-
CAW ’25: Cryptographic Applications Workshop 2025
Event Calendar: CAW ’25: Cryptographic Applications Workshop 2025 Madrid, Spain, 4 May – Event date: 4 May to Submission deadline: 7 February 2025 Go to Source
-
ZODA: Zero-Overhead Data Availability
ePrint Report: ZODA: Zero-Overhead Data Availability Alex Evans, Nicolas Mohnblatt, Guillermo Angeris We introduce ZODA, short for ‘zero-overhead data availability,’ which is a protocol for proving that symbols received from an encoding (for tensor codes) were correctly constructed. ZODA has optimal overhead for both the encoder and the samplers. Concretely, the ZODA scheme incurs essentially…
-
Long Paper: All-You-Can-Compute: Packed Secret Sharing for Combined Resilience
ePrint Report: Long Paper: All-You-Can-Compute: Packed Secret Sharing for Combined Resilience Sebastian Faust, Maximilian Orlt, Kathrin Wirschem, Liang Zhao Unprotected cryptographic implementations are vulnerable to implementation attacks, such as passive side-channel attacks and active fault injection attacks. Recently, countermeasures like polynomial masking and duplicated masking have been introduced to protect implementations against combined attacks that…
-
Scalable Post-Quantum Oblivious Transfers for Resource-Constrained Receivers
ePrint Report: Scalable Post-Quantum Oblivious Transfers for Resource-Constrained Receivers Aydin Abadi, Yvo Desmedt It is imperative to modernize traditional core cryptographic primitives, such as Oblivious Transfer (OT), to address the demands of the new digital era, where privacy-preserving computations are executed on low-power devices. This modernization is not merely an enhancement but a necessity to…
-
Round-Optimal Compiler for Semi-Honest to Malicious Oblivious Transfer via CIH
ePrint Report: Round-Optimal Compiler for Semi-Honest to Malicious Oblivious Transfer via CIH Varun Madathil, Alessandra Scafuro, Tanner Verber A central question in the theory of cryptography is whether we can build protocols that achieve stronger security guarantees, e.g., security against malicious adversaries, by combining building blocks that achieve much weaker security guarantees, e.g., security only…
-
A New Paradigm for Server-Aided MPC
ePrint Report: A New Paradigm for Server-Aided MPC Alessandra Scafuro, Tanner Verber The server-aided model for multiparty computation (MPC) was introduced to capture a real-world scenario where clients wish to off-load the heavy computation of MPC protocols to dedicated servers. A rich body of work has studied various trade-offs between security guarantees (e.g., semi-honest vs…
-
Parametrizing Maximal Orders Along Supersingular $ell$-Isogeny Paths
ePrint Report: Parametrizing Maximal Orders Along Supersingular $ell$-Isogeny Paths Laia Amorós, James Clements, Chloe Martindale Suppose you have a supersingular $ell$-isogeny graph with vertices given by $j$-invariants defined over $mathbb{F}_{p^2}$, where $p = 4 cdot f cdot ell^e – 1$ and $ell equiv 3 pmod{4}$. We give an explicit parametrization of the maximal orders in…
-
CVE-2025-22145 – Carbon PHP DateTime Remote File Include Vulnerability
CVE ID : CVE-2025-22145 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : Carbon is an international PHP extension for DateTime. Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload files with .php extension in an folder that allows include…
-
CVE-2024-52869 – Teradata SUSE Enterprise Linux Server Elevated Privilege Group Misassignment
CVE ID : CVE-2024-52869 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : Certain Teradata account-handling code through 2024-11-04, used with SUSE Enterprise Linux Server, mismanages groups. Specifically, when there is an operating system move from SUSE Enterprise Linux Server (SLES) 12 Service Pack (SP) 2 or 3 to SLES 15 SP2…