International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

19:17 [Pub][ePrint] A Practical Key Exchange for the Internet using Lattice Cryptography, by Vikram Singh

  In [19], Peikert presents an efficient and provably secure set of lower level primitives for practical post-quantum cryptography. These primitives also give the first lattice-based scheme to provide perfect forward secrecy, and thus represent a major advancement in providing the same sort of security guarantees that are now expected for modern internet traffc protection. However, the presentation in [19] might prove a bit daunting for the slightly less mathematical reader. Here we provide what we hope will be a clear and self-contained exposition of how the algorithm can be implemented, along with sample code and some initial analysis for potential parameter sizes.

We focus on the simpler case, as chosen by Bos et al in [1], of cyclotomic rings whose degree is a power of two. We describe the necessary arithmetic setup and choices regarding error sampling, and give a possibly cleaner mechanism for reconciliation of the shared secrets. Then we present Peikert\'s Diffe-Hellman-like key exchange algorithms along with security, correctness and implementation analysis.

19:17 [Pub][ePrint] Performance Analysis of Some Password Hashing Schemes, by Donghoon Chang and Arpan Jati and Sweta Mishra and Somitra Kumar Sanadhya

  In this work we have analyzed some password hashing schemes for performance under various settings of time and memory complexities. We have attempted to benchmark the said algorithms at similar levels of memory consumption. Given the wide variations in security margins of the algorithms and incompatibility of memory and time cost settings, we have attempted to be as fair as possible in choosing the various parameters while executing the benchmarks.

19:17 [Pub][ePrint] The Random Oracle Model: A Twenty-Year Retrospective, by Neal Koblitz and Alfred Menezes

  It has been roughly two decades since the random oracle model for security reductions was introduced and one decade since we first discussed the controversy that had arisen concerning its use. In this retrospective we argue that there is no evidence that the need for the random oracle assumption in a proof indicates the presence of a real-world security weakness in the corresponding protocol. We give several examples of attempts to avoid random oracles that have led to protocols that have security weaknesses that were not present in the original ones whose proofs required random oracles. We also argue that the willingness to use random oracles gives one the flexibility to modify certain protocols so as to reduce dependence on potentially vulnerable pseudorandom bit generators. Finally, we discuss a modified version of ECDSA, which we call ECDSA+, that may have better real-world security than standard ECDSA, and compare it with a modified Schnorr signature. If one is willing to use the random oracle model (and the analogous generic group model), then various security reductions are known for these two schemes. If one shuns these models, then no provable security result is known for them.

18:07 [Event][New] C&TC 2015: 5th International Symposium on Cloud Computing, Trusted Computing and Secu

  Submission: 23 June 2015
Notification: 7 August 2015
From October 26 to October 28
Location: Rhodes, Greece
More Information:

18:06 [Job][New] Post-Doc, Ph.D., High Assurance Software Lab --- INESC TEC & Minho University

  The High Assurance Software Lab (HASLab) is an R&D unit at INESC TEC, a leading research institution in Portugal. The HASLab specialises in the rigorous development of software applications for critical systems and infrastructures, drawing on expertise in software engineering, dependable distributed systems, and cryptography and information security.

The HASLab has recently opened 10 positions for Post Doctoral researchers and 6 positions for Ph.D. students.

We are looking for Post Doctoral researchers that can be integrated into the activities of HASLab — in EU and national projects — and also lead their own research projects within the group, preferably in the following areas: source code analysis, testing and verification, formal methods, large scale data management, theory of cryptography or computer and network security.

A successful Post Doctoral candidate will be offered a package that may include up to 25K EUR/Year salary, health insurance, one Ph.D. grant and one internship grant for recruitment, as well as access to the HASLab travel and equipment funding schemes. Post-doc positions may be extended until up to 5 years.

18:06 [Job][New] Research Fellow / Post-doc, Nanyang Technological University (NTU), Singapore

  SYmmetric and Lightweight cryptography Lab (SYLLAB) at Nanyang Technological University (NTU), Singapore, is seeking candidates for 2 research fellow positions (from fresh post-docs to senior research fellows) in the areas of:

  • symmetric key cryptography
  • lightweight cryptography
  • side-channel attacks

Salaries are competitive and are determined according to the successful applicants accomplishments, experience and qualifications. Interested applicants should send their detailed CVs, cover letter and references to Thomas Peyrin (thomas.peyrin [at]

Review of applications starts immediately and will continue until positions are filled.

16:17 [Pub][ePrint] Lyra2: Password Hashing Scheme with improved security against time-memory trade-offs, by Marcos A. Simplicio Jr. and Leonardo C. Almeida and Ewerton R. Andrade and Paulo C. F. dos Santos and Paulo S.

