International Association
for Cryptologic Research

We construct indistinguishability obfuscation from subexponentially secure Learning With Errors (LWE), bilinear maps, a constant-locality Pseudo Random Generator (PRG), and a new tool called Pseudo Flawed-smudging Generator (PFG). A PFG is an expanding function whose outputs $Y$ satisfy a weak form of pseudo randomness. Roughly speaking, for some polynomial bound $B$, and any $B$-bounded noise vector distribution $\chi$, it guarantees that for $e \gets \chi$, the distribution of $(e,\ Y + e)$ is indistinguishable from $(e', Y + e)$, where $e'$ is a fresh random sample from $\chi$ conditioned on agreeing with $e$ at a few, $o(\lambda)$, locations. In other words, $Y$ hides $e$ at all but a few locations. Our construction of indistinguishability obfuscation requires a PFG that is computable by a degree 2 polynomial over the integers and has polynomially bounded outputs. We finally propose a candidate of such PFGs and formalize an assumption under which it satisfies the requirements of our construction.

We present a key-policy attribute-based encryption scheme that is adaptively secure under a static assumption and is not directly affected by an attribute ``one-use restriction." Our construction dramatically improves upon the only other such scheme (Takashima '17) by mitigating its downside of a ciphertext size that is dependent on the size of the attribute universe.

Security protocols using public-key cryptography often requires large number of costly modular exponentiations (MEs). With the proliferation of resource-constrained (mobile) devices and advancements in cloud computing, delegation of such expensive computations to powerful server providers has gained lots of attention. In this paper, we address the problem of verifiably secure delegation of MEs using two servers, where at most one of which is assumed to be malicious (the OMTUP-model). We first show verifiability issues of two recent schemes: We show that a scheme from IndoCrypt 2016 does not offer full verifiability, and that a scheme for $n$ simultaneous MEs from AsiaCCS 2016 is verifiable only with a probability $0.5909$ instead of the author's claim with a probability $0.9955$ for $n=10$. Then, we propose the first non-interactive fully verifiable secure delegation scheme by hiding the modulus via Chinese Remainder Theorem (CRT). Our scheme improves also the computational efficiency of the previous schemes considerably. Hence, we provide a lightweight delegation enabling weak clients to securely and verifiably delegate MEs without any expensive local computation (neither online nor offline). The proposed scheme is highly useful for devices having (a) only ultra-lightweight memory, and (b) limited computational power (e.g. sensor nodes, RFID tags).

The ecosystem of cryptocurrencies has been steadily growing since the introduction of Bitcoin, the first decentralised digital currency. While the notion of trustless asset exchange lies at the core of most blockchain-based systems, existing cross-chain communication techniques expose limitations regarding security, performance, and usability. As a result, centralised liquidity providers remain the preferred way for cross-chain transactions.

We systematise the notion of cryptocurrency-backed tokens, an approach towards trustless blockchain interoperability. We then propose a protocol for issuing, trading, and redeeming Bitcoin-backed tokens on Ethereum. Consequently, we provide an overview of system requirements, discuss open challenges regarding performance and security, and give an outlook on possible extensions. Our protocol, which requires no modifications to Bitcoin's consensus rules, can thereby be generalised to also support other cryptocurrencies.

Bitcoin is meant to offer a payment system where the users are custodians of their funds instead of entrusting a trusted financial institution. The limited transaction throughput of such permissionless blockchains, however, results for example in volatile transaction prices that hardly fit into traditional service level agreements required by professional institutions and cannot accommodate micro-transactions.

We present a novel non-custodial 2nd-layer financial intermediary solution secure against double-spending that guarantees users control of funds through leveraging a smart contract enabled decentralized blockchain ledger as a means of dispute resolution. Two-party payment channels networks have been proposed as building blocks for trust-free payments that do not exhaust the resources of the blockchain; however, they bear multiple fundamental limitations. NOCUST is a specification for secure N-party payment hubs with improved transaction utility, cheaper operational costs and leaner user enrollment.

Group signatures present a trade-off between the traditional goals of digital signatures and the signer's desire for privacy, allowing for the creation of unforgeable signatures in the name of a group which reveal nothing about the actual signer's identity beyond their group membership. Considering the desired properties formally opens up a possibility space of different security goals under various assumptions on trust placed in the designated entities of any scheme. Many models differ in their consideration of the variability of group membership as well, yet a formal treatment of the privacy of group membership status is lacking in all models, thus far.

