#iacr — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #iacr, aggregated by home.social.
-
Thanks to the #CAW #caw2026 organizers at #iacr #eurocrypt #eurocrypt2026 in #rome #italy for hosting my #shufflecake talk, great engagement, questions and audience feedback!
#crypto #cryptography #security #privacy #cypherpunk #foss #libre #opensource
-
FYI, I'll be schmoozing around at EUROCRYPT 2026, May 10-14 in Rome. My employer Horizen Labs is a sponsor of this amazing cryptography conference. I'll be giving a talk at the affiliated event CAW (Cryptography Applications Workshop) on the latest updates of Shufflecake, including juicy news on hidden OS. Pass by to say hi!
#cryptography #crypto #security #privacy #eurocrypt #iacr #horizenlabs #shufflecake #caw2026
-
Shufflecake will be presented at the Crypto Applications Workshop (CAW) in Rome, Italy (co-located with EUROCRYPT 2026 and many other crypto events), on May 10th, 2026. This talk is going to be an update of the latest news and status of the project in 2026, including juicy news on the Hidden OS!
https://shufflecake.net/#20260422-caw2026
#cryptography #crypto #security #privacy #eurocrypt #iacr #shufflecake #caw2026
-
i wonder if the #iacr #levchin #prize at #realworldcrypto this year goes to trump?
-
It's public!
Fast Lightweight Online Encryption is a new secure way to do online (think "streaming") authenticated encryption with support for random access.
It comes with a public specification, reference code, test vectors, and a paper proving security.
- https://github.com/Snowflake-Labs/floe-specification
- https://eprint.iacr.org/2025/2275 -
Well, that’s embarrassing.
On the plus side, I guess it works.
-
International Cryptology Association Loses Crypto Keys, Voids Leadership Election
#Cybersecurity #Encryption #Security #IACR #Cryptography #ElectionSecurity #HumanError #Voting #Governance #KeyManagement #HeliosVoting #Privacy
-
Kryptograficzna wpadka roku: eksperci od szyfrowania zgubili klucz do własnych wyborów
To brzmi jak scenariusz kiepskiej komedii o działach IT, ale wydarzyło się naprawdę w jednej z najbardziej prestiżowych organizacji zajmujących się bezpieczeństwem na świecie.
International Association of Cryptologic Research (IACR) została zmuszona do anulowania wyników swoich corocznych wyborów do władz stowarzyszenia. Powód jest prozaiczny, a zarazem kuriozalny: jeden z urzędników zgubił klucz szyfrujący niezbędny do odczytania oddanych głosów. Organizacja przyznała, że odzyskanie wyników jest technicznie niemożliwe.
Głosowanie przeprowadzono przy użyciu systemu Helios, narzędzia open source, które wykorzystuje recenzowaną przez środowisko naukowe kryptografię do zapewnienia tajności i weryfikowalności wyborów.
Zgodnie z regulaminem stowarzyszenia, aby zapobiec manipulacjom, trzech niezależnych powierników otrzymało po jednej części materiału kryptograficznego. Aby odszyfrować ostateczne wyniki, system wymagał wprowadzenia wszystkich trzech części klucza prywatnego. Niestety, jeden z powierników „bezpowrotnie utracił” swoją część, co IACR określiło mianem „uczciwego, ale niefortunnego błędu ludzkiego”.
Konsekwencje tego zdarzenia są natychmiastowe. Moti Yung, powiernik, który nie był w stanie dostarczyć swojej części klucza, zrezygnował z pełnionej funkcji i został zastąpiony przez Michela Abdallę. Aby uniknąć powtórki z tej sytuacji w przyszłości, IACR zmienia procedury zarządzania kluczami prywatnymi. Zamiast wymagać kompletu trzech części, przyszłe wybory będą opierać się na mechanizmie progowym, wymagającym do odszyfrowania tylko dwóch z trzech fragmentów klucza. Nowe wybory rozpoczęły się w miniony piątek i potrwają do 20 grudnia.
#bezpieczenstwo #helios #iacr #kryptografia #news #szyfrowanie #wpadka #wybory
-
The results of the 2025 elections for the president and board members at the International Association for Cryptologic Research (IACR) have been botched because the results of the super-secure cryptographic e-voting system cannot be retrieved due to the "accidental loss" of a decryption key.
https://iacr.org/news/item/27138
While human mistakes happen, this incident comes under very troubling circumstances.
Why does an e-voting system of an association like IACR not support t-out-of-n threshold decryption?
Why is a system where a single party can collude to invalidate the vote considered acceptable?
Wouldn't be wiser to freeze to the date of November 20th the eligibility status for voting instead of "calling to arms" IACR members who had previously decided to opt out from Helios emails?
Does the identity of some of the candidates to Director represent a problem for IACR?
-
-
That said, I am glad that IACR is addressing this "human mistake" by making a "system design change" to a 2-of-3 quorum for the re-run.
https://www.iacr.org/news/item/27138
#IACR #Cryptography #KeyManagement #InfoSec #OPSEC #Elections
-
Possibly the funniest thing that could have happened in the board elections for the International Association
for Cryptologic Research -
“Key Management” is the cryptographic community’s version of “…it’s always DNS”
International Association for Cryptologic Research runs secure vote and then loses the keys so nobody knows what the result is. As one commenter put it: “So a single member can collude to reset the vote?”
-
I will be at #IACR #Crypto2025 this year. I always enjoy meeting new people and catching up with old friends. If you're going, then please feel free to drop me a line.
-
"Towards Optimally Secure Deterministic Authenticated Encryption Schemes" was presented today at #IACR #Eurocrypt 2025 in Madrid.
https://link.springer.com/chapter/10.1007/978-3-031-91107-1_1 -
This morning our researcher Robin Geelen presented "Fully Homomorphic Encryption for Cyclotomic Prime Moduli" at #IACR #Eurocrypt 2025 in Madrid.
