*21:17* [Pub][ePrint]
Capacity of Non-Malleable Codes, by Mahdi Cheraghchi and Venkatesan Guruswami
Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs (ICS 2010), encode messages $s$ in a manner so that tampering the codeword causes the decoder to either output $s$ or a message that is independent of $s$. While this is an impossible goal to achieve against unrestricted tampering functions, rather surprisingly non-malleable coding becomes possible against every fixed family $F$ of tampering functions that is not too large (for instance, when $|F| \\le \\exp(2^{\\alpha n})$ for some $\\alpha \\in [0, 1)$ where $n$ is the number of bits in a codeword).In this work, we study the \"capacity of non-malleable coding\", and establish optimal bounds on the achievable rate as a function of the family size, answering an open problem from Dziembowski et al. (ICS 2010). Specifically,

1. We prove that for every family $F$ with $|F| \\le \\exp(2^{\\alpha n})$, there exist non-malleable codes against $F$ with rate arbitrarily close to $1-\\alpha$ (this is achieved w.h.p. by a randomized construction).

2. We show the existence of families of size $\\exp(n^{O(1)} 2^{\\alpha n})$ against which there is no non-malleable code of rate $1-\\alpha$ (in fact this is the case w.h.p for a random family of this size).

3. We also show that $1-\\alpha$ is the best achievable rate for the family of functions which are only allowed to tamper the first $\\alpha n$ bits of the codeword, which is of special interest.

As a corollary, this implies that the capacity of non-malleable coding in the split-state model (where the tampering function acts independently but arbitrarily on the two halves of the codeword) equals $1/2$.

We also give an efficient Monte Carlo construction of codes of rate close to 1 with polynomial time encoding and decoding that is non-malleable against any fixed $c > 0$ and family $F$ of size $\\exp(n^c)$, in particular tampering functions with, say, cubic size circuits.

*21:17* [Pub][ePrint]
Non-Malleable Coding Against Bit-wise and Split-State Tampering, by Mahdi Cheraghchi and Venkatesan Guruswami
Non-malleable coding, introduced by Dziembowski, Pietrzak and Wichs (ICS 2010), aims for protecting the integrity of information against tampering attacks in situations where error-detection is impossible. Intuitively, information encoded by a non-malleable code either decodes to the original message or, in presence of any tampering, to an unrelated message. Non-malleable coding is possible against any class of adversaries of bounded size. In particular, Dziembowski et al. show that such codes exist and may achieve positive rates for any class of tampering functions of size at most $2^{2^{\\alpha n}}$, for any constant $\\alpha \\in [0, 1)$. However, this result is existential and has thus attracted a great deal of subsequent research on explicit constructions of non-malleable codes against natural classes of adversaries.In this work, we consider constructions of coding schemes against two well-studied classes of tampering functions; namely, bit-wise tampering functions (where the adversary tampers each bit of the encoding independently) and the much more general class of split-state adversaries (where two independent adversaries arbitrarily tamper each half of the encoded sequence). We obtain the following results for these models.

1. For bit-tampering adversaries, we obtain explicit and efficiently encodable and decodable non-malleable codes of length $n$ achieving rate $1-o(1)$ and error (also known as \"exact security\") $\\exp(-\\tilde{\\Omega}(n^{1/7}))$. Alternatively, it is possible to improve the error to $\\exp(-\\tilde{\\Omega}(n))$ at the cost of making the construction Monte Carlo with success probability $1-\\exp(-\\Omega(n))$ (while still allowing a compact description of the code). Previously, the best known construction of bit-tampering coding schemes was due to Dziembowski et al. (ICS 2010), which is a Monte Carlo construction achieving rate close to .1887.

2. We initiate the study of seedless non-malleable extractors as a natural variation of the notion of non-malleable extractors introduced by Dodis and Wichs (STOC 2009). We show that construction of non-malleable codes for the split-state model reduces to construction of non-malleable two-source extractors. We prove a general result on existence of seedless non-malleable extractors, which implies that codes obtained from our reduction can achieve rates arbitrarily close to 1/5 and exponentially small error. In a separate recent work, the authors show that the optimal rate in this model is 1/2. Currently, the best known explicit construction of split-state coding schemes is due to Aggarwal, Dodis and Lovett (ECCC TR13-081) which only achieves vanishing (polynomially small) rate.

