---
_id: '193'
abstract:
- lang: eng
text: 'We show attacks on five data-independent memory-hard functions (iMHF) that
were submitted to the password hashing competition (PHC). Informally, an MHF is
a function which cannot be evaluated on dedicated hardware, like ASICs, at significantly
lower hardware and/or energy cost than evaluating a single instance on a standard
single-core architecture. Data-independent means the memory access pattern of
the function is independent of the input; this makes iMHFs harder to construct
than data-dependent ones, but the latter can be attacked by various side-channel
attacks. Following [Alwen-Blocki''16], we capture the evaluation of an iMHF as
a directed acyclic graph (DAG). The cumulative parallel pebbling complexity of
this DAG is a measure for the hardware cost of evaluating the iMHF on an ASIC.
Ideally, one would like the complexity of a DAG underlying an iMHF to be as close
to quadratic in the number of nodes of the graph as possible. Instead, we show
that (the DAGs underlying) the following iMHFs are far from this bound: Rig.v2,
TwoCats and Gambit each having an exponent no more than 1.75. Moreover, we show
that the complexity of the iMHF modes of the PHC finalists Pomelo and Lyra2 have
exponents at most 1.83 and 1.67 respectively. To show this we investigate a combinatorial
property of each underlying DAG (called its depth-robustness. By establishing
upper bounds on this property we are then able to apply the general technique
of [Alwen-Block''16] for analyzing the hardware costs of an iMHF.'
acknowledgement: Leonid Reyzin was supported in part by IST Austria and by US NSF
grants 1012910, 1012798, and 1422965; this research was performed while he was visiting
IST Austria.
article_processing_charge: No
author:
- first_name: Joel F
full_name: Alwen, Joel F
id: 2A8DFA8C-F248-11E8-B48F-1D18A9856A87
last_name: Alwen
- first_name: Peter
full_name: Gazi, Peter
last_name: Gazi
- first_name: Chethan
full_name: Kamath Hosdurg, Chethan
id: 4BD3F30E-F248-11E8-B48F-1D18A9856A87
last_name: Kamath Hosdurg
- first_name: Karen
full_name: Klein, Karen
id: 3E83A2F8-F248-11E8-B48F-1D18A9856A87
last_name: Klein
- first_name: Georg F
full_name: Osang, Georg F
id: 464B40D6-F248-11E8-B48F-1D18A9856A87
last_name: Osang
orcid: 0000-0002-8882-5116
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
- first_name: Lenoid
full_name: Reyzin, Lenoid
last_name: Reyzin
- first_name: Michal
full_name: Rolinek, Michal
id: 3CB3BC06-F248-11E8-B48F-1D18A9856A87
last_name: Rolinek
- first_name: Michal
full_name: Rybar, Michal
id: 2B3E3DE8-F248-11E8-B48F-1D18A9856A87
last_name: Rybar
citation:
ama: 'Alwen JF, Gazi P, Kamath Hosdurg C, et al. On the memory hardness of data
independent password hashing functions. In: Proceedings of the 2018 on Asia
Conference on Computer and Communication Security. ACM; 2018:51-65. doi:10.1145/3196494.3196534'
apa: 'Alwen, J. F., Gazi, P., Kamath Hosdurg, C., Klein, K., Osang, G. F., Pietrzak,
K. Z., … Rybar, M. (2018). On the memory hardness of data independent password
hashing functions. In Proceedings of the 2018 on Asia Conference on Computer
and Communication Security (pp. 51–65). Incheon, Republic of Korea: ACM. https://doi.org/10.1145/3196494.3196534'
chicago: Alwen, Joel F, Peter Gazi, Chethan Kamath Hosdurg, Karen Klein, Georg F
Osang, Krzysztof Z Pietrzak, Lenoid Reyzin, Michal Rolinek, and Michal Rybar.
“On the Memory Hardness of Data Independent Password Hashing Functions.” In Proceedings
of the 2018 on Asia Conference on Computer and Communication Security, 51–65.
