International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2015-04-19
21:17 [Pub][ePrint]

In authenticated encryption schemes, there are two techniques for handling long ciphertexts while working within the constraints of a low buffer size: Releasing unverified plaintext (RUP) or Producing intermediate tags (PIT). In this paper, in addition to the two techniques, we propose another way to handle a long ciphertext with a low buffer size by storing and releasing only one (generally, or only few) intermediate state without releasing or storing any part of an unverified plaintext and without need of generating any intermediate tag.

In this paper we explain this generalized technique using our new construction sp-AELM. sp-AELM is a sponge based authenticated encryption scheme that provides support for limited memory devices. We also provide its security proof for privacy and authenticity in an ideal permutation model, using a code based game playing framework. Furthermore, we also present two more variants of sp-AELM that serve the same purpose and are more efficient than sp-AELM.

The ongoing CAESAR competition has 9 submissions which are based on the Sponge construction. We apply our generalized technique of storing single intermediate state to all these submissions, to determine their suitability with a Crypto module having limited memory. Our findings show that only ASCON and one of the PRIMATE\'s mode(namely GIBBON) satisifes the limited memory constraint using this technique, while the remaining 8 schemes (namely, Artemia, ICEPOLE, Ketje, Keyak, NORX, $\\pi$-Cipher, STRIBOB and two of the PRIMATEs mode: APE \\& HANUMAN) are not suitable for this scenario directly.

21:17 [Pub][ePrint]

Abstract: Broadcast or multicast is one of the most fundamental

concepts in data communication and distributed cryptography. A

central entity wishes to broadcast a secret data stream to a

dynamically changing privileged subset of recipients in such a

way that non-members of the privileged class cannot learn the

Algorithm (ASBA) based on threats analytics and case based

reasoning. It defines the security intelligence of an adaptively

secure broadcast comprehensively with a novel concept. It

recommends a set of intelligent model checking moves for the

verification of security intelligence of broadcasting mechanism.

The algorithm is analyzed from the perspectives of security

intelligence, communication complexity, computational

intelligence and efficiency of mechanism. The computational

intelligence is associated with the complexity of broadcast

scheduling, verification of security intelligence of broadcasting

system, key management strategies and payment function

computation. The cost of communication depends on number of

agents and subgroups in the broadcasting group and complexity of

data. The algorithm is applicable to the analysis of intelligent

mechanisms in static and dynamic networks, auction or

combinatorial auction for e-market, digital content distribution

21:17 [Pub][ePrint]

The problem of verifiable data streaming (VDS) considers a client with limited computational and storage capacities that streams an a-priori unknown number of elements to an untrusted server.

The client may retrieve and update any outsourced element. Other parties may verify each outsourced element\'s integrity using the client\'s public-key.

All previous VDS constructions incur a bandwidth and computational overhead on both client and server side, which is at least logarithmic in the number of transmitted elements.

We propose two novel, fundamentally different approaches to constructing VDS.

The first scheme is based on a new cryptographic primitive called Chameleon Vector Commitment (CVC).

A CVC is a trapdoor commitment scheme to a vector of messages where both commitments and openings have constant size.

Using CVCs we construct a tree-based VDS protocol that has constant computational and bandwidth overhead on the client side.

The second scheme shifts the workload to the server side by combining signature schemes with cryptographic accumulators.

Here, all computations are constant, except for queries, where the computational cost of the server is linear in the total number of updates.

21:17 [Pub][ePrint]

A family of hash functions is called correlation intractable\'\' if it is hard to find, given a random function in the family, an input-output pair that satisfies any sparse\'\' relation, namely any relation that is hard to satisfy for truly random functions. Correlation intractability captures a strong and natural Random Oracle-like property. However, it is widely considered to be unobtainable. Indeed, it was shown that correlation intractable functions do not exist for some length parameters [Canetti, Goldreich and Halevi, J.ACM 04]. Furthermore, no candidate constructions have been proposed in the literature for any setting of the parameters.

We construct a correlation intractable function ensemble that withstands all relations with a priori bounded polynomial complexity. We assume the existence of sub-exponentially secure indistinguishability obfuscators, puncturable pseudorandom functions, and input-hiding obfuscators for evasive circuits. The existence of the latter is implied by Virtual-Grey-Box obfuscation for evasive circuits [Bitansky et al, CRYPTO 14].

21:17 [Pub][ePrint]

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to capture the security of AKE protocols even when the adversary learns certain secret values. Increased granularity of security can be modelled by considering partial leakage of secrets in the manner of models for leakage-resilient cryptography, designed to capture side-channel attacks. In this work, we use the strongest known partial-leakage-based security model for key exchange protocols, namely continuous after-the-fact leakage eCK (CAFL-eCK) model. We resolve an open problem by constructing the first concrete two-pass leakage-resilient key exchange protocol that is secure in the CAFL-eCK model.

