______________________________________________________________________________ ______________________________________________________________________________ IACR Newsletter The newsletter of the International Association for Cryptologic Research. Vol. 20, No. 3, (Late) Fall 2003. Published by the International Association for Cryptologic Research Christian Cachin, Editor ______________________________________________________________________________ ______________________________________________________________________________ http://www.iacr.org/newsletter/ ______________________________________________________________________________ Contents ______________________________________________________________________________ * Editorial * 2003 Election results * IACR Fellows * Online access to the Journal of Cryptology * Crypto 2004: call for papers * New books + Al-Kindi' Treatise on Cryptanalysis + UMTS Security * New reports in the Cryptology ePrint Archive * Open positions * Calendar of events in cryptology * IACR contact information ______________________________________________________________________________ Editorial ______________________________________________________________________________ Welcome to the 16th electronic issue of the IACR Newsletter! Just before the holiday season, here is an update of information from IACR. Summary of the highlights in this issue: the [1]election results, the [2]IACR Fellows program, and [3]online access to the Journal of Cryptology. But I found the most interesting bit the [4]"new" book reviewed by Peter Landrock - in fact, a translation of an Arabic volume more than 1000 years old. This issue is again marked by some production delay on behalf of your editor, for which I apologize, but I am afraid this state will not change until [5]Eurocrypt 2004! Please send your contributions to the Newsletter to newsletter@iacr.org The next issue of the IACR Newsletter is scheduled for publication in February 2004. However, announcements will be posted on the IACR Website as soon as possible. Christian Cachin IACR Newsletter Editor 1. http://www.iacr.org/elections/2003/results.html 2. http://www.iacr.org/newsletter/v20n2/fellows.html 3. http://www.iacr.org/newsletter/v20n3/online.html 4. http://www.iacr.org/newsletter/v20n3/newbooks.html 5. http://www.zurich.ibm.com/eurocrypt2004/ ______________________________________________________________________________ IACR 2003 Elections: Results ______________________________________________________________________________ The Election Committee is pleased to report the results of the 2003 Election. Nine candidates stood for the three open positions of Director. The three candidates with the highest number of votes were elected. We thank everyone who voted. Those elected are: Arjen Lenstra Tom Berson Lars Knudsen Their terms will expire on 31 December 2006. We thank all the candidates, whether they were successful or not, for their significant support of IACR. People such as these, who are willing to accept an office and to then give generously of their time and expertise, are vital to the smooth working of our all-volunteer community. We declare the above information to be true and correct. --Election Committee --Witnesses James Hughes Hiranmayee Subramaniam Bart Preneel Zhiqiang Yang Rebecca Wright The detailed results are available at http://www.iacr.org/elections/2003/details.html ______________________________________________________________________________ IACR Fellows ______________________________________________________________________________ Nominations and endorsements of IACR-Fellow candidates are due on December 31, 2003. Fellows are expected to be 'model citizens' of the cryptologic community. Most of them will have demonstrated sustained and significant accomplishment in both technical work and service to the community, but a very small number may be chosen for unique and crucial accomplishment in only one of the two. Complete descriptions of the Fellows Program and of the nomination and endorsement procedures can be found at http://www.iacr.org/fellows/. ______________________________________________________________________________ Online access to the Journal of Cryptology ______________________________________________________________________________ Online access to the Journal of Cryptology is provided for IACR members during 2003-2004 at http://www.springerlink.com/, using the following Username: iacr.multipleuser Password: IACR members have to proceed via the LOGIN button, then click on BROWSE and mark "Viewable Publications". Then the "Journal of Cryptology" appears together with some other freely accessible titles. ______________________________________________________________________________ CRYPTO 2004: Call for Papers ______________________________________________________________________________ Original research papers on all technical aspects of cryptology are solicited for submission to Crypto 2004, the Twenty-Fourth Annual IACR Crypto Conference. Crypto 2004 is sponsored by the [1]International Association for Cryptologic Research (IACR), in cooperation with the [2]IEEE Computer Society Technical Committee on Security and Privacy, and the [3]Computer Science Department of the University of California, Santa Barbara. Important dates are: Submission deadline: February 10, 2004, 18:00 PST Notification of decision: April 30, 2004 Proceedings version deadline: May 26, 2004, 18:00 PST Conference: August 15 - 19, 2004 Instructions for Authors Submissions must not substantially duplicate work that any of the authors has published elsewhere or has submitted in parallel to any other conference or workshop that has proceedings. Accepted submissions may not appear in any other conference or workshop that has proceedings. Submission Format: The submission must be anonymous, with no author names, affiliations, acknowledgments, or obvious references. It should begin with a title, a short abstract, and a list of keywords. The length of the submission should be at most 12 pages excluding bibliography and appendices. It should use at least 11-point fonts and have reasonable sized margins. The introduction should summarize the contributions of the paper at a level appropriate for a