International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2014-11-25
22:17 [Pub][ePrint] Solving Polynomial Systems with Noise over F_2: Revisited, by Zhenyu Huang and Dongdai Lin

  Solving polynomial systems with noise over F_2 is a funda- mental problem in computer science, especially in cryptanalysis. ISBS is a new method for solving this problem based on the idea of incremen- tally solving the noisy polynomial systems and backtracking all the pos- sible noises. It had better performance than other methods in solving the Cold Boot Key recovery problem. In this paper, some further researches on ISBS are presented. We proposed a polynomial ordering scheme by which we can accelerate the incremental solving process of ISBS. We present some computation complexity bounds of ISBS. Two major im- provement strategies, artificial noise-bound strategy and two-direction searching strategy, are proposed and theoretically analyzed. Based on these improvements, we propose a variant ISBS algorithm, and by the experiments of solving the Cold Boot key recovery problem of Serpent with symmetric noise, we show that our new algorithm is more efficient than the old one.



22:17 [Pub][ePrint] Malicious-Client Security in Blind Seer: A Scalable Private DBMS, by Ben Fisch, Binh Vo, Fernando Krell, Abishek Kumarasubramanian, Vladimir Kolesnikov, Tal Malkin, Steven M. Bellovin

  The Blind Seer system (Oakland 2014) is an efficient and scalable DBMS that affords both client query privacy and server data protection. It also provides the ability to enforce authorization policies on the system, restricting client\'s queries while maintaining the privacy of both query and policy. Blind Seer supports a rich query set, including arbitrary boolean formulas, and is provably secure with respect to a controlled amount of search pattern leakage. No other system to date achieves this tradeoff of performance, generality, and provable privacy.

A major shortcoming of Blind Seer is its reliance on semi-honest security, particularly for access control and data protection. A malicious client could easily cheat the query authorization policy and obtain any database records satisfying any query of its choice, thus violating basic security features of any standard DBMS. In sum, Blind Seer offers additional privacy to a client, but sacrifices a basic security tenet of DBMS.

In the present work, we completely resolve the issue of a malicious client. We show how to achieve robust access control and data protection in Blind Seer with virtually no added cost to performance or privacy. Our approach also involves a novel technique for a semi-private function secure function evaluation (SPF-SFE) that may have independent applications.

We fully implement our solution and report on its performance.



22:17 [Pub][ePrint] On two windows multivariate cryptosystem depending on random parameters, by Urszula RomaƄczuk-Polubiec, Vasyl Ustimenko

  The concept of multivariate bijective map of an affine space $K^n$ over commutative

Ring $K$ was already used in Cryptography. We consider the idea of nonbijective multivariate

polynomial map $F_n$ of $K^n$ into $K^n$ represented as \'\'partially invertible decomposition\'\'

$F^{(1)}_nF^{(2)}_n \\dots

F^{(k)}_n$, $k=k(n)$, such that knowledge on the decomposition and given

value $u=F(v)$ allow to restore a special part $v\'$ of reimage $v$.

We combine an idea of \'\'oil and vinegar signatures cryptosystem\'\' with the idea of linguistic graph based map with partially invertible decomposition to introduce a new

cryptosystem. The decomposition will be induced by pseudorandom walk on the linguistic graph

and its special quotient (homomorphic image). We estimate the complexity of such general algorithm in case of special family of graphs with quotients, where both graphs form known

families of Extremal Graph Theory. The map created by key holder (Alice) corresponds to

pseudorandom sequence of ring elements.

The postquantum version of the algorithm can be obtained simply by the usage of random strings

instead of pseudorandom.



22:17 [Pub][ePrint] Predicate Encryption for Multi-Dimensional Range Queries from Lattices, by Romain Gay and Pierrick M\\\'eaux and Hoeteck Wee

  We construct a lattice-based predicate encryption scheme for

multi-dimensional range and multi-dimensional subset queries. Our

scheme is selectively secure and weakly attribute-hiding, and its

security is based on the standard learning with errors (LWE)

assumption. Multi-dimensional range and subset queries capture many interesting applications pertaining to searching on encrypted data. To the best of our knowledge, these are the first lattice-based predicate encryption schemes for functionalities beyond IBE and inner product.





