Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:
To receive your credentials via mail again, please click here.
You can also access the full news archive.
We propose four new leakage classes and develop a systematic methodology to study the applicability of ORAM to SSE. We develop a worst-case communication baseline for SSE. We show that completely eliminating leakage in SSE is impossible. We propose single keyword schemes for our leakage classes and show that either they perform worse than streaming the entire outsourced data (for a large fraction of queries) or they do not provide meaningful reduction in leakage. We present detailed evaluation using the Enron email corpus and the complete English Wikipedia corpus.
and the resource utilization of all implementations, and d) RTL VHDL source codes of high-speed implementations of AES and the Keccak Permutation F. We hope that the existence of these resources will substantially reduce the time necessary to develop hardware implementations of all CAESAR candidates for the purpose of evaluation, comparison, and future deployment in real products.
In this article, a prototype which enables such security management is described. The solution is based on a double-processor architecture: one processor embeds a representative set of countermeasures (and mechanisms to define their parameters) and executes the application code. The second processor, on the same chip, applies a given security strategy, but without requesting sensitive data from the first processor. The chosen strategy is based on fuzzy logic reasoning to enable the designer to describe, using a fairly simple formalism, both the attack paths and the normal use cases. A proof of concept has been proposed for the smart card part of a conditional access for Pay-TV, but it could easily be fine-tuned for other applications.
Our method uses shared verification based on precomputed multiplication triples. Such triples are often used to make the protocol execution itself faster, but in this work we make use of these triples especially for verification. The verification preserves the privacy guarantees of the original protocol, and it can be straightforwardly applied to protocols over finite rings, even if the same protocol performs its computation over several distinct rings at once.
tocurrencies allow mutually distrustful parties to transact
safely with each other without trusting a third-party inter-
mediary. In the event of contractual breaches or aborts, the
decentralized blockchain ensures that other honest parties
obtain commesurate remuneration. Existing systems, how-
ever, lack transactional privacy. All transactions, including
flow of money between pseudonyms and amount trasacted,
are exposed in the clear on the blockchain.
We present Hawk, a decentralized smart contract system
that does not store financial transactions in the clear on
the blockchain, thus retaining transactional privacy from the
public\'s view. A Hawk programmer can write a private smart
contract in an intuitive manner without having to implement
cryptography, and our compiler automatically generates an
efficient cryptographic protocol where contractual parties in-
teract with the blockchain, using cryptographic primitives
such as succint zero-knowledge proofs.
To formally define and reason about the security of our
protocols, we are the first to formalize the blockchain model
of secure computation. The formal modeling is of indepen-
dent interest. We advocate the community to adopt such a
formal model when designing interesting applications atop