Michel Abdalla Cristina Nita-Rotaru Ricardo Dahab (Eds.) 7 Cryptology and 5 2 8 S Network Security C N L 12th International Conference, CANS 2013 Paraty, Brazil, November 2013 Proceedings 123 Lecture Notes in Computer Science 8257 CommencedPublicationin1973 FoundingandFormerSeriesEditors: GerhardGoos,JurisHartmanis,andJanvanLeeuwen EditorialBoard DavidHutchison LancasterUniversity,UK TakeoKanade CarnegieMellonUniversity,Pittsburgh,PA,USA JosefKittler UniversityofSurrey,Guildford,UK JonM.Kleinberg CornellUniversity,Ithaca,NY,USA AlfredKobsa UniversityofCalifornia,Irvine,CA,USA FriedemannMattern ETHZurich,Switzerland JohnC.Mitchell StanfordUniversity,CA,USA MoniNaor WeizmannInstituteofScience,Rehovot,Israel OscarNierstrasz UniversityofBern,Switzerland C.PanduRangan IndianInstituteofTechnology,Madras,India BernhardSteffen TUDortmundUniversity,Germany MadhuSudan MicrosoftResearch,Cambridge,MA,USA DemetriTerzopoulos UniversityofCalifornia,LosAngeles,CA,USA DougTygar UniversityofCalifornia,Berkeley,CA,USA GerhardWeikum MaxPlanckInstituteforInformatics,Saarbruecken,Germany Michel Abdalla Cristina Nita-Rotaru Ricardo Dahab (Eds.) Cryptology and Network Security 12th International Conference, CANS 2013 Paraty, Brazil, November 20-22, 2013 Proceedings 1 3 VolumeEditors MichelAbdalla ÉcoleNormaleSupérieureandCNRS 45rued’Ulm,75005Paris,France E-mail:[email protected] CristinaNita-Rotaru PurdueUniversity,DepartmentofComputerScience,LWSN2142J 305N.UniversityStreet,WestLafayette,IN47907,USA E-mail:[email protected] RicardoDahab UniversityofCampinas,InstituteofComputing AvenidaAlbertEinstein1251,Campinas,SP13083-852,Brazil E-mail:[email protected] ISSN0302-9743 e-ISSN1611-3349 ISBN978-3-319-02936-8 e-ISBN978-3-319-02937-5 DOI10.1007/978-3-319-02937-5 SpringerChamHeidelbergNewYorkDordrechtLondon LibraryofCongressControlNumber:2013950915 CRSubjectClassification(1998):E.3,K.6.5,C.2,D.4.6,E.4 LNCSSublibrary:SL4–SecurityandCryptology ©SpringerInternationalPublishingSwitzerland2013 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartof thematerialisconcerned,specificallytherightsoftranslation,reprinting,reuseofillustrations,recitation, broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,andtransmissionorinformation storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodology nowknownorhereafterdeveloped.Exemptedfromthislegalreservationarebriefexcerptsinconnection withreviewsorscholarlyanalysisormaterialsuppliedspecificallyforthepurposeofbeingenteredand executedonacomputersystem,forexclusiveusebythepurchaserofthework.Duplicationofthispublication orpartsthereofispermittedonlyundertheprovisionsoftheCopyrightLawofthePublisher’slocation, initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Permissionsforuse maybeobtainedthroughRightsLinkattheCopyrightClearanceCenter.Violationsareliabletoprosecution undertherespectiveCopyrightLaw. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Whiletheadviceandinformationinthisbookarebelievedtobetrueandaccurateatthedateofpublication, neithertheauthorsnortheeditorsnorthepublishercanacceptanylegalresponsibilityforanyerrorsor omissionsthatmaybemade.Thepublishermakesnowarranty,expressorimplied,withrespecttothe materialcontainedherein. Typesetting:Camera-readybyauthor,dataconversionbyScientificPublishingServices,Chennai,India Printedonacid-freepaper SpringerispartofSpringerScience+BusinessMedia(www.springer.com) Preface The InternationalConferenceonCryptologyandNetworkSecurity(CANS) is a recognizedannual conference, focusing on all aspects of cryptologyandnetwork securityandattractingcutting-edgeresultsfromworld-renownedscientistsinthe area. The 12th edition of the conference was held at Casa da Cultura, Paraty, Brazil, during November 20–22, 2013, and was organized by the Institute of Computing ofthe UniversityofCampinas(UNICAMP) in cooperationwith the International Association for Cryptologic Research (IACR). CANS 2013 received 57 submissions and each submission was assigned to at least three committee members. Submissions co-authoredby members of the Program Committee were assigned to at least five committee members. After careful deliberation, the Program Committee selected 18 submissions for pre- sentation. The authors of the accepted papers had three weeks for revision and preparation of final versions. The revised papers were not subject to editorial review and the authors bear full responsibility for their contents. The conference also featured four invited talks in addition to the regular papers.ThesetalksweregivenbyGeorgeCox(Intel),RosarioGennaro(CUNY), JacquesStern(ENS),andGeneTsudik(UCI),andcoveredawiderangeoftopics in cryptography and network security. The abstracts of these invited talks