International Association
for Cryptologic Research

Applications are invited for the post of Professor to join our community and help us lead and develop our research and teaching in the areas of Applied Cybersecurity and/or Security Analytics within our Centre for Secure Information Technologies (www.csit.qub.ac.uk) as we seek to make a positive contribution to the global technical challenges of our age.

Our Centre is host to the UK Research Institute in Secure Hardware and Embedded Systems (RISE: www.ukrise.org) and is recognised by NCSC as an Academic Centre of Excellence (ACE) in Cyber Security Research.

We are after a passionate and motivated academic with leadership experience in the areas of Cloud/Network Security, Hardware/Software Security and/or Security Analytics. We are particularly interested if you have a credible track record of technology transfer and delivering impact from your research. In return, you will have access to outstanding teaching and research facilities and opportunities to work with vibrant engineering and commercial teams to translate your research into impact.

We are seeking candidates with research experience (commensurate with career stage) in one or more of the following areas:

• Cloud/Network Security: security and privacy of cloud computing, application layer DDoS detection/mitigation, Web Application Firewall (WAF), network/cloud intrusion detection/prevention, malware and security models for trusted execution on the cloud.

• Software Security: Security protocol and crypto algorithm implementation, instruction set extensions for crypto, software analysis, and/or software vulnerability detection.

• Hardware Security: Micro-architectural security, SCA, Hardware Trojans, or PUF.

• Security Analytics: AI for Cybersecurity intelligence automation and threat response automation (data-fusion); or AI technologies for cyber-social-physical security. Including deep learning, particularly adversarial, graph mining, and reasoning with uncertainty.

Closing date for applications: 22 November 2018

Contact: Professor Máire O\'Neill, Email: m.oneill (at) ecit.qub.ac.uk

More information: https://hrwebapp.qub.ac.uk/tlive_webrecruitment/wrd/run/ETREC107GF.open?VACANCY_ID=862841AHAI&WVID=6273090Lgx&LANG=USA

Applications are invited for both entry level and senior academic posts to join our community and help us lead and develop our research and teaching in the areas of Applied Cybersecurity and/or Security Analytics within our Centre for Secure Information Technologies (www.csit.qub.ac.uk) as we seek to make a positive contribution to the global technical challenges of our age.

Our Centre is host to the UK Research Institute in Secure Hardware and Embedded Systems (RISE: www.ukrise.org) and is recognised by NCSC as an Academic Centre of Excellence (ACE) in Cyber Security Research.

We are looking for passionate and motivated academics with experience in Cloud/Network Security, Hardware/Software Security and/or Security Analytics. We seek candidates who are interested in delivering impact from their research and have a record of technology transfer appropriate to career stage. In return, you will have access to outstanding teaching and research facilities and opportunities to work with vibrant engineering and commercial teams to translate your research into impact.

More specifically, we are seeking candidates with research experience (commensurate with career stage) in one or more of the following areas:

• Cloud/Network Security: security and privacy of cloud computing, application layer DDoS detection/mitigation, Web Application Firewall (WAF), network/cloud intrusion detection/prevention, malware and security models for trusted execution on the cloud.

• Software Security: Security protocol and crypto algorithm implementation, instruction set extensions for crypto, software analysis, and/or software vulnerability detection.

• Hardware Security: Micro-architectural security, SCA, Hardware Trojans, or PUF.

• Security Analytics: AI for Cybersecurity intelligence automation and threat response automation (data-fusion); or AI technologies for cyber-social-physical security. Including deep learning, particularly adversarial, graph mining, and reasoning with uncertainty.

Closing date for applications: 22 November 2018

Contact: Professor Máire O\'Neill, Email:m.oneill (at) ecit.qub.ac.uk

More information: https://hrwebapp.qub.ac.uk/tlive_webrecruitment/wrd/run/ETREC107GF.open?VACANCY_ID=411772AHKd&WVID=6273090Lgx&LANG=USA

Applications are invited for a Post-Doctoral Research Fellow position to conduct research into the design and implementation of practical, robust and physically secure post-quantum cryptographic architectures. The research will be conducted as part of a collaborative project led by Toshiba Research Europe Limited.

Applicants must have at least a 2:1 Honours Degree in Electrical and Electronics Engineering, Computer Science, Mathematics or closely related discipline and a PhD, or expect, within 6 months, to obtain a PhD, in a relevant subject. At least 3 years relevant research experience in one or more of the following is essential: embedded systems design; FPGA or ASIC hardware design; integrated hardware/software design. Evidence of a strong publication record commensurate with career stage and experience is also essential.