We address this issue, starting from the vantage point of the comprehensive model due to Bootle et al. (ACNS'16), who prove that any scheme secure in their model is also secure in the previous models. Their model allows for fully dynamic management of group membership by segmenting the scheme's lifetime into epochs during which group membership is static but between which users may join or leave the group.

We extend the model of Bootle et al. by introducing formal notions of membership privacy. We then propose an efficient generic construction for a fully dynamic group signature scheme with membership privacy that is based on signatures with flexible public key (SFPK) and signatures on equivalence classes (SPSEQ). We instantiate the construction using a SFPK scheme based on the bilinear decisional Diffie-Hellman assumption and SPSEQ scheme by Fuchsbauer and Gay (PKC'18). The resulting scheme provides shorter signatures than existing schemes from standard assumption, while at the same time achieving stronger security guarantees.

Lower bounds for structure-preserving signature (SPS) schemes based on non-interactive assumptions have only been established in the case of unilateral messages, i.e. schemes signing tuples of group elements all from the same source group. In this paper, we consider the case of bilateral messages, consisting of elements from both source groups. We show that, for Type-III bilinear groups, SPS’s must consist of at least 6 group elements: many more than the 4 elements needed in the unilateral case, and optimal, as it matches a known upper bound from the literature. We also obtain the first non-trivial lower bounds for SPS’s in Type-II groups: a minimum of 4 group elements, whereas constructions with 3 group elements are known from interactive assumptions.

In cloud computing, delegated computing raises the security issue of guaranteeing data authenticity during a remote computation. Existing solutions do not simultaneously provide fast correctness verification, strong security properties, and information-theoretic confidentiality. We introduce a novel approach, in the form of function-dependent commitments, that combines these strengths. We also provide an instantiation of function-dependent commitments for linear functions that is unconditionally, i.e. information-theoretically, hiding and relies on standard hardness assumptions. This powerful construction can for instance be used to build verifiable computing schemes providing information-theoretic confidentiality. As an example, we introduce a verifiable multi-party computation scheme for shared data providing public verifiability and unconditional privacy towards the servers and parties verifying the correctness of the result. Our scheme can be used to perform verifiable computations on secret shares while requiring only a single party to compute the audit data for verification. Furthermore, our verification procedure is asymptotically even more efficient than performing operations locally on the shared data. Thus, our solution improves the state of the art for authenticated computing, verifiable computing and multi-party computation.

Dissidents, journalists, and others require technical means to protect their privacy in the face of compelled access to their digital devices (smartphones, laptops, tablets, etc.). For example, authorities increasingly force disclosure of all secrets, including passwords, to search devices upon national border crossings. We therefore present the design, implementation, and evaluation of a new system to help victims of compelled searches. Our system, called BurnBox, provides self-revocable encryption: the user can temporarily disable their access to specific files stored remotely, without revealing which files were revoked during compelled searches, even if the adversary also compromises the cloud storage service. They can later restore access. We formalize the threat model and provide a construction that uses an erasable index, secure erasure of keys, and standard cryptographic tools in order to provide security supported by our formal analysis. We report on a prototype implementation, which showcases the practicality of BurnBox.

Since Gentry discovered in 2009 the first fully homomorphic encryption scheme, the last few years have witnessed dramatic progress on designing more efficient homomorphic encryption schemes, and some of them have been implemented for applications. The main bottlenecks are in bootstrapping and large cipher expansion (the ratio of the size of ciphertexts to that of messages). Ducas and Micciancio (2015) show that homomorphic computation of one bit operation on LWE ciphers can be done in less than a second, which is then reduced by Chillotti et al. (2016, 2017) to 13ms. This paper presents a compact fully homomorphic encryption scheme that has the following features: (a) its cipher expansion is 6 with private-key encryption and 20 with public-key encryption; (b) all ciphertexts after any number (unbounded) of homomorphic bit operations have the same size and are always valid with the same error size; (c) its security is based on the LWE and RLWE problems (with binary secret keys) and the cost of breaking the scheme by the current approaches is at least $2^{160}$ bit operations. The scheme protects function privacy and provides a simple solution for secure two-party computation and zero knowledge proof of any language in NP.