non-specialist reader. Committee members are not required to read appendices; the paper should be intelligible without them. Submissions not meeting these guidelines risk rejection without consideration of their merits. Electronic Submission: Electronic submission is strongly encouraged. A detailed description of the electronic submission procedure is is forthcoming. Hardcopy Submission: Authors unable to submit electronically may, as a strongly discouraged last resort, send a cover letter and 24 double-sided hardcopies of their submission to the program chair at the [4]postal address below. Authors intending to submit via hardcopy should contact the program chair on or before February 3, 2004. Submissions must be received by the program chair on or before February 10, 2004, 18:00 PST. Late submissions, regardless of postmark, and submissions by fax will not be considered. Hardcopy submission must include a cover letter containing the paper's title and the names and affiliations of the authors, and should identify the contact author including e-mail and postal addresses. Decisions and Presentation: Notification of acceptance or rejection will be sent to authors by April 30, 2004. Authors of accepted papers must guarantee that their paper will be presented at the conference. Conference Proceedings: Proceedings will be published in Springer-Verlag's Lecture Notes in Computer Science and will be available at the conference. Clear instructions about the preparation of a final proceedings version will be sent to the authors of accepted papers. The final copies of the accepted papers will be due on May 26, 2004. Program Committee Bill Aiello, AT&T Labs Jee Hea An, SoftMax Eli Biham, Technion John Black, University of Colorado at Boulder Anne Canteaut, INRIA Ronald Cramer, University of Aarhus Yevgeniy Dodis, New York University Matt Franklin, U. C. Davis (program chair) Yuval Ishai, Technion Lars Knudsen, Technical University of Denmark Hugo Krawczyk, Technion/IBM Pil Joong Lee, Pohang Univ. of Sci. & Tech. Phil MacKenzie, Bell Labs Tal Malkin, Columbia University Willi Meier, Fachhochschule Aargau Daniele Miccianco, U. C. San Diego Tatsuaki Okamoto, NTT Rafail Ostrovsky, U. C. L. A. Torben Pedersen, Cryptomathic Bart Preneel, Katholieke Universiteit Leuven Alice Silverberg, Ohio State University Nigel Smart, Bristol University Serge Vaudenay, EPFL David Wagner, U. C. Berkeley Stefan Wolf, University of Montreal Advisory Members: Dan Boneh, program chair Crypto 2003 Victor Shoup, program chair Crypto 2005 Contact Information for the Program Chair Matt Franklin franklin@cs.ucdavis.edu phone: +1-530-752-2017 fax: +1-530-752-4767 One Shields Avenue Davis, CA, 95616 USA Other Information For other information contact General Chair: Jim Hughes James_Hughes@storagetek.com phone: +1-763-424-1676 Fax: +1-612-677-3007 7600 Boone Ave No Mineapolis, MN, 55428 USA Stipends: A limited number of stipends are available to those unable to obtain funding to attend the conference. Students whose papers are accepted and who will present the paper themselves are encouraged to apply if such assistance is needed. Requests for stipends should be addressed to the General Chair. ______________________________________________________________________________ New Books ______________________________________________________________________________ This page lists new books about cryptology, and occasionally reviews one. ** Al-Kindi' Treatise on Cryptanalysis ** An annotated translation into English from the original Arabian manuscript. By M. Mrayati, Y.Meer Alam and M.H. at-Tayyan (translation by Said M. al-Asaid). Vol. 1 of Series on Arabic Origins of Cryptology, revised by Mohammed I. Al-suwaiyel, Ibrahim H. Al-Kadi and Marwan al-Bawab. Published by KFCRIS and KACST. Reviewed by Peter Landrock. It is a well established fact (see e.g. David Kahn's book, the Codebreakers) albeit perhaps not that well-known that the first scholarly and profound treatments of cryptography and cryptanalysis go back to the Arabs. The reason why this has attracted limited attention is that until recently, the sources, which proves this were to a large degree unknown at least in the Western world - and the "established fact" was mostly based on references to various manuscripts, the whereabouts of which were not clear.. It is no surprise that one of the oldest civilizations that we know of with a written language took an interest in cryptography. I have sometimes stated that cryptography must be the second oldest profession in the world, as it seems to be an essential feature on human nature that if three or more people are together, some of them want to share a secret. It is interesting to establish then when cryptography transformed from art to science. The readers familiar with Simon Singh's excellent documentary on the BBC on cryptography may recall an interview there with the first author, Dr. M. Mrayati, about the discovery of al-Kindi's manuscript at the old library in Istanbul. It dates back to the ninth century: al-Kindi was born around 801 AD and died in 873. Often referred to as "the philosopher of the Arabs," he received most of his education in Baghdad, where he built a very impressive library. Due to the persistence of the authors, and the generous help and assistance of many colleagues, a number of these original manuscripts have been recovered, and a whole series has been dedicated to the translation, of which this is the first and one of the most significant as it basically makes the birth of cryptology as a science. The whole series is planned to publish 15 original manuscripts in 9 annotated volumes. As space here is limited, I cannot but give a vague impression of the content of the first volume and urge interested readers to request their own (free) copy from KACST, King Abdulaziz City for Science and Technology in Riyadh or King Faisal Center for Research and Islamic Studies, P.O. Box 51049, Ryiadh, 11543, KSA. The book under review starts off with an analytic study of cryptology in the Arab civilization in Chapter 1, and continues with a study of al-Kindi's treatise in Chapter 2. Finally, Chapter 3 is a translation of al-Kindi's book, with translation on the left and a photocopy of the translated page on