International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-11-13
07:17 [Pub][ePrint]

Irregular clocking of feedback shift registers is a popular technique to improve parameters of keystream generators in stream ciphers. Another technique is to implement nonlinear functions. We join these techniques and propose Modified Alternating Step Generators built with linear and nonlinear feedback shift registers. Adequate nonlinear Boolean functions are used as feedbacks or as filtering functions of shift registers in order to increase complexity of sequences produced by individual registers and the whole generator. We investigate basic parameters of proposed keystream generators, such as period, linear complexity and randomness.

07:17 [Pub][ePrint]

In this work, we present the first definitions and constructions for functional encryption supporting randomized functionalities. The setting of randomized functionalities require us to revisit functional encryption definitions by, for the first time, explicitly adding security requirements for dishonest encryptors, to ensure that they cannot improperly tamper with the randomness that will be used for computing outputs. Our constructions are built using indistinguishability obfuscation.

07:17 [Pub][ePrint]

We present a Stamp\\&Extend time-stamping scheme based on linking via modified creation of Schnorr signatures.

The scheme is based on lazy construction of a tree of signatures.

Stamp\\&Extend returns a timestamp immediately after the request, unlike the schemes based on the concept of timestamping rounds.

Despite the fact that all timestamps are linearly linked, verification of a timestamp requires a logarithmic number of steps with respect to the chain length.

An extra feature of the scheme is that any attempt to forge a timestamp by the Time Stamping Authority (TSA) results in revealing its secret key, providing an undeniable cryptographic evidence of misbehavior of TSA.

Breaking Stamp\\&Extend requires not only breaking Schnorr signatures,

but to some extend also breaking Pedersen commitments.

07:17 [Pub][ePrint]

Constructing S-boxes with low differential uniformity and high

nonlinearity is of cardinal significance in cryptography. In the

present paper, we show that numerous differentially 4-uniform

permutations over GF(2^{2k}) can be constructed by composing

the inverse function and cycles over GF(2^{2k}). Two sufficient

conditions are given, which ensure that the differential uniformity

of the corresponding compositions equals 4. A lower bound on

nonlinearity is also given for permutations constructed with the

method in the present paper. Moreover, up to CCZ-equivalence, a new

differentially 4-uniform permutation with the best known

nonlinearity over GF(2^{2k}) with $k$ odd is constructed. For

some special cycles, necessary and sufficient conditions are given

such that the corresponding compositions are differentially

4-uniform.

2013-11-11
13:47 [Event][New]

Submission: 5 July 2014
From September 17 to September 19
Location: Florian�polis, Brazil

2013-11-08
08:54 [Event][New]

Submission: 15 November 2013
From November 18 to November 20
Location: Okinawa, Japan

08:50 [Job][New]

Responsibilities:

CloudFlare is looking for a talented security engineer to join our team. We are working on a number of ambitious projects to secure the web and protect our customers from threats of all sorts. The role of security engineer at CloudFlare is more that of a builder than a breaker. You will have to approach problems with creativity and flexibility and be able to identify and use the best tools for the job or build better ones from scratch. At CloudFlare, we are serious about protecting our customers and advancing the state of the art in computer security.

Requirements:

Strong systems-level programming skills?

Deep understanding of networking protocols (TCP/IP, SSL/TLS, DNS)

Experience with cryptographic libraries and APIs

Expert in C/C++ and performance analysis

Proficiency in Go and/or Lua or willingness to learn

Strong understanding of security concepts (key management, access control, authentication)

Understanding of Linux internals

Interest in advancements in security and cryptography

Bonus Points:

Contributions to the open source community

Knowledge or expertise in White-box cryptography

Experience with DNSSEC

Familiarity with compilers or code generation tools

Experience with cryptographic hardware (TPM, HSM, etc.)

Healthy sense of paranoia

08:48 [Job][New]

to appear

2013-11-07
07:17 [Pub][ePrint]

Certificateless public key cryptography is an attractive paradigm since it eliminates the use of certificates in traditional public key cryptography and alleviates the inherent key escrow problem in identity-based cryptography. Recently, Xiong et al. proposed a certificateless signature scheme and proved that their scheme is existentially unforgeable against adaptive chosen message attack under the random oracle model. He et al. pointed out that Xiong et al.\'s scheme is insecure against the Type II adversary. But, their forged signatures are not random, and their improved scheme has the same security defects as Xiong et al.\'s scheme. In this paper, we present two malicious-but-passive KGC attack methods on Xiong et al.\'s scheme and our results show that their scheme is insecure against malicious-but-passive KGC attack.

07:17 [Pub][ePrint]

Bilinear maps, or pairings, initially proposed in a cryptologic context for cryptanalytic purposes, proved afterward to be an amazingly flexible and useful tool for the construction of cryptosystems with unique features. Yet, they are notoriously hard to implement efficiently, so that their effective deployment requires a careful choice of parameters and algorithms. In this paper we review the evolution of pairing-based cryptosystems, the development of efficient algorithms and the state of the art in pairing computation, and the challenges yet to be addressed on the subject, while also presenting some new algorithmic and implementation refinements in affine and projective coordinates.

07:17 [Pub][ePrint]

We study a classical problem of privacy amplification, where two parties Alice and Bob share a weak secret X of min-entropy k, and wish to agree on secret key $R$ of length $m$ over a public communication channel completely controlled by a computationally unbounded attacker Eve.

Despite being extensively studied in the literature, the design of (efficient) \"optimal\" privacy amplification protocols is still open. Part of the reason is that there are quite a few important efficiency/security goals when designing privacy amplification protocols. The most basic such goal is to minimize the {\\em entropy loss} L=k-m, and it is known that the optimal value for L=O(\\lambda), where \\eps=2^{-\\lambda} is the desired security of the protocol. Other important considerations include (1) minimizing the number of communication rounds, (2) achieving strongest security notion called {\\em post-application robustness}, and (3) ensuring that the protocol $P$ does not leak some useful information\'\' about the source $X$ (this is called {\\em source privacy}). Additionally,

when trying to extract a key R which is much shorter than the source length |X| (and, often, the min-entropy bound k), \"Goal (0)\" of minimizing the entropy loss is replaced by asking (4) if P can be made {\\em locally computable} (meaning it reads only O(|R|) bits of X; this is called the {\\em Bounded Retrieval Model} (BRM)), and/or (5) if P can be sequentially run to extract the optimal number t = \\Theta(k/\\lambda) of session keys R_1,...,R_t of length m=O(\\lambda) each.

As a result, {\\em all} existing protocols in the literature fail to achieve at least two of Goals (0)-(3) (or, when |R|