ACM, 2018. https://doi.org/10.1145/3196494.3196534.
ieee: J. F. Alwen et al., “On the memory hardness of data independent password
hashing functions,” in Proceedings of the 2018 on Asia Conference on Computer
and Communication Security, Incheon, Republic of Korea, 2018, pp. 51–65.
ista: 'Alwen JF, Gazi P, Kamath Hosdurg C, Klein K, Osang GF, Pietrzak KZ, Reyzin
L, Rolinek M, Rybar M. 2018. On the memory hardness of data independent password
hashing functions. Proceedings of the 2018 on Asia Conference on Computer and
Communication Security. ASIACCS: Asia Conference on Computer and Communications
Security , 51–65.'
mla: Alwen, Joel F., et al. “On the Memory Hardness of Data Independent Password
Hashing Functions.” Proceedings of the 2018 on Asia Conference on Computer
and Communication Security, ACM, 2018, pp. 51–65, doi:10.1145/3196494.3196534.
short: J.F. Alwen, P. Gazi, C. Kamath Hosdurg, K. Klein, G.F. Osang, K.Z. Pietrzak,
L. Reyzin, M. Rolinek, M. Rybar, in:, Proceedings of the 2018 on Asia Conference
on Computer and Communication Security, ACM, 2018, pp. 51–65.
conference:
end_date: 2018-06-08
location: Incheon, Republic of Korea
name: 'ASIACCS: Asia Conference on Computer and Communications Security '
start_date: 2018-06-04
date_created: 2018-12-11T11:45:07Z
date_published: 2018-06-01T00:00:00Z
date_updated: 2023-09-13T09:13:12Z
day: '01'
department:
- _id: KrPi
- _id: HeEd
- _id: VlKo
doi: 10.1145/3196494.3196534
ec_funded: 1
external_id:
isi:
- '000516620100005'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2016/783
month: '06'
oa: 1
oa_version: Submitted Version
page: 51 - 65
project:
- _id: 25FBA906-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '616160'
name: 'Discrete Optimization in Computer Vision: Theory and Practice'
- _id: 258AA5B2-B435-11E9-9278-68D0E5697425
call_identifier: H2020
grant_number: '682815'
name: Teaching Old Crypto New Tricks
publication: Proceedings of the 2018 on Asia Conference on Computer and Communication
Security
publication_status: published
publisher: ACM
publist_id: '7723'
quality_controlled: '1'
scopus_import: '1'
status: public
title: On the memory hardness of data independent password hashing functions
type: conference
user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1
year: '2018'
...
---
_id: '300'
abstract:
- lang: eng
text: We introduce a formal quantitative notion of “bit security” for a general
type of cryptographic games (capturing both decision and search problems), aimed
at capturing the intuition that a cryptographic primitive with k-bit security
is as hard to break as an ideal cryptographic function requiring a brute force
attack on a k-bit key space. Our new definition matches the notion of bit security
commonly used by cryptographers and cryptanalysts when studying search (e.g.,
key recovery) problems, where the use of the traditional definition is well established.
However, it produces a quantitatively different metric in the case of decision
(indistinguishability) problems, where the use of (a straightforward generalization
of) the traditional definition is more problematic and leads to a number of paradoxical
situations or mismatches between theoretical/provable security and practical/common
sense intuition. Key to our new definition is to consider adversaries that may
explicitly declare failure of the attack. We support and justify the new definition
by proving a number of technical results, including tight reductions between several
standard cryptographic problems, a new hybrid theorem that preserves bit security,
and an application to the security analysis of indistinguishability primitives
making use of (approximate) floating point numbers. This is the first result showing
that (standard precision) 53-bit floating point numbers can be used to achieve
100-bit security in the context of cryptographic primitives with general indistinguishability-based
security definitions. Previous results of this type applied only to search problems,
or special types of decision problems.
acknowledgement: Research supported in part by the Defense Advanced Research Projects
Agency (DARPA) and the U.S. Army Research Office under the SafeWare program. Opinions,
findings and conclusions or recommendations expressed in this material are those
of the author(s) and do not necessarily reflect the views, position or policy of
the Government. The second author was also supported by the European Research Council,
ERC consolidator grant (682815 - TOCNeT).
alternative_title:
- LNCS
article_processing_charge: No
author:
- first_name: Daniele
full_name: Micciancio, Daniele
last_name: Micciancio
- first_name: Michael
full_name: Walter, Michael
id: 488F98B0-F248-11E8-B48F-1D18A9856A87
last_name: Walter
orcid: 0000-0003-3186-2482
citation:
ama: 'Micciancio D, Walter M. On the bit security of cryptographic primitives. In:
Vol 10820. Springer; 2018:3-28. doi:10.1007/978-3-319-78381-9_1'
apa: 'Micciancio, D., & Walter, M. (2018). On the bit security of cryptographic
primitives (Vol. 10820, pp. 3–28). Presented at the Eurocrypt: Advances in Cryptology,
Tel Aviv, Israel: Springer. https://doi.org/10.1007/978-3-319-78381-9_1'
chicago: Micciancio, Daniele, and Michael Walter. “On the Bit Security of Cryptographic
Primitives,” 10820:3–28. Springer, 2018. https://doi.org/10.1007/978-3-319-78381-9_1.
ieee: 'D. Micciancio and M. Walter, “On the bit security of cryptographic primitives,”
presented at the Eurocrypt: Advances in Cryptology, Tel Aviv, Israel, 2018, vol.