the right. The first two chapters are very rich on historical facts and observations. The main topics of al-Kindi's book are methods of cryptanalysis, encipherments, cryptanalysis of certain encipherments and statistical analysis of letters and letter combinations in Arabic. The first chapter on methods of cryptanalysis addresses probe as well as poetry (the latter presenting a charming alternative to the topics usually considered by members of the IACR :-)), and lists three principles: 1) the qualitative characteristics of letters, such as frequency of occurrence, observing that the quality of this depends on the length of the text. 2) the qualitative characteristics of letters, i.e. association and disassociation, listíng the most common 2- and 3-letter combinations, and 3) likely phrases (i.e. known-plaintext attacks). His list of letter frequency builds on an analysis of a particular text of 3667 letters (see table p. 58). It was of course essential for his statistical analysis that he was using the Arabic numericals (albeit the East Arabic numbers, which are the symbols used in India, as opposed to what we use in the Western world, which are the West Arabic numericals) rather than the Romans, as pointed out by the authors. In the second chapter al-Kindi discusses various means of encipherment, most likely based on his experience with encrypted texts in his library, and he classifies these methods, which he "... represents [] in a tree-diagram, so that all our senses participate in understanding the craft, and facilitate its comprehension ..." The methods described include substitution - mono-alphabetic as well as poly-alphabetic - and transposition, coding and key-dependent encryption. In the following chapter, he returns to applied cryptanalysis, where the methods introduced in chapter 1 are applied to some of the encryption schemes he introduced in the previous chapter. He addresses 7 different tools in some detail. The last chapter is devoted to letter combinations in Arabic and as such is as much a study in linguistics as cryptology. One of his achievements is to establish 94 non-possible combinations of the 29 consonants in Arabic. All in all, this book is an excellent account of the origins of cryptology as an Arabic Science, and at the same time a good overview of related sciences in the Arab world at the same time, e.g. in mathematics (combinatorics) and linguistics, which is highly recommendable reading, and we should all be grateful that this has been made available to our whole community. NB. It is planned to make copies of the book freely available at Eurocrypt 2004 in Interlaken. ** UMTS Security ** UMTS Security Valtteri Niemi and Kaisa Nyberg, Nokia Research Centre, Finland Publisher: WILEY ISBN: 0470 847 948 Available: November 2003 Price: Hbk GBP 55.00 EUR 82.50 DESCRIPTION The Universal Mobile Telecommunication System (UMTS) offers a consistent set of services to mobile computer and phone users and numerous different radio access technologies will co-exist within the UMTS system's core network - security is, therefore, of the utmost importance. UMTS Security focuses on the standardized security features of UMTS and brings together material previously only available in specifications, design documents and presentations in one concise form. In addition, this unique volume also covers non-standard implementation specific features that allow differentiation between operators and manufacturers. Describes the security solutions specified for UMTS Provides a comprehensive presentation of the UMTS security specifications and explains the role of the security functionality in the UMTS system Presents the UMTS security system in its totality from the theoretical background through to the design process Discusses the new security features included in Release 4 and 5. By providing a unified treatment of the security services provided by the UMTS system, this volume will provide invaluable information and have instant appeal to planners, constructers and implementers of UMTS networks, and developers and analysts of application oriented security services that make use of UMTS communication networks. It will also be of considerable interest to postgraduates and researchers of modern communication security technology. |-----------------------------------------------------------| | CONTENTS | | | | 1 CHAPTER ONE: Introduction to security and to UMTS. | | 1.1 Security in telecommunications. | | 1.2 The background of 3G. | | 1.3 The 3rd Generation Partnership Project. | | 1.4 3GPP network architecture. | | 1.5 WCDMA radio technology. | | 2 CHAPTER TWO: UMTS security features in Release 99. | | 2.1 Access security to UMTS. | | 2.2 Interworking with GSM . | | 2.3 Additional security features in Release 99. | | 3 CHAPTER THREE: Cryptographic Algorithms for UMTS. | | 3.1 Introduction to Cryptography. | | 3.2 3GPP Algorithms Specification Principles . | | 3.3 Confidentiality and Integrity Algorithms. | | 3.4 Kernel Algorithm KASUMI. | | 3.5 Authentication and Key Generation Algorithm. | | 4 CHAPTER FOUR: Security features in releases 4 and 5. | | 4.1 Network domain security. | | 4.2 IMS security. | | 4.3 Other security systems. | |-----------------------------------------------------------| Please send your new book announcements to the newsletter editor at newsletter at iacr.org ______________________________________________________________________________ New Reports in the Cryptology ePrint Archive ______________________________________________________________________________ (The list contains reports posted since the last newsletter issue appeared.) 