International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2015-02-27
18:06 [Job][New]

SYmmetric and Lightweight cryptography Lab (SYLLAB) at Nanyang Technological University (NTU), Singapore, is seeking candidates for 2 research fellow positions (from fresh post-docs to senior research fellows) in the areas of:

• symmetric key cryptography
• lightweight cryptography
• side-channel attacks

Salaries are competitive and are determined according to the successful applicants accomplishments, experience and qualifications. Interested applicants should send their detailed CVs, cover letter and references to Thomas Peyrin (thomas.peyrin [at] ntu.edu.sg).

Review of applications starts immediately and will continue until positions are filled.

16:17 [Pub][ePrint]

We present Lyra2, a password hashing scheme (PHS) based on cryptographic sponges. Lyra2 was designed to be strictly sequential (i.e., not easily parallelizable), providing strong security even against attackers that uses multiple processing cores (e.g., custom hardware or a powerful GPU). At the same time, it is very simple to implement in software and allows legitimate users to fine tune its memory and processing costs according to the desired level of security against brute force password-guessing. Lyra2 is an improvement of the recently proposed Lyra algorithm, providing an even higher security level against different attack venues and overcoming some limitations of this and other existing schemes.

16:17 [Pub][ePrint]

Searchable encryption allows one to upload encrypted documents on a remote honest-but-curious server and query that data at the server itself without requiring the documents to be decrypted prior to searching. In this work, we propose a novel secure and efficient multi-keyword similarity searchable encryption (MKSim) that returns the matching data items in a ranked ordered manner. Unlike all previous schemes, our search complexity is sublinear to the total number of documents that contain the queried set of keywords. Our analysis demonstrates that proposed scheme is proved to be secure against adaptive chosen-keyword attacks. We show that our approach is highly efficient and ready to be deployed in the real-world cloud storage systems.

2015-02-26
23:11 [Job][New]

Our Institute is part of the TUM Department of Electrical and Computer Engineering. We develop innovative technologies for embedded systems, to counteract new threats in hardware security. Physical Unclonable Functions (PUFs) – as important new security elements – and countermeasures against side channel leakage and fault attacks are only two of the exciting topics in the focus of our institute’s research. Our teaching activities range from lectures on basics in cryptology to lab courses where students design secure embedded systems on their own.

For research in the field of Countermeasures against Attacks on Physical Unclonable Functions we are searching for the closest possible point in time for a

Research Associate (m/f)

for a full time position.

• Carrying out your own research in the field of secure PUF concepts
• Participation in industry-related and scientific research projects
• Supervising students

You:

finished your master’s degree in Electrical Engineering, Computer Sciences or equivalent with outstanding grades.

• have strong focus on security.
• have profound knowledge in hardware attacks and counter measures
• have a sound education in information theory and error correcting codes
• are a creative thinking and independent working person, can work in teams, and are highly motivated.
• like to work with students.
• should have practical or theoretical previous knowledge on embedded systems.

We offer a very interesting position as research associate which is rich in variety and includes the ability to carry out a Doctoral thesis in engineering. With your research in the field of PUFs, you contribute to one of the main fields of the Institute for Security in Information Technology and are

22:17 [Pub][ePrint]

We focus on generalizing constructions of Batch Single-Choice Cut-And-Choose Oblivious Transfer and Multi-sender k-out-of-n Oblivious Transfer, which are at the core of efficient secure computation constructions proposed by Lindell \\textit{et al.} and the IPS compiler.

Our approach consists in showing that such primitives can be based on a much weaker and simpler primitive called Verifiable Oblivious Transfer (VOT) with low overhead. As an intermediate step we construct Generalized Oblivious Transfer from VOT. Finally, we show that Verifiable Oblivious Transfer can be obtained from a structure preserving oblivious transfer protocol (SPOT) through an efficient transformation that uses Groth-Sahai proofs and structure preserving commitments.

19:17 [Pub][ePrint]

We ask whether it is possible to anonymously communicate a large amount of data using only public (non-anonymous) communication together with a small anonymous channel. We think this is a central question in the theory of anonymous communication and to the best of our knowledge this is the first formal study in this direction.