10820, pp. 3–28.'
ista: 'Micciancio D, Walter M. 2018. On the bit security of cryptographic primitives.
Eurocrypt: Advances in Cryptology, LNCS, vol. 10820, 3–28.'
mla: Micciancio, Daniele, and Michael Walter. On the Bit Security of Cryptographic
Primitives. Vol. 10820, Springer, 2018, pp. 3–28, doi:10.1007/978-3-319-78381-9_1.
short: D. Micciancio, M. Walter, in:, Springer, 2018, pp. 3–28.
conference:
end_date: 2018-05-03
location: Tel Aviv, Israel
name: 'Eurocrypt: Advances in Cryptology'
start_date: 2018-04-29
date_created: 2018-12-11T11:45:42Z
date_published: 2018-03-31T00:00:00Z
date_updated: 2023-09-13T09:12:04Z
day: '31'
department:
- _id: KrPi
doi: 10.1007/978-3-319-78381-9_1
ec_funded: 1
external_id:
isi:
- '000517097500001'
intvolume: ' 10820'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://eprint.iacr.org/2018/077
month: '03'
oa: 1
oa_version: Submitted Version
page: 3 - 28
project:
- _id: 258AA5B2-B435-11E9-9278-68D0E5697425
call_identifier: H2020
grant_number: '682815'
name: Teaching Old Crypto New Tricks
publication_status: published
publisher: Springer
publist_id: '7581'
quality_controlled: '1'
scopus_import: '1'
status: public
title: On the bit security of cryptographic primitives
type: conference
user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1
volume: 10820
year: '2018'
...
---
_id: '312'
abstract:
- lang: eng
text: Motivated by biological questions, we study configurations of equal spheres
that neither pack nor cover. Placing their centers on a lattice, we define the
soft density of the configuration by penalizing multiple overlaps. Considering
the 1-parameter family of diagonally distorted 3-dimensional integer lattices,
we show that the soft density is maximized at the FCC lattice.
acknowledgement: This work was partially supported by the DFG Collaborative Research
Center TRR 109, “Discretization in Geometry and Dynamics,” through grant I02979-N35
of the Austrian Science Fund (FWF).
article_processing_charge: No
article_type: original
author:
- first_name: Herbert
full_name: Edelsbrunner, Herbert
id: 3FB178DA-F248-11E8-B48F-1D18A9856A87
last_name: Edelsbrunner
orcid: 0000-0002-9823-6833
- first_name: Mabel
full_name: Iglesias Ham, Mabel
id: 41B58C0C-F248-11E8-B48F-1D18A9856A87
last_name: Iglesias Ham
citation:
ama: Edelsbrunner H, Iglesias Ham M. On the optimality of the FCC lattice for soft
sphere packing. SIAM J Discrete Math. 2018;32(1):750-782. doi:10.1137/16M1097201
apa: Edelsbrunner, H., & Iglesias Ham, M. (2018). On the optimality of the FCC
lattice for soft sphere packing. SIAM J Discrete Math. Society for Industrial
and Applied Mathematics . https://doi.org/10.1137/16M1097201
chicago: Edelsbrunner, Herbert, and Mabel Iglesias Ham. “On the Optimality of the
FCC Lattice for Soft Sphere Packing.” SIAM J Discrete Math. Society for
Industrial and Applied Mathematics , 2018. https://doi.org/10.1137/16M1097201.
ieee: H. Edelsbrunner and M. Iglesias Ham, “On the optimality of the FCC lattice
for soft sphere packing,” SIAM J Discrete Math, vol. 32, no. 1. Society
for Industrial and Applied Mathematics , pp. 750–782, 2018.
ista: Edelsbrunner H, Iglesias Ham M. 2018. On the optimality of the FCC lattice
for soft sphere packing. SIAM J Discrete Math. 32(1), 750–782.
mla: Edelsbrunner, Herbert, and Mabel Iglesias Ham. “On the Optimality of the FCC
Lattice for Soft Sphere Packing.” SIAM J Discrete Math, vol. 32, no. 1,
Society for Industrial and Applied Mathematics , 2018, pp. 750–82, doi:10.1137/16M1097201.