2003/253 ( PDF ) Aspects of Hyperelliptic Curves over Large Prime Fields in Software Implementations Roberto Maria Avanzi 2003/252 ( PS PS.GZ PDF ) On Simulation-Sound Trapdoor Commitments Philip MacKenzie and Ke Yang 2003/251 ( PDF ) Isomorphism Classes of Hyperelliptic Curves of genus 3 over finite fields EunKyung Jeong 2003/250 ( PS PS.GZ PDF ) Breaking the Stream Cipher Whitenoise Hongjun Wu 2003/249 ( PDF ) Software Specifications For Tinnitus Utilizing Whitenoise Substitution Stream Cipher Stephen Boren and Andre Brisson 2003/248 ( PS PS.GZ PDF ) Efficient Implementation of Genus Three Hyperelliptic Curve Cryptography over GF(2^n) Izuru Kitamura and Masanobu Katagi 2003/247 ( PDF ) ID-based Authenticated Two Round Multi-Party Key Agreement Xinjun Du and Ying Wang and Jianhua Ge and Yumin Wang 2003/246 ( PDF ) A Hybrid Encryption Protocol for Quantum Digital Signature Xin L¨¹ and Deng-guo Feng 2003/245 ( PS PS.GZ PDF ) A Key Substitution Attack on SFLASH^{v3} Willi Geiselmann and Rainer Steinwandt 2003/244 ( PS PS.GZ PDF ) Efficient Public Key Steganography Secure Against Adaptively Chosen Stegotext Attacks Tri Van Le and Kaoru Kurosawa 2003/243 ( PS PS.GZ PDF ) An Attack on Not-interactive Designated Verifier Proofs for Undeniable Signatures Guilin Wang 2003/242 ( PS PS.GZ PDF ) Improved Weil and Tate pairings for elliptic and hyperelliptic curves Kirsten Eisentraeger and Kristin Lauter and Peter L. Montgomery 2003/241 ( PS PS.GZ PDF ) Hybrid Broadcast Encryption and Security Analysis Shaoquan Jiang and Guang Gong 2003/240 ( PS PS.GZ PDF ) How to Break and Repair a Universally Composable Signature Functionality Michael Backes and Dennis Hofheinz 2003/239 ( PS PS.GZ PDF ) On Universally Composable Notions of Security for Signature, Certification and Authentication Ran Canetti 2003/238 ( PDF ) Chameleon Signature from Bilinear Pairing Xinjun Du and Ying Wang and Jianhua Ge and Yumin Wang 2003/237 ( PS PS.GZ PDF ) Low-Cost Solutions for Preventing Simple Side-Channel Analysis: Side-Channel Atomicity Benoit Chevallier-Mames and Mathieu Ciet and Marc Joye 2003/236 ( PDF ) Combinational Logic Design for AES SubByte Transformation on Masked Data Elena Trichina 2003/235 ( PS PS.GZ PDF ) Fuzzy Extractors and Cryptography, or How to Use Your Fingerprints Yevgeniy Dodis and Leonid Reyzin and Adam Smith 2003/234 ( PS PS.GZ ) Generalized Key-Evolving Signature Schemes or How to Foil an Armed Adversary Gene Itkis and Peng Xie 2003/233 ( PS PS.GZ PDF ) Public Key Steganography Luis von Ahn and Nicholas J. Hopper 2003/232 ( PS PS.GZ PDF ) The Statistical Zero-knowledge Proof for Blum Integer Based on Discrete Logarithm Chunming Tang and Zhuojun Liu and Jinwang Liu 2003/231 ( PS PS.GZ PDF ) Public-Key Steganography with Active Attacks Michael Backes and Christian Cachin 2003/230 ( PS PS.GZ PDF ) A Fast Provably Secure Cryptographic Hash Function Daniel Augot and Matthieu Finiasz and Nicolas Sendrier 2003/229 ( PS PS.GZ PDF ) Algebraic Attacks on Summation Generators Dong Hoon Lee and Jaeheon Kim and Jin Hong and Jae Woo Han and Dukjae Moon 2003/228 ( PDF ) Verifiably Committed Signatures Provably Secure in The Standard Complexity Model Huafei Zhu 2003/227 ( PS PS.GZ PDF ) Attacks on a Secure Group Communication Scheme With Hierarchical Access Control Willi Geiselmann and Rainer Steinwandt 2003/226 ( PS PS.GZ PDF ) On the Security of a Group Signature Scheme with Forward Security Guilin Wang 2003/225 ( PS PS.GZ ) A Practical Parallel Domain Extender for UOWHF Palash Sarkar 2003/224 ( PDF ) Two Protocols from the Tate Pairing Noel McCullagh and Michael Scott 2003/223 ( PS PS.GZ PDF ) Cryptanalysis of a Cryptosystem based on Drinfeld modules Simon R. Blackburn, Carlos Cid and Steven D. Galbraith 2003/222 ( PS PS.GZ PDF ) A Verifiable Secret Sharing Scheme with Statistical zero-knowledge Chunming Tang and Zhuojun Liu and Mingsheng Wang 2003/221 ( PS PS.GZ PDF ) A Cryptanalysis of the Original Domingo-Ferrer's Algebraic Privacy Homomophism Jung Hee Cheon and Hyun Soo Nam 2003/220 ( PS PS.GZ PDF ) A short comment on the affine parts of SFLASH^{v3} Willi Geiselmann and Rainer Steinwandt 2003/219 ( PS PS.GZ PDF ) Cryptanalysis of the Repaired Public-key Encryption Scheme Based on the Polynomial Reconstruction Problem Jean-Sebastien Coron 2003/218 ( PDF ) A Security Evaluation of Whitenoise David Wagner 2003/217 ( PS PS.GZ PDF ) Chemical Combinatorial Attacks on Keyboards Eric Brier and David Naccache and Pascal Paillier 2003/216 ( PS PS.GZ PDF ) Building Secure Indexes for Searching Efficiently on Encrypted Compressed Data. Eu-Jin Goh 2003/215 ( PDF ) Divide and Concatenate: A Scalable Hardware Architecture for Universal MAC Bo Yang and Ramesh Karri and David Mcgrew 2003/214 ( PS PS.GZ ) Multi-trapdoor Commitments and their Applications to Proofs of Knowledge Secure under Concurrent Man-in-the-middle Attacks Rosario Gennaro 2003/213 ( PS PS.GZ PDF ) Isomorphism Classes of Hyperelliptic Curves of Genus 2 over $\mathbb{F}_{2^n}$ Y.Choie and E.Jeong 2003/212 ( PS PS.GZ PDF ) High Performance Arithmetic for Hyperelliptic Curve Cryptosystems of Genus Two Jan Pelzl and Thomas Wollinger and Christof Paar 2003/211 ( PS PS.GZ PDF ) SFLASHv3, a fast asymmetric signature scheme Nicolas T. Courtois, Louis Goubin and Jacques Patarin 2003/210 ( PS PS.GZ PDF ) On a Relation Between Verifiable Secret Sharing Schemes and a Class of Error-Correcting Codes Ventzislav Nikov and Svetla Nikova 2003/209 ( PS PS.GZ PDF ) Using the Trace Operator to repair the Polynomial Reconstruction based Cryptosystem presented at Eurocrypt 2003 Daniel Augot and Matthieu Finiasz and Pierre Loidreau 2003/208 ( PS PS.GZ PDF ) ID-Based Chameleon Hashes from Bilinear Pairings Fangguo Zhang and Reihaneh Safavi-Naini and Willy Susilo 2003/207 ( PS PS.GZ PDF ) Security Flaws in Several Group Signatures Proposed by Popescu Guilin Wang, and Sihan Qing 2003/206 ( PS PS.GZ PDF ) Identity Based Undeniable Signatures Benoît Libert and Jean-Jacques Quisquater 2003/205 ( PS PS.GZ PDF ) Improved Cryptanalysis of SecurID Scott Contini and Yiqun Lisa Yin 2003/204 ( PDF ) A Composition Construction of Bent-Like Boolean Functions from Quadratic Polynomials ZENG Xiangyong and HU Lei 2003/203 ( PS PS.GZ PDF ) A Timing Attack on Hyperelliptic Curve Cryptosystems Masanobu Katagi and Izuru Kitamura and Toru Akishita and Tsuyoshi Takagi 2003/202 ( PS PS.GZ PDF ) Yet Another Sieving Device Willi Geiselmann and Rainer Steinwandt 2003/201 ( PDF ) an attack on a multisignature scheme Zheng dong & KF.chen 2003/200 ( PDF ) Cryptanalysis of B.Lee-S.Kim-K.Kim Proxy Signature Zheng Dong , Shengli Liu & kefei Chen 2003/199 ( PS PS.GZ PDF ) Cryptanalysis of a Message Authentication Code due to Cary and Venkatesan Simon R. Blackburn and Kenneth G. Paterson 2003/198 ( PS PS.GZ PDF ) Construction of Perfect Nonlinear and Maximally Nonlinear Multi-Output Boolean Functions Satisfying