*06:04* [Job][Update]
Ph.D. student, *DemTech/IT University of Copenhagen, Denmark*
I am looking for a PhD student to join the DemTech research project (www.demtech.dk). DemTech\\\'s broad mission is about the role of technology in democratic processes. We work on topics ranging from software engineering and requirements engineering, information security, and program verification, cryptography, in particular ever lasting privacy, but also logic methods, concurrency, and computational social choice. The successful candidate will join an international group consisting of faculty, post-docs, and PhD students. DemTech is working with many governmental institutions around the world. The position runs for three or four years. The application deadline is **13th October 2013, at 23:59 CET**

Please note that this is a strict deadline.

*06:04* [Job][New]
PhD position on Privacy Engineering, *University of Ulm, Institute of Distributed Systems, Germany*
As part of our participation in the just starting EU FP7 project PRIPARE on privacy engineering and privacy by design, we have an open PhD position in this area.Evaluation of applications is continuing until the position is filled.

*06:04* [Job][New]
Ph.D. student, *DemTech/IT University of Copenhagen*
I am looking for a PhD student to join the DemTech research project (www.demtech.dk). DemTech\\\'s broad mission is about the role of technology in democratic processes. We work on topics ranging from software engineering and requirements engineering, information security, and program verification, cryptography, in particular ever lasting privacy, but also logic methods, concurrency, and computational social choice. The successful candidate will join an international group consisting of faculty, post-docs, and PhD students. DemTech is working with many governmental institutions around the world. The position runs for three or four years. The application deadline is **13th October 2013, at 23:59 CET**

Please note that this is a strict deadline.

*15:17* [Pub][ePrint]
Decomposition formula of the Jacobian group of plane curve, by Koh-ichi Nagao
We give an algorithm for decomposing given element of Jacobian gruop into the sum of the decomposed factor, which consists of certain subset of the points of curve.

*15:17* [Pub][ePrint]
Equations System coming from Weil descent and subexponential attack for algebraic curve , by Koh-ichi Nagao
Faug\\\'ere et al. shows that the decomposition problem of an element of elliptic curve over binary field $F_{2^n}$ reduces to solving low degree equations system over $bF_2$ coming from Weil descent. Using this method, the discrete logarithm problem of elliptic curve over $F_{2^n}$ reduces to linear constrains, i.e., solving equations system using linear algebra of monomial modulo field equations, and its complexity is expected to be subexponential of input size $n$. However, it is pity that at least using linear constrains, it is exponential. Petit et al. shows that assuming first fall degree assumption and using Gr\\\"obner basis computation, its complexity is heuristically subexponential.

On the other hands, the author shows that the decomposition problem of Jacobian of plane curve over $F_{p^n}$ also essentially reduces to solving low degree equations system over $F_p$ coming from Weil descent.

In this paper, we generalize ($p>2$ cases, Jacobian cases) and revise (precise estimation of first fall degree) the results of Petit et al. and show that the discrete logarithm problem

of elliptic curve over small characteristic field $F_{p^n}$ is subexponential of input size $n$, and the discrete logarithm problem of Jacobian of small genus curve over small characteristic field $F_{p^n}$ is also subexponential of input size $n$,

under first fall degree assumption.

*15:17* [Pub][ePrint]
Puzzle Encryption Algorithm, by Gregory Alvarez and Charles Berenguer
This document describes the symmetric encryption algorithm called Puzzle. It is free and open. The objective of this paper is to get an opinion about its security from the cryptology community. It is separated in two parts, a technical description of the algorithm and its cryptanalysis. The algorithm has some interesting properties :The block size is variable and unknown from an attacker. The size of the key has no limit and is unknown from an attacker. The key size does not affect the algorithm speed (using a 256 bit key is the same as using a 1024 bit key). The algorithm is much faster than the average cryptographic function. Experimental test showed 600 Mo/s - 4 cycles/byte on an Intel Core 2 Duo P8600 2.40GHz and 1,2 Go/s - 2 cycles/byte on an Intel i5-3210M 2.50GHz. Both CPU had only 2 cores.