International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2014-03-19
20:28 [Event][New]

2014-03-18
15:17 [Pub][ePrint]

09:04 [PhD][New]

Name: Diego F. Aranha
Topic: Efficient software implementation of elliptic curves and bilinear pairings
Category: implementation

Description:

The development of asymmetric or public key cryptography made possible new applications of cryptography such as digital signatures and electronic commerce. Cryptography is now a vital component for providing confidentiality and authentication in communication infra-structures. Elliptic Curve Cryptography is among the most efficient public-key methods because of its low storage and computational requirements. The relatively recent advent of Pairing-Based Cryptography allowed the further construction of flexible and innovative cryptographic solutions like Identity-Based Cryptography and variants. However, the computational cost of pairing-based cryptosystems remains significantly higher than traditional public key cryptosystems and thus an important obstacle for adoption, specially in resource-constrained devices.\r\n

\r\nThe main contributions of this work aim to improve the performance of curve-based cryptosystems, consisting of:
(i) efficient implementation of binary fields in 8-bit microcontrollers embedded in sensor network nodes;
(ii) efficient formulation of binary field arithmetic in terms of vector instructions present in 64-bit architectures, and on the recently-introduced native support for binary field multiplication in the latest Intel microarchitecture families;
(iii) techniques for serial and parallel implementation of binary elliptic curves and symmetric and asymmetric pairings defined over prime and binary fields. \r\n
\r\nThese contributions produced important performance improvements and, consequently, several speed records for computing relevant cryptographic algorithms in modern computer architectures ranging from embedded 8-bit microcontrollers to 8-core processors.

[...]

09:03 [PhD][New]

09:02 [PhD][New]

08:50 [Event][New]

Submission: 1 June 2014
From October 18 to October 22
Location: Pune, India

00:17 [Pub][ePrint]

00:17 [Pub][ePrint]

00:17 [Pub][ePrint]

Secure multiparty computation systems are commonly built form a small set of primitive components. Composability of security notions has a central role in the analysis of such systems, since it allows us to deduce security properties of complex protocols from the properties of its components. We show that the standard notions of universally composable security are overly restrictive in this context and can lead to protocols with sub-optimal performance. As a remedy, we introduce a weaker notion of privacy that is satisfied by simpler protocols and is preserved by composition. After that we fix a passive security model and show how to convert a private protocol into a universally composable protocol. As a result, we obtain modular security proofs without performance penalties.

00:17 [Pub][ePrint]

We consider the problem of a client who outsources the computation of a function $f$ over an input $x$ to a server, who returns $y=f(x)$. The client wants to be assured of the correctness of the computation and wants to preserve confidentiality of the input $x$ and possibly of the function $f$ as well. Moreover, the client wants to invest substantially less effort in verifying the correctness of the result than it would require to compute $f$ from scratch.

This is the problem of secure outsourced computation over encrypted data. Most of the work on outsourced computation in the literature focuses on either privacy of the data, using {\\em Fully Homomorphic Encryption (FHE)}, or the integrity of the computation. No general security definition for protocols achieving both privacy and integrity appears in the literature. Previous definitions only deal with a very limited security model where the server is not allowed to

issue {\\em verification queries} to the client: i.e. it is not allowed to see\'\' if the client accepts or rejects the value $y$.

In this paper we present:

-- A formal definition of {\\em private and secure} outsourced computation {\\em in the presence of verification queries};

-- A protocol based on FHE that achieves the above definition for arbitrary poly-time computations;

-- Some additional protocols for the computation of {\\em ad-hoc} functions (such as the computation of polynomials and linear

combinations) over encrypted data. These protocols do not use the power of FHE, and therefore are much more efficient than the generic approach. We point out that some existing protocols in the literature for these tasks become insecure in the presence of verification queries, while our protocols can be proven in the stronger security model where verification queries are allowed.

2014-03-17
22:32 [Job][New]

The ANR \\\"SIMPATIC: SIM and PAiring Theory for Information and Communications security\\\" will recruit one post-doc position for the academic year 2014-2015.

The successful applicant will be a member of the Computer Science (LIASD) laboratory at Paris 8 University, France.

The position is open for one year, and may exceptionnally be renewed for a second year. If necessary, the starting date can be arranged as convenient.

The partners involved in the SIMPATIC project are the crypto teams of the Laboratoire d\\\'Informatique de l\\\'ENS Paris, of IMB (Bordeaux), of University Paris 8 (LAGA and LIASD), of University of Caen, Oberthur, INVIA, ST (Le Mans) and Orange Labs (Caen). Further information about the SIMPATIC project can be found on its webpage http://simpatic.orange-labs.fr/ .

Preference will be given to condidates whose profile is adapted to one of the following priorities of the project:

(i) The study of suitable pairing-friendly curves, both theoretical and algorithmic aspects. Candidates should therefore have a good background in relevant number theory and algebraic geometry. Some experience in software implementation (for example in Pari, Magma, Sage, ...) would be useful.

(ii) The secure implementation of efficient arithmetic suitable for SIMs and other small supports. Candidates are expected to have a good potential in theoretical cryptography.

(iii) The study of side channel attack in pairing based cryptography, both theoretical and practical. Candidates are expected to have a good potential in theoretical cryptography. He/she will be expected to interact with members of Oberthur.

Candidates must hold a PhD thesis or equivalent in mathematics or computer science, together with a strong research record.