International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-09-27
15:17 [Pub][ePrint]

The global avalanche characteristics criteria was first introduced by

Zhou et al. (Inform. Sci. 180(2) (2010) 256-265).

This article is concerned with some new bounds on global avalanche characteristics of two $q$-ary functions. Based on the above result we obtain a bound on $\\sigma_{f}$ of $f \\in \\cB_{n, q}$ in terms of $\\sigma_{f_{\\ell}}\'$s of the restricted functions on $\\BBZ_{n-1}^q$, and construct a class of $q$-ary bent functions from $1$-plateaued functions having dijoint Walsh spectra.

15:17 [Pub][ePrint]

In this paper we introduce a model for studying meet-in-the-middle attacks on block ciphers, and a simple block cipher construction provably

resistant to such attacks in this model. A side-result of this is a proper formalization for an unproven alternative

to DESX proposed by Kilian and Rogaway; this construction can now be shown to be sound in our model.

Meet-in-the-middle attacks exploit weaknesses in key schedule algorithms,

and building constructions resistant to such attacks is an important issue for improving the security of block ciphers.

Our construction is generic so that it can be used on top of any block cipher, and it does not require to increase the key-length.

We use an exposure resilient function (or ERF) as a building block and we propose a concrete and efficient instantiation strategy

based on compression functions.

15:17 [Pub][ePrint]

Physically Unclonable Functions (PUFs) are emerging as hardware security primitives. So-called strong PUFs provide a mechanism to authenticate chips which is inherently unique for every manufactured sample. To prevent cloning, modeling of the challenge-response pair (CRP) behavior should be infeasible. Machine learning (ML) algorithms are a well-known threat. Recently, repeatability imperfections of PUF responses have been identied as another threat. CMOS device noise renders a signicant fraction of the CRPs unstable, hereby providing a side channel for modeling attacks. In previous work, 65nm arbiter PUFs have been modeled as such with accuracies exceeding 97%. However, more PUF evaluations were required than for state-of-the-art ML approaches. In this work, we accelerate repeatability attacks by increasing the fraction of unstable CRPs. Response evaluation faults are triggered via environmental changes hereby. The attack speed, which is proportional to the fraction of unstable CRPs, increases with a factor 2.4 for both arbiter and ring oscillator (RO) sum PUFs. Data originates from a 65nm silicon chip and hence not from simulations.

15:17 [Pub][ePrint]

The increasing penetration of Online Social Networks (OSNs) prompts the need for effectively accessing and utilizing social networking information. In numerous applications, users need to make trust and/or access control decisions involving other (possibly stranger) users, and one important factor is often the existence of common social relationships. This motivates the need for secure and privacy-preserving techniques allowing users to assess whether or not they have mutual friends.

This paper introduces the Common Friends service, a framework for finding common friends which protects privacy of non-mutual friends and guarantees authenticity of friendships. First, we present a generic construction that reduces to secure computation of set intersection, while ensuring authenticity of announced friends via bearer capabilities. Then, we propose an efficient instantiation, based on Bloom filters, that only incurs a constant number of public-key operations and appreciably low communication overhead. Our software is designed so that developers can easily integrate Common Friends into their applications, e.g., to enforce access control based on users\' social proximity in a privacy-preserving manner. Finally, we showcase our techniques in the context of an existing application for sharing (tethered) Internet access, whereby users decide to share access depending on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.

15:17 [Pub][ePrint]

We present a password-authenticated group key exchange protocol where each user has his/her own password. Advantage of such protocol is in short passwords, which can be easily memorized. On the other hand these protocols face the low password entropy. In the first part we define security model based on models of Abdalla, Fouque and Pointcheval and Bellare, Pointcheval, Rogaway. We construct MLHL (Multi-LHL) protocol, which is based on LHL protocol proposed by Lee, Hwang and Lee. However, LHL protocol is flawed as pointed by Abdalla, Bresson, Chevassut and Choo, Raymond. We prove that our protocol is secure authenticated key exchange protocol with forward secrecy property and that the protocol is resistant against attacks on LHL protocol.

2013-09-26
03:17 [Pub][ePrint]

Proof-of-retrievability schemes have been a topic of considerable recent interest. In these schemes, a client gives a file M to a server with the understanding that the server will securely store M. A suitable challenge-response protocol is invoked by the client in order for the client to gain confidence that M is indeed being correctly stored by the server. The definition of proof-of-retrievability schemes is based on the notion of an extractor that can recover the file once the challenge-response protocol is executed a sufficient number of times.

In this paper, we propose a new type of scheme that we term a proof-of-data-observability scheme. Our definition tries to capture the stronger requirement that the server must have

an actual copy of M in its memory space while it executes the challenge-response protocol.

We give some examples of schemes that satisfy this new security definition. As well, we analyze the efficiency and security of the protocols we present, and we prove some necessary conditions for the existence of these kinds of protocols.

03:17 [Pub][ePrint]

One of the most challenging aspects in computer-supported voting is to combine the apparently conflicting requirements of privacy and verifiability. On the one hand, privacy requires that a vote cannot be traced back from the result to a voter, while on the other hand,

verifiability states that a voter can trace the effect of her vote on the result. This can be addressed using various privacy-enabling cryptographic primitives which also offer verifiability.