short: H. Edelsbrunner, M. Iglesias Ham, SIAM J Discrete Math 32 (2018) 750–782.
date_created: 2018-12-11T11:45:46Z
date_published: 2018-03-29T00:00:00Z
date_updated: 2023-09-13T09:34:38Z
day: '29'
department:
- _id: HeEd
doi: 10.1137/16M1097201
external_id:
isi:
- '000428958900038'
intvolume: ' 32'
isi: 1
issue: '1'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: http://pdfs.semanticscholar.org/d2d5/6da00fbc674e6a8b1bb9d857167e54200dc6.pdf
month: '03'
oa: 1
oa_version: Submitted Version
page: 750 - 782
project:
- _id: 2561EBF4-B435-11E9-9278-68D0E5697425
call_identifier: FWF
grant_number: I02979-N35
name: Persistence and stability of geometric complexes
publication: SIAM J Discrete Math
publication_identifier:
issn:
- '08954801'
publication_status: published
publisher: 'Society for Industrial and Applied Mathematics '
publist_id: '7553'
quality_controlled: '1'
scopus_import: '1'
status: public
title: On the optimality of the FCC lattice for soft sphere packing
type: journal_article
user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1
volume: 32
year: '2018'
...
---
_id: '409'
abstract:
- lang: eng
text: We give a simple proof of T. Stehling's result [4], whereby in any normal
tiling of the plane with convex polygons with number of sides not less than six,
all tiles except a finite number are hexagons.
article_processing_charge: No
article_type: original
author:
- first_name: Arseniy
full_name: Akopyan, Arseniy
id: 430D2C90-F248-11E8-B48F-1D18A9856A87
last_name: Akopyan
orcid: 0000-0002-2548-617X
citation:
ama: Akopyan A. On the number of non-hexagons in a planar tiling. Comptes Rendus
Mathematique. 2018;356(4):412-414. doi:10.1016/j.crma.2018.03.005
apa: Akopyan, A. (2018). On the number of non-hexagons in a planar tiling. Comptes
Rendus Mathematique. Elsevier. https://doi.org/10.1016/j.crma.2018.03.005
chicago: Akopyan, Arseniy. “On the Number of Non-Hexagons in a Planar Tiling.” Comptes
Rendus Mathematique. Elsevier, 2018. https://doi.org/10.1016/j.crma.2018.03.005.
ieee: A. Akopyan, “On the number of non-hexagons in a planar tiling,” Comptes
Rendus Mathematique, vol. 356, no. 4. Elsevier, pp. 412–414, 2018.
ista: Akopyan A. 2018. On the number of non-hexagons in a planar tiling. Comptes
Rendus Mathematique. 356(4), 412–414.
mla: Akopyan, Arseniy. “On the Number of Non-Hexagons in a Planar Tiling.” Comptes
Rendus Mathematique, vol. 356, no. 4, Elsevier, 2018, pp. 412–14, doi:10.1016/j.crma.2018.03.005.
short: A. Akopyan, Comptes Rendus Mathematique 356 (2018) 412–414.
date_created: 2018-12-11T11:46:19Z
date_published: 2018-04-01T00:00:00Z
date_updated: 2023-09-13T09:34:12Z
day: '01'
department:
- _id: HeEd
doi: 10.1016/j.crma.2018.03.005
external_id:
arxiv:
- '1805.01652'
isi:
- '000430402700009'
intvolume: ' 356'
isi: 1
issue: '4'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://arxiv.org/abs/1805.01652
month: '04'
oa: 1
oa_version: Preprint
page: 412-414
publication: Comptes Rendus Mathematique
publication_identifier:
issn:
- 1631073X
publication_status: published
publisher: Elsevier
publist_id: '7420'
quality_controlled: '1'
scopus_import: '1'
status: public
title: On the number of non-hexagons in a planar tiling
type: journal_article
user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1
volume: 356
year: '2018'
...
---
_id: '419'
abstract:
- lang: eng
text: 'Reciprocity is a major factor in human social life and accounts for a large
part of cooperation in our communities. Direct reciprocity arises when repeated
interactions occur between the same individuals. The framework of iterated games
formalizes this phenomenon. Despite being introduced more than five decades ago,
the concept keeps offering beautiful surprises. Recent theoretical research driven
by new mathematical tools has proposed a remarkable dichotomy among the crucial
strategies: successful individuals either act as partners or as rivals. Rivals
strive for unilateral advantages by applying selfish or extortionate strategies.
