IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
22 July 2018
University of Luxembourg/ Centre for Security and Trust
The Applied Security and Information Assurance (APSIA) is seeking to recruit a highly motivated post-doc with a strong research profile to complement and strengthen the group’s existing expertise. Applications from candidates with expertise in the core areas of the group are welcome, but consideration will also be given to candidates with expertise that would extend our expertise, for example: post-quantum security, FinTech and Distributed Ledger Technologies.
The APSIA team, led by Prof. Peter Y. A. Ryan, is part of the SnT and is a dynamic and growing research group, some 20 strong, performing cutting edge research in information assurance, cryptography, and privacy. The group specializes in the mathematical modelling of security mechanisms and systems, especially crypto protocols (classical and quantum), and socio-technical systems. The group is particularly strong in verifiable voting systems.
For further information you may check: www.securityandtrust.lu and https://wwwen.uni.lu/snt/research/apsia.
Research Associates (Postdocs) in Information Assurance (M/F)
Ref: 50013420 (R-STR-5004-00-B)
Fixed Term Contract 2 years (CDD), full-time position (40 hrs/week),
Number of positions: 1
Start day: Summer\\autumn 2018 upon agreement.
Your Role
The successful candidate will contribute to the research goals of the APSIA group. The APSIA Group specializes in the design and analysis of secure systems:
Cryptographic Protocols (classical and quantum)
Cryptographic Algorithms and Primitives
Verifiable Voting Schemes
Socio-Technical Analysis of Security
Privacy Enhancing Technologies
Closing date for applications: 17 August 2018
Contact: P Y A Ryan
Peter.Ryan (at) uni.lu.
More information: http://emea3.mrted.ly/1wfwn
Ruhr University Bochum
• Implementation of security architectures in hardware and software
• Technologies and countermeasures against microarchitectural attacks
• Security-oriented software compilation
• Tools and frameworks for secure hardware implementations
• Applied and Post-Quantum Cryptography
If you would describe yourself highly motivated, knowledgeable in security and willing to perform creative and deep research, please consider this job opening. You have a degree in IT-security, computer science, electronics or applied mathematics. Prior experience in low-level programming, code analysis, cryptography and/or machine learning are an asset. Publications at relevant conferences such as USENIX Security, CCS, S&P, CHES, CRYPTO, EUROCRYPT are expected.
Please provide a resume, transcripts, a motivational statement and contact information of at least two references.
Closing date for applications: 10 August 2018
Contact: Tim Güneysu tim.gueneysu (at) rub.de
More information: https://www.stellenwerk-bochum.de/
21 July 2018
1 October 2018
Submission deadline: 1 October 2018
Notification: 15 December 2018
19 July 2018
Junichi Tomida, Katsuyuki Takashima
Maliheh Shirvanian, Stanislaw Jarecki, Hugo Krawczyk, Nitesh Saxena
In this paper, we introduce a novel approach to password management, called SPHINX, which remains secure even when the password manager itself has been compromised. In SPHINX the information stored on the device is information theoretically independent of the user's master password --- an attacker breaking into the device learns no information about the master password or the user's site-specific passwords. Moreover, an attacker with full control of the device, even at the time the user interacts with it, learns nothing about the master password --- the password is not entered into the device in plaintext form or in any other way that may leak information on it. Unlike existing managers, SPHINX produces strictly high-entropy passwords and makes it compulsory for the users to register these randomized passwords with the web services, hence fully defeating offline dictionary attack upon service compromise. The design and security of SPHINX is based on the device-enhanced PAKE model of Jarecki et al. that provides the theoretical basis for this construction and is backed by rigorous cryptographic proofs of security.
While SPHINX is suitable for different device and online platforms, in this paper, we report on its concrete instantiation on smartphones given their popularity and trustworthiness as password managers (or even two-factor authentication). We present the design, implementation and performance evaluation of SPHINX, offering prototype browser plugins, smartphone apps and transparent device-client communication. Based on our inspection analysis, the overall user experience of SPHINX improves upon current managers. We also report on a lab-based usability study of SPHINX, which indicates that users' perception of SPHINX security and usability is high and satisfactory when compared to regular password-based authentication. Finally, we discuss how SPHINX may be extended to an online service for the purpose of back-up or as an independent password manager.
