International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2015-06-17
00:17 [Pub][ePrint]

Increased complexity in modern embedded systems has presented various important challenges with regard to side-channel attacks. In particular, it is common to deploy SoC-based target devices with high clock frequencies in security-critical scenarios; understanding how such features align with techniques more often deployed against simpler devices is vital from both destructive (i.e., attack) and constructive (i.e., evaluation and/or countermeasure) perspectives. In this paper, we investigate electromagnetic-based leakage from three different means of executing cryptographic workloads (including the general purpose ARM core, an on-chip co-processor, and the NEON core) on the AM335x SoC. Our conclusion is that addressing challenges of the type above {\\em is} feasible, and that key recovery attacks can be conducted with modest resources.

00:17 [Pub][ePrint]

xisting work on data collection and analysis for aggregation is mainly

focused on confidentiality issues. That is, the untrusted Aggregator learns only the aggregation result without divulging individual data inputs. In this paper we extend the existing models with stronger security requirements. Apart from the privacy requirements with respect to the individual inputs we ask for unforgeability for the aggregate result. We first define the new security requirements of the model. We also instantiate a protocol for private and unforgeable aggregation for a non-interactive multi-party environment. I.e, multiple unsynchronized users owing to personal sensitive information without interacting with each other contribute their values in a secure way: The Aggregator learns the result of a function without learning individual values and moreover it constructs a proof that is forwarded to a verifier that will let the latter be convinced for the correctness of the computation. The verifier is restricted to not communicate with the users. Our protocol is provably secure in the random oracle model.

2015-06-16
15:55 [Event][New]

Submission: 6 October 2015
From March 6 to March 9
Location: Taipei, Taiwan

15:54 [Event][New]

Submission: 13 July 2015
From December 6 to December 10
Location: Bangalore, India

2015-06-15
23:09 [Job][New]

We are looking for an excellent, motivated, self-driven doctoral student to work in the area of information security and cryptography. The position is for five years at the Department of Computer Science and Engineering.

The PhD student will join the Chalmers Systems Security group, working in the area of information and communication security with a focus on security and privacy issues in wearable computing devices. More precisely, the student shall be working on investigating efficient authentication mechanisms for wearable computing devices (RFID tags, sensors connected with mobile phones or other wireless devices) that provide: i) accurate and transparent authentication, ii) rigorous privacy guarantees, even if multiple wearable devices are involved in the authentication. The overall aim of the announced PhD position will be to develop nearly optimal algorithms for achieving security while minimising resource use and guaranteeing privacy-preservation.

More concretely, part of the research will involve the analysis and development of authentication protocols in specific settings. This will include investigating resistance of both existing and novel protocols against different types of attacks, theoretically and experimentally. The project should result in the development of theory and authentication mechanisms for noisy, constrained settings that strike an optimal balance between reliable authentication, privacy-preservation and resource consumption.

The PhD student will be supervised by Prof. Katerina Mitrokotsa. Some previous research related to this research project can be found here: http://www.cse.chalmers.se/~aikmitr/

16:00 [Job][New]

The Institute for Logic, Language & Computation at the University of Amsterdam is looking for a postdoctoral researcher in the area of quantum cryptography, as part of Christian Schaffner’s NWO VIDI Project Cryptography in the Quantum Age.

The aim of the project is to develop new quantum-cryptographic protocols (beyond the task of key distribution) and explore their limitations. An example of an active research is position-based quantum cryptography. Another aspect is to investigate the security of classical cryptographic schemes against quantum adversaries (post-quantum cryptography).

The full-time appointment (38 hours per week) will be on a temporary basis, initially for one year with an extension for a further two years on positive evaluation. Depending on experience, the gross monthly salary will range from €2,476 to €3,908 (scale 10), excl. 8% holiday allowance and 8,3% annual bonus.

Prospective candidates should:

• hold or be about to obtain a PhD degree in computer science, mathematics or physics;

• have a proven track record of excellence in cryptography and/or quantum information, as witnessed by a strong publication list in relevant first-tier conference proceedings or journals;

• have in-depth knowledge of one of the following fields is a plus: parallel repetition, limited-quantum-storage models, continuous variables, quantum security notions;

• have strong passion for research, a drive to publish and the wish to learn new skills through working with or assisting in guiding PhD and MSc students;

• have good communication skills in English, both oral and written.

16:00 [Job][New]

The Institute for Logic, Language & Computation at the University of Amsterdam is looking for a PhD candidate in the area of quantum cryptography, as part of Christian Schaffner’s NWO VIDI Project Cryptography in the Quantum Age.

