International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2014-10-16
16:50 [Job][New]

Following recent advances in high throughput sequencing, it can be expected that, in the near future, more and more individuals will have their whole genome extracted, stored and analyzed in a routine fashion. Although this perspective is full of promises in terms of personalized preventive and curative medicine as well as medical research, it should also be acknowledged that the genome of an individual is in essence extremely sensitive data from (at least) a privacy standpoint. Thus, for such personalized medicine-oriented platforms to reliably exist, it is necessary to develop specific counter-measures providing intrinsic protection of the genomic data when manipulated by an IT infrastructure.

In this context, a very promising approach is grounded in homomorphic encryption as a means of computing directly over encrypted data.

The purpose of the present postdoctoral offer is thus to investigate the practical relevance of using homomorphic encryption techniques for privacy-preserving genetic data processing. The main use case will consist in performing requests on a database of genomes represented by their variants. Several scenarios will be investigated in particular with respect to the privacy of the request itself on top of the privacy of the genetic data. In this various scenarios, the candidate is expected to identify the most suitable homomorphic encryption techniques ranging from additive-only (e.g. suitable for private requests on unencrypted data) and multiplicative-only (e.g. suitable for disjunctive public requests on encrypted genetic data) homomorphic encryption systems to the use of the more recent (and more costly) fully homomorphic encryption techniques. The candidate will also be expected to build prototypes for one or more of the above scenarios in order to experimentally demonstrate the practical viability of the solutions, in particular with respect to performances.

16:02 [News]

In response to recent discoveries of protocol vulnerabilities and in sync with major browser producers, the IACR web server no longer supports SSLv2 and SSLv3. If you face difficulties accessing the IACR services over an encrypted connection, please contact webmaster(at)iacr.org.

03:18 [Event][New]

Submission: 2 March 2015
From September 13 to September 16
Location: Saint Malo, France

2014-10-15
17:44 [Election]

## IACR 2014 Election

The 2014 election is being held to fill three of nine IACR Director positions.

### Vote Now!

The 2014 Election for Directors of the IACR Board is now open. Eligible IACR members may vote now through November 15th using the Helios cryptographically-verifiable election system. You may vote as often as you wish, but only your last vote will be counted.

Eligible members of the IACR (generally people who attended an IACR conference or workshop in 2013) should have received voting credentials from system@heliosvoting.org, sent to their email address of record with the IACR. Questions about this election may be sent to elections@iacr.org.

### Election Committee

• Bart Preneel (Chair)
• Michel Abdalla (Returning Officer)
• Anna Lysyanskaya

2014-10-14
20:00 [Event][New]

Submission: 14 November 2014
From May 18 to May 20
Location: Oakland, USA

09:05 [Job][New]

Recently, there has been increasing interest in the paradigm of data mining-as-a-service, where a company lacking of expertise of computation resources outsources its mining needs to the cloud. However, privacy concerns have become a major barrier to the widespread growth of data mining-as-a-service.

We offer one PhD scholarship to support a PhD student to work on a project which aims to explore practical privacy-preserving solutions for cloud data mining-as-a-service. The candidate is expected to submit a PhD thesis based on the research.

Candidates should have a Master degree in Computer Science, Knowledge of cryptographic protocols, data mining algorithms and cloud computing architecture. Publications in database security and privacy will be regarded as an additional merit.

Send your CV and publication record to xun.yi (at) rmit.edu.au.

2014-10-13
14:16 [Job][New]

We are looking for Post-Docs for a new project on Fully Homomorphic Encryption (FHE). The goal is to implement, test and improve a number of homomorphic encryption schemes. Previous experience with FHE would be a bonus, but not a necessity. However, the ability to pick up and implement advanced mathematical concepts is a must.

12:17 [Pub][ePrint]

An efficient quantum modular exponentiation method is indispensible for Shor\'s factoring algorithm. But we find that all descriptions presented by Shor, Nielsen and Chuang, Markov and Saeedi, et al., are flawed. We also remark that some experimental demonstrations of Shor\'s algorithm are misleading, because they violate the necessary condition that the selected number $q=2^s$, where $s$ is the number of qubits used in the first register, must satisfy $n^2 \\leq q < 2n^2$, where $n$ is the large number to be factored.

12:17 [Pub][ePrint]

We propose the first UC secure commitment scheme with (amortized) computational complexity linear in the size of the string committed to. After a preprocessing phase based on oblivious transfer, that only needs to be done once and for all, our scheme only requires a pseudorandom generator and a linear code with efficient encoding. We also construct an additively homomorphic version of our basic scheme using VSS. Furthermore we evaluate the concrete efficiency of our schemes and show that the amortized computational overhead is significantly lower than in the previous best constructions. In fact, our basic scheme has amortised concrete efficiency comparable with previous protocols in the Random Oracle Model even though it is constructed in the plain model.

12:17 [Pub][ePrint]

We present an adaptively secure universally composable multiparty computation protocol in the dishonest majority setting. The protocol has a constant number of rounds and communication complexity that depends only on the number of inputs and outputs (and not on the size of the circuit to be computed securely). Such protocols were already known for honest majority. However, adaptive security and constant round was known to be impossible in the stand-alone model and with black-box proofs of security. Here, we solve the problem in the UC model using a set-up assumption. Our protocol is secure assuming LWE is hard and achieved by building a special type of crypto system we call equivocal FHE from LWE. We also build adaptively secure and constant round UC commitment and zero-knowledge proofs (of knowledge) based on LWE.

12:17 [Pub][ePrint]

We propose the TWEAKEY framework with goal to unify the design of tweakable block ciphers and of block ciphers resistant to related-key attacks. Our framework is simple, extends the key-alternating construction, and allows to build a primitive with arbitrary tweak and key sizes, given the public round permutation (for instance, the AES round). Increasing the sizes renders the security analysis very difficult and thus we identify a subclass of TWEAKEY, that we name STK, which solves the size issue by the use of finite field

multiplications on low hamming weight constants. We give very efficient instances of STK, in particular, a 128-bit tweak/key/state block cipher Deoxys-BC that is the first AES-based ad-hoc tweakable block cipher. At the same time, Deoxys-BC could be seen as a secure alternative to AES-256, which is known to be insecure in the related-key model. As another member of the TWEAKEY framework, we describe Kiasu-BC, which is a very simple and even more efficient tweakable variation of AES-128 when the tweak size is limited to 64 bits.

In addition to being efficient, our proposals, compared to the previous schemes that use AES as a black box, offer security beyond the birthday bound. Deoxys-BC and Kiasu-BC represent interesting pluggable primitives for authenticated encryption schemes, for instance, OCB instantiated with Kiasu-BC runs at about 0.75 c/B on Intel Haswell. Our work can also be seen as

advances on the topic of secure key schedule design for AES-like ciphers, describing several proposals in this direction.