International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2014-01-05
15:50 [PhD][New]

Name: Emmanuelle Encrenaz

15:50 [PhD][New]

Name: Bruno Robisson

15:48 [PhD][New]

Name: Dong Hoon Lee
Category: (no category)

15:42 [PhD][New]

Name: Kwangsu Lee
Topic: Efficient Hidden Vector Encryptions and Its Applications
Category: public-key cryptography

Description:

\r\nPredicate encryption is a new paradigm of public key encryption that enables searches on encrypted data. Using the predicate encryption, we can search keywords or attributes on encrypted data without decrypting the ciphertexts. In predicate encryption, a ciphertext is associated with attributes and a token corresponds to a predicate. The token that corresponds to a predicate $f$ can decrypt the ciphertext associated with attributes $\\vect{x}$ if and only if $f(\\vect{x})=1$.\r\n

\r\nHidden vector encryption (HVE) is a special kind of predicate encryption. HVE supports the evaluation of conjunctive equality, comparison, and subset operations between attributes in ciphertexts and attributes in tokens. Currently, several HVE schemes were proposed where the ciphertext size, the token size, and the decryption cost are proportional to the number of attributes in the ciphertext. In this thesis, we consider the efficiency, the generality, and the security of HVE schemes. The results of this thesis are described as follows.\r\n

\r\nThe first results of this thesis are efficient HVE schemes where the token consists of just four group elements and the decryption only requires four bilinear map computations, independent of the number of attributes in the ciphertext. The construction uses composite order bilinear groups and is selectively secure under the well-known assumptions.\r\n

\r\nThe second results are efficient HVE schemes that are secure under any kind of pairing types. To achieve our goals, we proposed a general framework that converts HVE schemes from composite order bilinear groups to prime order bilinear groups. Using the framework, we convert the previous HVE schemes from composite order bilinear groups to prime order bilinear groups.\r\n

\r\nThe third results are fully secure HVE schemes with short tokens. Previous HVE schemes were proven to be secure only in the selective security model where the capabilities of the adversaries are[...]

15:34 [PhD][New]

Name: Amr Youssef
Category: (no category)

15:34 [PhD][New]

Name: Zachary Kissel
Topic: Verifiable Symmetric Searchable Encryption
Category: secret-key cryptography

Description:

Cloud storage has become increasingly prevalent in recent years. It provides a convenient platform for users to store data that can be accessed from anywhere at anytime without the cost of maintaining a storage infrastructure. However, cloud storage is inherently insecure, hindering general acceptance of the paradigm shift. To make use of storage services provided by a cloud, users would need to place their trust, at least implicitly, in the provider. There have been a number of attempts to alleviate the need for this trust through cryptographic methods. An immediate approach would be to encrypt each file before uploading it to the cloud. This approach, calls for a new searching mechanism over encrypted data stored in the cloud.\r\n

\r\n

This dissertation considers a solution to this problem using Symmetric Searchable Encryption (SSE). SSE allows users to offload search queries to the cloud. The cloud is then responsible for returning the encrypted files that match the search queries (also encrypted). Most previous work was focused on keyword search in the Honest-but-Curious (HBC) cloud model, while some more recent work has considered searching on phrases. Recently, a new cloud model was introduced that supersedes the HBC model. This new model, called Semi-Honest but Curious (SHBC), is less restrictive over the actions a cloud can take. In this dissertation, we present three systems that are secure under this new SHBC model. Two systems provide phrase search and the other provides hierarchical access control over keyword search.

[...]

15:34 [PhD][New]

Name: Jie Wang
Topic: Polynomial Time Creativity and its Applications (P-Creativity)
Category: (no category)

13:17 [Pub][ePrint]

We propose a non-interactive zero knowledge \\emph{pairwise multiset sum equality test (PMSET)} argument in the common reference string (CRS) model that allows a prover to show that the given committed multisets $\\AAA_j$ for $j \\in \\set{1, 2, 3, 4}$ satisfy $\\AAA_1 \\uplus \\AAA_2 = \\AAA_3 \\uplus \\AAA_4$, i.e., every element is contained in $\\AAA_1$ and $\\AAA_2$ exactly as many times as in $\\AAA_3$ and $\\AAA_4$.

As a corollary to the $\\PUTME$ argument, we present arguments that enable to efficiently verify the correctness of various (multi)set operations, for example, that one committed set is the intersection or union of two other committed sets.

The new arguments have constant communication and verification complexity (in group elements and group operations, respectively), whereas the CRS length and the prover\'s computational complexity are both proportional to the cardinality of the (multi)sets.

We show that one can shorten the CRS length at the cost of a small increase of the communication and the verifier\'s computation.

13:17 [Pub][ePrint]

Abstract--A recent result in Bitcoin is the selfish mining strategy in which a selfish cartel withholds blocks they mine to gain an advantage. This strategy is both incentive-compatible and harmful to Bitcoin. In this paper we introduce a new defense against selfish mining that improves on the previous best result, we raise the threshold of mining power necessary to profitably selfishly mine from 25% to 32% under all propagation advantages. While the security of our system uses unforgeable timestamps, it is robust to their compromise. Additionally, we discuss the difficulty a mining conspiracy would face attempting to keep the compromise of our scheme secret and we analyze incentives for getting miners to adopt these changes.

13:17 [Pub][ePrint]

In this paper, we carry out a detailed mathematical study of two theoretical distinguishers based on the Kolmogorov-Smirnov (KS) distance. This includes a proof of soundness and the derivation of closed- form expressions, which can be split into two factors: one depending only on the noise and the other on the confusion coefficient of Fei, Luo and Ding. This allows one to have a deeper understanding of the relative influences of the signal-to-noise ratio and the confusion coefficient on the distinguisher\'s performance. Moreover, one is able to directly compare distinguishers based on their closed-form expressions instead of using evaluation metric that might obscure the actual performance and favor one distinguisher over the other. Furthermore, we formalize the link between the confusion coefficient and differential cryptanalysis, which shows that the stronger an S-box is resistant to differential attacks the weaker it is against side-channel attacks, and vice versa.

13:17 [Pub][ePrint]

Encrypt-Mix-Encrypt is a type of SPRP based construction, where a masked plaintext is encrypted in ECB mode of, then a non-linear mixing is performed and then again an encryption is performed in ECB mode which is masked to produce the ciphertext. Using the property of the binary field, the authors proved that the construction is not SPRP secure if the mixing used is linear. In this paper, we observe that relaxing the mixing operation to some specific efficient linear mixing provides the PRP property of the construction. Moreover choosing a linear mixing that gives the online property is not a difficult task. We can use this fact to construct an efficient Online PRP using Encrypt-Mix-Encrypt type of construction with the mix operation being a linear online mixing, making the construction efficient and online. We also show that the construction with linear mixing doesn\'t provide SPRP security even if we perform all the operations in a prime field instead of binary field. Thus, we fully characterize EME with linear mixing.