Classification of Elliptic/hyperelliptic Curves with Weak Coverings against...
The GHS attack is known to map the discrete logarithm problem(DLP) in the Jacobian of a curve $C_{0}$ defined over the $d$ degree extension $k_{d}$ of a finite field $k$ to the DLP in the Jacobian of a...
View ArticleA Provable Security Analysis of Intel's Secure Key RNG, by Thomas Shrimpton...
We provide the first provable-security analysis of the Intel Secure Key hardware RNG (ISK-RNG), versions of which have appeared in Intel processors since late 2011. To model the ISK-RNG, we generalize...
View ArticleThe Chaining Lemma and its application, by Ivan Damgaard and Sebastian Faust...
We present a new information-theoretic result which we call the Chaining Lemma. It considers a so-called "chain" of random variables, defined by a source distribution X[0] with high min-entropy and a...
View ArticleSecurity of Symmetric Encryption in the Presence of Ciphertext Fragmentation,...
In recent years, a number of standardized symmetric encryption schemes have fallen foul of attacks exploiting the fact that in some real world scenarios ciphertexts can be delivered in a fragmented...
View ArticleBounded Tamper Resilience: How to go beyond the Algebraic Barrier, by Ivan...
Related key attacks (RKAs) are powerful cryptanalytic attacks where an adversary can change the secret key and observe the effect of such changes at the output. The state of the art in RKA security...
View ArticleA Tamper and Leakage Resilient von Neumann Architecture, by Sebastian Faust...
We present a universal framework for tamper and leakage resilient computation on a von Neumann Random Access Architecture (RAM in short). The RAM has one CPU that accesses a storage, which we call the...
View ArticleCryptanalytic Time-Memory-Data Tradeoffs for FX-Constructions with...
The FX-construction was proposed in 1996 by Kilian and Rogaway as a generalization of the DESX scheme. The construction increases the security of an $n$-bit core block cipher with a $\kappa$-bit key by...
View ArticleCMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext...
In some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. We present CCS which is a new family of tweakable enciphering schemes (TES)....
View ArticleHow to Generate and use Universal Samplers, by Dennis Hofheinz and Tibor...
The random oracle is an idealization that allows to model a hash function as an oracle that will output a uniformly random string given an input. We introduce the notion of universal sampler scheme as...
View ArticleOverview of the Candidates for the Password Hashing Competition - And their...
In this work we provide an overview of the candidates of the Password Hashing Competition (PHC) regarding to their functionality, e.g., client-independent update and server relief, their security,...
View ArticleEnhanced Lattice-Based Signatures on Reconfigurable Hardware, by Thomas...
The recent Bimodal Lattice Signature Scheme (BLISS) showed that lattice-based constructions have evolved to practical alternatives to RSA or ECC. It offers small signatures of 5600 bits for a 128-bit...
View ArticlePrivate and Dynamic Time-Series Data Aggregation with Trust Relaxation, by...
Abstract. With the advent of networking applications collecting user data on a massive scale, the privacy of individual users appears to be a major concern. The main challenge is the design of a...
View ArticleAE5 Security Notions: Definitions Implicit in the CAESAR Call, by Chanathip...
A draft call for the CAESAR authenticated-encryption competition adopts an interface that is not aligned with existing definitions in the literature. It is the purpose of this brief note to formalize...
View ArticleThe Feasibility of Outsourced Database Search in the Plain Model, by Carmit...
The problem of securely outsourcing computation to an untrusted server gained momentum with the recent penetration of cloud computing services. The ultimate goal in this setting is to design efficient...
View ArticleIndex calculus in the trace zero variety, by Elisa Gorla and Maike Massierer
We discuss how to apply Gaudry's index calculus algorithm for abelian varieties to solve the discrete logarithm problem in the trace zero variety of an elliptic curve. We treat in particular the...
View ArticleAn optimal representation for the trace zero subgroup, by Elisa Gorla and...
We give an optimal-size representation for the elements of the trace zero subgroup of the Picard group of an elliptic or hyperelliptic curve of any genus, with respect to a field extension of any prime...
View ArticleFHEW: Bootstrapping Homomorphic Encryption in less than a second, by Léo...
The main bottleneck affecting the efficiency of all known fully homomorphic encryption (FHE) schemes is Gentry's bootstrapping procedure, which is required to refresh noisy ciphertexts and keep...
View ArticleXPIR: Private Information Retrieval for Everyone, by Carlos Aguilar-Melchor...
A Private Information Retrieval (PIR) scheme is a protocol in which a user retrieves a record from a database while hiding which from the database administrators. PIR can be achieved using...
View ArticleGroup Signature with Deniability: How to Disavow a Signature, by Ai Ishida,...
Group signatures are a class of digital signatures with enhanced privacy. By using this type of signature, a user can sign a message on behalf of a specific group without revealing his identity, but in...
View ArticleGarbling XOR Gates ``For Free'' in the Standard Model, by Benny Applebaum
Yao's Garbled Circuit (GC) technique is a powerful cryptographic tool which allows to ``encrypt'' a circuit $C$ by another circuit $\hC$ in a way that hides all information except for the final output....
View Article