Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:
To receive your credentials via mail again, please click here.
You can also access the full news archive.
where the adversary specifies the challenge attribute vector after
it sees the public parameters but before it makes any secret key
queries. We present two constructions of semi-adaptive
attribute-based encryption under static assumptions with *short*
ciphertexts. Previous constructions with short ciphertexts either
achieve the weaker notion of selective security, or require
As an application, we obtain improved delegation schemes for Boolean
formula with *semi-adaptive* soundness, where correctness of the
computation is guaranteed even if the client\'s input is chosen
adaptively depending on its public key. Previous delegation schemes
for formula achieve one of adaptive soundness, constant
communication complexity, or security under static assumptions; we
show how to achieve semi-adaptive soundness and the last two
We also build a test for pseudo random generators based on these properties and use it to confirm the weakness of RC4 key scheduling algorithm that has been reported in the litterature.
In this rescpect we publish a new RC4\'s key scheduling algorithm that don\'t have this weakness.
Here we present new constructions for OTM\'s using isolated qubits, which improve on previous work in several respects: they achieve a stronger \"single-shot\" security guarantee, which is stated in terms of the (smoothed) min-entropy; they are proven secure against adversaries who can perform arbitrary local operations and classical communication (LOCC); and they are efficiently implementable.
These results use Wiesner\'s idea of conjugate coding, combined with error-correcting codes that approach the capacity of the q-ary symmetric channel, and a high-order entropic uncertainty relation, which was originally developed for cryptography in the bounded quantum storage model.
approach to formally verifying implementations of higher-level cryptographic systems, directly in the computational model.
We consider circuit-based cloud-oriented cryptographic protocols for secure and verifiable computation over encrypted data. Our examples share as central component Yao\'s celebrated transformation of a boolean circuit into an equivalent garbled form that can be evaluated securely in an untrusted environment. We leverage the foundations of garbled circuits set forth by Bellare, Hoang, and Rogaway (CCS 2012, ASIACRYPT 2012) to build verified implementations of garbling schemes, a verified implementation of Yao\'s secure
function evaluation protocol, and a verified (albeit partial) implementation of the verifiable computation protocol by Gennaro, Gentry, and Parno (CRYPTO 2010). The implementations are formally verified using EasyCrypt, a tool-assisted framework for building high-confidence cryptographic proofs, and critically rely on two novel features: a module and theory system that supports compositional reasoning, and a code extraction mechanism for generating
implementations from formalizations.
settings---symmetric or asymmetric (leveled) k-linear groups---and by
proving \"computational soundness\" theorems for the symbolic models.
Based on this result, we formulate a very general master theorem that formally relates the hardness of a (possibly interactive) assumption in these models to solving problems in polynomial algebra. Then, we systematically analyze these problems. We identify different classes of assumptions and obtain decidability and undecidability results.
Then, we develop and implement automated procedures for verifying the conditions of master theorems, and thus the validity of hardness assumptions in generic group models. The concrete outcome of this work is an automated tool which takes as input the statement of an assumption, and outputs either a proof of its
generic hardness or shows an algebraic attack against the assumption.
eavesdrop on tamper-resistant hardware. They use a profiling step to
compute the parameters of a multivariate normal distribution from a
training device and an attack step in which the parameters obtained
during profiling are used to infer some secret value (e.g.
cryptographic key) on a target device. Evaluations using the same
device for both profiling and attack can miss practical problems
that appear when using different devices. Recent
studies showed that variability caused by the use of either
different devices or different acquisition campaigns on the same
device can have a strong impact on the performance of template
attacks. In this paper, we explore further the effects that lead to
this decrease of performance, using four different Atmel XMEGA 256
A3U 8-bit devices. We show that a main difference between devices is
a DC offset and we show that this appears even if we use the same
device in different acquisition campaigns. We then explore several
variants of the template attack to compensate for these differences.
Our results show that a careful choice of compression method and
parameters is the key to improving the performance of these attacks
across different devices. In particular we show how to maximise the
performance of template attacks when using Fisher\'s Linear
Discriminant Analysis or Principal Component Analysis. Overall, we
can reduce the entropy of an unknown 8-bit value below 1.5 bits even
when using different devices.
In this work, we construct the first leveled fully homomorphic signature schemes that can evaluate arbitrary circuits over signed data, where only the maximal depth $d$ of the circuit needs to be fixed a priori. The size of the evaluated signature grows polynomially in $d$, but is otherwise independent of the circuit size or the data size. Our solutions are based on the hardness of the small integer solution (SIS) problem, which is in turn implied by the worst-case hardness of problems in standard lattices. We get a scheme in the standard model, albeit with large public parameters whose size must exceed the total size of all signed data. In the random-oracle model, we get a scheme with short public parameters. These results offer a significant improvement in capabilities and assumptions over the best prior homomorphic signature scheme due to Boneh and Freeman (Eurocrypt \'11).
As a building block of independent interest, we introduce a new notion called homomorphic trapdoor functions (HTDF). We show to how construct homomorphic signatures using HTDFs as a black box. We construct HTDFs based on the SIS problem by relying on a recent technique developed by Boneh et al. (Eurocrypt \'14) in the context of attribute based encryption.