International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

09:17 [Pub][ePrint] Differential Cryptanalysis of Reduced-Round Simon, by Farzaneh Abed and Eik List and Stefan Lucks and Jakob Wenzel

  In June 2013 the U.S. National Security Agency proposed two families of ultra-lightweight block ciphers, called Simon and Speck. In this paper we present the first cryptanalysis of round-reduced versions of Simon. We mount differential distinguishers and key-recovery attacks on up to 14/32, 17/36, 21/44, 26/54, and 32/72 rounds, for the 32-, 48-, 64-, 96-, and 128-bit versions, respectively. Furthermore, we briefly consider impossible-differential and rotational attacks. While our attacks are mostly academic, they demonstrate the drawback of the aggressive optimizations in Simon which allow powerful differential cryptanalysis.

09:17 [Pub][ePrint] The Spammed Code Offset Method, by Boris Skoric and Niels de Vreede

  Helper data schemes are a security primitive used for privacy-preserving biometric databases and Physical Unclonable Functions.

One of the oldest known helper data schemes is the Code Offset Method (COM).

We propose an extension of the COM: the helper data is accompanied by many instances of fake helper data that is drawn from the same distribution as the real one.

While the adversary has no way to distinguish between them, the legitimate party has more information and *can* see the difference.

We use an LDPC code in order to improve the efficiency of the legitimate party\'s selection procedure.

Our construction provides a new kind of trade-off: more effective use of the source entropy, at the price of increased helper data storage.

We give a security analysis in terms of Shannon entropy and order-2 Renyi entropy.

09:17 [Pub][ePrint] Anonymous HIBE from Standard Assumptions over Type-3 Pairings using Dual System Encryption, by Somindu C. Ramanna and Palash Sarkar

  We present the first anonymous hierarchical identity based encryption (HIBE) scheme using

Type-3 pairings with adaptive security based on standard assumptions. Previous constructions

of anonymous HIBE schemes did not simultaneously achieve all these features.

The new construction uses dual pairing vector spaces using an identity hash earlier used by Boneh, Boyen and Goh.

The proof of security follows dual system approach based on decisional subspace assumptions

which are implied by Symmetric eXternal Diffie-Hellman (SXDH) assumption in Type-3 pairing groups.

09:17 [Pub][ePrint] How to Withstand Mobile Virus Attacks, Revisited, by Joshua Baron and Karim El Defrawy and Joshua Lampkins and Rafail Ostrovsky

  Secure Multiparty Computation (MPC) protocols allow a set of distrusting participants to securely compute a joint function

of their private inputs without revealing anything but the output of the function to each other. In 1991 Ostrovsky

and Yung introduced the \\emph{proactive security model}, where faults spread throughout the network, analogous

to the spread of a virus or a worm. More specifically, in the proactive security model, the adversary is not limited in the number of

parties it can corrupt but rather in the {\\em rate} of corruption with respect to a ``rebooting\'\' rate. In the same

paper, Ostrovsky and Yung showed that constructing a general purpose MPC protocol in the proactive security model is indeed feasible

when the rate of corruption is a constant fraction of the parties. Their result, however, was shown

only for stand-alone security and incurred a large polynomial communication overhead for each gate of the

computation. In contrast, protocols for ``classical\'\' MPC models (where the adversary is limited to corrupt in total up to a fixed

fraction of the parties) have seen dramatic progress in reducing communication complexity in recent years.

The question that we consider in this paper is whether continuous improvements of communication overhead in

protocols for the ``classical\'\' stationary corruptions model in the MPC literature can lead to communication complexity reductions in the

proactive security model as well. It turns out that improving communication complexity of proactive MPC protocols using modern

techniques encounters two fundamental roadblocks due to the nature of the mobile faults model: First, in the

proactive security model there is the inherent impossibility of ``bulk pre-computation\'\' to generate cryptographic material

that can be slowly consumed during protocol computation in order to amortize communication cost (the adversary can easily

discover pre-computed values if they are not refreshed, and refreshing is expensive); second, there is an apparent need for

double-sharing (which requires high communication overhead) of data in order to achieve proactive security guarantees.

Thus, techniques that were used to speed up classical MPC do not work, and new ideas are needed. That is exactly what we do in this paper: we show

a novel MPC protocol in the proactive security model that can tolerate a $\\frac13-\\epsilon$ (resp. $\\frac12-\\epsilon$) fraction of moving faults, is perfectly (resp. statistically) UC-secure, and

achieves near-linear communication complexity for each step of the computation. Our results match the asymptotic communication complexity of the best known results in the ``classical\'\' model

of stationary faults \\cite{DIK10}. One of the important building blocks that we introduce is a new near-linear

``packed\'\' proactive secret sharing (PPSS) scheme, where the amortized communication and computational cost of maintaining

each individual secret share is just a constant. We believe that our PPSS scheme might be of independent interest.

14:13 [Event][New] Practical Cryptography: Algorithms and Implementations using C++

  Submission: 15 September 2013
Notification: 15 January 2014
From February 28 to February 28
More Information:

14:12 [Event][New] Practical Cryptography: Algorithms & Implementations using C++

  Submission: 15 September 2013
Notification: 15 January 2014
From February 28 to February 28
More Information:

11:01 [Event][New] CfP: Special Issue Crypto: Discrete Structures / Side Channels

  Submission: 1 January 2014
Notification: 15 April 2014
From August 26 to October 1
More Information:

07:09 [Event][New] IJISS: International Journal of Information Security Science

  Submission: 31 July 2014
From August 31 to July 31
More Information:

22:42 [Service] Volunteer wanted to edit video

  I'm looking for a volunteer to edit the videos from TCC 2013. The data consists of about 30 DVDs, or about 100GB of video data. There are two DVDs for each session (the stage and the presentation screen), and they need to be re-encoded for streaming distribution on youtube. If we decide that this is too much, we might opt for only the presentation screen videos from the invited talks, but ideally I'd like to do the following: 1. split the VOB files into one file per talk. The files should be named in such a way that they can be matched to cryptodb, e.g., 24520.mp4 for 2. encode each file as AAC-LC audio with H.264 video, as described on 3. upload the resulting files to so that they can be archived and uploaded to the IACR youtube channel. If interested, contact

08:59 [Event][New] CARDIS 2013: Twelfth Smart Card Research and Advanced Application Conference

  Submission: 10 September 2013
Notification: 31 October 2013
From November 27 to November 29
Location: Berlin, Germany
More Information:

17:15 [Election] Nominations are Now Open


IACR 2013 Election

The 2013 election is being held to fill three of nine IACR Director positions and all four Officer positions. The election will again be run electronically and further information will be available on the IACR website.

Nominations Are Now Open

Nominations are due by September 24, 2013. A nomination form is available at the elections page.

Election of Directors

The directors and officers whose terms are expiring are
  • Mitsuru Matsui (director)
  • Christof Paar (director)
  • David Pointcheval (director)
  • Bart Preneel (president)
  • Christian Cachin (vice president)
  • Greg Rose (treasurer)
  • Martijn Stam (secretary)

Election Committee

  • Michel Abdalla (Returning Officer)
  • Josh Benaloh (Chair)
  • Tom Berson