are also included in this volume. Thereviewingprocesswasrunusingthe iChairsoftware,writtenbyThomas Baign`eres from CryptoExperts, France, and Matthieu Finiasz from EPFL, LASEC, Switzerland. We are grateful to them for letting us use their software. There are many people who contributedto the success of CANS 2013.First, wewouldliketothanktheauthorsofallpapers(bothacceptedandrejected)for submitting their results to the conference. Second, we are grateful to the com- mitteemembersandexternalreviewersfortheiroutstandingworkinthoroughly reviewingallpapers ina timely manner.Special thanks to AngeloDe Caro,Orr Dunkelman, Anderson Nascimento, and Damien Vergnaud, for their extra work as shepherds. Third, we are also indebted to the CANS Steering Committee membersfortheirguidance.Last,butnotleast,we thankoursponsors,CAPES and CGI.br, for their generous support. November 2013 Michel Abdalla Cristina Nita-Rotaru Ricardo Dahab CANS 2013 The 12th International Conference on Cryptology and Network Security Paraty, Brazil November 20–22, 2013 Organized by Institute of Computing University of Campinas (UNICAMP) In Cooperation with The International Association for Cryptologic Research (IACR) General Chair Ricardo Dahab University of Campinas, Brazil Program Chairs Michel Abdalla E´cole Normale Sup´erieure and CNRS, France Cristina Nita-Rotaru Purdue University, USA Steering Committee Yvo Desmedt University of Texas at Dallas, USA Juan Garay Yahoo! Research, USA Yi Mu University of Wollongong, Australia David Pointcheval E´cole Normale Sup´erieure and CNRS, France Program Committee Nuttapong Attrapadung AIST, Japan Paulo S.L.M. Barreto University of Sa˜o Paulo, Brazil Jean-Luc Beuchat ELCA Informatique SA, Switzerland Alexandra Boldyreva Georgia Tech, USA Ioana Boureanu EPFL, Switzerland Colin Boyd NTNU, Norway Bogdan Carbunar Florida International University, USA VIII CANS 2013 David Cash Rutgers University, USA Reza Curtmola New Jersey Institute of Technology, USA Angelo De Caro NTT Secure Platform Laboratories,Japan Emiliano De Cristofaro Palo Alto Research Center, USA Roberto Di Pietro Universit`a di Roma Tre, Italy Orr Dunkelman University of Haifa, Israel Alejandro Hevia Universidad de Chile, Chile Dennis Hofheinz Karlsruher Institute of Technology, Germany Seny Kamara Microsoft Research, USA Taekyoung Kwon Yonsei University, Korea Ga¨etan Leurent Universit´e Catholique de Louvain, Belgium Julio L´opez University of Campinas, Brazil Ivan Martinovic University of Oxford, UK Jelena Mircovic University of Southern California, USA Refik Molva Eurecom, France Michael Naehrig Microsoft Research, USA Anderson Nascimento Universidade de Bras´ılia, Brazil Claudio Orlandi Aarhus University, Denmark Thomas Peyrin Nanyang Technological University, Singapore Bart Preneel Katholieke Universiteit Leuven, Belgium Emmanuel Prouff ANSSI, France Kasper Rasmussen University of California, Irvine, USA Francisco Rodr´ıguez-Henr´ıquez CINVESTAV-IPN, Mexico Jeff Seibert MIT Lincoln Labs, USA Radu State University of Luxembourg, Luxembourg Angelos Stavrou George Mason University, USA Willy Susilo University of Wollongong, Australia Damien Vergnaud E´cole Normale Sup´erieure, France Andrew White University of North Carolina, USA David Zage Sandia National Laboratories,USA Xinwen Zhang Huawei Research Center, USA Jianying Zhou Institute for Infocomm Research, Singapore Additional Reviewers Jean-Philippe Aumasson Liming Fang Monir Azraoui Matthieu Finiasz Joppe W. Bos Thomas Fuhr Melissa Chase Jinguang Han Donald Chen Jungyeon Hwang Craig Costello Vincenzo Iovino Alexandre Duc Haiqing Jiang Simon Eberz Orhun Kara Nadia El Mrabet Taechan Kim Kaoutar Elkhiyaoui JongHyup Lee CANS 2013 IX Jooyoung Lee Martin Schlaffer Yoonho Lee Peter Schwabe Wang Lei Yannick Seurin Kaitai Liang Ji Sun Shin Atul Luykx Wu Shuang Marine Minier Emil Stefanov Aziz Mohaisen Martin Strohmeier Satsuya Ohata Katsuyuki Takashima Christopher Peikert Serge Vaudenay Christiane Peters Antonio Villani Thomas Roche Jia Xu Rodrigo Roman Lei Xu Yusuke Sakai Naoto Yanai Ismail San Sponsoring Institutions Brazilian Government Agency for the Development of Higher Education (CAPES) Brazilian Internet Steering Committee (CGI.br) Invited Talks Solving the Platform Entropy Problem – Phase 2 George Cox IntelCorporation JF3-224, 2111 NE25th Street, Hillsboro, OR 97124 [email protected] Abstract. In this talk, we discuss the need for high quality“seeding” material for software pseudorandom number generators (SW PRNGs), the resultant development of NIST SP800-90 B/C, and Intel’s product response to it with evolution of our existing Digital Random Number Generator (DRNG)and addition of our newRdSeedinstruction.