🔎Interested in this topic? Robin wrote a blog post to explain everything: https://www.esat.kuleuven.be/cosic/blog/eurocrypt-2025-a-new-fhe-scheme-for-high-precision-arithmetic/
#fhe #cryptography -
First Leg finished on the way to #iacr #eurocrypt . Rail construction between Göteborg and Hamburg so ferry it is
-
last year at #rwc2024 there was no streaming, intentionally. the reason they want people to come in person instead of sitting in front of a screen. sounds crazy? apparently companies argue if there is a stream they won't $$$ pay the travel for employees (what about people who are not employees? no idea). not this year though, i was told there will be #streaming. let's hope, for those unfortunate who cannot be there. #iacr
-
i want to go to #rwc2025 but am a bit bummed that the #iacr only accepts payment via credit cards. that is a serious gatekeeper. and when i ask for an alternative option i'm asked if would not reconsider and find a way to use a credit card. this makes me feel very sad, and i wonder where all the cryptographers disappeared that were into anonymous or payments from a less monopolized system. and no i'm not arguing for any #crapto like bitcoin, simple cash or sepa transfers are totally ok)
-
💥 ❤️ 📣 New updated revision of the #Shufflecake research paper 📣 ❤️ 💥 available on #IACR #Eprint https://eprint.iacr.org/2023/1529 and #arXiv https://arxiv.org/abs/2310.04589 (still not out, scheduled next Monday) which tracks changes up to software v0.4.5 and clarifies that the described scheme is the `Legacy' version of Shufflecake, and that future versions might deviate from the paper (*ah-ehm*... Lite *cough*). Also typo fixes and language improvements.
-
i was just told that it is deliberate that #realworldcrypto is not #streaming the event. apparently this is a controversial discussion every time. but they also decided next year will be streamed again... what i wonder though, why the secrecy? why not say it out on the webpage, sorry folks no streaming because of <reason>.
anyway, looking forward to the recordings, and next years streaming
-
seriously considering sponsoring live streaming (and archival) for the next #rwc when it is in europe... if anyone is interested, pls chip in, we have the hw and the personal we only need to cover travel and accommodation.
-
can't believe it that there is no live stream for #realwordcrypto - #iacr please i beg you think of those that are not privileged to be there in person...
-
CW: research review
N. Mouha and C. Celi, "A Vulnerability in Implementations of SHA-3, SHAKE, EdDSA, and Other NIST-Approved Algorithm"¹
This paper describes a vulnerability in several implementations of the Secure Hash Algorithm 3 (SHA-3) that have been released by its designers. The vulnerability has been present since the final-round update of Keccak was submitted to the National Institute of Standards and Technology (NIST) SHA-3 hash function competition in January 2011, and is present in the eXtended Keccak Code Package (XKCP) of the Keccak team. It affects all software projects that have integrated this code, such as the scripting languages Python and PHP Hypertext Preprocessor (PHP). The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (without any restrictions on values to be XORed and even far beyond the location of the original buffer), thereby making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective. First, we provide Python and PHP scripts that cause segmentation faults when vulnerable versions of the interpreters are used. Then, we show how this vulnerability can be used to construct second preimages and preimages for the implementation, and we provide a specially constructed file that, when hashed, allows the attacker to execute arbitrary code on the victim's device. The vulnerability applies to all hash value sizes, and all 64-bit Windows, Linux, and macOS operating systems, and may also impact cryptographic algorithms that require SHA-3 or its variants, such as the Edwards-curve Digital Signature Algorithm (EdDSA) when the Edwards448 curve is used. We introduce the Init-Update-Final Test (IUFT) to detect this vulnerability in implementations.
#ResearchPapers #IACR #Cryptanalysis #CVE202237454 #SHA3 #Keccak #HashFunction #Vulnerability
__
¹ https://eprint.iacr.org/2023/331 -
CW: research review
S. Su et al., "A Closer Look at the Chaotic Ring Oscillators based TRNG Design"¹
[...]A digital FIRO-/GARO-based TRNG with high throughput and high entropy rate was introduced by Jovan Dj. Golić (TC’06). However, the fact that periodic oscillation is a main failure of FIRO-/GARO-based TRNGs is noticed in the paper (Markus Dichtl, ePrint’15). We verify this problem and estimate the consequential entropy loss using Lyapunov exponents and the test suite of the NIST SP 800-90B standard. To address the problem of periodic oscillations, we propose several implementation guidelines based on a gate-level model, a design methodology to build a reliable GARO-based TRNG, and an online test to improve the robustness of FIRO-/GARO-based TRNGs. The gate-level implementation guidelines illustrate the causes of periodic oscillations, which are verified by actual implementation and bifurcation diagram. Based on the design methodology, a suitable feedback polynomial can be selected by evaluating the feedback polynomials. The analysis and understanding of periodic oscillation and FIRO-/GARO-based TRNGs are deepened by delay adjustment. A TRNG with the selected feedback polynomial may occasionally enter periodic oscillations, due to active attacks and the delay inconstancy of implementations. This inconstancy might be caused by self-heating, temperature and voltage fluctuation, and the process variation among different silicon chips. Thus, an online test module, as one indispensable component of TRNGs, is proposed to detect periodic oscillations. The detected periodic oscillation can be eliminated by adjusting feedback polynomial or delays to improve the robustness. The online test module is composed of a lightweight and responsive detector with a high detection rate, outperforming the existing detector design and statistical tests. The areas, power consumptions and frequencies are evaluated based on the ASIC implementations of a GARO, the sampling circuit and the online test module. [...]
#IACR #ResearchPapers #TRNG
__
¹ https://eprint.iacr.org/2023/040