2014-11-23
07:54 [Event][New] CTCrypt 2015: 4th Workshop on Current Trends in Cryptology

  Submission: 16 February 2015
Notification: 12 April 2015
From June 2 to June 4
Location: Kazan, Russia
More Information: http://tc26.ru/en/CTCrypt/2015/


07:54 [Event][New] CTCrypt'2015: 4th Workshop on Current Trends in Cryptology

  Submission: 16 February 2015
Notification: 12 April 2015
From June 2 to June 4
Location: Kazan, Russia
More Information: http://tc26.ru/en/CTCrypt/2015/


07:53 [Event][New] CTCrypt?2015: 4th Workshop on Current Trends in Cryptology

  Submission: 16 February 2015
Notification: 12 April 2015
From June 2 to June 4
Location: Kazan, Russia
More Information: http://tc26.ru/en/CTCrypt/2015/


07:42 [Event][New] Latincrypt 2015

  Submission: 15 March 2015
Notification: 15 May 2015
From August 23 to August 26
Location: Guadalajara, Mexico
More Information: http://www.latincrypt.org/


07:40 [Job][New] two PhD positions, Luxembourg University

  Two PhD positions and one postdoc (RA) position are opening at the University of Luxembourg. The first PhD position is centered on comparing and improving the many security models for authenticated key establishment protocols. The second PhD position is focused on the precise security modelling of quantum key establishment protocols.

Further details on these positions and their requirements are available at the following urls:

PhD 1: http://emea3.mrted.ly/ixb5

PhD 2: http://emea3.mrted.ly/ix9n

The research will be conducted at the Interdisciplinary Centre for Security, Reliability and Trust (SnT) in the research group ApSIA (Applied Security and Information Assurance) headed by Prof. Dr. Peter Y.A Ryan. Contact Prof Ryan, peter.ryan (at) uni.lu, for more information.

The University offers highly competitive salaries and is an equal opportunity employer.



2014-11-21
17:43 [Job][New] Cryptography Security Analyst, UK Security Lab

  Role and Scope

The Cryptography Security Analyst is responsible for developing and maintaining the internal expertise in cryptography and more particularly in the security of algorithms executed on embedded systems.

This will include the analysis of cryptographic codes embedded in products under evaluation, the development and the realisation of high level of cryptographic side-channel attacks, and the support and the training of engineers for evaluation projects.

It includes the representation of the company in industry forums and the management of complex projects. He/She should have a flexible and an innovative approach.

Responsibilities

To undertake chargeable security evaluation tasks or duties with the respect of deadlines and customer requirements. The chargeable tasks may include:

o The vulnerability analysis of cryptographic algorithms, more particularly on payment systems with regards to side-channel, fault injection and protocol attacks.

o The development and the realisation of innovative cryptographic attacks on products under evaluation (side-channel, DFA).

o The generation of expertise reports in compliance with industry best standards

To follow-up the latest technical developments and to contribute to the internal innovation in the security in cryptography area.

To provide high-level technical support to the company and to the operations department. This may include test planning and logistics, test procedure updating, training and quality issue resolving.

To represent my client and promote its Security Evaluation services in conferences, exhibitions or any key industry events.

Person Specifications

A Master Degree in Cryptography with good skills in algorithms in embedded systems.

A good knowledge of uC architectures and their assembly languages would be highly advantageous.

High analytical skills

17:42 [Job][New] Junior professorship with tenure track in computer algebra, University of Ulm, Germany

  A successful candidate should be an excellent young researcher with a focus in computeralgebra specializing for example in number theory, algebraic geometry, cryptography, combinatorics, or symbolic computation. Collaboration within the university and as well as the acquisition of third party funding is desired.

http://www.uni-ulm.de/en/mawi/pmath/stellenausschreibung.html