Higher Order Strict Avalanche Criteria Kishan Chand Gupta and Palash Sarkar 2003/197 ( PS PS.GZ PDF ) Revisiting fully distributed proxy signature schemes Javier Herranz and German Saez 2003/196 ( PS PS.GZ PDF ) Security Analysis of Some Proxy Signatures Guilin Wang, Feng Bao, Jianying Zhou, and Robert H. Deng 2003/195 ( PDF ) Searchable Public Key Encryption Dan Boneh and Giovanni Di Crescenzo and Rafail Ostrovsky and Giuseppe Persiano 2003/194 ( PS PS.GZ PDF ) Security Analysis of Several Group Signature Schemes Guilin Wang 2003/193 ( PS PS.GZ PDF ) Efficient Extension of Standard Schnorr/RSA signatures into Universal Designated-Verifier Signatures Ron Steinfeld and Huaxiong Wang and Josef Pieprzyk 2003/192 ( PS PS.GZ PDF ) Universal Designated-Verifier Signatures Ron Steinfeld and Laurence Bull and Huaxiong Wang and Josef Pieprzyk 2003/191 ( PS PS.GZ ) Projective Coordinates Leak David Naccache and Nigel Smart and Jacques Stern 2003/190 ( -- withdrawn -- ) Extending Joux's Protocol to Multi Party Key Agreement Rana Barua and Ratna Dutta and Palash Sarkar 2003/189 ( PDF ) Cryptanalysis of publicly verifiable authenticated encryption Zuhua Shao 2003/188 ( PDF ) A New Forward Secure Signature Scheme using Bilinear Maps Fei Hu and Chwan-Hwa Wu and J. D. Irwin 2003/187 ( PS PS.GZ ) Resource Bounded Unprovability of Computational Lower Bounds Tatsuaki Okamoto and Ryo Kashima 2003/186 ( PS PS.GZ PDF ) Safe Prime Generation with a Combined Sieve Michael J. Wiener 2003/185 ( PS PS.GZ PDF ) VMPC Stream Cipher Bartosz Zoltak 2003/184 ( PS PS.GZ PDF ) What do DES S-boxes Say to Each Other ? Nicolas T. Courtois and Guilhem Castagnos and Louis Goubin 2003/183 ( PDF ) Certificate-Based Encryption and the Certificate Revocation Problem Craig Gentry 2003/182 ( PS PS.GZ PDF ) Chosen-Ciphertext Security from Identity-Based Encryption Ran Canetti, Shai Halevi, and Jonathan Katz ______________________________________________________________________________ Open Positions in Cryptology ______________________________________________________________________________ IACR provides a listing of open positions with a focus on cryptology. The listing is available on the Web at [1]http://www.iacr.org/jobs/ and also included in the [2]IACR Newsletter that is sent to members three times per year. To advertise your job opportunities, please send a description of no more than 150 words in plain ASCII text by email to jobs(at)iacr.org. This should include an URL and further contact information. No attachments or word documents, please! (Submissions in other formats than text will not be posted.) As this is intended to be a service to the members of IACR, it is free for all members. We ask that commercial enterprises who want to advertise their openings identify at least one of their employees who is a member of IACR. (IACR does not know corporate membership.) Please contact the membership secretariat to [3]become a member of IACR. On top of that, IACR accepts donations and is always looking for sponsors for its conferences. _________________________________________________________________ ETH Zurich Subject: Research Position in Information Security at ETH Zurich on FORMAL METHODS FOR SECURITY PROTOCOLS The Chair of Information Security at the ETH Zurich (Prof. David Basin) has an open research position on formal methods for security protocols. The position is within the Zurich Information Security Center (ZISC) and is in collaboration with researchers at the IBM Zurich Research Laboratory. The research project concerns developing formal abstractions and techniques to carry out cryptographically faithful proofs of security protocols. The project will build on recent research results on universally composable cryptographic libraries, i.e. libraries of abstract composable cryptographic functions that are sound with respect to an actual library of cryptographic functions. The objectives are to formalize these functions within a theorem prover (Isabelle/HOL) and further develop the foundations to the point where they can be applied to realistic security protocols. In doing so, the aim is to bridge the gap between formal-methods proofs of protocol security and cryptographic research on the properties of actual cryptographic operators. The position is planned for ca. 3 years. A Masters Degree (or equivalent) in computer science is required. The position may also be filled by a post doctoral researcher. The idea candidate will have a strong background in both Information Security (in particular cryptography) and formal methods (in particular theorem proving in higher-order logic), although strong candidates in either of these areas (with an interest to learn the other) are also invited to apply. Researchers at the ETH Zurich are paid employees of the university who may simultaneously pursue their Ph.D within the project. The salary and conditions at ETH are attractive, and Zurich is one of the world's most livable cities. Further information on the ZISC may be found at http://www.zisc.ethz.ch/. Further information on the Information Security group is available at http://www.infsec.ethz.ch. Further informations on the foundations used in the project may be found at http://www.zurich.ibm.com/security/models/. Applications may be sent to Information Security Group IFW C 43.2 ETH Zentrum 8092 Zurich Switzerland or by email to positions@zisc.ethz.ch (15-Dec-03) _________________________________________________________________ Lockheed Martin Middle East Services From: Jonathan Low [mailto:jon_low@yahoo.com] Sent: Wednesday, December 10, 2003 11:31 PM Subject: Cryptologist job Please be advised that Lockheed Martin Middle East Services is looking for a cryptologist to assist the Royal Saudi Air Force with their cryptologic communications and their Mode 4 IFF (Indentify Friend or Foe) encrypted secondary surveillance radar. The job will be in Riyadh, Kingdom of Saudi Arabia. Please submit resumes to Mr. David Jensen of Lockheed Martin Middle East Services, email: dgjensen@lmmes.com (12-Dec-03) _________________________________________________________________ RSA Security RSA Security is looking for a Security & Privacy Solutions Architect. Location - United States - Bedford, MA Function - R&D Working Hours/Week 