Closing date for applications: 7 November 2018

Contact: Maire O\'Neill

More information: https://www.qub.ac.uk/sites/QUBJobVacancies/ResearchJobs/

The candidate should be interested to conduct research in the area of IoT Based Security Solutions. He/she should have interest and expertise in using various IoT based simulation tools, familiarity with various data analysis and machine learning technology and tools, experience with using virtual machine and cloud computing. The candidate should have excellent communication and writing skills. You would work within a multi-disciplinary team in the Department of Electronics, Computing and Mathematics at the University of Derby with expertise in both the mathematics and computing aspects of this challenge.

Closing date for applications: 18 November 2018

More information: https://www.derby.ac.uk/research/degrees/applicants/studentship-and-funding-opportunities/et-phd-studentship---iot-solut

Recently, Chotard et al. proposed a variant of functional encryption for Inner Product, where several parties can independently encrypt inputs, for a specific time-period or label, such that functional decryption keys exactly reveal the aggregations for the specific functions they are associated with. This was introduced as Multi-Client Functional Encryption (MCFE). In addition, they formalized a Decentralized version (DMCFE), where all the clients must agree and contribute to generate the functional decryption keys: there is no need of central authority anymore, and the key generation process is non-interactive between the clients. Eventually, they designed concrete constructions, for both the centralized and decentralized settings, for the inner-product function family. Unfortunately, there were a few limitations for practical use, in the security model: (1) the clients were assumed not to encrypt two messages under the same label. Then, nothing was known about the security when this restriction was not satisfied; (2) more dramatically, the adversary was assumed to ask for the ciphertexts coming from all the clients or none, for a given label. In case of partial ciphertexts, nothing was known about the security either. In this paper, our contributions are three-fold: we describe two conversions that enhance any MCFE or DMCFE for Inner Product secure in their security model to (1) handle repetitions under the same label and (2) deal with partial ciphertexts. In addition, these conversions can be applied sequentially in any order. The latter conversion exploits a new tool, which we call Secret Sharing Layer (SSL). Eventually, we propose a new efficient technique to generate the functional decryption keys in a decentralized way, in the case of Inner Product, solely relying on plain DDH, as opposed to prior work of Chotard et al. which relies on pairings. As a consequence, from the weak MCFE for Inner Product proposed by Chotard et al., one can obtain an efficient Decentralized MCFE for Inner Product that handles repetitions and partial ciphertexts. Keywords. Functional Encryption, Inner Product, Multi-Client, Decentralized.

The notion of non-interactive secure computation (NISC) first introduced in the work of Ishai et al. [EUROCRYPT 2011] studies the following problem: Suppose a receiver R wishes to publish an encryption of her secret input y so that any sender S with input x can then send a message m that reveals f(x,y) to R (for some function f). Here, m can be viewed as an encryption of f(x,y) that can be decrypted by R. NISC requires security against both malicious senders and receivers, and also requires the receiver's message to be reusable across multiple computations (w.r.t. a fixed input of the receiver).

All previous solutions to this problem necessarily rely upon OT (or specific number-theoretic assumptions) even in the common reference string model or the random oracle model or to achieve weaker notions of security such as super-polynomial-time simulation.

In this work, we construct a NISC protocol based on the minimal assumption of one way functions, in the stateless hardware token model. Our construction achieves UC security and requires a single token sent by the receiver to the sender.

Machine learning and group testing are quite useful methods for many different fields such as finance, banks, biology, medicine, etc. These application domains use quite sensitive data, and huge amounts of data. As a consequence, one would like to be able to both privately and efficiently compute on big data. While fully homomorphic encryption can be seen as a very powerful tool for such a task, it might not be efficient enough, and namely because of the very large ciphertexts. In addition, the result being encrypted, efficient distributed decryption is important to control who can get the information. For our applications, we first remark that 2-DNF formulae evaluation is enough, but efficient multiparty decryption is still required to guarantee privacy. Boneh-Goh-Nissim proposed a nice encryption scheme that supports additions, one multiplication layer, and additions, by using a bilinear map on a composite-order group: this is perfectly suited for 2-DNF formulae evaluation. However, computations on such elliptic curves with composite order turned out to be quite inefficient, and namely when multi-party decryption is required. Fortunately, Freeman proposed a generalization, based on prime-order groups, with the same properties, but better efficiency. Whereas the BGN cryptosystem relies on integer factoring for the trapdoor in the composite-order group, and thus possesses one public/secret key only, our first contribution is to show how the Freeman cryptosystem can handle multiple users with one general setup that just needs to define a pairing-based algebraic structure. Users’ keys are efficient to generate and can also support efficient multi-party decryption, without a trusted server, hence in a fully decentralized setting. Fortunately, it helps to efficiently address some machine learning models and the group testing on encrypted data, without central authority.