As more and more refined voting systems were proposed, understanding of first privacy and later verifiability in voting increased, and notions of privacy as well as notions of verifiability in voting became increasingly more refined. This has culminated in a variety of verifiable systems that use cryptographic primitives to ensure specific kinds of privacy. However, the corresponding privacy and verifiability claims are not often verified independently. When they are investigated, claims have been invalidated sufficiently often to warrant a cautious approach to them.

The multitude of notions, primitives and proposed solutions that claim to achieve both privacy and verifiability form an interesting but complex landscape. The purpose of this paper is to

survey this landscape by providing an overview of the methods, developments and current trends regarding privacy and verifiability in voting systems.

03:17 [Pub][ePrint]

A fully homomorphic encryption (FHE) scheme is envisioned as being a key cryptographic tool in building a secure and reliable cloud computing environment, as it allows arbitrarily evaluation of a ciphertext without revealing the plaintext. However, existing FHE implementations remain impractical due to their very high time and resource costs. Of the proposed schemes that can perform FHE to date, a scheme known as FHE over the integers has the ad-vantage of comparatively simpler theory, as well as the employment of a much shorter public key making its implementation somewhat more practical than other competing schemes.

To the author\'s knowledge, this paper presents the first hardware implemen-tations of encryption primitives for FHE over the integers using FPGA technol-ogy. First of all, a super-size hardware multiplier architecture utilising the Inte-ger-FFT multiplication algorithm is proposed, and a super-size hardware Barrett modular reduction module is designed incorporating the proposed multiplier. Next, two encryption primitives that are used in two schemes of FHE over the integers are designed employing the proposed super-size multiplier and modular reduction modules. Finally, the proposed designs are implemented and verified on the Xilinx Virtex-7 FPGA platform. Experimental results show that the speed improvement factors of up to 44.72 and 54.42 are available for the two FHE encryption schemes implemented in FPGA when compared to the corresponding software implementations. Meanwhile, the performance analysis shows that further improvement is speed of these FHE encryption primitives may still be possible.

2013-09-24
06:33 [Job][New]

We’re planning to make a hire at Security Innovation to support our NTRU crypto research program, including providing support for the codebase of our NTRU implementations once we make it available under GPL.

Responsibilities will include:

· Work on NTRU crypto research, including efficient signature schemes

· Helping to better understand lattice reduction algorithms, potentially including:

o A complete or partial reimplementation of algorithms developed by Nguyen and Chen to properly understand their claims

o Research into use of the structure of NTRU / ideal lattices to obtain improvements over generic lattice reduction algorithms

o Exploring the relationship between expected-shortest and actual-shortest vector in a lattice and how it affects reduction times

· Support cryptographic queries that come in to NTRU as a result of the GPL move, including participating in discussions on forums such as crypto.stackexchange and others

· Support the codebase of the GPL implementation of NTRU, including:

o General optimizations for the C implementation on 32- and 64-bit processors such as including multiple coefficients in a single word

o Architecture-specific optimizations such as exploring what advantage can be taken of SIMD, etc

o Potentially writing and/or managing a Java implementation

· Support standardization activity

o In particular, manage the passing of one or more NTRU-related TLS ciphersuite drafts through IETF.

06:33 [Job][New]

Associate Professor - Mathematical Science

Full-time, Continuing (i.e., permanent) position

Annual Salary: $121,048 to$133,357 + 17% superannuation

Information Security forms one of the research strengths of the School. The Master of Applied Science in Information Security and Assurance is one of the programs in the school with more than 50 coursework students.

http://www.rmit.edu.au/browse;ID=3kk0nfsjwuuc

and the following for further information about Master\\\'s program in Information Security and Assurance

http://www.rmit.edu.au/programs/mc159

Situated within the College of Science, Engineering and Health, the School of Mathematical and Geospatial Sciences draws together disciplines involving the collection of data, the analysis of data, data security, and the understanding and optimisation of systems through modelling and visualisation. The School has more than 60 academic staff and over 70 postgraduate research students.

Reporting to the Head of School, the Associate Professor - Mathematical Science will be expected to be an active researcher. This will include supervising research students; undertaking and publishing high quality research, and applying for research grants.

06:17 [Pub][ePrint]

Naturally occurring and maliciously injected faults reduce the reliability of cryptographic hardware and may leak confidential information. We develop a concurrent error detection (CED) technique called Recomputing with Permuted Operands (REPO). We show that it is cost effective in Advanced Encryption Standard (AES) and a secure hash

function Grøstl. We provide experimental results and formal proofs to show that REPO detects all single-bit and single-byte faults. Experimental results show that REPO achieves close to 100% fault coverage for multiple byte faults. The hardware and throughput overheads are compared with those of previously reported CED techinques on two Xilinx Virtex FPGAs. The hardware overhead is 12.4-27.3%, and the throughput is 1.2-23Gbps, depending on the AES architecture, FPGA family, and detection latency. The performance overhead ranges from 10% to 100% depending on the security

level. Moreover, the proposed technique can be integrated into various block cipher modes of operation. We also discuss the limitation of REPO and its potential vulnerabilities.