International Association for Cryptologic Research

IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2015-04-03
16:34 [Job][New]

1. Security mechanisms in Internet of Things

Contact: Xin.Huang (at) xjtlu.edu.cn

2. Wireless localization

Contact: Dawei.Liu (at) xjtlu.edu.cn

The two PhD fundings start from 2015-09, please send your applications as soon as possible.

Requirements:

The candidate should have a first class or upper second class honours degree, or a master’s degree, in Computer Science, Electrical Engineering, or Security.

Degree:

The student will be awarded a PhD degree from the University of Liverpool (UK) upon successful completion of the program.

Funding:

The award covers tuition fees for three years (currently equivalent to RMB 80,000 per annum) and provides a monthly stipend of 3500 RMB as a contribution to living expenses.

How to Apply:

Interested applicants are advised to email the following documents to

Doctoralstudies (at) xjtlu.edu.cn (please put the project title and primary supervisor’s name in the subject line).

• CV

• Two reference letters

• Personal statement outlining your interest in the position

• IELTS score of above 6.5 or equivalent is required

• Verified school transcripts in both Chinese and English (for international students, only the English version is required)

• Verified certificates of education qualifications in both Chinese and English (for international students, only the English version is required)

16:33 [Job][New]

The University of Luxembourg is looking for a Postdoc in Cryptography, with a fixed-term contract of 3 years.

You will work on a new project on Fully Homomorphic Encryption (FHE). The goal is to improve existing FHE schemes, and possibly design and implement new ones.

You should have a PhD in cryptography. Experience with FHE is a plus but not a necessity.

We offer a personal work space at the University, a highly competitive salary, and a dynamic and multicultural environment.

To apply: http://emea3.mrted.ly/n139

Please send your application online until May 15th, 2015. Applications will be considered on receipt therefore applying before the deadline is encouraged

2015-04-01
23:54 [Job][New]

Key Job Responsibilities:

Conduct both fundamental as well as applied research that advances the state-of-the-art and deliver innovation. Candidate should have the ability to conduct (and desirably lead) research projects in the area of System-, Cloud-, or Networking- Security, in collaboration with other Bell Labs researchers (on site and overseas) as well as development engineers.

Research areas of interest include (but are not limited to):

- Network security;

- Security of Cloud and large-scale distributed systems;

- Security aspects of Programmable software-defined networks, Network controllers;

- Security of Systems at large.

Education: PhD in Computer Science or Electric Engineering related to security

Skills and Experience:

Proven research ability in the area of Networking-, System- or Cloud- Security. Experience with software development, system architecture, test-beds, simulations, or deployment and integration is strongly desired.

23:44 [Job][New]

A post-doctoral position is immediately available in Bell Labs Israel. The research group is focused on the field of "distributed cloud networking" a new paradigm in which Cloud and SDN are used to virtualized many of the services currently deployed over dedicated hardware. The candidate is expected to conduct research in the area of Cloud, Networking, or System Security, in collaboration with other Bell Labs researchers as well as development engineers. Specific interest fields include, but are not limited to SDN, NFV, or Cloud infrastructure security.

Education: recent PhD in Computer Science or Electric Engineering related to cyber and security

Skills and Experience: Proven research ability in the area of Networking, System, or Cloud, Security. Experience with software or hardware development, system architecture, test-beds, or deployment and integration is strongly desired.

15:17 [Pub][ePrint]

We propose a method for integrating NTRUEncrypt into the ntor key exchange protocol as a means of achieving a quantum-safe variant of forward secrecy. The proposal is a minimal change to ntor, essentially consisting of an NTRUEncrypt-based key exchange performed in parallel with the ntor handshake. Performance figures are provided demonstrating that the client bears most of the additional overhead, and that the added load on the router side is acceptable.

We make this proposal for two reasons. First, we believe it to be an interesting case study into the practicality of quantum-safe cryptography and into the difficulties one might encounter when transitioning to quantum-safe primitives within real-world protocols and code-bases. Second, we believe that Tor is a strong candidate for an early transition to quantum-safe primitives; users of Tor may be justifiably concerned about adversaries who record traffic in the present and store it for decryption when technology or cryptanalytic techniques improve in the future.