In this paper we optimize multiplication of polynomials in $\mathbb{Z}_{2^m}[x]$ on the ARM Cortex-M4 microprocessor. We use these optimized multiplication routines to speed up the NIST post-quantum candidates RLizard, NTRU-HRSS, NTRUEncrypt, Saber, and Kindi. For most of those schemes the only previous implementation that executes on the Cortex-M4 is the reference implementation submitted to NIST; for some of those schemes our optimized software is more than factor of 20 faster. One of the schemes, namely Saber, has been optimized on the Cortex-M4 in a CHES 2018 paper; the multiplication routine for Saber we present here outperforms the multiplication from that paper by 37%, yielding speedups of 17% for key generation, 15% for encapsulation and 18% for decapsulation. Out of the five schemes optimized in this paper, the best performance for encapsulation and decapsulation is achieved by NTRU-HRSS. Specifically, encapsulation takes just over 430 000 cycles, which is more than twice as fast as for any other NIST candidate that has previously been optimized on the ARM Cortex-M4.

Recently there has been a significant progress on the tower number field sieve (TNFS) method, reducing the complexity of the discrete logarithm problem (DLP) in finite field extensions of composite degree. These new variants of the TNFS attacks have a major impact on pairing-based cryptography and particularly on the selection of the underlying elliptic curve groups and extension fields. In this paper we revise the criteria for selecting pairing-friendly elliptic curves considering these new TNFS attacks in finite extensions of composite embedding degree. Additionally we update the criteria for finite extensions of prime degree in order to meet today’s security requirements.

In this paper, we focus on the design of a novel authentication protocol that preserves the privacy of embedded devices. A Physically Unclonable Function (PUF) generates challenge-response pairs that form the source of authenticity between a server and multiple devices. We rely on Authenticated Encryption (AE) for confidentiality, integrity and authenticity of the messages. A challenge updating mechanism combined with an authenticate-before-identify strategy is used to provide privacy. The major advantage of the proposed method is that no shared secrets need to be stored into the device’s non-volatile memory. We design a protocol that supports server authenticity, device authenticity, device privacy, and memory disclosure. Following, we prove that the protocol is secure, and forward and backward privacy-preserving via game transformations. Moreover, a proof of concept is presented that uses a 3-1 Double Arbiter PUF, a concatenation of repetition and BCH error-correcting codes, and the AE-scheme Ketje. We show that our device implementation utilizes 8,305 LUTs on a 28 nm Xilinx Zynq XC7Z020 System on Chip (SoC) and takes only 0.63 ms to perform an authentication operation.

We construct efficient non-malleable codes (NMC) that are (computationally) secure against tampering by functions computable in any fixed polynomial time. Our construction is in the plain (no-CRS) model and requires the assumptions that (1) $\mathbf{E}$ is hard for $\mathbf{NP}$ circuits of some exponential $2^{\beta n}$ ($\beta>0$) size (widely used in the derandomization literature), (2) sub-exponential trapdoor permutations exist, and (3) $\mathbf{P}$ certificates with sub-exponential soundness exist.

While it is impossible to construct NMC secure against arbitrary polynomial-time tampering (Dziembowski, Pietrzak, Wichs, ICS '10), the existence of NMC secure against $O(n^c)$-time tampering functions (for any fixed $c$), was shown (Cheraghchi and Guruswami, ITCS '14) via a probabilistic construction. An explicit construction was given (Faust, Mukherjee, Venturi, Wichs, Eurocrypt '14) assuming an untamperable CRS with length longer than the runtime of the tampering function. In this work, we show that under computational assumptions, we can bypass these limitations. Specifically, under the assumptions listed above, we obtain non-malleable codes in the plain model against $O(n^c)$-time tampering functions (for any fixed $c$), with codeword length independent of the tampering time bound.

