IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
18 June 2018
Antonio Faonio, Jesper Buus Nielsen, Mark Simkin, Daniele Venturi
ePrint ReportIn this paper we propose a solution to this limitation, by leveraging a split-state refreshing procedure. Namely, whenever a decoding error happens, the two parts of an encoding can be locally refreshed (i.e.,\ without any interaction), which allows to avoid the self-destruct mechanism in some applications. Additionally, the refreshing procedure can be exploited in order to obtain security against continual leakage attacks. We give an abstract framework for building refreshable continuously non-malleable codes in the common reference string model, and provide a concrete instantiation based on the external Diffie-Hellman assumption.
Finally, we explore applications in which our notion turns out to be essential. The first application is a signature scheme tolerating an arbitrary polynomial number of split-state tampering attempts, without requiring a self-destruct capability, and in a model where refreshing of the memory happens only after an invalid output is produced. This circumvents an impossibility result from a recent work by Fuijisaki and Xagawa (Asiacrypt 2016). The second application is a compiler for tamper-resilient read-only RAM programs. In comparison to other tamper-resilient RAM compilers, ours has several advantages, among which the fact that, in some cases, it does not rely on the self-destruct feature.
Yin Li, Yu Zhang, Xiaoli Guo, Chuanda Qi
ePrint ReportMatvei Kotov, Anton Menshov, Alexander Ushakov
ePrint ReportWe present a heuristic algorithm that allows a passive eavesdropper to recover Alice's private key by removing cloaking elements. Our attack has 100% success rate on randomly generated instances of the protocol for the originally proposed parameter values and for recent proposals that suggest to insert many cloaking elements at random positions of the private key. Our implementation of the attack is available on GitHub.
Ignacio Cascudo, René Bødker Christensen, Jaron Skovsted Gundersen
ePrint ReportKyle Hogan, Hoda Maleki, Reza Rahaeimehr, Ran Canetti, Marten van Dijk, Jason Hennessey, Mayank Varia, Haibin Zhang
ePrint Report-It is user-centric: It stresses the security guarantees given to users of the system, in terms of privacy, correctness, and timeliness of the services.
-It provides defense in depth: It considers the security of OpenStack even when some of the components are compromised. This departs from the traditional design approach of OpenStack, which assumes that all services are fully trusted.
-It is modular: It formulates security properties for individual components and uses them to assert security properties of the overall system.
We base our modeling and security analysis in the universally composable (UC) security framework, which has been so far used mainly for analyzing security of cryptographic protocols. Indeed, demonstrating how the UC framework can be used to argue about security-sensitive systems which are mostly non-cryptographic in nature is another main contribution of this work.
Our analysis covers only a number of core components of OpenStack. Still, it uncovers some basic and important security trade-offs in the design. It also naturally paves the way to a more comprehensive analysis of OpenStack.
Dan Boneh, Joseph Bonneau, Benedikt Bünz, Ben Fisch
ePrint ReportGaurav Bansod, Abhijit Patil, Narayan Pisharoty
ePrint ReportLucas Schabh{\"u}ser, Denis Butin, Johannes Buchmann
ePrint ReportVlad Constantin Craciun, Andrei Mogage, Emil Simion
ePrint ReportLauren De Meyer, Begül Bilgin, Oscar Reparaz
ePrint ReportIvan Damgård, Tomasz Kazana, Maciej Obremski, Varun Raj, Luisa Siniscalchi
ePrint ReportSubhrajyoti Deb, Bubu Bhuyan, Sartaj Ul Hasan
ePrint Report14 June 2018
Per Austrin, Kai-Min Chung, Mohammad Mahmoody, Rafael Pass, Karn Seth
ePrint ReportWe also show that this result cannot be extended to primitives such as signature schemes and identification protocols: assuming the existence of one-way functions, such primitives can be made resilient to (\nicefrac{1}{\poly(n)})-tampering attacks where $n$ is the security~parameter.
weeve GmbH, Berlin, Germany
Job PostingSmart Contracting and Blockchain applications (e.g. Ethereum, Hyperledger, Cardano),
Blockchain-enabled mechanism design and applications (e.g. graded token-curated registries),
Radically new voting schemes beyond “the richer get richer” (e.g. quadratic voting, token-curated voting),
Scalable consensus protocols ,
Cryptographic algorithms (e.g. NIZKs, SNARGs, STARKs) & privacy-enhancing/GDPR-friendly protocols (e.g. MPC,)
System Security (e.g. ARM Trustzone, Intel SGX)
We solicit applications at various entry levels, from junior to senior, covering the complete spectrum from full-time research to development. We also appreciate and support research internships of PhDs and PostDocs. We offer a competitive salary, an academic environment, and access to Berlin’s vibrant blockchain ecosystem. Weeve leaves much freedom for pursuing one’s own ideas and supports this with condensing research ideas into a PhD and disseminating those to the blockchain community (meetups, conferences, etc.).
Closing date for applications: 31 July 2018
Contact: For technical inquiries, please contact Prof. Dr. Sebastian Gajek: (sebastian.gajek (at) weeve.network)
For recruitment queries, contact NBT Tech Recruiter: Ayca (ayca.kuzuimamlar (at) nbt.ag).
More information: https://weeve.network
University of Versailles, France
Job PostingThe position is available immediately for one year, and is renewable, based on mutual interest and availability of funding. The starting date can be arranged as convenient.
The candidates are expected to:
- have completed their PhD degree in cryptography;
- have adequate cryptography research experience demonstrated through a strong publication record.
Applications should be sent via email and should include a CV, a list of publications, a short research proposal, and contact information for one or two persons who are willing to give references.
Closing date for applications: 30 June 2018
Contact: Contact: Prof. Louis Goubin, Louis.Goubin (at) uvsq.fr
More information: http://lmv.math.cnrs.fr/equipes/crypto/