Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:
To receive your credentials via mail again, please click here.
You can also access the full news archive.
In this work, we prove the general impossibility of (abelian) group homomorphic encryption in the presence of quantum adversaries, when assuming the IND-CPA security notion as the minimal security requirement. To this end, we prove a new result on the probability of sampling generating sets of finite (sub-)groups if sampling is done with respect to an arbitrary, unknown distribution. Finally, we provide a sufficient condition on homomorphic encryption schemes for our quantum attack to work and discuss its satisfiability in non-group homomorphic cases. The impact of our results on recent fully homomorphic encryption schemes poses itself as an open question.
objects in statistics, computer science, cryptography, modeling,
simulation, and other applications though it is very dicult to
construct true randomness. Many solutions (e.g., cryptographic
pseudorandom generators) have been proposed to harness or
simulate randomness and many statistical testing techniques have
been proposed to determine whether a pseudorandom generator
produces high quality randomness. NIST SP800-22 (2010) proposes
the state of art testing suite for (pseudo) random generators
to detect deviations of a binary sequence from randomness. On
the one hand, as a counter example to NIST SP800-22 test suite,
it is easy to construct functions that are considered as GOOD
pseudorandom generators by NIST SP800-22 test suite though
the output of these functions are easily distinguishable from the
uniform distribution. Thus these functions are not pseudorandom
generators by definition. On the other hand, NIST SP800-22
does not cover some of the important laws for randomness. Two
fundamental limit theorems about random binary strings are
the central limit theorem and the law of the iterated logarithm
(LIL). Several frequency related tests in NIST SP800-22 cover
the central limit theorem while no NIST SP800-22 test covers
This paper proposes techniques to address the above challenges
that NIST SP800-22 testing suite faces. Firstly, we propose
statistical distance based testing techniques for (pseudo) random
generators to reduce the above mentioned Type II errors in NIST
SP800-22 test suite. Secondly, we propose LIL based statistical
testing techniques, calculate the probabilities, and carry out
experimental tests on widely used pseudorandom generators
by generating around 30TB of pseudorandom sequences. The
experimental results show that for a sample size of 1000 sequences
(2TB), the statistical distance between the generated sequences
and the uniform distribution is around 0.07 (with 0 for statistically
indistinguishable and 1 for completely distinguishable)
and the root-mean-square deviation is around 0.005. Though the
statistical distance 0.07 and RMSD 0.005 are acceptable for some
applications, for a cryptographic \"random oracle\", the preferred
statistical distance should be smaller than 0.03 and RMSD be
smaller than 0.001 at the sample size 1000. These results justify
the importance of LIL testing techniques designed in this paper.
The experimental results in this paper are reproducible and the
raw experimental data are available at author\'s website.
We also describe an implementation of the homomorphic evaluation of the full AES encryption circuit, and obtain significantly improved performance compared to previous implementations: about 23 seconds (resp. 3 minutes) per AES block at the 72-bit (resp. 80-bit) security level on a mid-range workstation.
Finally, we prove the equivalence between the (error-free) decisional Approximate-GCD problem introduced by Cheon et al. (Eurocrypt 2013) and the classical computational Approximate-GCD problem. This equivalence allows to get rid of the additional noise in all the integer-based FHE schemes described so far, and therefore to simplify their security proof.
An embedded biometric system for comparison aims at comparing a stored biometric data with a freshly acquired one without the need to send the stored biometric data outside the system. Here one may try to retrieve the stored data via side channel, similarly as for embedded cryptographic modules where one may try to exploit side channel for attacking the modules.
On one hand, we show that we can find partial information by the means of simple Side Channel Analysis that may help to retrieve the stored fingerprint. On the other hand, we illustrate that reconstructing the fingerprint remains not trivial and we give some simple countermeasures to protect further the comparison algorithm.