Our new construction of NMC draws a connection with non-interactive non-malleable commitments. In fact, we show that in the NMC setting, it suffices to have a much weaker notion called quasi non-malleable commitments---these are non-interactive, non-malleable commitments in the plain model, in which the adversary runs in $O(n^c)$-time, whereas the honest parties may run in longer (polynomial) time. We then construct a 4-tag quasi non-malleable commitment from any sub-exponential OWF and the assumption that $\mathbf{E}$ is hard for some exponential size $\mathbf{NP}$-circuits, and use tag amplification techniques to support an exponential number of tags.

Bilinear pairings on elliptic curves are an active research field in cryptography. First cryptographic protocols based on bilinear pairings were proposed by the year 2000 and they are promising solutions to security concerns in different domains, as in Pervasive Computing and Cloud Computing. The computation of bilinear pairings that relies on arithmetic over finite fields is the most time-consuming in Pairing-based cryptosystems. That has motivated the research on efficient hardware architectures that improve the performance of security protocols. In the literature, several works have focused in the design of custom hardware architectures for pairings, however, flexible designs provide advantages due to the fact that there are several types of pairings and algorithms to compute them. This work presents the design and implementation of a novel programmable cryptoprocessor for computing bilinear pairings over binary fields in FPGAs, which is able to support different pairing algorithms and parameters as the elliptic curve, the tower field and the distortion map. The results show that high flexibility is achieved by the proposed cryptoprocessor at a competitive timing and area usage when it is compared to custom designs for pairings defined over singular/supersingular elliptic curves at a 128-bit security level.

The dramatic increase of data breaches in modern computing platforms has emphasized that access control is not sufficient to protect sensitive user data. Even in the case of honest parties, unknown software/hardware vulnerabilities and side-channels can enable data leakage, leading to the conclusion that as long as data exists decrypted, it can be leaked. Fortunately, recent advances on cryptographic schemes allow end-to-end processing of encrypted data, without any need for decryption. However, besides the reported impractical overheads, such schemes are particularly hard to use by non-crypto-savvy users, which further inhibits their applicability. In this work, we propose the first usability-oriented framework that enables programmers to incorporate comprehensive privacy protections in their programs, by automatically protecting user-annotated variables using encryption. As a proof of concept and without loss of generality, our E$^3$ framework incorporates three state-of-the-art FHE libraries. In our evaluation, we validate the usability of E$^3$ by employing various benchmarks written in C++, and directly compare the overhead of the core FHE libraries in terms of runtime performance, as well as memory and storage requirements. While FHE is used as a base study, E$^3$ can be used as the base for performance comparison of any encrypted computation methodology.

This note defines Kravatte-SANE and Kravatte-SANSE. Both are session authenticated encryption schemes and differ in their robustness with respect to nonce misuse. They are defined as instances of modes on top of the deck function Kravatte, where a deck function is a keyed function with variable-length input strings, an arbitrary-length output and certain incrementality properties.

NYUAD invites applications for a faculty position in Computer Science at the rank of associate professor or professor, each with tenure. Faculty in the Program in Computer Science contribute to the multidisciplinary research at NYU Abu Dhabi that is a hallmark of the institution’s mission, currently working with faculty from other programs in areas that include cyber-security, natural language processing, music, and data science.

Applicants from all areas of computer science are welcome to apply. However, specific areas of research interest include: (1) data science, with interest in interactive data analytics, big data systems and distributed systems, and database systems; (2) cyber-security, with experience building and deploying large-scale security solutions in the real world that focus on systems security, network security, privacy, cryptography, and formal methods; (3) artificial intelligence, with experience in machine learning research agendas, from statistical models to neural networks or research broadly applicable to language, robotics and imaging; and (4) bioinformatics and synthetic biology.

To obtain further information about research at NYU Abu Dhabi, visit http://nyuad.nyu.edu/en/research/faculty-research.html

To be considered, applicants should submit a complete curriculum vitae, statements of teaching and research interests that should not exceed three pages each, and no more than three representative publications. Applicants should also arrange for the submission of three letters of reference on their behalf, in PDF format.

To apply visit https://apply.interfolio.com/47185

If you have any questions, please e-mail nyuad.science (at) nyu.edu

Appointments can begin as soon as September 1, 2019, but later start dates are possible.

The University is an equal opportunity employer committed to equity, diversity and social inclusion.

