International Association
for Cryptologic Research

The Fiat-Shamir transformation underlies numerous non-interactive arguments, with variants that differ in important ways. This paper addresses a gap between variants analyzed by theoreticians and variants implemented (and deployed) by practitioners. Specifically, theoretical analyses typically assume parties have access to random oracles with sufficiently large input and output size, while cryptographic hash functions in practice have fixed input and output sizes (pushing practitioners towards other variants).

In this paper we propose and analyze a variant of the Fiat-Shamir transformation that is based on an ideal permutation of fixed size. The transformation relies on the popular duplex sponge paradigm, and minimizes the number of calls to the permutation (given the amount of information to absorb and to squeeze). Our variant closely models deployed variants of the Fiat-Shamir transformation, and our analysis provides concrete security bounds that can be used to set security parameters in practice.

We additionally contribute spongefish, an open-source Rust library implementing our Fiat-Shamir transformation. The library is interoperable across multiple cryptographic frameworks, and works with any choice of permutation. The library comes equipped with Keccak and Poseidon permutations, as well as several "codecs" for re-mapping prover and verifier messages to the permutation's domain.

As artificial intelligence (AI) becomes increasingly embedded in high-stakes applications such as healthcare, finance, and autonomous systems, ensuring the verifiability of AI computations without compromising sensitive data or proprietary models is crucial. Zero-knowledge machine learning (ZKML) leverages zero-knowledge proofs (ZKPs) to enable the verification of AI model outputs while preserving confidentiality. However, existing ZKML approaches require specialized cryptographic expertise, making them inaccessible to traditional AI developers.

In this paper, we introduce ZKPyTorch, a compiler that seamlessly integrates ML frameworks like PyTorch with ZKP engines like Expander, simplifying the development of ZKML. ZKPyTorch automates the translation of ML operations into optimized ZKP circuits through three key components. First, a ZKP preprocessor converts models into structured computational graphs and injects necessary auxiliary information to facilitate proof generation. Second, a ZKP-friendly quantization module introduces an optimized quantization strategy that reduces computation bit-widths, enabling efficient ZKP execution within smaller finite fields such as M61. Third, a hierarchical ZKP circuit optimizer employs a multi-level optimization framework at model, operation, and circuit levels to improve proof generation efficiency.

We demonstrate ZKPyTorch effectiveness through end-to-end case studies, successfully converting VGG-16 and Llama-3 models from PyTorch, a leading ML framework, into ZKP-compatible circuits recognizable by Expander, a state-of-the-art ZKP engine. Using Expander, we generate zero-knowledge proofs for these models, achieving proof generation for the VGG-16 model in 2.2 seconds per CIFAR-10 image for VGG-16 and 150 seconds per token for Llama-3 inference, improving the practical adoption of ZKML.

Rank-1 Constraint Systems (R1CS) and Plonk constraint systems are two commonly used circuit formats for zero-knowledge succinct non-interactive arguments of knowledge (zkSNARKs). We present Plonkify, a tool that converts a circuit in an R1CS arithmetization to Plonk, with support for both vanilla gates and custom gates. Our tool is able to convert an R1CS circuit with 229,847 constraints to a vanilla Plonk circuit with 855,296 constraints, or a jellyfish turbo Plonk circuit with 429,166 constraints, representing a $2.59\times$ and $1.9\times$ reduction in the number of constraints over the respective naïve conversions.

Recent advances in Vector Oblivious Linear Evaluation (VOLE) protocols have enabled constant-round, fast, and scalable (designated-verifier) zero-knowledge proofs, significantly reducing prover computational cost. Existing protocols, such as QuickSilver [CCS’21] and LPZKv2 [CCS’22], achieve efficiency with prover costs of 4 multiplications in the extension field per AND gate for Boolean circuits, with one multiplication requiring a O(κ log κ)-bit operation where κ = 128 is the security parameter and 3-4 field multiplications per multiplication gate for arithmetic circuits over a large field. We introduce JesseQ, a suite of two VOLE-based protocols: JQv1 and JQv2, which advance state of the art. JQv1 requires only 2 scalar multiplications in an extension field per AND gate for Boolean circuits, with one scalar needing a O(κ)- bit operation, and 2 field multiplications per multiplication gate for arithmetic circuits over a large field. In terms of communication costs, JQv1 needs just 1 field element per gate. JQv2 further reduces communication costs by half at the cost of doubling the prover’s computation. Experiments show that, compared to the current state of the art, both JQv1 and JQv2 achieve at least 3.9× improvement for Boolean circuits. For large field circuits, JQv1 has a similar performance, while JQv2 offers a 1.3× improvement. Additionally, both JQv1 and JQv2 maintain the same communication cost as the current state of the art. Notably, on the cheapest AWS instances, JQv1 can prove 9.2 trillion AND gates (or 5.8 trillion multiplication gates over a 61-bit field) for just one US dollar. JesseQ excels in applications like inner products, matrix multiplication, and lattice problems, delivering 40%- 200% performance improvements compared to QuickSilver. Additionally, JesseQ integrates seamlessly with the sublinear Batchman framework [CCS’23], enabling further efficiency gains for batched disjunctive statements.

