International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

12:17 [Pub][ePrint] Efficient Distributed Tag-Based Encryption and its Application to Group Signatures with Efficient Distributed Traceability, by Essam Ghadafi

  In this work, we first formalize the notion of dynamic group signatures with distributed traceability, where the capability to trace signatures is distributed among $n$ managers without requiring any interaction. This ensures that only the participation of all tracing managers permits tracing a signature, which reduces the trust placed in a single tracing manager. The threshold variant follows easily from our definitions and constructions. Our model offers strong security requirements.

Our second contribution is a generic construction for the notion which has a concurrent join protocol, meets strong security requirements, and offers efficient traceability, i.e.\\ without requiring tracing managers to produce expensive zero-knowledge proofs for tracing correctness. To dispense with the expensive zero-knowledge proofs required in the tracing, we deploy a distributed tag-based encryption with public verifiability.

Finally, we provide some concrete instantiations, which, to the best of our knowledge, are the first efficient provably secure realizations in the standard model simultaneously offering all the aforementioned properties. To realize our constructions efficiently, we construct an efficient distributed (and threshold) tag-based encryption scheme that works in the efficient Type-III asymmetric bilinear groups. Our distributed tag-based encryption scheme yields short ciphertexts (only 1280 bits at 128-bit security), and is secure under an existing variant of the standard decisional linear assumption.

Our tag-based encryption scheme is of independent interest and is useful for many applications beyond the scope of this paper. As a special case of our distributed tag-based encryption scheme, we get an efficient tag-based encryption scheme in Type-III asymmetric bilinear groups that is secure in the standard model.

17:13 [Event][New] CS2 2015: Second Workshop on Cryptography and Security in Computing Systems

  Submission: 27 October 2014
Notification: 27 November 2014
From January 19 to January 19
Location: Amsterdam, The Netherlands
More Information:

18:17 [Pub][ePrint] Requirements for Standard Elliptic Curves, by Manfred Lochter, Johannes Merkle, Jörn-Marc Schmidt, Torsten Schütze

  Currently, the Internet Research Task Force (IRTF) discusses requirements for new elliptic curves to be standardized in TLS and other internet protocols. This position paper discusses the view of the members of the ECC Brainpool on these requirements, in particular with respect to hardware implementations.

16:50 [Job][New] Post-Doc, Commissariat à l\'Energie Atomique (French DoE), Paris area, France

  Following recent advances in high throughput sequencing, it can be expected that, in the near future, more and more individuals will have their whole genome extracted, stored and analyzed in a routine fashion. Although this perspective is full of promises in terms of personalized preventive and curative medicine as well as medical research, it should also be acknowledged that the genome of an individual is in essence extremely sensitive data from (at least) a privacy standpoint. Thus, for such personalized medicine-oriented platforms to reliably exist, it is necessary to develop specific counter-measures providing intrinsic protection of the genomic data when manipulated by an IT infrastructure.

In this context, a very promising approach is grounded in homomorphic encryption as a means of computing directly over encrypted data.

The purpose of the present postdoctoral offer is thus to investigate the practical relevance of using homomorphic encryption techniques for privacy-preserving genetic data processing. The main use case will consist in performing requests on a database of genomes represented by their variants. Several scenarios will be investigated in particular with respect to the privacy of the request itself on top of the privacy of the genetic data. In this various scenarios, the candidate is expected to identify the most suitable homomorphic encryption techniques ranging from additive-only (e.g. suitable for private requests on unencrypted data) and multiplicative-only (e.g. suitable for disjunctive public requests on encrypted genetic data) homomorphic encryption systems to the use of the more recent (and more costly) fully homomorphic encryption techniques. The candidate will also be expected to build prototypes for one or more of the above scenarios in order to experimentally demonstrate the practical viability of the solutions, in particular with respect to performances.

16:02 [News] IACR webserver no longer supports SSLv2 and SSLv3

  In response to recent discoveries of protocol vulnerabilities and in sync with major browser producers, the IACR web server no longer supports SSLv2 and SSLv3. If you face difficulties accessing the IACR services over an encrypted connection, please contact webmaster(at)

03:18 [Event][New] CHES 2015: Cryptographic Hardware and Embedded Systems

  Submission: 2 March 2015
Notification: 18 May 2015
From September 13 to September 16
Location: Saint Malo, France
More Information:

17:44 [Election] IACR 2014 Election: Vote now!


IACR 2014 Election

The 2014 election is being held to fill three of nine IACR Director positions.

Vote Now!

The 2014 Election for Directors of the IACR Board is now open. Eligible IACR members may vote now through November 15th using the Helios cryptographically-verifiable election system. You may vote as often as you wish, but only your last vote will be counted.

Eligible members of the IACR (generally people who attended an IACR conference or workshop in 2013) should have received voting credentials from, sent to their email address of record with the IACR. Questions about this election may be sent to

More information about the candidates can be found at the IACR elections page.

Election Committee

  • Bart Preneel (Chair)
  • Michel Abdalla (Returning Officer)
  • Anna Lysyanskaya

20:00 [Event][New] IEEE S&P 2015: IEEE Symposium on Security and Privacy

  Submission: 14 November 2014
Notification: 8 February 2015
From May 18 to May 20
Location: Oakland, USA
More Information:

09:05 [Job][New] PhD Student, RMIT University, Melbourne, Australia

  Recently, there has been increasing interest in the paradigm of data mining-as-a-service, where a company lacking of expertise of computation resources outsources its mining needs to the cloud. However, privacy concerns have become a major barrier to the widespread growth of data mining-as-a-service.

We offer one PhD scholarship to support a PhD student to work on a project which aims to explore practical privacy-preserving solutions for cloud data mining-as-a-service. The candidate is expected to submit a PhD thesis based on the research.

Candidates should have a Master degree in Computer Science, Knowledge of cryptographic protocols, data mining algorithms and cloud computing architecture. Publications in database security and privacy will be regarded as an additional merit.

Send your CV and publication record to xun.yi (at)

14:16 [Job][New] Post-Doc Fully Homomorphic Encryption, University of Bristol

  We are looking for Post-Docs for a new project on Fully Homomorphic Encryption (FHE). The goal is to implement, test and improve a number of homomorphic encryption schemes. Previous experience with FHE would be a bonus, but not a necessity. However, the ability to pick up and implement advanced mathematical concepts is a must.

12:17 [Pub][ePrint] Remarks on Quantum Modular Exponentiation and Some Experimental Demonstrations of Shor\'s Algorithm, by Zhengjun Cao and Zhenfu Cao and Lihua Liu

  An efficient quantum modular exponentiation method is indispensible for Shor\'s factoring algorithm. But we find that all descriptions presented by Shor, Nielsen and Chuang, Markov and Saeedi, et al., are flawed. We also remark that some experimental demonstrations of Shor\'s algorithm are misleading, because they violate the necessary condition that the selected number $q=2^s$, where $s$ is the number of qubits used in the first register, must satisfy $n^2 \\leq q < 2n^2$, where $n$ is the large number to be factored.