International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

09:17 [Pub][ePrint] How to Withstand Mobile Virus Attacks, Revisited, by Joshua Baron and Karim El Defrawy and Joshua Lampkins and Rafail Ostrovsky

  Secure Multiparty Computation (MPC) protocols allow a set of distrusting participants to securely compute a joint function

of their private inputs without revealing anything but the output of the function to each other. In 1991 Ostrovsky

and Yung introduced the \\emph{proactive security model}, where faults spread throughout the network, analogous

to the spread of a virus or a worm. More specifically, in the proactive security model, the adversary is not limited in the number of

parties it can corrupt but rather in the {\\em rate} of corruption with respect to a ``rebooting\'\' rate. In the same

paper, Ostrovsky and Yung showed that constructing a general purpose MPC protocol in the proactive security model is indeed feasible

when the rate of corruption is a constant fraction of the parties. Their result, however, was shown

only for stand-alone security and incurred a large polynomial communication overhead for each gate of the

computation. In contrast, protocols for ``classical\'\' MPC models (where the adversary is limited to corrupt in total up to a fixed

fraction of the parties) have seen dramatic progress in reducing communication complexity in recent years.

The question that we consider in this paper is whether continuous improvements of communication overhead in

protocols for the ``classical\'\' stationary corruptions model in the MPC literature can lead to communication complexity reductions in the

proactive security model as well. It turns out that improving communication complexity of proactive MPC protocols using modern

techniques encounters two fundamental roadblocks due to the nature of the mobile faults model: First, in the

proactive security model there is the inherent impossibility of ``bulk pre-computation\'\' to generate cryptographic material

that can be slowly consumed during protocol computation in order to amortize communication cost (the adversary can easily

discover pre-computed values if they are not refreshed, and refreshing is expensive); second, there is an apparent need for

double-sharing (which requires high communication overhead) of data in order to achieve proactive security guarantees.

Thus, techniques that were used to speed up classical MPC do not work, and new ideas are needed. That is exactly what we do in this paper: we show

a novel MPC protocol in the proactive security model that can tolerate a $\\frac13-\\epsilon$ (resp. $\\frac12-\\epsilon$) fraction of moving faults, is perfectly (resp. statistically) UC-secure, and

achieves near-linear communication complexity for each step of the computation. Our results match the asymptotic communication complexity of the best known results in the ``classical\'\' model

of stationary faults \\cite{DIK10}. One of the important building blocks that we introduce is a new near-linear

``packed\'\' proactive secret sharing (PPSS) scheme, where the amortized communication and computational cost of maintaining

each individual secret share is just a constant. We believe that our PPSS scheme might be of independent interest.

14:13 [Event][New] Practical Cryptography: Algorithms and Implementations using C++

  Submission: 15 September 2013
Notification: 15 January 2014
From February 28 to February 28
More Information:

14:12 [Event][New] Practical Cryptography: Algorithms & Implementations using C++

  Submission: 15 September 2013
Notification: 15 January 2014
From February 28 to February 28
More Information:

11:01 [Event][New] CfP: Special Issue Crypto: Discrete Structures / Side Channels

  Submission: 1 January 2014
Notification: 15 April 2014
From August 26 to October 1
More Information:

07:09 [Event][New] IJISS: International Journal of Information Security Science

  Submission: 31 July 2014
From August 31 to July 31
More Information:

22:42 [Service] Volunteer wanted to edit video

  I'm looking for a volunteer to edit the videos from TCC 2013. The data consists of about 30 DVDs, or about 100GB of video data. There are two DVDs for each session (the stage and the presentation screen), and they need to be re-encoded for streaming distribution on youtube. If we decide that this is too much, we might opt for only the presentation screen videos from the invited talks, but ideally I'd like to do the following: 1. split the VOB files into one file per talk. The files should be named in such a way that they can be matched to cryptodb, e.g., 24520.mp4 for 2. encode each file as AAC-LC audio with H.264 video, as described on 3. upload the resulting files to so that they can be archived and uploaded to the IACR youtube channel. If interested, contact

08:59 [Event][New] CARDIS 2013: Twelfth Smart Card Research and Advanced Application Conference

  Submission: 10 September 2013
Notification: 31 October 2013
From November 27 to November 29
Location: Berlin, Germany
More Information:

17:15 [Election] Nominations are Now Open


IACR 2013 Election

The 2013 election is being held to fill three of nine IACR Director positions and all four Officer positions. The election will again be run electronically and further information will be available on the IACR website.