Systems such as file backup services often use content-defined chunking (CDC) algorithms, especially those based on rolling hash techniques, to split files into chunks in a way that allows for data deduplication. These chunking algorithms often depend on per-user parameters in an attempt to avoid leaking information about the data being stored. We present attacks to extract these chunking parameters and discuss protocol-agnostic attacks and loss of security once the parameters are breached (including when these parameters are not setup at all, which is often available as an option). Our parameter-extraction attacks themselves are protocol-specific but their ideas are generalizable to many potential CDC schemes.

Distinguishing Goppa codes or alternant codes from generic linear codes [FGO+11] has been shown to be a first step before being able to attack McEliece cryptosystem based on those codes [BMT24]. Whereas the distinguisher of [FGO+11] is only able to distinguish Goppa codes or alternant codes of rate very close to 1, in [CMT23a] a much more powerful (and more general) distinguisher was proposed. It is based on computing the Hilbert series $\{\mathrm{HF}(d),~d\in \mathbb{N}\}$ of a Pfaffian modeling. The distinguisher of [FGO+11] can be interpreted as computing $\mathrm{HF}(1)$. Computing $\mathrm{HF}(2)$ still gives a polynomial time distinguisher for alternant or Goppa codes and is apparently able to distinguish Goppa or alternant codes in a much broader regime of rates as the one of [FGO+11]. However, the scope of this distinguisher was unclear. We give here a formula for $\mathrm{HF}(2)$ corresponding to generic alternant codes when the field size $q$ satisfies $q \geq r$, where r is the degree of the alternant code. We also show that this expression for$\mathrm{HF}(2)$ provides a lower bound in general. The value of $\mathrm{HF}(2)$ corresponding to random linear codes is known and this yields a precise description of the new regime of rates that can be distinguished by this new method. This shows that the new distinguisher improves significantly upon the one given in [FGO+11].

This article presents an extension of the work performed by Liu, Baek and Susilo on extended withdrawable signatures to lattice-based constructions. We introduce a general construction, and provide security proofs for this proposal. As instantiations, we provide concrete construction for extended withdrawable signature schemes based on Dilithium and HAETAE.

We show that the anonymous authentication and key establishment scheme [IEEE TDSC, 20(4), 3535-3545, 2023] fails to keep user anonymity, not as claimed. We also suggest a method to fix it.

Zero-knowledge range arguments are a fundamental cryptographic primitive that allows a prover to convince a verifier of the knowledge of a secret value lying within a predefined range. They have been utilized in diverse applications, such as confidential transactions, proofs of solvency and anonymous credentials. Range arguments with a transparent setup dispense with any trusted setup to eliminate security backdoor and enhance transparency. They are increasingly deployed in diverse decentralized applications on blockchains. One of the major concerns of practical deployment of range arguments on blockchains is the incurred gas cost and high computational overhead associated with blockchain miners. Hence, it is crucial to optimize the verification efficiency in range arguments to alleviate the deployment cost on blockchains and other decentralized platforms. In this paper, we present VeRange with several new zero-knowledge range arguments in the discrete logarithm setting, requiring only $c \sqrt{N/\log N}$ group exponentiations for verification, where $N$ is the number of bits to represent a range and $c$ is a small constant, making them concretely efficient for blockchain deployment with a very low gas cost. Furthermore, VeRange is aggregable, allowing a prover to simultaneously prove $T$ range arguments in a single argument, requiring only $O(\sqrt{TN/\log (TN)}) + T$ group exponentiations for verification. We deployed {\tt VeRange} on Ethereum and measured the empirical gas cost, achieving the fastest verification runtime and the lowest gas cost among the discrete-logarithm-based range arguments in practice.