Partners aim to share the payoff for mutual cooperation, but are ready to fight
back when being exploited. Which of these behaviours evolves depends on the environment.
Whereas small population sizes and a limited number of rounds favour rivalry,
partner strategies are selected when populations are large and relationships stable.
Only partners allow for evolution of cooperation, while the rivals’ attempt to
put themselves first leads to defection. Hilbe et al. synthesize recent theoretical
work on zero-determinant and ‘rival’ versus ‘partner’ strategies in social dilemmas.
They describe the environments under which these contrasting selfish or cooperative
strategies emerge in evolution.'
article_processing_charge: No
article_type: review
author:
- first_name: Christian
full_name: Hilbe, Christian
id: 2FDF8F3C-F248-11E8-B48F-1D18A9856A87
last_name: Hilbe
orcid: 0000-0001-5116-955X
- first_name: Krishnendu
full_name: Chatterjee, Krishnendu
id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87
last_name: Chatterjee
orcid: 0000-0002-4561-241X
- first_name: Martin
full_name: Nowak, Martin
last_name: Nowak
citation:
ama: Hilbe C, Chatterjee K, Nowak M. Partners and rivals in direct reciprocity.
Nature Human Behaviour. 2018;2:469–477. doi:10.1038/s41562-018-0320-9
apa: Hilbe, C., Chatterjee, K., & Nowak, M. (2018). Partners and rivals in direct
reciprocity. Nature Human Behaviour. Nature Publishing Group. https://doi.org/10.1038/s41562-018-0320-9
chicago: Hilbe, Christian, Krishnendu Chatterjee, and Martin Nowak. “Partners and
Rivals in Direct Reciprocity.” Nature Human Behaviour. Nature Publishing
Group, 2018. https://doi.org/10.1038/s41562-018-0320-9.
ieee: C. Hilbe, K. Chatterjee, and M. Nowak, “Partners and rivals in direct reciprocity,”
Nature Human Behaviour, vol. 2. Nature Publishing Group, pp. 469–477, 2018.
ista: Hilbe C, Chatterjee K, Nowak M. 2018. Partners and rivals in direct reciprocity.
Nature Human Behaviour. 2, 469–477.
mla: Hilbe, Christian, et al. “Partners and Rivals in Direct Reciprocity.” Nature
Human Behaviour, vol. 2, Nature Publishing Group, 2018, pp. 469–477, doi:10.1038/s41562-018-0320-9.
short: C. Hilbe, K. Chatterjee, M. Nowak, Nature Human Behaviour 2 (2018) 469–477.
date_created: 2018-12-11T11:46:22Z
date_published: 2018-03-19T00:00:00Z
date_updated: 2023-09-13T09:38:54Z
day: '19'
ddc:
- '000'
department:
- _id: KrCh
doi: 10.1038/s41562-018-0320-9
ec_funded: 1
external_id:
isi:
- '000446612000016'
file:
- access_level: open_access
checksum: 571b8cc0ba14e8d5d8b18e439a9835eb
content_type: application/pdf
creator: dernst
date_created: 2019-11-19T08:19:51Z
date_updated: 2020-07-14T12:46:25Z
file_id: '7052'
file_name: 2018_NatureHumanBeh_Hilbe.pdf
file_size: 598033
relation: main_file
file_date_updated: 2020-07-14T12:46:25Z
has_accepted_license: '1'
intvolume: ' 2'
isi: 1
language:
- iso: eng
month: '03'
oa: 1
oa_version: Submitted Version
page: 469–477
project:
- _id: 2581B60A-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '279307'
name: 'Quantitative Graph Games: Theory and Applications'
- _id: 2584A770-B435-11E9-9278-68D0E5697425
call_identifier: FWF
grant_number: P 23499-N23
name: Modern Graph Algorithmic Techniques in Formal Verification
- _id: 25832EC2-B435-11E9-9278-68D0E5697425
call_identifier: FWF
grant_number: S 11407_N23
name: Rigorous Systems Engineering
- _id: 25681D80-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '291734'
name: International IST Postdoc Fellowship Programme
publication: Nature Human Behaviour
publication_status: published
publisher: Nature Publishing Group
publist_id: '7404'
quality_controlled: '1'
related_material:
link:
- relation: erratum
url: http://doi.org/10.1038/s41562-018-0342-3
scopus_import: '1'
status: public
title: Partners and rivals in direct reciprocity
type: journal_article
user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1
volume: 2
year: '2018'
...