40 Position Description Architect solutions for privacy and security in an emerging field using RSA Security's products, services and new technologies * Engage with key customers to understand their functional and architectural requirements * Collaborate with leading researchers to develop new innovative technologies * Participate in emerging industry standards forums * Design solution bundles using RSA's products and services, together with new technologies * Present general solutions to customers through seminars and training, and provide specific solutions through consulting * Facilitate new business opportunities including product sales and technology licensing Qualifications Significant experience designing solutions for customers, including strong communications skills, is required Knowledge of security and privacy technologies required Prior involvement in industry standards a plus Bachelors degree in Computer Science or Business required with a preference for a Masters degree Ability to work well in a team with research, development, sales and marketing is expected http://www.rsasecurity.com/company/careers/northamerica.html Requisition Number 596BR (06-Dec-03) _________________________________________________________________ Macquarie University, Sydney, Australia Macquarie University, Sydney, Australia DIVISION OF INFORMATION AND COMMUNICATION SCIENCES Research Fellow (Level A or B) (Algebraic Models of Stream Ciphers) (Full-time (fixed-term)) Ref. 19669 The position is funded by a project on Algebraic Models of Stream Ciphers funded by Australian Research Council grant. The project is a part of larger research efforts conducted in the Centre for Advanced Computing -- Algorithms and Cryptography (ACAC). Applicants should indicate the level at which they are applying or whether they wish to be considered at both levels. Essential Criteria at level A: PhD (or submitted thesis) in Computer Science or Mathematics or a related area; strong background in cryptography or algorithm design and analysis; ability to present research results at scientific meetings and to publish in the scientific literature; excellent written and communication skills. Additional Essential Criteria for Level B: At least three years postdoctoral research experience or equivalent; strong publication record; background in design and analysis of cryptographic systems or protocols. Enquiries: Professor Josef Pieprzyk on +61 2 9850 9516 or e-mail josef@ics.mq.edu.au For details see http://www.pers.mq.edu.au/ads/index.html (21-Nov-03) _________________________________________________________________ University of Aarhus - Department of Computer Science Professorship in Theoretical Computer Science A full professorship in the area of theoretical computer science is available at the Department of Computer Science, starting April 1, 2004. The professorship is intended for an applicant with documented research at a high international level. The professor will take part in the activities of the institute within theoretical computer science, covering the areas of algorithms, complexity theory cryptology, logic in computer science, and semantics. The professor is expected to contribute to teaching at all levels. The Department of Computer Science conducts research and teaching in theoretical as well as experimental computer science. The staff is close to 200 people, including 25 full or associate professors, and 60 PhD students. The number of M.Sc. students is approximately 500. Applications must be in English and include a curriculum vitae, a complete list of publications, a statement of future research plans and information about research activities, teaching qualifications and management experience, all in 4 copies. All other material that the applicant wishes to be considered in the evaluation (publications and other documentation of research and teaching qualifications, as well as management experience) must be enclosed in 3 copies. The Faculty refers to the Ministerial Order No. 820 of 31.8.2000 on the appointment of teaching and research staff at the universities under the Ministry of Research and Information Technology Applications should be addressed to The Faculty of Science, University of Aarhus, Ny Munkegade, Building 520, DK-8000 Aarhus C, Denmark, and marked 211/5-4 The deadline for receipt of all applications is December 5, 2003, at 12,00 noon. For more information, please contact the head of the department Kurt Jensen (e-mail: kjensen@daimi.au.dk. Phone: +45 8942 5612) or consult the Web pages: http://www.daimi.au.dk/. (19-Nov-03) _________________________________________________________________ Indiana University Bloomington Indiana University Bloomington School of Informatics Tenure-track faculty positions in cybersecurity at all ranks, starting Fall 2004, are available at IU's new School of Informatics. Candidates are expected to have an appreciation for both the social and technical dimensions of cybersecurity. Technical areas include cryptography, communication and network security, system security, privacy, information assurance, and biometrics. The School has strong ties to the Computer Science Department, the Center for Applied Cybersecurity Research, and the Advanced Network Management Lab. Excellent work conditions include low teaching loads, attractive salaries, and world-class computing and library facilities. Located on the rolling wooded hills of southern Indiana, Bloomington is a culturally thriving college town with moderate cost of living. For more information and application procedures: http://www.informatics.indiana.edu/positions/ Review of applications will begin immediately; the search will remain open until the positions are filled. Indiana University is an EO/AA employer. (14-Nov-03) ______________________________________________________________________________ IACR Calendar of Events in Cryptology ______________________________________________________________________________ The IACR calendar lists events (conferences, workshops, ...) that may be of interest to IACR members or deal with research in cryptology. If you want to have an event listed here, please [1]fill out this form or send email to webmaster(at)iacr.org . (The current condition for being listed here is that the description of an event must contain the substring "crypt" anywhere.) 