Blockchain technology and smart contracts have revolutionized digital transactions by enabling trustless and decentralized exchanges of value. However, the inherent transparency and immutability of blockchains pose significant privacy challenges. On-chain data, while pseudonymous, is publicly visible and permanently recorded, potentially leading to the inadvertent disclosure of sensitive information. This issue is particularly pronounced in smart contract applications, where contract details are accessible to all network participants, risking the exposure of identities and transactional details.

To address these privacy concerns, there is a pressing need for privacy-preserving mechanisms in smart contracts. To showcase this need even further, in our paper we bring forward advanced use-cases in economics which only smart contracts equipped with privacy mechanisms can realize, and show how fully-homomorphic encryption (FHE) as a privacy enhancing technology (PET) in smart contracts, operating on a public blockchain, can make possible the implementation of these use-cases. Furthermore, we perform a comprehensive systematization of FHE-based approaches in smart contracts, examining their potential to maintain the confidentiality of sensitive information while retaining the benefits of smart contracts, such as automation, decentralization, and security. After we evaluate these existing FHE solutions in the context of the use-cases we consider, we identify open problems, and suggest future research directions to enhance privacy in blockchain smart contracts.

Event date: 16 December to 19 December 2025

Event date: 2 December to 5 December 2025

Event date: 14 September 2025

Event date: 10 October to 12 October 2025
Submission deadline: 31 May 2025
Notification: 15 July 2025

What the role involves:

As an Applied Cryptography Researcher, you must be a cryptographer with a strong understanding of practical aspects of using cryptography in real world settings. You have the exciting challenge of working on bleeding-edge research and technology, always with a focus on the market's needs. You will work side by side with architects and engineers implementing novel cryptographic primitives that you may have also designed yourself. The scope is everything from Post-Quantum prototypes to hand-optimisation of existing primitives to completely new systems. To support you on this challenge, we have cryptography researchers, software architects, product managers, project managers, formal methods specialists and QA test engineers, with whom you will have high bandwidth communications.

Extract requirements from product and engineering regarding cryptographic primitives.

Lead and contribute to novel cryptographic research meeting such requirements.

Support prototyping of cryptographic systems.

Translate research into engineering specifications & implementations.

Meticulously review cryptographic protocols and proposed primitives.

Write research papers for submission to top cryptologic conferences and journals.

Contribute to peer-reviewed publications.
Who you are:

PhD in Computer Science/Engineering or Applied Mathematics. A minimum of 4-5 years development experience in the field Expert knowledge of applied cryptography & best practices Expert knowledge of ZK protocols, such as PlonK and IPA commitment scheme Expert knowledge of elliptic curve cryptography Expert knowledge of post quantum security techniques Familiarity with blockchain cryptography and constructions Practical experience with implementation of cryptographic primitives Expert in terms of cryptographic design Good understanding of implementation and engineering constraints. Security sensibility related to cryptographic implementation Excellent theoretical cryptography and mathematical knowledge

Closing date for applications:

Contact: Marios Nicolaides

More information: https://apply.workable.com/io-global/j/DE859C73F4/

Funded PhD position for Fall 2025 on Cryptographic Engineering and Hardware Security.

This is an urgent call for interested applicants. A funded Ph.D. student position is available for Fall 2025 to work on different aspects of Cryptographic Engineering in the new Bellini College of Artificial Intelligence, Cybersecurity, and Computing with Dr. Mehran Mozaffari Kermani. We are looking for motivated, talented, and hardworking applicants who have background and are interested in working on different aspects of Cryptographic Engineering with emphasis on hardware/software implementation, and side-channel attacks.

Please send email me your updated CV (including list of publications, language test marks, and references), transcripts for B.Sc. and M.Sc., and a statement of interest to: mehran2 (at) usf.edu as soon as possible.

Research Webpage: https://cse.usf.edu/~mehran2/

Closing date for applications:

Contact: Mehran Mozaffari Kermani

Dear all, The Communication Systems and Networks research group at Mid Sweden University invites applications for a Postdoctoral Researcher position in the field of Wireless Security and Trustworthy AI, within the framework of the newly launched TRUST project, conducted in collaboration with the University of Vaasa, Finland. The successful candidate will contribute to advanced research in at least two of the following areas: • Cryptographic protocol design and analysis, including vulnerability mitigation • Security testing and experimentation using Software-Defined Radio (SDR) platforms • AI-based intrusion detection systems and Explainable Artificial Intelligence (XAI) • Blockchain-enabled secure data exchange in wireless communication systems Minimum Qualifications: • A PhD degree in Electrical Engineering, Computer Science, or a closely related field • Demonstrated expertise in at least two of the listed research areas • A strong publication record relevant to the position Location: Sundsvall, Sweden

