a negligible amount of computation for fake responses. Multiple tags in the same object increases the detection probability and also the probability of success in search process. Our aim is to search a particular object efficiently preserving the possible security requirements amid various resource limitations in low-cost RFID tag.

15:17 [Pub][ePrint] Handling Authentication and Detection Probability in Multi-tag RFID Environment, by Subhasish Dhal and Indranil Sengupta

  In Radio Frequency Identification (RFID) technology, an adversary

may access classified information about an object tagged with RFID tag. Therefore, authentication is a necessary requirement. Use of multiple tags in an object increases the detection probability and simultaneously ensures availability of multiple resources in the form of memory and computability. Authentication process in multi-tag arrangement may increase the traffic between reader and object and/or decrease the detection probability. Therefore the challenge is to keep intact the detection probability without increasing the traffic. Existence of multiple number of tags helps to distribute the authentication responsibility for an object among multiple number of tags. In this paper, we assume that an object is attached with multiple number of active tags and in each session a randomly selected tag is responsible for authentication process. The detection probability is intact since an active tag within the range of reader can be an inter-mediator.

15:17 [Pub][ePrint] Classification of Elliptic/hyperelliptic Curves with Weak Coverings against GHS Attack under an Isogeny Condition, by Tsutomu Iijima and Fumiyuki Momose and Jinhui Chao

  The GHS attack is known as a method to map the discrete logarithm problem(DLP) in the Jacobian of a curve C_{0} defined over the d degree extension k_{d} of a finite field k to the DLP in the Jacobian of a new curve C over k which is a covering curve of C_{0}. Such curves C_{0}/k_{d} can be attacked by the GHS attack and index calculus algorithms. In this paper, we will classify all elliptic curves and hyperelliptic curves C_{0}/k_{d} of genus 2, 3 which possess (2,...,2) covering C/k of \\Bbb{P}^1 under the isogeny condition (i.e. g(C)=d \\cdot g(C_{0})) in odd characteristic case. Our main approach is analysis of ramification points and representation of the extension of Gal(k_{d}/k) acting on the covering group cov(C/\\Bbb{P}^1). Consequently, all explicit defining equations of such curves C_0/k_d and existential conditions of a model of C over k are provided.

11:28 [Event][New] SSPA2013: Smart Sensor Protocols and Algorithms 2013

  Submission: 31 August 2013
Notification: 12 October 2013
From December 11 to December 13
Location: Dalian, China
More Information:

18:27 [Event][New] Congress on privacy and surveillance

  Submission: 30 September 2013
From September 30 to September 30
Location: Lausanne, Switzerland
More Information:

20:42 [Event][New] ISC 2013: Sixteenth Information Security Conference

  Submission: 20 August 2013
Notification: 21 October 2013
From November 13 to November 15
Location: Dallas, USA
More Information:

06:58 [Event][New] Inscrypt'13: 9th China International Conference on Information Security and Cryptology

  Submission: 22 August 2013
Notification: 22 October 2013
From November 27 to November 30
Location: Guangzhou, China
More Information:

21:17 [Forum] [IACR Publication Reform] Response to the invitation for comments by eoswald

  I welcome an open discussion about the publication routes that we currently have in our community and the option to comment on the current proposal. I find myself in agreement with several of the points raised, but at the same time there are two key points which I dislike and want to be different. To explain what these are I require several lines of text so please bear with me. To begin with, I think it is important to be clear on goals, very much alike how the proposal approaches the problem. Personally I think that our goals could be stated more simply: a) we want enjoyable conferences which are inclusive (i.e. all community should have a reason to go there), albeit there is certainly a need for specialist workshops/conferences b) reviewing needs to be credible and ethical and we need to be clear what our criteria are (i.e. are we selecting based on correctness, completeness, or potential to attract lots of citations only, etc.) c) we want to reduce unnecessary reviews and overhead so that a) and b) can actually materialise. In light of these goals, and the clear inefficiency of the hidden multi-round reviews that we are doing now, I completely agree that we need to finally drop the idea of relying on conferences as major publication venues. However, I don\'t find the idea of a single journal that essentially hoovers up all conference and workshop publications enticing, and the idea that conference chairs select only/mainly(?) from already published work doesn\'t sound good to me either. I would very much advocate that we think about setting up \'Transactions on\' (using IEEE terminology) or \'Communications\' (ACM terminology) in the already identified specialist areas. This is not only to achieve some differentiation of topics, but also different communities might want to have slightly different review processes, and this could be addressed in this way. For instance, among practitioners the idea of a first \'quick\' round and subsequent (almost) open-ended multi-round review process finds some supporters. Joan Damen\'s post in this forum echoes this as well. This might be because implementation or experimental work can take many different routes and so a decision about the work can be based on it\'s applicability per se but the precise nature of the implementation/experimentation is up for discussion and some paper benefit greatly from reviewer comments. This is at least an experience from the many CHES PCs I have been on over the last decade. By having some more journals available conferences would be freed from having to ask for original research only. We could hence have conferences with some original contributions without proceedings but which invite an actual conversation about on-going work! Conferences could hence become much more than just the \'one talk after another\' event, they could have interactive sessions, overview talks, etc. Obviously, the whole community takes a gamble by initiating any kind of radical change in the publication model as any new journal will start from zero in terms of impact. Because impact is important in the long run we better make this change sooner rather than later, as LNCS is a poor currency. And this sad fact is particularly concerning for young researchers in academia whose potentially great results will be undervalued in the wider academic community just because they appear as LNCS proceedings. Thanks to all those who drafted the current proposal and thanks to everyone who read my lengthy ramblings until this end. Elisabeth Oswald From: 2013-08-08 20:50:34 (UTC)