International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2015-07-16
18:11 [Pub][ePrint]

This paper proposes design of a Fully Homomorphic Ultimate RISC (FURISC) based

processor. The FURISC architecture supports arbitrary operations on data encrypted

with Fully Homomorphic Encryption (FHE) and allows the execution of encrypted programs stored in processors with encrypted memory addresses. The FURISC architecture is designed based on fully homomorphic single RISC instructions like {\\em Subtract Branch if Negative} (SBN) and {\\em MOVE}. This paper explains how the use of FHE for designing the ultimate RISC processor is better in terms of security compared to previously proposed somewhat homomorphic encryption (SHE) based processor. The absence of randomization in SHE can lead to Chosen Plaintext Attacks (CPA) which is alleviated by the use of the FHE based Ultimate RISC instruction. Furthermore, the use of FURISC helps to develop fully homomorphic applications by tackling the {\\em termination} problem, which is a major obstacle for FHE processor design. The paper compares the MOVE based FHE RISC processor with the SBN alternative, and shows that the later is more efficient in terms of number of instructions and time required for the execution of a program. Finally, an SBN based FURISC processor simulator has been designed

to demonstrate that various algorithms can indeed be executed on data encrypted with FHE, providing a solution to the termination problem for FHE based processors and the CPA insecurity of SHE processors simultaneously.

18:11 [Pub][ePrint]

Three-neighbourhood Cellular Automata (CA) are widely studied and accepted as suitable cryptographic primitive. Rule 30, a 3-neighbourhood CA rule, was proposed as an ideal candidate for cryptographic primitive by Wolfram. However, rule 30 was shown to be weak against Meier-Staffelbach attack. The cryptographic properties like diffusion and randomness increase with increase in neighbourhood radius and thus opens the avenue of exploring the cryptographic properties of 4-neighbourhood CA. This work explores whether four-neighbourhood CA can be a better cryptographic primitive. We construct a class of cryptographically suitable 4-neighbourhood nonlinear CA rules that resembles rule 30. One 4-neighbourhood nonlinear CA from this selected class is shown to be resistant against Meier-Staffelbach attack on rule 30, justifying the applicability of 4-neighbourhood CA as better cryptographic primitives.

18:11 [Pub][ePrint]

In this paper, we introduce the notion of (\\epsilon,\\delta)-differential privacy in distribution, a strong version of the existing (\\epsilon,\\delta)-differential privacy, used to mathematically ensure that private data of an individual are protected when embedded into a queried database. In practice, such property is obtained by adding some relevant noise. Our new notion permits to simplify proofs of (\\epsilon,\\delta) privacy for mechanisms adding noise with a continuous distribution. As a first example, we give a simple proof that the Gaussian mechanism is (\\epsilon,\\delta)-differentially private in distribution.

Using differential privacy \\emph{in distribution}, we then give simple conditions for an instance-based noise mechanism to be (\\epsilon,\\delta)-differentially private. After that, we exploit these conditions to design a new (\\epsilon,\\delta)-differentially private instance-based noise algorithm. Compare to existing ones, our algorithm have a better accuracy when used to answer a query in a differentially private manner.

In particular, our algorithm does not require the computation of the so-called Smooth Sensitivity, usually used in instance-based noise algorithms, and which was proved to be NP hard to compute in some cases, namely statistics queries on some graphs. Our algorithm handles such situations and in particular some cases for which no instance-based noise mechanism were known to perform well.

18:11 [Pub][ePrint]

Bitcoin and similar cryptocurrencies are a massive network of

computational devices that maintain the robutness and correctness of the

computation done in the network. Cryptocurrency protocols, including Bitcoin and the

more recent Ethereum system, offer an additional feature that allows

currency users to specify a script\'\' or contract which is executed

collectively (via a consensus protocol) by the network. This feature

can be used for many new applications of cryptocurrencies

beyond simple cash transaction. Indeed, several efforts to develop decentralized applications

are underway and recent experimental efforts have proposed to port a

Linux OS to such a decentralized computational platform.