Two, three-year PhD scholarships, covering international tuition fees and a stipend of $27,500 per year.

Project Aim

The aim of the project is to develop practical obfuscation techniques based on a theoretical foundation.

The theoretical work will be led by Prof Steven Galbraith while Associate Prof. Giovanni Russello will lead the practical aspects.

Experience

The ideal candidate will have an undergraduate degree in computer science, engineering or mathematics and have written a master thesis in some topic related to security, cryptography, or the underlying mathematics. We are looking for candidates with experience in some or all of the following:

- Hands-on experience with standard obfuscators and de-obfuscator tools

- Understanding of cryptography and its applications

- Understanding of ARM and/or X86 architecture and respective instruction set

- Experience in coding in C/C++ and assembly

- Understanding of compilers and run-time code optimisations

Application Process:

Please send an email to g.russello (at) auckland.ac.nz with a short CV and an unofficial transcript of grades in your degree.

Successful applicants will be asked to provide further information (such as an IELTS English language test and official transcripts of their degrees) at a later stage of the application process.

Closing date for applications: 2 September 2018

Contact: g.russello (at) auckland.ac.nz

The research conducted by the University of Auckland’s team will focus on applied cryptography for retrieval and processing of encrypted data in outsourced and untrusted environments. We are looking to apply encrypted search techniques to SGX environments and blockchain technologies. This involves a substantial program of research to develop, implement and apply to industrial case studies.

Applicants are required to have completed (or be close to completing) a Master degree (or equivalent) with outstanding grades in Computer Science, Mathematics, or closely related areas. Additional knowledge in related disciplines such as, e.g., complexity theory or IT security is welcome.

The candidate should be able not only to design but also implement working prototypes of the crypto scheme developed during the research period. Good knowledge of C/C++ and Linux is a must.

The STRATUS project will provide a stipend of 27,000 NZD p.a. and cover the costs of the tuition fee for 3 years.

Closing date for applications: 31 December 2018

Contact: Dr. Giovanni Russello

The University of Luxembourg/ Centre for Security and Trust is seeking to hire two post-docs and two PhDs to perform research in secure, verifiable voting schemes, quantum information assurance and quantum resistant crypto.

The Applied Security and Information Assurance (APSIA) research group, headed by Prof P Y A Ryan, invites applications for two PhD and two post-doc positions, details below. The APSIA team of SnT is a dynamic and growing research group, some 20 strong, conducting research on security-critical systems, information assurance, cryptography, crypto protocols and privacy.

The Interdisciplinary Centre for Security, Reliability and Trust (SnT) carries out interdisciplinary research in secure, reliable and trustworthy ICT systems and services, often in collaboration with industrial, governmental and international partners.

The successful candidate will join the APSIA group and will be part of the joint Luxembourg National Research Fund (FNR) and Norwegian RCN project “SURCVS” and will conduct research on the design and evaluation of secure yet usable voting systems. The project will be conducted jointly with the NTNU in Oslo. The candidate will be supervised by Prof. Peter Y. A. Ryan and Dr. Peter Roenne.

The candidate’s tasks include the following:

Conducting research on the following topics in verifiable, coercion resistant voting systems:

Formal definitions of relevant properties such verifiability, privacy, receipt-freeness and coercion resistance.

Modelling complex socio-technical systems, taking account of human aspects of security and trust.

Exploring quantum-safe algorithms and everlasting privacy for voting systems.

Providing guidance to M.Sc. students

Disseminating results through scientific publications and talks at conferences

Closing date for applications: 20 July 2018

Contact: peter.ryan (at) ui.lu or peter.roenne (at) uni.lu

More information: http://emea3.mrted.ly/1vjtw

The University of Luxembourg/ Centre for Security and Trust is seeking to hire a post-doc to perform research in secure, verifiable voting schemes, quantum information assurance and quantum resistant crypto.

The Applied Security and Information Assurance (APSIA) research group, headed by Prof P Y A Ryan, invites applications for two PhD and two post-doc positions, details below. The APSIA team of SnT is a dynamic and growing research group, some 20 strong, conducting research on security-critical systems, information assurance, cryptography, crypto protocols and privacy.

