International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2014-02-24
04:17 [Pub][ePrint]

We explore how many-core platforms can be used to enhance the security of future systems and to support important security properties such as runtime isolation using a small Trusted Computing Base (TCB). We focus on the Intel Single-chip Cloud Computer (SCC) to show that such properties can be implemented in current systems. We design a system called \\archname{} which offers strong security properties while maintaining high performance and flexibility enabled by a small centralized security kernel. We further implement and evaluate the feasibility of our design. Currently, our prototype security kernel is able to execute applications in isolation and accommodate dynamic resource requests from them.

We show that, with minor modifications, many-core architectures can offer some unique security properties, not supported by existing single- and multi-core architectures, such as application context awareness. Context awareness, a new security property that we define and explore in this work, allows each application to discover, without any interaction with the security kernel, which other parts of the system are allowed to interact with it and access its resources. We also discuss how an application can use context awareness to defend itself from an unlikely, yet potentially compromised security kernel.

04:17 [Pub][ePrint]

We present oblivious implementations of several data structures for secure multiparty computation (MPC) such as arrays, dictionaries, and priority queues. The resulting oblivious data structures have only polylogarithmic overhead compared with their classical counterparts. To achieve this, we give secure multiparty protocols for the ORAM of Shi et al. (Asiacrypt 11) and the Path ORAM scheme of van Dijk et al. (CCS 13), and we compare the resulting implementations. We subsequently use our oblivious priority queue for secure computation of Dijkstra\'s shortest path algorithm on general graphs, where the graph structure is secret. To the best of our knowledge, this is the first implementation of a non-trivial graph algorithm in multiparty computation with polylogarithmic overhead.

We implemented and benchmarked all of our protocols using the SPDZ protocol of Damgaard et al. (Crypto `12), which works in the preprocessing model and ensures active security against an adversary corrupting all but one players. For two parties, the access time for an oblivious array of size 1 million is under 250 ms.

04:17 [Pub][ePrint]

Designing practical signature scheme based on the standard assumption such as the Computational Diffie-Hellman (CDH) assumption is important both from a practical and a theoretical point of view. Currently, there are only three standard model CDH-based signature schemes with short signatures due to Waters (EUROCRYPT 2005), Seo, and B\\\"ohl et al. (the merged paper in EUROCRYPT 2013). The Waters signature scheme achieves the Existentail UnForgeability against Chosen Message Attack (EUF-CMA) with nearly optimal reduction. However, this scheme suffers from large public keys. To shorten public key size, Seo and B\\\"ohl et al. proposed new approaches, respectively, but each approach has a weak point rather than the Waters signature scheme; Seo\'s approach could prove only a rather weak security, called the bounded CMA security, and B\\\"ohl et al.\'s approach inherently accompanies a loose reduction.

In this paper, we aim at stepping towards practical EUF-CMA secure signatures with tighter reduction; that is, we achieve sublinear public keys with preserving the same security as the Waters signatures. To this end, we revisit the Seo signature scheme and devise an alternative and simple analysis leading the standard EUF-CMA security with tighter reduction. In particular, our security proof has a reduction loss of $O(\\lambda q)$, which is less than $O(\\sqrt{\\frac{\\lambda}{\\log}}\\lambda q)$ of the original security proof, where $\\lambda$ is the security parameter, and is almost the same as that of the Water signature scheme.

01:17 [Pub][ePrint]

We present the first automated proof of the authorization protocols in TPM 2.0 in the computational model. The Trusted Platform Module(TPM) is a chip that enables trust in computing platforms and achieves more security than software alone. The TPM interacts with a caller via a predefined set of commands. Many commands reference TPM-resident structures, and use of them may require authorization. The TPM will provide an acknowledgement once receiving an authorization. This interact ensure the authentication of TPM and the caller. In this paper, we present a computationally sound mechanized proof for authorization protocols in the TPM 2.0. We model the authorization protocols using a probabilistic polynomial-time calculus and prove authentication between the TPM and the caller with the aid of the tool CryptoVerif, which works in the computational model. In addiction, the prover gives the upper bounds to break the authentication between them.

2014-02-21
19:17 [Pub][ePrint]

In late 2012 and early 2013 the discrete logarithm problem (DLP) in finite fields of small characteristic underwent a dramatic series of breakthroughs, culminating in a heuristic quasi-polynomial time algorithm, due to Barbulescu, Gaudry, Joux and Thom\\\'e. Using these developments, Adj, Menezes, Oliveira and Rodr\\\'iguez-Henr\\\'iquez analysed the concrete security of the DLP, as it arises from pairings on (the Jacobians of) various genus one and two supersingular curves in the literature. At the $128$-bit security level, they suggested that the new algorithms have no impact on the security of a genus one curve over $\\F_{2^{1223}}$, and reduce the security of a genus two curve over $\\F_{2^{367}}$ to $94.6$ bits. In this paper we propose a new field representation and efficient descent principles, which together demonstrate that the new techniques can be made practical at the 128-bit security level. In particular, we show that the aforementioned genus one curve offers only $59$ bits of security, and we report a total break of the genus two curve. Since these techniques are widely applicable, we conclude that small characteristic pairings should henceforth be considered completely insecure.

2014-02-19
12:30 [Job][New]

TECHNA, an American company is collaborating with ISI faculty to create a range of cybersecurity products using cryptology/cryptography

12:27 [Event][New]

Submission: 1 July 2014
From July 1 to July 1

2014-02-18
15:48 [Job][New]

The group for Cryptography and Network Security at Hangzhou Normal University, China chaired by Prof. Dr. Qi Xie is looking for two faculty members with strong crypto/security background. Candidates should have a PhD degree in mathematics, computer science, or related disciplines, be highly motivated with strong R&D capability and also a good team player, have good presentation and communication skills, be able to perform deep system-level investigations of security mechanisms. The candidates are expected to publish high-quality papers OR develop security-related projects. Any prior experience in e-health or WSN/VANETs security is certainly an asset..

Interested candidates please send CV to Shengbao Wang {shengbaowang (at) hznu.edu.cn}. The positions offer a competitive salary. All candidates will be contacted for further infomation.

2014-02-17
06:27 [Event][New]

Submission: 8 April 2014
From October 15 to October 17
Location: Xi'an, China

2014-02-16
22:17 [Pub][ePrint]

We present a quantum position verification scheme in the random oracle model. In contrast to prior work, our scheme does not require bounded storage/retrieval/entanglement assumptions. We also give an efficient position-based authentication protocol. This enables secret and authenticated communication with an entity that is only identified by its position in space.

16:17 [Pub][ePrint]

This paper presents the design of a lightweight, yet software friendly, block cipher. Most of the lightweight block ciphers are nibble-oriented as the implementation of a 4-bit S-box is much more compact than an 8-bit S-box. This paper uses a novel implementation of multiplicative inverse for 8-bit S-boxes using LFSR requiring only 138 gate-equivalent. With this powerful scheme, we design a lightweight block cipher competitive with existing standards in terms of hardware gate equivalent first time using an 8-bit S-box.