Closing date for applications:

Contact: Mikael Gidlund https://www.miun.se/en/personnel/g/mikaelgidlund/

More information: https://www.miun.se/en/work-at-the-university/career/jobs/vacancy/postdoctoral-researcher-in-wireless--network-security-and-trustworthy-ai/#gsc.tab=0

CISPA is a world-leading research center that focuses on Information Security and Artificial Intelligence at large. To expand and further strengthen our center, we are looking for Tenure-Track Faculty in all areas related to Information Security and Artificial Intelligence (f/m/d)

All applicants are expected to grow a research team that pursues an internationally visible research agenda. To aid you in achieving this, CISPA provides institutional base funding for three full-time researcher positions and a generous budget for expenditures. Upon successful tenure evaluation, you will hold a position that is equivalent to an endowed full professorship at a top research university.

In view of the current geopolitical landscape and in order to further strengthen research in information security and trustworthy AI in Germany and Europe, we have decided to invite a further round of applications of renowned candidates with an outstanding track record in Information Security, Artificial Intelligence, or related areas, including Cybersecurity and Privacy, Machine Learning and Data Science, Efficient Algorithms and Foundations of Theoretical Computer Science, Software Engineering, Program Analysis and Formal Methods.

The application deadline is April 8, 2025 23:59 AoE with interviews starting in mid April 2025.

CISPA values diversity and is committed to equality. We provide special dual-career support. We explicitly encourage female and diverse researchers to apply.

Closing date for applications:

Contact: career@cispa.de

More information: https://jobs.cispa.saarland/de_DE/jobs/detail/tenure-track-faculty-in-all-areas-related-to-information-security-and-artificial-intelligence-f-m-d-extended-call-269

In the Research Unit of Privacy Enhancing Technologies at TU Wien is offering a position as university assistant post-doc (all genders) limited to expected 6 years for 40 hours/week. Expected start: April 2025. Research will address the development of privacy-enhancing technologies, including but not limited to the design of cryptographic algorithms and protocols, distributed protocols, cryptocurrencies, and information-theoretic approaches such as differential privacy. Topics of interest include (but are not limited to): Privacy preserving cryptocurrencies Efficient proof systems such as (non-interactive) zero-knowledge, SNARKs, etc. Cryptographic protocols Functional encryption Fully homomorphic encryption Information-theoretic approaches such as differential privacy

Tasks: Deep interest in scientific problems and the motivation for independent and goal-oriented research Independent teaching or participation in teaching and supervision of students Participation in organizational and administrative tasks of the research division and the faculty

Your profile: - Completion of an excellent doctorate in Computer Science or a closely related field
-Strong background in cryptography, privacy-preserving mechanisms, or data security
- In-depth knowledge and experience in at least one subject area: secure computation, differential privacy, anonymous communication systems, privacy-preserving machine learning, cryptocurrencies, cryptographic protocols, identity management, homomorphic encryption, or zero-knowledge proofs
An outstanding publication record in top security, privacy, and applied cryptography conferences and journals, such as e.g., ACM CCS, Crypto, Eurocrypt, Usenix Security, NDSS, EEE S&P, PETS Experience in teaching and supervising students, with enthusiasm for advancing knowledge in the field of privacy-enhancing technologies Excellent organizational and analytical skills, combined with a structured and detail-oriented approach to work Team player with strong problem-solving abilities, creative thinking, and a passion for tackling real-world privacy challenges

Closing date for applications:

Contact: Univ. Prof. Dr. Dominique Schroeder

More information: https://jobs.tuwien.ac.at/Job/247325

The integration of AI agents with Web3 ecosystems harnesses their complementary potential for autonomy and openness, yet also introduces underexplored security risks, as these agents dynamically interact with financial protocols and immutable smart contracts. This paper investigates the vulnerabilities of AI agents within blockchain-based financial ecosystems when exposed to adversarial threats in real-world scenarios. We introduce the concept of context manipulation -- a comprehensive attack vector that exploits unprotected context surfaces, including input channels, memory modules, and external data feeds. Through empirical analysis of ElizaOS, a decentralized AI agent framework for automated Web3 operations, we demonstrate how adversaries can manipulate context by injecting malicious instructions into prompts or historical interaction records, leading to unintended asset transfers and protocol violations which could be financially devastating. Our findings indicate that prompt-based defenses are insufficient, as malicious inputs can corrupt an agent's stored context, creating cascading vulnerabilities across interactions and platforms. This research highlights the urgent need to develop AI agents that are both secure and fiduciarily responsible.