The position will be for an initial two year, but potentially extendable to five years.

See also: https://wwwen.uni.lu/snt/research/apsia/we_are_hiring

The Interdisciplinary Centre for Security, Reliability and Trust (SnT) carries out interdisciplinary research in secure, reliable and trustworthy ICT systems and services, often in collaboration with industrial, governmental and international partners.

The successful candidate will join the APSIA group led by Prof. Peter Y. A. Ryan. The candidate will be part of the joint Luxembourg National Research Fund (FNR) and Norwegian RCN project “SURCVS” and will conduct research on the design and evaluation of secure yet usable voting systems. The project will be conducted jointly with the NTNU in Oslo. The candidate’s tasks include the following:

Conducting research on the following topics in verifiable, coercion resistant voting systems:

Formal definitions of relevant properties such as verifiability, privacy, receipt-freeness and coercion resistance.

Modelling complex socio-technical systems, taking account of human aspects of security and trust.

Exploring quantum-safe algorithms and everlasting privacy for voting systems.

Coordinating research projects and delivering outputs

Collaborating with partners in the SURCVS project

Providing guidance to PhD and MSc students

Disseminating results through scientific publications

Closing date for applications: 20 July 2018

Contact: Peter.Ryan (at) uni.lu or Peter.Roenne (at) uni.lu.

More information: http://emea3.mrted.ly/1vjs5

The Information Assurance Platform (IAP) is distributed ledger technology enabled platform that provides tools for building and enhancing cybersecurity applications. The company has raised investment capital.

This position is available full time or part time, on a work remotely basis (telecommuting).

The position is focused on computational integrity and privacy systems for providing tools to enhance corporate and organisational transparency with data privacy and confidentiality.

Applicants should be familiar with cutting edge scalable computational integrity and privacy research and other systems of CIP such as PCP, LPCP, MPC, KOE based systems, CLP, pairing based systems (KOE or otherwise), IP, IVC, and the state of the art including zero knowledge proofs as applicable.

The position is not required to invent, recreate or improve existing cryptography; rather, to research, understand, explain and translate, and knowledge transfer to other positions within the company for practical use in applications.

All applicants are welcome.

Closing date for applications: 30 December 2018

Contact: Please share your professional details to team [at] iap.network. All information held in strictest confidence.

More information: https://iap.network

Dual receiver encryption (DRE), proposed by Diament et al. at ACM CCS 2004, is a special extension notion of public-key encryption, which enables two independent receivers to decrypt a ciphertext into a same plaintext. This primitive is quite useful in designing combined public key cryptosystems and denial of service attack-resilient protocols. Up till now, a series of DRE schemes are constructed from bilinear pairing groups and lattices. In this work, we introduce a construction of lattice-based DRE. Our scheme is indistinguishable against chosen-ciphertext attacks (IND-CCA) from the standard Learning with Errors (LWE) assumption with a public key of bit-size about $2nm\log q$, where $m$ and $q$ are small polynomials in $n$. Additionally, for the DRE notion in the identity-based setting, identity-based DRE (IB-DRE), we also give a lattice-based IB-DRE scheme that achieves chosen-plaintext and adaptively chosen identity security based on the LWE assumption with public parameter size about $(2\ell +1)nm\log q$, where $\ell$ is the bit-size of the identity in the scheme.

At Indocrypt 2016, Ashur et al. showed that linear hulls are sometimes formed in a single round of a cipher (exemplifying on Simon ciphers) and showed that the success rate of an attack may be influenced by the quality of the estimation of one-round correlations. This paper improves the understanding regarding one-round linear hulls and trails, being dedicated to the study of one-round linear hulls of the DES cipher, more exactly of its $f$-function. It shows that, in the case of DES, the existence of one-round hulls is related to the number of active Sboxes and its correlation depends on a fixed set of key bits. All the ideas presented in this paper are followed by examples and are verified experimentally.

Event date: 16 September to 21 September 2018

Event date: 17 June to 20 June 2019
Submission deadline: 28 February 2019

Event date: 4 December to 7 December 2018
Submission deadline: 30 June 2018
Notification: 15 August 2018