  We present Lyra2, a password hashing scheme (PHS) based on cryptographic sponges. Lyra2 was designed to be strictly sequential (i.e., not easily parallelizable), providing strong security even against attackers that uses multiple processing cores (e.g., custom hardware or a powerful GPU). At the same time, it is very simple to implement in software and allows legitimate users to fine tune its memory and processing costs according to the desired level of security against brute force password-guessing. Lyra2 is an improvement of the recently proposed Lyra algorithm, providing an even higher security level against different attack venues and overcoming some limitations of this and other existing schemes.

16:17 [Pub][ePrint] Multi-keyword Similarity Search Over Encrypted Cloud Data, by Mikhail Strizhov and Indrajit Ray

  Searchable encryption allows one to upload encrypted documents on a remote honest-but-curious server and query that data at the server itself without requiring the documents to be decrypted prior to searching. In this work, we propose a novel secure and efficient multi-keyword similarity searchable encryption (MKSim) that returns the matching data items in a ranked ordered manner. Unlike all previous schemes, our search complexity is sublinear to the total number of documents that contain the queried set of keywords. Our analysis demonstrates that proposed scheme is proved to be secure against adaptive chosen-keyword attacks. We show that our approach is highly efficient and ready to be deployed in the real-world cloud storage systems.

23:11 [Job][New] Research Associate, Technische Universitaet Muenchen; Instiute for Security in Information Technology; Munich; Germany

  Our Institute is part of the TUM Department of Electrical and Computer Engineering. We develop innovative technologies for embedded systems, to counteract new threats in hardware security. Physical Unclonable Functions (PUFs) – as important new security elements – and countermeasures against side channel leakage and fault attacks are only two of the exciting topics in the focus of our institute’s research. Our teaching activities range from lectures on basics in cryptology to lab courses where students design secure embedded systems on their own.

For research in the field of Countermeasures against Attacks on Physical Unclonable Functions we are searching for the closest possible point in time for a

Research Associate (m/f)

for a full time position.

Your Tasks:

  • Carrying out your own research in the field of secure PUF concepts
  • Participation in industry-related and scientific research projects
  • Supervising students


    finished your master’s degree in Electrical Engineering, Computer Sciences or equivalent with outstanding grades.

  • have strong focus on security.
  • have profound knowledge in hardware attacks and counter measures
  • have a sound education in information theory and error correcting codes
  • are a creative thinking and independent working person, can work in teams, and are highly motivated.
  • like to work with students.
  • should have practical or theoretical previous knowledge on embedded systems.

We offer a very interesting position as research associate which is rich in variety and includes the ability to carry out a Doctoral thesis in engineering. With your research in the field of PUFs, you contribute to one of the main fields of the Institute for Security in Information Technology and are

22:17 [Pub][ePrint] Generalizing Efficient Multiparty Computation, by Bernardo David and Ryo Nishimaki and Samuel Ranellucci and Alain Tapp

  We focus on generalizing constructions of Batch Single-Choice Cut-And-Choose Oblivious Transfer and Multi-sender k-out-of-n Oblivious Transfer, which are at the core of efficient secure computation constructions proposed by Lindell \\textit{et al.} and the IPS compiler.

Our approach consists in showing that such primitives can be based on a much weaker and simpler primitive called Verifiable Oblivious Transfer (VOT) with low overhead. As an intermediate step we construct Generalized Oblivious Transfer from VOT. Finally, we show that Verifiable Oblivious Transfer can be obtained from a structure preserving oblivious transfer protocol (SPOT) through an efficient transformation that uses Groth-Sahai proofs and structure preserving commitments.

19:17 [Pub][ePrint] How to Bootstrap Anonymous Communication, by Sune K. Jakobsen and Claudio Orlandi

  We ask whether it is possible to anonymously communicate a large amount of data using only public (non-anonymous) communication together with a small anonymous channel. We think this is a central question in the theory of anonymous communication and to the best of our knowledge this is the first formal study in this direction.

To solve this problem, we introduce the concept of \\emph{anonymous steganography}: think of a leaker Lea who wants to leak a large document to Joe the journalist. Using anonymous steganography Lea can embed this document in innocent looking communication on some popular website (such as cat videos on \\emph{YouTube} or funny memes on \\emph{9GAG}). Then Lea provides Joe with a short key $k$ which, \\emph{when applied to the entire website}, recovers the document while hiding the identity of Lea among the large number of users of the website. Our contributions include:


\\item Introducing and formally defining \\emph{anonymous steganography},

\\item A construction showing that anonymous steganography is possible (which uses recent results in circuits obfuscation),

\\item A lower bound on the number of bits which are needed to bootstrap anonymous communication.