Closing date for applications: 1 February 2019

Contact: Tasso Feldman

More information: https://apply.interfolio.com/47185

NYUAD invites applications for a faculty position in Computer Science at the rank of assistant professor, tenure track. Faculty in the Program in Computer Science contribute to the multidisciplinary research at NYU Abu Dhabi that is a hallmark of the institution’s mission, currently working with faculty from other programs in areas that include cyber-security, natural language processing, music, and data science.

Applicants from all areas of computer science are welcome to apply. However, specific areas of research interest include: (1) data science, with interest in interactive data analytics, big data systems and distributed systems, and database systems; (2) cyber-security, with experience building and deploying large-scale security solutions in the real world that focus on systems security, network security, privacy, cryptography, and formal methods; (3) artificial intelligence, with experience in machine learning research agendas, from statistical models to neural networks or research broadly applicable to language, robotics and imaging; and (4) bioinformatics and synthetic biology.

To obtain further information about research at NYU Abu Dhabi, visit http://nyuad.nyu.edu/en/research/faculty-research.html

To be considered, applicants should submit a complete curriculum vitae, statements of teaching and research interests that should not exceed three pages each, and no more than three representative publications. Applicants should also arrange for the submission of three letters of reference on their behalf, in PDF format. For full consideration, complete applications must be received by November 15, 2018.

To apply visit https://apply.interfolio.com/52873

If you have any questions, please e-mail nyuad.science (at) nyu.edu

Appointments can begin as soon as September 1, 2019, but later start dates are possible.

The University is an equal opportunity employer committed to equity, diversity and social inclusion.

Closing date for applications: 15 November 2018

Contact: Tasso Feldman

More information: https://apply.interfolio.com/52873

We are hiring two postdocs to work on (acoustic) side channels, automotive security or cybercrime at Linköping University, Sweden.

Candidates with solid backgrounds in security or applied crypto are welcome to apply.

PI google scholar profile: https://scholar.google.com/citations?hl=en&user=rYhiAEUAAAAJ&view_op=list_works&sortby=pubdate

Closing date for applications: 10 December 2018

Contact: Prof Jeff Yan (jeff.yan (at) liu.se)

We give the first practical instance – BISON – of the Whitened Swap-Or-Not construction. After clarifying inherent limitations of the construction, we point out that this way of building block ciphers allows easy and very strong arguments against differential attacks.

In a (t_1,...,t_l)-multi-secret sharing scheme (MSSS), l independent secrets s_1,...,s_l are shared with n parties in such a way that at least t_i parties are required to recover the secret s_i (while s_i remains hidden with fewer shares). We consider the problem of minimizing the share size of MSSS in the challenging setting when there are many secrets to be shared among many parties. To circumvent the information-theoretic lower bound (e.g., Blundo [4]), we focus on the computational setting. A simple generalization of computational secret sharing (Krawczyk [17]) to multi-secret sharing yields a scheme with share size/overhead scaling linearly in l, the total number of secrets. To beat this linear scaling, we consider constructing MSSS based on a related notion of encryption|dynamic threshold public key encryption (DTPKE)|that enables a sender to dynamically specify a threshold for each ciphertext. None of the existing DTPKE is well-suited for our purpose. Thus, we propose a new construction of a dynamic threshold public key encryption scheme with improved efficiency characteristics. We then give a recursive application of our construction that yields an efficient MSSS with share size only logarithmic in the number of secrets (thuseffectively O(log l) as in the common cases, where l and n are polynomially related). Finally, we describe an application of our space efficient (1,2,...,n-1)-MSSS to a special tool called gradual verifiable secret sharing which is the fundamental building block for general multiparty computation (MPC) with n players that provides fairness without honest majority.

Lattice based cryptography is one of the leading candidates of the post quantum cryptography. A major obstacle of deployment, though, is that its payload is relatively larger than the classical solutions, such as elliptic curve Diffie-Hellman. In this paper, we investigate the approach of reducing the key size and ciphertext size by decreasing the size of the modulus, and propose the first instantiation to the family of ring learning with error based solutions where the modulus is at a byte level. The main technical contributions of this paper are around the implementation side of the algorithms. With the use of large-block error correction code, we are able to propose parameter sets with small moduli while achieving a negligible decryption error rate. We investigate best known attacks, and give a concrete security estimation of the proposed parameter sets. Since our parameter sets are no longer compatible with number theoretic transform (NTT), we also present optimizations for ring multiplications. As a result, our scheme is more compact and nearly as efficient as popular solutions in this domain, such as NewHope and Kyber.