Kimmo Järvinen, Ágnes Kiss, Thomas Schneider, Oleksandr Tkachenko, Zheng Yang
In this work, we address this issue by designing, implementing, and evaluating multiple algorithms for Privacy-Preserving Location Proximity (PPLP) that are based on different secure computation protocols. Our PPLP protocols are well-suited for different scenarios: for saving bandwidth, energy/computational power, or for faster runtimes. Furthermore, our algorithms have runtimes of a few milliseconds to hundreds of milliseconds and bandwidth of hundreds of bytes to one megabyte. In addition, the computationally most expensive parts of the PPLP computation can be precomputed in our protocols, such that the input-dependent online phase runs in just a few milliseconds.
Bernhard Jungk, Richard Petri, Marc Stöttinger
Diana Maimut, George Teseleanu
The scope our paper is to provide an insight on how to obtain secure configurations of the Grain family of stream ciphers. We propose different variants for Grain and analyze their security with respect to slide attacks. More precisely, as various attacks against initialization algorithms of Grain were discussed in the literature, we study the security impact of various parameters which may influence the LFSR's initialization scheme.
Howard Wu, Wenting Zheng, Alessandro Chiesa, Raluca Ada Popa, Ion Stoica
Unfortunately, the existing systems for generating such proofs are very expensive, especially in terms of memory overhead. Worse yet, these systems are "monolithic", so they are limited by the memory resources of a single machine. This severely limits their practical applicability.
We describe DIZK, a system that *distributes* the generation of a zero knowledge proof across machines in a compute cluster. Using a set of new techniques, we show that DIZK scales to computations of up to billions of logical gates (100x larger than prior art) at a cost of 10$\mu$s per gate (100x faster than prior art). We then use DIZK to study various security applications.
18 July 2018
Shiva Prasad Kasiviswanathan, Adam Smith
Zilong Wang, Honggang Hu
Ralph Ankele, Stefan Kölbl
In this paper, we consider exactly the gap between these two approaches and investigate this gap in the context of recent lightweight cryptographic primitives. This shows that for many recent designs like Midori, Skinny or Sparx one has to be careful as bounds from counting the number of active S-boxes only give an inaccurate evaluation of the best differential distinguishers. For several designs we found new differential distinguishers and show how this gap evolves. We found an 8-round differential distinguisher for Skinny-64 with a probability of $2^{-56.93}$, while the best single characteristic only suggests a probability of $2^{-72}$. Our approach is integrated into publicly available tools and can easily be used when developing new cryptographic primitives.
Moreover, as differential cryptanalysis is critically dependent on the distribution over the keys for the probability of differentials, we provide experiments for some of these new differentials found, in order to confirm that our estimates for the probability are correct. While for Skinny-64 the distribution over the keys follows a Poisson distribution, as one would expect, we noticed that Speck-64 follows a bimodal distribution, and the distribution of Midori-64 suggests a large class of weak keys.
Zahra Eskandari, Andreas Brasen Kidmose, Stefan Kölbl, Tyge Tiessen
We provide several new or improved bit-based division property distinguishers for ChaCha, Chaskey, DES, GIFT, LBlock, Mantis, Qarma, RoadRunner, Salsa and SM4. Furthermore, we present an algorithm to find distinguishers with lower data complexity more efficiently.
17 July 2018
Joppe W. Bos, Simon Friedberger, Marco Martinoli, Elisabeth Oswald, Martijn Stam
James Howe, Tobias Oder, Markus Krausz, Tim Güneysu
Sven Heiberg, Ivo Kubjas, Janno Siim, Jan Willemson
Ethan Cecchetti, Ian Miers, Ari Juels
We introduce and formalize the notion of a a public incompressible encoding (PIE), a tool that allows for file-replication proofs in this public setting. A PIE enables public verification that a server is (nearly) entirely storing a replicated encoding $G$ of a target file $F$, and has not deduplicated or otherwise compressed $G$ to save storage. In a DSN with monetary rewards or penalties, a PIE helps ensure that an economically rational server is incentivized to store $G$ and thus replicate $F$ honestly.
We present a specific PIE based on a novel graph construction, called a Dagwood Sandwich Graph (DSaG), that includes long paths even when an adversary selectively discards edges. This PIE ensures that a cheating server must perform a large (and completely tunable) number of costly sequential cryptographic operations to recover any blocks of $G$ it chooses to discard. By periodically challenging the server to return randomly selected blocks of $G$ and timing the responses, the DSN can thus verify that a server is storing $G$ intact.
We prove the security of our PIE construction and present performance evaluations demonstrating that it is efficient in practice---empirically within a factor of 6.2 of optimal by one metric. Our proposed PIE offers a valuable basic tool for building DSNs, such as the proposed Filecoin system, as well as for other challenging file-storage needs in public settings. PIEs also meet the critical security requirements for such applications: they preclude demonstrated attacks involving parallelism and acceleration via ASICs and other custom hardware.