21:17 [Pub][ePrint]

We study the possibility of computing cryptographic primitives in a fully-black-box arithmetic model over a finite field $\\F$. In this model, the input to a cryptographic primitive (e.g., encryption scheme) is given as a sequence of field elements, the honest parties are implemented by arithmetic circuits which make only a black-box use of the underlying field, and the adversary has a full (non-black-box) access to the field. This model captures many standard information-theoretic constructions.

We prove several positive and negative results in this model for various cryptographic tasks. On the positive side, we show that, under reasonable assumptions, computational primitives like commitment schemes, public-key encryption, oblivious transfer, and general secure two-party computation can be implemented in this model. On the negative side, we prove that garbled circuits, multiplicative-homomorphic encryption, and secure computation with low online complexity cannot be achieved in this model. Our results reveal a qualitative difference between the standard Boolean model and the arithmetic model, and explain, in retrospect, some of the limitations of previous constructions.

21:17 [Pub][ePrint]

We present a hardware architecture for all building blocks required in polynomial ring based fully homomorphic schemes and use it to instantiate the somewhat homomorphic encryption scheme YASHE. Our implementation is the first FPGA implementation that is designed for evaluating functions on homomorphically encrypted data (up to a certain multiplicative depth) and we illustrate this capability by evaluating the SIMON-64/128 symmetric key cipher in the encrypted domain. Our implementation provides a fast polynomial operations unit using CRT and NTT for multiplication combined with an optimized memory access scheme; a fast Barrett like polynomial reduction method that allows all possible polynomial moduli; an efficient divide and round unit required in the multiplication of ciphertexts and an efficient CRT unit. These building blocks can be easily reused to instantiate any other polynomial ring based fully homomorphic scheme, including the ones designed for SIMD operations, since no restricting assumptions have been made. These building blocks are integrated in a coprocessor with instructions to execute YASHE, which can be controlled by a computer for evaluating arbitrary functions (up to the multiplicative depth 44 and 128-bit security level). Our architecture was compiled (place-and-route analysis) for a single Xilinx Virtex-7 XC7V1140T FPGA, where it consumes 23\\,\\% of registers, 50\\,\\% of LUTs, 53\\,\\% of DSP slices, and 38\\,\\% of BlockRAM memory. The implementation evaluates SIMON-64/128 in approximately 157.7\\,s (at 143\\,MHz) and it processes 2048 ciphertexts at once giving a relative time of only 77\\,ms per block. This is 26.6 times faster than the leading software implementation on a 4-core Intel Core-i7 processor running at 3.4\\,GHz.

21:17 [Pub][ePrint]

The aim of this paper is to present an attack upon the protocol of Diaz et al. \\cite{Diaz}, which goal is to introduce a fair anonymity in the Tor network. This attack allows an attacker to impersonate Tor users with the complicity of an exit node.

2015-04-17
16:49 [Job][New]

The Cryptology Group and the Embedded Security Group at Ruhr-University Bochum (Horst-Goertz Institute) are seeking to recruit two Marie Sklodowska-Curie Research Fellows in Cryptography to start in September 2015, as part of the ECRYPT-NET project.

ECRYPT-NET is a research network of six universities and two companies that intends to develop advanced cryptographic techniques for the Internet of Things and the Cloud, and to create efficient and secure implementations of those techniques on a broad range of platforms. ECRYPT-NET is funded by a prestigious Marie Sklodowska-Curie ITN (Integrated Training Network) grant. The network will educate a group of 15 PhD students with a set of interdisciplinary skills in the areas of mathematics, computer science and electrical engineering. The training will be provided in an international context that include Summer Schools, workshops and internships. Participants are expected to spend at least six months abroad with a network partner or in one of the seven associated companies. We are looking for highly motivated candidates, ideally with background on cryptology and with proven research abilities.

Two of the ECRYPT-NET ESR (Early Stage Researcher) positions will be based at Ruhr-University Bochum, to work on the following projects:

• Fully Homomorphic Encryption - Design and Analysis
• Post-Quantum Cryptosystems on Embedded Platforms

Marie Curie ITN eligibility criteria apply to both of these positions.

Founded in 2001, the Horst-Görtz Institute at Ruhr-University Bochum is a world-leading interdisciplinary research center dedicated to research and education covering all aspects of IT security, with an excellent record of research in cryptography. The Horst-Görtz Institute has 15 professors and over 80 PhD students. It hosts the only German Research Training Group for Doctoral students in Cryptology.

2015-04-16
16:20 [Job][New]

We are looking for postdoc fellow with expertise on Cryptographic Protocols (UC-security, multi-party computations), Information Security, Cloud Computing and Big Data Analytics. The candidates should have PhD in Cryptography and Information Security or Cloud Computing or Database Engineering with track record of strong R&D capability.