To solve this problem, we introduce the concept of \\emph{anonymous steganography}: think of a leaker Lea who wants to leak a large document to Joe the journalist. Using anonymous steganography Lea can embed this document in innocent looking communication on some popular website (such as cat videos on \\emph{YouTube} or funny memes on \\emph{9GAG}). Then Lea provides Joe with a short key $k$ which, \\emph{when applied to the entire website}, recovers the document while hiding the identity of Lea among the large number of users of the website. Our contributions include:

\\begin{itemize}

\\item Introducing and formally defining \\emph{anonymous steganography},

\\item A construction showing that anonymous steganography is possible (which uses recent results in circuits obfuscation),

\\item A lower bound on the number of bits which are needed to bootstrap anonymous communication.

\\end{itemize}

19:17 [Pub][ePrint]

To be resistant against certain time-memory-data-tradeoff (TMDTO) attacks, a common rule of thumb says that the internal state size of a stream cipher should be at least twice the security parameter. As memory gates are usually the most area and power consuming components, this implies a sever limitation with respect to possible lightweight implementations.

In this work, we revisit this rule. We argue that a simple shift in the established design paradigm, namely to involve the fixed secret key not only in the initialization process but in the keystream generation phase as well, enables stream ciphers with smaller area size for two reasons. First, it improves the resistance against the mentioned TMDTO attacks which allows to choose smaller state sizes. Second, one can make use of the fact that storing a fixed value (here: the key) requires less area size than realizing a register of the same length. We demonstrate the feasibility of this approach by describing and implementing a concrete stream cipher Sprout which uses significantly less area than comparable existing lightweight stream ciphers.

19:17 [Pub][ePrint]

These days genomic sequence analysis provides a key way of understanding the biology of an organism. However, since these sequences contain much private information, it can be very dangerous to reveal any part of them. It is desirable to protect this sensitive information when performing sequence analysis in public. As a first step in this direction, we present a method to perform the edit distance algorithm on encrypted data to obtain an encrypted result. In our approach, the genomic data owner provides only the encrypted sequence, and the public commercial cloud can perform the sequence analysis without decryption. The result can be decrypted only by the data owner or designated representative holding the decryption key.

In this paper, we describe how to calculate edit distance on encrypted data with a somewhat homomorphic encryption scheme and analyze its performance. More precisely, given two encrypted sequences of lengths $n$ and $m$, we show that a somewhat homomorphic scheme of depth $\\bigo((n+m) \\log\\log (n+m))$ can evaluate the edit distance algorithm in $\\bigo(nm \\log (n+m))$ homomorphic computations. In the case of $n=m$, the depth can be brought down to $\\bigo(n)$ using our optimization technique. Finally, we present the estimated performance of the edit distance algorithm and verify it by implementing it for short DNA sequences.

19:17 [Pub][ePrint]

A number of databases around the world currently host a wealth of genomic data that is invaluable to researchers conducting a variety of genomic studies. However, patients who volunteer their genomic data run the risk of privacy invasion. In this work, we give a cryptographic solution to this problem: to maintain patient privacy, we propose encrypting all genomic data in the database. To allow meaningful computation on the encrypted data, we propose using a homomorphic encryption scheme.

Specifically, we take basic genomic algorithms which are commonly used in genetic association studies and show how they can be made to work on encrypted genotype and phenotype data. In particular, we consider the Pearson Goodness-of-Fit test, the D\' and r^2-measures of linkage disequilibrium, the Estimation Maximization (EM) algorithm for haplotyping, and the Cochran-Armitage Test for Trend. We also provide performance numbers for running these algorithms on encrypted data.

19:17 [Pub][ePrint]

We show that the distinguishing attacks on Even-Mansour block ciphers

in the related key model can easily be converted into extremely efficient key recovery attacks.

This includes in particular all iterated Even-Mansour constructions with independent keys.

We apply this observation to the Caesar candidate Prøst-OTR and are able to recover the whole key with a number of requests linear in its size. This improves on recent forgery attacks in a similar setting.

17:12 [Event][New]

From March 20 to March 23
Location: Bochum, Germany