2003 * [2]International Conference on "Number Theory for Secure Communications" (icnsen2k3), December 20-21, Kumbakonam, India. * [3]DIMACS 2003-2006 Special Focus on Communication Security and Information Privacy, 2003-2006, DIMACS Center, Rutgers University, USA. 2004 * [4]Advanced Course on Contemporary Cryptology, February 2-13, Barcelona, Spain. * [5]Fast Software Encryption (FSE 2004), February 5-7, New Delhi, India. * [6]Network and Distributed System Security Symposium (NDSS'04), February 5-7, San Diego, CA, USA. * [7]Eighth International Financial Cryptography Conference (FC '04), February 9-12, Key West, Florida, USA. * [8]Theory of Cryptography Conference (TCC 2004), February 19-21, MIT, Cambridge, MA, USA. * [9]RSA Conference 2004, Cryptographers' Track (CT-RSA '04), February 23-27, San Francisco, CA, USA. * [10]International Workshop on Practice and Theory in Public Key Cryptography (PKC 2004), March 1-4, Singapore. * [11]ITCC 2004 Special Track on Information Assurance and Security (ITCC 2004), April 5-7, Las Vegas, NV, USA. * [12]3rd Annual PKI R&D Workshop (pki04), April 12-14, Gaithersburg, MD, USA. * [13]Eurocrypt 2004, May 2-6, Interlaken, Switzerland. * [14]2004 IEEE Symposium on Security and Privacy (IEEE S&P 2004), May 9-12, Berkeley, USA. * [15]2004 ACM Conference on Electronic Commerce, May 17-21, New York, USA. * [16]6th Information Hiding Workshop (IH2004), May 23-25, Toronto, Canada. * [17]Workshop on Privacy Enhancing Technologies (PET'04), May 26-28, Toronto, Canada. * [18]Second Conference of Applied Cryptography and Network Security (ACNS '04), June 8-11, Yellow Mountain, China. * [19]36th Annual ACM Symposium on Theory of Computing (STOC), June 13-15, Chicago, USA. * [20]2004 IEEE CEC Special Session on Evolutionary Computation in Cryptology and Computer Security (IEEE CEC 2004), June 20-23, Portland, USA. * [21]1st European PKI Workshop. Research and Applications (EuroPKI'04), June 25-26, Samos Island, Greece. * [22]International Conference on Dependable Systems and Networks (DSN-2004), June 28-July 1, Florence, Italy. * [23]Cryptographic Algorithms and their Uses, July 5-6, Gold Coast, Australia. * [24]The 9th Australasian Conference on Information Security and Privacy (ACISP04), July 13-15, Sydney, Australia. * [25]23rd Symposium on Principles of Distributed Computing (PODC 2004), July 25-28, St. John's, Newfoundland, Canada. * [26]1st European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004), August 5-6, Heidelberg, Germany. * [27]11th Annual Workshop on Selected Areas in Cryptography (SAC 2004), August 9-10, Waterloo, Canada. * [28]13th USENIX Security Symposium, August 9-13, San Diego, CA, USA. * [29]Workshop on Cryptographic Hardware and Embedded Systems (CHES 2004), August 11-13, Cambridge (Boston), USA. * [30]Crypto 2004, August 15-19, Santa Barbara, California, USA. * [31]International Conference on E-Business and Telecommunication Networks (ICETE'04), August 25-28, Setúbal, Portugal. * [32]First International Conference on Trust and Privacy in Digital Business (Trustbus '04), September 1-3, Zaragoza, Spain. * [33]11th ACM Conference on Computer and Communications Security (CCS 2004), October 25-29, Washington, DC, USA. * [34]Asiacrypt 2004, December 5-9, Jeju Island, Korea. * [35]DIMACS 2003-2006 Special Focus on Communication Security and Information Privacy, 2003-2006, DIMACS Center, Rutgers University, USA. 2005 * [36]International Workshop on Practice and Theory in Public Key Cryptography (PKC 2005), January 23-26, Les Diablerets, Switzerland. * [37]Eurocrypt 2005, May 22-26, Aarhus, Denmark. * [38]Crypto 2005, August 14-18, Santa Barbara, California, USA. * [39]DIMACS 2003-2006 Special Focus on Communication Security and Information Privacy, 2003-2006, DIMACS Center, Rutgers University, USA. * [40]Asiacrypt 2005, (December), Madras, India. 2006 * [41]Eurocrypt 2006, (May), St. Petersburg, Russia. * [42]DIMACS 2003-2006 Special Focus on Communication Security and Information Privacy, 2003-2006, DIMACS Center, Rutgers University, USA. References 1. http://www.iacr.org/events/submit.html 2. http://www.sastra.edu/icnsen2k3 3. http://dimacs.rutgers.edu/SpecialYears/2003_CSIP/ 4. http://www.crm.es/ContemporaryCryptology 5. http://www.isical.ac.in/~fse2004 6. http://www.isoc.org/isoc/conferences/ndss/04/ 7. http://ifca.ai/fc04/ 8. http://www-cse.ucsd.edu/users/mihir/tcc/tcc04/ 9. http://www.rsasecurity.com/rsalabs/cfp_ct_rsa04.html 10. http://pkc2004.lit.org.sg/ 11. http://www.cs.okstate.edu/~aa/itcc04/itcc04.html 12. http://middleware.internet2.edu/pki04/ 13. http://www.zurich.ibm.com/eurocrypt2004/ 14. http://www.ieee-security.org/TC/SP-Index.html 15. http://research.microsoft.com/acmec04 16. http://msrcmt.research.microsoft.com/IH2004/ 17. http://petworkshop.org/2004/ 18. http://www.rsasecurity.com/rsalabs/staff/bios/mjakobsson/acns.htm 19. http://people.cs.uchicago.edu/~stoc04/stoc04.html 20. http://www.cs.unr.edu/~sushil/cec/ 21. http://www.aegean.gr/EuroPKI2004 22. http://www.dsn.org/dsn2004.html 23. http://www.isrc.qut.edu.au/events/eracom2004/ 24. http://www.ics.mq.edu.au/~acisp04 25. http://www.podc.org/podc2004/ 26. http://www.netlab.nec.de/esas/esas2004.html 27. http://www.vlsi.uwaterloo.ca/~sac04 28. http://www.usenix.org/events/sec04/ 29. http://www.chesworkshop.org/ches2004/ 30. http://www.iacr.org/conferences/crypto2004/ 31. http://www.icete.org/ 32. http://www-ifs.uni-regensburg.de/trustbus04/ 33. http://www.acm.org/sigs/sigsac/ccs/CCS2004/ 34. http://www.iacr.org/conferences/asiacrypt2004/ 35. http://dimacs.rutgers.edu/SpecialYears/2003_CSIP/ 36. http://www.iacr.org/workshops/pkc2005/ 37. http://www.iacr.org/conferences/eurocrypt2005/ 38. http://www.iacr.org/conferences/crypto2005/ 39. http://dimacs.rutgers.edu/SpecialYears/2003_CSIP/ 40. http://www.iacr.org/conferences/asiacrypt2005/ 41. http://www.iacr.org/conferences/eurocrypt2006/ 42. http://dimacs.rutgers.edu/SpecialYears/2003_CSIP/ ______________________________________________________________________________ IACR Contact Information ______________________________________________________________________________ Officers and Directors of the IACR (2003) Officers and