Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:
To receive your credentials via mail again, please click here.
You can also access the full news archive.
provide analysis in the hashing mode, and show the importance for the secret-key mode. The proposed analysis has been tested with computer experiments on small-scale variants of CLEFIA-128.
Our results do not threaten the practical use of CLEFIA.
The Chinese Remainder Theorem (CRT) is a very useful tool in many areas of theoretical and practical cryptography. One of these areas is the theory of threshold secret sharing schemes. A (t+1,n)-threshold secret sharing scheme is a method of partitioning a secret among n users by providing each user with a share of the secret such that any t+1 users can uniquely reconstruct the secret by pulling together their shares. Several threshold schemes based on CRT are known. These schemes use sequences of pairwise co-prime positive integers with special properties. The shares are obtained by dividing the secret or a secret-dependent quantity by the numbers in the sequence and collecting the remainders. The secret can be reconstructed by some sufficient number of shares by using CRT. It is well-known that the CRT-based threshold secret sharing schemes are not perfect (and, therefore, not ideal) but some of them are asymptotically perfect and asymptotically ideal and perfect zero-knowledge if sequences of consecutive primes are used for defining them.\r\n\r\n
\r\nIn this thesis we introduce (k-)compact sequences of co-primes and their applications to the security of CRT-based threshold secret sharing schemes is thorough investigated. Compact sequences of co-primes may be significantly denser than sequences of consecutive primes of the same length, and their use in the construction of CRT-based threshold secret sharing schemes may lead to better security properties. Concerning the asymptotic idealness property for CRT-based threshold schemes, we have shown there exists a necessary and sufficient condition for the Goldreich-Ron-Sudan (GRS) scheme and Asmuth-Bloom scheme if and only if (1-)compact sequences of co-primes are used. Moreover, the GRS and Asmuth-Bloom schemes based on k-compact sequences of co-primes are asymptotically perfect and perfect zero-knowledge. The Mignotte scheme is far from being asymptotically perfect [...]
Post-docs and interns will be in residence at Microsoft Research Redmond, the main campus of Microsoft\\\'s basic research division with over four hundred researchers in dozens of areas of computer science research. Researchers benefit from close proximity to Microsoft product units, collaborative relations and joint seminars with University of Washington, and an active research environment. For more information about MSR Redmond and the Cryptography group see: http://research.microsoft.com/aboutmsr/labs/redmond/ and http://research.microsoft.com/crypto/
The post-doctoral positions offer a competitive salary, benefits, and a relocation allowance. The term is for two years; the start date is July 1, 2014. Post-docs will report to Dr. Kristin Lauter, Research Manager for the MSR Crypto Group. Internships for graduate students will be for 10-12 weeks in Summer 2014, with flexible start date.
port various signature schemes including Direct Anonymous Attestation
(DAA), U-Prove and Schnorr signature. This signature primitive is im-
plemented by several APIs. In this paper, we show these DAA-related
APIs can be used as a static Diffie-Hellman oracle thus the security
strength of these signature schemes can be weakened by 14-bit. We pro-
pose a novel property of DAA called forward anonymity and show how
to utilize these DAA-related APIs to break forward anonymity. Then we
propose new APIs which not only remove the Static Diffie-Hellman oracle
but also support the forward anonymity, thus significantly improve the
security of DAA and the other signature schemes supported by TPM2.0.
We prove the security of our new APIs under the discrete logarithm
assumption in the random oracle model. We prove that DAA satisfy for-
ward anonymity using the new APIs under the Decision Diffie-Hellman
assumption. Our new APIs are almost as efficient as the original APIs
in TPM2.0 specification and can support LRSW-DAA and SDH-DAA
together with U-Prove as the original APIs.