The aim of the PhD project is to develop new quantum-cryptographic protocols (beyond the task of key distribution) and explore their limitations. An example of an active research is position-based quantum cryptography. Another aspect is to investigate the security of classical cryptographic schemes against quantum adversaries (post-quantum cryptography).

The full-time appointment at ILLC will be on a temporary basis for a maximum period of four years (18 months plus a further 30 months after a positive evaluation) and should lead to a dissertation (PhD thesis). On the basis of a full-time appointment (38 hours per week), the gross monthly salary amounts to €2,125 during the first year, rising to €2,717 during the fourth year.

Requirements:

• A Master\'s degree with excellent grades in computer science, mathematics or physics with outstanding results or a comparable degree;

• candidates with a strong background in cryptography or quantum information are preferred;

• demonstrated research abilities by completion of an (undergraduate) research project;

• good academic writing and presentation skills;

• good social and organisational skills.

16:00 [Event][New]

Submission: 1 September 2015
From December 9 to December 11
Location: Beijing, China

09:17 [Pub][ePrint]

In this work, we provide a new algebraic framework for pseudorandom functions which encompasses many of the existing algebraic constructions, including the ones by Naor and Reingold (FOCS\'97), by Lewko and Waters (CCS\'09), and by Boneh, Montgomery, and Raghunathan (CCS\'10), as well as the related-key-secure pseudorandom functions by Bellare and Cash (Crypto\'10) and by Abdalla et al. (Crypto\'14). To achieve this goal, we introduce two versions of our framework. The first, termed linearly independent polynomial security, states that the values $(g^{P_1(\\vec{a})}, \\ldots, g^{P_q(\\vec{a})})$ are indistinguishable from a random tuple of the same size, when $P_1, \\ldots, P_q$ are linearly independent multivariate polynomials of the secret key vector $\\vec{a}$. The second, which is a natural generalization of the first framework, additionally deals with constructions based on the decision linear and matrix Diffie-Hellman assumptions. In addition to unifying and simplifying proofs for existing schemes, our framework also yields new results, such as related-key security with respect to arbitrary permutations of polynomials. Our constructions are in the standard model and do not require the existence of multilinear maps.

09:17 [Pub][ePrint]

An Attribute-Based Signcryption (ABSC) is a natural extension of Attribute-Based Encryption (ABE) and Attribute-Based Signature (ABS), where we have the message confidentiality and authenticity together. Since the signer privacy is captured in security of ABS, it is quite natural to expect that the signer privacy will also be preserved in ABSC. In this paper, first we propose an ABSC scheme which is \\textit{weak existential unforgeable, IND-CCA2} secure in \\textit{adaptive-predicates} attack and achieves \\textit{signer privacy}. Secondly, by applying strongly unforgeable one-time signature (OTS), the above scheme is lifted to an ABSC scheme to attain \\textit{strong existential unforgeability} in \\textit{adaptive-predicates} model. Both the ABSC schemes are constructed on common setup, i.e the public parameters and key are same for both the encryption and signature modules. Our first construction is in the flavor of $\\mathcal{C}{t}\\mathcal{E}\\&\\mathcal{S}$ paradigm, except one extra component that will

be computed using both signature components and ciphertext components. The second proposed construction follows a new paradigm (extension of $\\mathcal{C}{t}\\mathcal{E}\\&\\mathcal{S}$), we call it Commit then Encrypt and Sign then Sign\" ($\\mathcal{C}{t}\\mathcal{E}\\&\\mathcal{S}{t}\\mathcal{S}$). The last signature is done using a strong OTS scheme. Since the non-repudiation is achieved by $\\mathcal{C}{t}\\mathcal{E}\\&\\mathcal{S}$ paradigm, our systems also achieve the same.

09:17 [Pub][ePrint]

We propose a lightweight coprocessor for 16-bit microcontrollers that implements high security elliptic curve cryptography. It uses a 283-bit Koblitz curve and offers 140-bit security. Koblitz curves offer fast point multiplications if the scalars are given as specific $\\tau$-adic expansions, which results in a need for conversions between integers and $\\tau$-adic expansions. We propose the first lightweight variant of the conversion algorithm and, by using it, introduce the first lightweight implementation of Koblitz curves that includes the scalar conversion. We also include countermeasures against side-channel attacks making the coprocessor the first lightweight coprocessor for Koblitz curves that includes a set of countermeasures against timing attacks, SPA, DPA and safe-error fault attacks. When the coprocessor is synthesized for 130 nm CMOS, it has an area of only 4,323 GE. When clocked at 16 MHz, it computes one 283-bit point multiplication in 98 ms with a power consumption of 97.70 $\\mu$W, thus, consuming 9.56 $\\mu$J of energy.