In this work, we study the security of computations on a cryptocurrency

network. We explain why the correctness of such computations is susceptible to

attacks that both waste network resources of honest miners as well as lead to

incorrect results. The essence of our arguments stems from a deeper

understanding of the incentive-incompatibility of maintaining a correct

blockchain. We explain this via a ill-fated choice called the {\\em verifier\'s

dilemma}, which suggests that rational miners are well-incentivized to accept

an unvalidated blockchain as correct, especially in next-generation

cryptocurrencies such as Ethereum that are Turing-complete. To explain which

classes of computation can be computed securely, we formulate a model of

computation we call the consensus verifiability. We propose a solution that

incentive-compatibility for executing and verifying computation in our

consensus verifiability model. We further propose two different but

complementary approaches to implement our solution in real cryptocurrency

networks like Ethereum. We show the feasibility of such approaches for a set of

practical outsourced computation tasks as case studies.

18:11 [Pub][ePrint]

We unify the many prior variants of point-function obfuscation via a definitional framework in which security is parameterized by a class of algorithms we call target generators, with different notions corresponding to different choices of this class. This leads to an elegant question, namely whether it is possible to provide a generic construction, meaning one that takes an arbitrary class of target generators and returns a point-function obfuscator secure for it. We answer this in the affirmative with three generic constructions, the first based on indistinguishability obfuscation, the second on deterministic public-key encryption and the third on universal computational extractors. By exploiting known constructions of the primitives assumed, we obtain a host of new point-function obfuscators, including many under standard assumptions.

18:11 [Pub][ePrint]

We show general transformations from subexponentially-secure approximate indistinguishability obfuscation (IO) where the obfuscated circuit agrees with the original circuit on a $1/2+\\epsilon$ fraction of inputs, into exact indistinguishability obfuscation where the

obfuscated circuit and the original circuit agree on all inputs (except for a negligible probability over the coin tosses of the obfuscator). As a step towards our results, which is of independent interest, we also obtain an approximate-to-exact transformation for functional encryption. At the core of our techniques is a method for fooling\'\' the obfuscator into giving us the correct answer, while preserving the indistinguishability-based security. This is achieved based on various types of secure computation protocols that can be obtained from different standard assumptions.

Put together with the recent results of Canetti, Kalai and Paneth (TCC 2015), Pass and Shelat (Eprint 2015), and Mahmoody, Mohammed and Nemathaji (Eprint 2015), we show how to convert indistinguishability obfuscation schemes in various ideal models into exact obfuscation schemes in the plain model.

18:11 [Pub][ePrint]

We present a technique to achieve O(n) communication complexity per multiplication for a wide class of robust practical MPC protocols. Previously such a communication complexity was only known in the case of non-robust protocols in the full threshold, dishonest majority setting. In particular our technique applies to robust threshold computationally secure protocols in the case of t

2015-07-15
22:30 [Job][New]

Applications are invited for a full-time PhD position in the Security in Information Technology (SIT) Research Group at Technische Universität Darmstadt, Germany, under the direction of Prof. Dr. Michael Waidner.

The vacancy is within the newly established research training group \"Privacy and Trust for Mobile Users\", funded by DFG, the German Research Foundation.

We are looking for a candidate interested in working at the intersection of privacy engineering, identity management, applied cryptography, and machine learning, starting October 01, 2015.

2015-07-14
16:24 [Event][New]

Submission: 15 October 2015
From December 7 to December 8
Location: Beijing, China

2015-07-13
18:03 [Job][New]

We are looking for a research scientist or post-doc in cryptography to work on novel cryptographic concepts for emerging ICT domains (e.g. cloud computing or cyber physical systems). Ideally you have experience in fields like modern public-key cryptography, distributed cryptography, privacy enhancing technologies, or multi-party computation. You will be involved in a EU research project on identity management and research/improve cryptography for secure and privacy preserving cloud based identity management.

Further infos:

• Project site (avail. soon): https://www.credential.eu

• AIT Digital Safety & Security Department: http://www.ait.ac.at/departments/digital-safety-security

,

18:02 [Event][New]

Submission: 15 October 2015