Nominations Are Now Open

Nominations are due by September 24, 2013. A nomination form is available at the elections page.

Election of Directors

The directors and officers whose terms are expiring are
  • Mitsuru Matsui (director)
  • Christof Paar (director)
  • David Pointcheval (director)
  • Bart Preneel (president)
  • Christian Cachin (vice president)
  • Greg Rose (treasurer)
  • Martijn Stam (secretary)

Election Committee

  • Michel Abdalla (Returning Officer)
  • Josh Benaloh (Chair)
  • Tom Berson

14:05 [PhD][New] Daniel Wichs: Cryptographic Resilience to Continual Information Leakage

  Name: Daniel Wichs
Topic: Cryptographic Resilience to Continual Information Leakage
Category: foundations

Description: In this thesis, we study the question of achieving cryptographic security on\r\ndevices that leak information about their internal secret state to an external attacker. This study is motivated by the prevalence of side-channel attacks, where\r\nthe physical characteristics of a computation (e.g. timing, power-consumption,\r\ntemperature, radiation, acoustics, etc.) can be measured, and may reveal useful information about the internal state of a device. Since some such leakage is\r\ninevitably present in almost any physical implementation, we believe that this\r\nproblem cannot just be addressed by physical countermeasures alone. Instead, it\r\nshould already be taken into account when designing the mathematical speci cation of cryptographic primitives and included in the formal study of their security.\r\nIn this thesis, we propose a new formal framework for modeling the leakage\r\navailable to an attacker. This framework, called the continual leakage model, assumes that an attacker can continually learn arbitrary information about the internal secret state of a cryptographic scheme at any point in time, subject only to the\r\nconstraint that the rate of leakage is bounded. More precisely, our model assumes\r\nsome abstract notion of time periods. In each such period, the attacker can choose\r\nto learn arbitrary functions of the current secret state of the scheme, as long as\r\nthe number of output bits leaked is not too large. In our solutions, cryptographic\r\nschemes will continually update their internal secret state at the end of each time\r\nperiod. This will ensure that leakage observed in di erent time periods cannot be\r\nmeaningfully combined to break the security of the cryptosystem. Although these\r\nupdates modify the secret state of the cryptosystem, the desired functionality of\r\nthe scheme is preserved, and the users can remain oblivious to these updates. We\r\nconstruct signatures, encryption, and secret sharing/storage schemes in this model.[...]

14:02 [PhD][Update] Marina Samokhina: The construction and research of cryptographic systems based on linear codes in projective metrics

  Name: Marina Samokhina
Topic: The construction and research of cryptographic systems based on linear codes in projective metrics
Category:public-key cryptography


Main scientific goal of the work was the construction of new real life usable cryptosystem based on linear codes, this system cryptanalysis and its cryptographic strength demonstration.

There are several public key cryptosystems based on linear codes formerly designed. However most of them aren't strong enough.

In my work I review and analyze most substantial and cryptostrong existing systems. I provide detailed description of these systems limitations and vulnerabilities. As a quintessence of my research I introduce new system based on Gabidulin Rank codes in a projective metric. The new system is flexible and can be easily modified into two different structure based systems.

In the conclusion I describe all possible cryptanalytic methods for the new cryptosystem and ensure for its good security level. Few examples of successful implementation of new cryptosystem described in certain section of my work is a strong argue to use the system as a real-life application.


08:51 [Event][New] ANTS XI: Algorithmic Number Theory Symposium XI

  Submission: 20 February 2014
Notification: 30 April 2014
From August 7 to August 11
Location: Gyeongju, Korea
More Information: