International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

15:17 [Event][New] Eurocrypt 2015: Eurocrypt 2015

  Submission: 28 September 2014
Notification: 8 January 2015
From April 26 to April 30
Location: Sofia, Bulgaria
More Information:

01:14 [Job][New] PhD Positions, Southern Illinois University Carbondale, USA


The Interdisciplinary Research (IR) Lab in the Department of Computer Science at Southern Illinois University Carbondale (SIUC) is looking for talented and highly motivated PhD students.

The IR Lab explores interesting and exciting research areas on the intersection of computer and social sciences ranging from computer security and privacy, applied cryptography, game theory, big data analysis and software development to economics, psychology and cognitive science. Our interdisciplinary setting provides attractive and flexible research environment for brilliant and creative PhD candidates.

Currently, there are many active projects in the IR lab among which are: computational models of trust and influence mimicking human reasoning, securely computable economic model, game theory and economic aspects of security and privacy, design and analysis of sealed-bid auction protocols, and computational models of collaboration by social networks analysis and mining.

The successful candidates perform research on the aforementioned projects based on their experience and research interests. They must have strong background in Computer Science and/or Mathematics. They are expected to publish articles in well-known conferences and journals. Although all applications will be carefully evaluated, candidates with prior publications as well as research experience in the following areas are specifically encouraged to apply: secret sharing, secure multiparty computation, rational cryptography, game theory and computational or mathematical modeling.

Financial support and tuition waiver are provided for these positions and they will remain open until filled.

09:17 [Pub][ePrint] Hybrid Anomaly Detection using K-Means Clustering in Wireless Sensor Networks, by Mohammad Wazid

  Security is the biggest concern in Wireless Sensor Networks (WSNs) especially for the ones which are deployed for military applications and monitoring. They are prone to various attacks which degrades the network performance very rapidly. Sometimes multiple attacks are launched in the network using hybrid anomaly. In this situation it is very difficult to find out which kind of anomaly is activated. In this paper, we have proposed a hybrid anomaly detection technique with the application of k-means clustering. The analysis of the network data set consists of traffic data and end to end delay data is performed. The data set is clustered using weka 3.6.10. After clustering, we get the threshold values of various network performance parameters (traffic and delay). These threshold values are used by the hybrid anomaly detection technique to detect the anomaly. During the experimentation, it has been observed that two types of anomalies are activated in the network causing misdirection and blackhole attacks.

09:17 [Pub][ePrint] Co-Location-Resistant Clouds, by Yossi Azar and Seny Kamara and Ishai Menache and Mariana Raykova and Bruce Shepherd

  We consider the problem of designing multi-tenant public infrastructure clouds

resistant to cross-VM attacks without relying on single-tenancy or on

assumptions about the cloud\'s servers. In a cross-VM attack (which have

been demonstrated recently in Amazon EC2) an adversary launches malicious

virtual machines (VM) that perform side-channel attacks against co-located VMs

in order to recover their contents.

We propose a formal model in which to design and analyze \\emph{secure}

VM placement algorithms, which are online vector bin packing

algorithms that simultaneously satisfy certain optimization

constraints and notions of security. We introduce and formalize several notions

of security, establishing formal connections between them. We also introduce a

new notion of efficiency for online bin packing algorithms that better captures

their cost in the setting of cloud computing.

Finally, we propose a secure placement algorithm that achieves our strong

notions of security when used with a new cryptographic mechanism we refer to as

a shared deployment scheme.

09:17 [Pub][ePrint] An Efficient Transform from Sigma Protocols to NIZK with a CRS and Non-Programmable Random Oracle, by Yehuda Lindell

  In this short paper, we present a Fiat-Shamir type transform that takes any Sigma protocol for a relation $R$ and outputs a non-interactive zero-knowledge proof (not of knowledge) for the associated language $L_R$, in the common reference string model. As in the Fiat-Shamir transform, we use a hash function $H$. However, zero-knowledge is achieved under standard assumptions in the common reference string model (without any random oracle), and soundness is achieved in the \\emph{non-programmable} random oracle model. The concrete computational complexity of the transform is only slightly higher than the original Fiat-Shamir transform.

09:17 [Pub][ePrint] New Class of Multivariate Public Key Cryptosystem, K(XI)RSE(2)PKC, Constructed based on Reed-Solomon Code Along with K(X)RSE(2)PKC over $\\mathbb{F}_2$, by Masao KASAHARA

  Extensive studies have been made of the public key cryptosystems based on multivariate polynomials (Multi-variate PKC, MPKC) over $\\mathbb{F}_2$ and $\\mathbb{F}_2^m$.

However most of the proposed MPKC are proved not secure.

In this paper, we propose a new class of MPKC based on Reed-Solomon code, referred to as K(XI)RSE(2)PKC.

In Appendix, we present another class of MPKC referred to as K(X)RSE(2)PKC over $\\mathbb{F}_2$.

Both K(X)RSE(2)PKC and K(XI)RSE(2)PKC yield the coding rate of 1.0.

We show that the proposed schemes can be sufficiently secure against various attacks, including Gr\\\"obner basis attack.

01:42 [Event][New] CPSS'15: 1st Cyber-Physical System Security Workshop

  Submission: 28 December 2014
Notification: 31 January 2015
From April 14 to April 14
Location: Singapore, Singapore
More Information:

16:02 [News] President\'s message 9/2014


Here is a brief update on IACR matters as of CRYPTO 2014.


***Communications and website


First of all, I would like to thank Christopher Wolf for his service\r\nand dedication to the IACR in his role as Newsletter Editor (later,\r\nCommunications Secretary). From 2009 until this summer, he has led\r\nthe communications and publicity activities of the IACR and made the\r\nwebsite an interesting and interactive experience.


The Board of Directors has appointed Mike Rosulek (Oregon State\r\nUniversity, US) as the Communications Secretary; Yu Yu (Shanghai Jiao\r\nTong University, CN) also joins the communications team and serves as\r\none of the webmasters.


***Cryptography Research Fund for Students


Thanks to the generous donation of 1 Mio. USD from Cryptography\r\nResearch Inc. (a division of Rambus) the IACR has created the\r\n*Cryptography Research Fund for Students.*


The fund aims at promoting cryptology to students and supporting\r\nscholarly work in the field. With its help, the IACR can greatly\r\nincrease its support for students in cryptology through:


1) Waiving the registration fee for student speakers at EUROCRYPT,\r\n CRYPTO, ASIACRYPT and, now, also at CHES, FSE, TCC and PKC;


2) Expanding its support for Cryptology Schools (see below);


3) Further activities, as coordinated by an Endowment Committee that\r\n oversees the fund. (Please contact its chair, Greg Rose, with more\r\n ideas.)


The IACR has created an investment fund with a conservative strategy\r\nso that this program can be funded in perpetuity. Combined with a\r\nsmaller commitment from the IACR, the sum in the fund can support the\r\nongoing activities detailed above as well as let the capital keep\r\nup with inflation.


***Parallel sessions


In response to the growth of the field over the last years, the Board\r\nin 2011 sent a message to Program Chairs and Program Committees of the\r\nthree main conferences asking them \"to accept substantially more\r\npapers than used to be the case and to work with their General Chair\r\nfor the logistics to make this possible.\" As one can see from the\r\npublication statistics over the recent years\r\n( the message has\r\nbeen received partially, but not uniformly implemented. As of today,\r\nthe Board believes that this effort should go further. During the\r\nrecent meeting at CRYPTO, a majority of the Board expressed the opinion\r\nthat a program of, say, 60 or more talks should be arranged at least\r\npartially in parallel sessions.


Hence, during its meeting at CRYPTO, the Board has decided to ask the\r\nProgram Chairs and Committees of the three IACR conferences in 2015\r\n\"to have parallel sessions for a significant part of the program.\" It\r\nis intended for 2015 only. At a discussion during the membership\r\nmeeting, a vote indicated a clear majority in favor of this change for\r\n2015, but there was also a significant minority against. After\r\nASIACRYPT 2015 a referendum among the IACR membership will be held for\r\ndeciding whether the format should be kept like this.


Per IACR\'s policy, Program Chairs and Committees are responsible for\r\nthe scientific program; the General Chairs are responsible for the\r\nlogistics and the organization. The Board guides these processes and\r\nensures continuity across IACR\'s activities.


***Cryptology Schools


The Board has approved funding for the first three IACR Cryptology\r\nSchools, which take place later this year and next year.


1) School on Cryptographic Attacks (\r\n 13-17 October 2014, Porto, Portugal


2) School on Design and Security of Cryptographic Algorithms and Devices,\r\n 5-10 July 2015 (tentative), location to be decided.


3) Asian Workshop on Symmetric Key Cryptography - Cryptology School,\r\n 19-22 December 2014, Chennai, India (


See the website for more information.




There will be elections for three IACR Director positions later this\r\nyear; nominations are now open and due by October 10, 2014. Please\r\nconsider running and see the announcement on the website:\r\n



\r\n\r\n Christian Cachin\r\n IACR President\r\n

15:17 [PhD][New] Elisabeth Oswald: On Side-Channel Attacks and the Application of Algorithmic Countermeasures

  Name: Elisabeth Oswald
Topic: On Side-Channel Attacks and the Application of Algorithmic Countermeasures
Category: implementation

15:15 [PhD][New] Carolyn Whitnall: Statistical methods for non-profiled differential side-channel analysis: Theory and evaluation

  Name: Carolyn Whitnall
Topic: Statistical methods for non-profiled differential side-channel analysis: Theory and evaluation
Category: (no category)


\r\nDifferential side-channel analysis (DSCA) aims at recovering cryptographically-secured secret information by exploiting the relationship between the physically-observable characteristics of a device and the data manipulated inside it. Prior knowledge about this relationship (obtained, perhaps, by detailed examination of an equivalent device) is known to greatly enhance attack success. What may be achieved with little or no prior knowledge at all is less clear. Strategies designed on such a basis have been loosely termed `generic\', but the scenarios in which these are possible without some meaningful knowledge on the leakage appear rare.\r\n


\r\nIn this thesis we formalise the notion of `generic DSCA\' in order to understand it better and to make concrete statements about when and in what sense it is possible. We confirm that the range of scenarios to which it may be applied truly is limited---requiring that the device at some stage implements a predictable function which is non-injective and sufficiently nonlinear (e.g. the DES S-Box transformations).\r\n


\r\nWe explore popular proposals based on mutual information and other non-parametric statistics. To facilitate meaningful comparisons we first introduce a theoretic evaluation framework to enable like-for-like comparisons between different methods and avoid the pit-falls of (necessarily estimator-dependent) empirical comparisons. One of the lessons learned by employing this framework is that mutual information is indeed optimal in some information-theoretic sense (as was initially supposed) and that it is the added burden of estimation which makes it a poor choice in all but the most unusual of leakage scenarios.\r\n


\r\nWe also analyse linear regression-based methods and their use as `generic\' strategies. Applied in this way, they are restricted to the same limited scope as any other such strategy. However, we identify a unique feature of the way they operate whi[...]