15:17 [Pub][ePrint]

Precomputation techniques are useful to improve real-time performance of complex algorithms at the expense of extra memory, and extra preparatory computations. This practice is neglected especially in the embedded context where energy and memory space is limited. Instead, the embedded space favors the immediate reduction of energy and memory footprint. However, the embedded platforms of the future may be different from the traditional ones. Energy-harvesting sensor nodes may extract virtually limitless energy from their surrounding, while at the same time they are able to store more data at cheaper cost, thanks to Moore\'s law. Yet, minimizing the run-time energy and latency will still be primary targets for today\'s as well as future real-time embedded systems. Another important challenge for the future systems is to provide efficient public-key based solutions that can thwart quantum-cryptanalysis. In this article, we address these two concepts. We apply precomputation techniques on two post-quantum digital signature schemes: hash-based and lattice-based digital signatures. We first demonstrate that precomputation methods are extensible to post-quantum cryptography and are applicable on current energy-harvesting platforms. Then, we quantify its impact on energy, execution time, and the overall system yield. The results show that precomputation can improve the run-time latency and energy consumption up to a factor of 82.7$\\times$ and 11.8$\\times$, respectively. Moreover, for a typical energy-harvesting profile, it can triple the total number of generated signatures. We reveal that precomputation enables very complex and even probabilistic algorithms to achieve acceptable real-time performance on resource-constrained platforms. Thus, it will expand the scope of post-quantum algorithms to a broader range of platforms and applications.

15:17 [Pub][ePrint]

A new lightweight stream cipher, Sprout, has been presented at FSE 2015. The main concern in the design philosophy of the cipher is to decrease the internal state size without compromising the security against Time-Memory-Data (TMD) tradeoff attacks. In this work, we have mounted a TMD tradeoff attack to Sprout using $2^d$ output bits in $2^{71.7-d}$ encryptions of Sprout along with $2^{d}$ table lookups. The memory complexity is $2^{85-d}$ where $d\\leq 40$. In one instance, it is possible to recover the key in faster than $2^{33}$ encryption time if we have $2^{40}$ bits of keystream output by using tables of 770 Terabytes in total. The offline phase of preparing the tables consists of solving roughly $2^{42}$ system of linear equations with 20 unknowns.

15:17 [Pub][ePrint]

Pairing-based cryptography has exploded over the last decade, as this algebraic setting offers good functionality and efficiency. However, there is a huge security gap between how schemes are usually analyzed in the academic literature and how they are typically implemented. The issue at play is that there exist multiple types of pairings: Type-I called \"symmetric\" is typically how schemes are presented and proven secure in the literature, because it is simpler and the complexity assumptions can be weaker; however, Type-III called \"asymmetric\" is typically the most efficient choice for an implementation in terms of bandwidth and computation time.

There are two main complexities when moving from one pairing type to another. First, the change in algebraic setting invalidates the original security proof. Second, there are usually multiple (possibly thousands) of ways to translate from a Type-I to a Type-III scheme, and the \"best\" translation may depend on the application.

Our contribution is the design, development and evaluation of a new software tool, AutoGroup+, that automatically translates from Type-I to Type-III pairings. The output of AutoGroup+ is: (1) \"secure\" provided the input is \"secure\" and (2) optimal based on the user\'s efficiency constraints (excluding software and run-time errors). Prior automation work for pairings was either not guaranteed to be secure or only partially automated and impractically slow. This work addresses the pairing security gap by realizing a fast and secure translation tool.

15:17 [Pub][ePrint]

The single-shot collision attack on RSA proposed by Hanley et al. is studied focusing on the difference between two operands of multipliers. There are two consequences. Firstly, designing order of operands can be a cost-effective countermeasure. We show a concrete example in which operand order determines success and failure of the attack. Secondly, countermeasures can be ineffective if the asymmetric leakage is considered. In addition to the main results, the attack by Hanley et al. is extended using the signal-processing technique of the big mac attack. An experimental result to successfully analyze an FPGA implementation of RSA with the multiply-always method is also presented.

15:17 [Pub][ePrint]

Secure and private computations over RAM are preferred over computations with circuits or Turing machines. Secure and private RAM executions become more and more important in the scope avoiding information leakage when executing programs over a single computer as well as over the clouds. In this paper, we propose a distributed scheme for evaluating RAM programs without revealing any information on the computation including the program the data and the result. We use the Shamir secret sharing to share all the program instructions and private string matching technique to ensure the execution of the right instruction sequence. We stress that our scheme obtains information theoretic security and does not rely on any computational hardness assumptions, therefore, gaining indefinite private and secure RAM execution of perfectly unrevealed programs.

15:17 [Pub][ePrint]

Providing an efficient revocation mechanism for attribute-based encryption (ABE) is of

utmost importance since over time an user\'s credentials may be revealed or expired. All previously

known revocable ABE (RABE) constructions (a) essentially utilize the complete subtree (CS) scheme

for revocation purpose, (b) are bounded in the sense that the size of the public parameters depends

linearly on the size of the attribute universe and logarithmically on the number of users in the

system, and (c) are either selectively secure, which seems unrealistic in a dynamic system such as

RABE, or fully secure but built in a composite order bilinear group setting, which is undesirable from

the point of view of both efficiency and security. This paper presents the first fully secure unbounded

RABE using subset difference (SD) mechanism for revocation which greatly improves the broadcast

efficiency compared to the CS scheme. Our RABE scheme is built on a prime order bilinear group

setting resulting in practical computation cost, and its security depends on the Decisional Linear

assumption.