directors of the IACR are elected for three year terms. If you are a member and wish to contact IACR regarding an address change or similar matter, you should contact the membership services at [iacrmem(at)iacr.org]. See http://www.iacr.org/iacrmem/ for more information. The numbers in parentheses give the terms of service in calendar years. The terms of service for conference chairs expire at the end of the calendar year of the conference. Officers Andrew J. Clark Bart Preneel President (2002-2004) Vice President (2002-2004) P.O. Box 743 Department of Electrical Brighton Engineering East Sussex Katholieke Universiteit Leuven BN1 5HS Kasteelpark Arenberg 10 United Kingdom B-3001 Heverlee Tel: +44 1273 270752 BELGIUM Fax: +44 1273 276558 Tel: +32 16 32 11 48 Email: president(at)iacr.org Fax: +32 16 32 19 86 Email: vicepresident(at)iacr.org Josh Benaloh Susan Langford Secretary (2002-2004) Treasurer (2002-2004) Microsoft Research 1275 Poplar Ave #101 One Microsoft Way Sunnyvale, CA 94086 Redmond, WA 98052 USA USA Tel: +1 408 732 4305 Tel: +1 425 703 3871 Email: treasurer(at)iacr.org Fax: +1 425 936 7329 Email: secretary(at)iacr.org Directors Don Beaver Thomas Berson Membership Secretary (2003-2005) Director (2001-2003) Seagate Anagram Labs Email: donald.beaver(at)seagate.com P.O. Box 791 Palo Alto CA, 94301 USA Tel: +1 650 324 0100 Email: berson(at)anagram.com Eli Biham Christian Cachin Director (2002-2004) Editor, IACR Newsletter (2002-2004) Computer Science Department IBM Zurich Research Laboratory Technion Säumerstrasse 4 Haifa 32000 CH-8803 Rüschlikon Israel Switzerland Tel: +972 4 8294308 Tel: +41 1 724 8989 Fax: +972 4 8294308 Fax: +41 1 724 8953 Email: biham(at)cs.technion.ac.il Email: newsletter(at)iacr.org Jan Camenisch Alan Chin-Chen Chang Eurocrypt 2004 General Chair Asiacrypt 2003 General Chair IBM Zurich Research Laboratory Department of Computer Science and Säumerstrasse 4 Information Engineering CH-8803 Rüschlikon National Chung Cheng University Switzerland 160, San-Hsing Tel: +41 1 724 8279 Min-Hsiung, Chiayi Fax: +41 1 724 8953 Taiwan 621 Email: jca(at)zurich.ibm.com Tel: +886-5-272-0411, ext. 33100, 23103 Fax: +886-4-232-77425 Email: asiacrypt2003(at)iacr.org Ed Dawson Yvo Desmedt Director (2003-2005) Director (2001-2003) Director, Information Security Department of Computer Science Research Centre Florida State University Queensland University of Technology PO Box 4530, 206 Love Building GPO Box 2434 Tallahassee, FL 32306-4530 Brisbane, Qld 4001 USA AUSTRALIA Tel: +1 850 644 9298 Tel: +61 7 3864 1919 Fax: +1 850 644 0058 Fax: +61 7 3221 2384 Email: desmedt(at)nu.cs.fsu.edu Email: e.dawson(at)qut.edu.au Jerzy Gawinecki James Hughes Eurocrypt 2003 General Chair Crypto 2004 General Chair Institute of Mathematics and Storage Technology Corp. Operations Research 7600 Boone Avenue North Military University of Technology Brooklyn Park, MN Kaliskiego Str. 2, 00-908 Warsaw USA Poland Tel: +1 763 424 1676 Tel: +48 22 6839556 Fax: +1 763 424 1776 Fax: +48 22 6839719 Email: james_hughes(at)stortek.com Email: j.gawinecki(at)imbo.wat.waw.pl or eurocrypt2003(at)iacr.org Kwangjo Kim Lars Knudsen Asiacrypt 2004 General Chair Director (2001-2003) School of Engineering Technical University of Denmark Information and Communications Dept. of Mathematics Univ. Building 303 58-4 Hwaam-dong Yusong-ku DK-2800 Lyngby Taejon, 305-348 DENMARK KOREA Tel: +45 4525 3048 Tel: +82 42 866 6118 Fax: +45 4588 1399 Fax: +82 42 866 6154 Email: knudsen(at)mat.dtu.dk Email: kkj(at)icu.ac.kr Tsutomu Matsumoto Ueli Maurer Director (2002-2004) Editor-in-Chief, Journal of Graduate School of Environment and Cryptology (2002-2005) Information Sciences Department of Computer Science Yokohama National University ETH Zürich 79-7 Tokiwadai, Hodogaya, Yokohama CH-8092 Zürich 240-8501, Japan Switzerland Tel: +81-45-339-4133 Tel: +41 1 632 7420 Fax: +81-45-339-4338 Fax: +41 1 632 1172 Email: Email: maurer(at)inf.ethz.ch or tsutomu(at)mlab.jks.ynu.ac.jp jofc(at)iacr.org Kevin S. McCurley Jean-Jacques Quisquater Director (2002-2004) Director (2003-2005) 6721 Tannahill Drive Université catholique de Louvain San Jose, CA 95120 Microelectronic laboratory USA Place du Levant, 3 Tel: +1 408 927 1838 1348 Louvain-la-Neuve Email: mccurley(at)swcp.com BELGIUM Tel: +32 10 47 25 41 Fax: +32 10 47 25 98 Email: jjq(at)dice.ucl.ac.be Greg Rose Rebecca Wright Crypto 2003 General Chair Director (2003-2005) Qualcomm Australia Department of Computer Science Level 3, 230 Victoria Road Stevens Institute of Technology Gladesville NSW 2111 Castle Point on Hudson Australia Hoboken, NJ 07030 Tel: +61 2 9817 4188 USA Fax: +61 2 9817 5199 Tel: +1 201 216-5328 Email: crypto2003(at)iacr.org Fax: +1 201 216-8249 Email: rwright(at)cs.stevens-tech.edu ------------------------------------------------------------------------ Other People Working for IACR Hilarie Orman Archivist Email: archive(at)iacr.org ______________________________________________________________________________ About the IACR Newsletter ______________________________________________________________________________ The IACR Newsletter is published three times a year (usually in February, June, and October) and only available electronically. It is sent to IACR members by email (as a flat ASCII text) and published on the web at http://www.iacr.org/newsletter/ If you are a member of IACR and wish to receive the newsletter, you need to make sure that we know your email address! To update your email address in the IACR member database, please contact the membership services at iacrmem(at)iacr.org . Contributions, announcements, book announcements or reviews, calls for papers ... are most welcome! Please include a URL and/or e-mail addresses for any item submitted (if possible). For things that are not on the Web, please submit a one-page ASCII version. Send your contributions to newsletter(at)iacr.org The next issue Deadline for submissions to the next newsletter issue is February 15, 2004. However, many items will be posted on the website as soon as possible. ______________________________________________________________________________ End of IACR Newsletter, Vol. 20, No. 3, (Late) Fall 2003. ______________________________________________________________________________