International Association
for Cryptologic Research

Non-malleable codes were introduced by Dziembowski, Pietrzak, and Wichs (JACM 2018) as a generalization of standard error correcting codes to handle severe forms of tampering on codewords. This notion has attracted a lot of recent research, resulting in various explicit constructions, which have found applications in tamper-resilient cryptography and connections to other pseudorandom objects in theoretical computer science.

We continue the line of investigation on explicit constructions of non-malleable codes in the information theoretic setting, and give explicit constructions for several new classes of tampering functions. These classes strictly generalize several previously studied classes of tampering functions, and in particular extend the well studied split-state model which is a "compartmentalized" model in the sense that the codeword is partitioned a prior into disjoint intervals for tampering. Specifically, we give explicit non-malleable codes for the following classes of tampering functions.

(1) Interleaved split-state tampering: Here the codeword is partitioned in an unknown way by an adversary, and then tampered with by a split-state tampering function.

(2) Linear function composed with split-state tampering: In this model, the codeword is first tampered with by a split-state adversary, and then the whole tampered codeword is further tampered with by a linear function. In fact our results are stronger, and we can handle linear function composed with interleaved split-state tampering.

(3) Bounded communication split-state tampering: In this model, the two split-state tampering adversaries are allowed to participate in a communication protocol with a bounded communication budget. Our results are the first explicit constructions of non-malleable codes in any of these tampering models. We derive all these results from explicit constructions of seedless non-malleable extractors, which we believe are of independent interest. Using our techniques, we also give an improved seedless extractor for an unknown interleaving of two independent sources.

We initiate the study of partial key exposure in ring-LWE-based cryptosystems. Specifically, we

- Introduce the search and decision Leaky-RLWE assumptions (Leaky-SRLWE, Leaky-DRLWE), to formalize the hardness of search/decision RLWE under leakage of some fraction of coordinates of the NTT transform of the RLWE secret and/or error.

- Present and implement an efficient key exposure attack that, given certain $1/4$-fraction of the coordinates of the NTT transform of the RLWE secret, along with RLWE instances, recovers the full RLWE secret for standard parameter settings.

- Present a search-to-decision reduction for Leaky-RLWE for certain types of key exposure.

- Analyze the security of NewHope key exchange under partial key exposure of $1/8$-fraction of the secrets and error.

We show that, assuming that Leaky-DRLWE is hard for these parameters, the shared key $v$ (which is then hashed using a random oracle) is computationally indistinguishable from a random variable with average min-entropy $238$, conditioned on transcript and leakage, whereas without leakage the min-entropy is $256$.

At Crypto 2016, Kaplan et al. proposed the first quantum exponential acceleration of a classical symmetric cryptanalysis technique: they showed that, in the superposition query model, Simon's algorithm could be applied to accelerate the slide attack on the alternate-key cipher. This allows to recover an n-bit key with O(n) quantum time and queries.

In this paper we propose many other types of quantum slide attacks. First, we are able to quantize classical advanced slide attacks on Feistel networks. With modular additions inside branch or key-addition operations, these attacks reach up to two round self-similarity. With only XOR operations, they reach up to four rounds self-similarity, with a cost at most quadratic in the block size.

Moreover, some of these variants combined with whitening keys (FX construction) can be successfully attacked. We show how these results relate to general quantization principles of classical techniques including sliding with a twist, complementation slide and mirror slidex.

Furthermore, we show that some quantum slide attacks can be composed with other quantum attacks to perform efficient key-recoveries even when the round founction is a strong function classically.

Finally, we analyze the case of quantum slide attacks exploiting cycle-finding, that were thought to enjoy an exponential speed up in a paper by Bar-On et al. in 2015, where these attacks were introduced. We show that the speed-up is smaller than expected and less impressive than the above variants, but nevertheless provide improved complexities on the previous known quantum attacks in the superposition model for some self-similar SPN and Feistel constructions.

Since the celebrated work of Impagliazzo and Rudich (STOC 1989), a number of black-box impossibility results have been established. However, these works only ruled out classical black-box reductions among cryptographic primitives. Therefore it may be possible to overcome these impossibility results by using quantum reductions. To exclude such a possibility, we have to extend these impossibility results to the quantum setting. In this paper, we initiate the study of black-box impossibility in the quantum setting. We first formalize a quantum counterpart of fully-black-box reduction following the formalization by Reingold, Trevisan and Vadhan (TCC 2004). Then we prove that there is no quantum fully-black-box reduction from collision-resistant hash function to one-way permutation (or even trapdoor permutation). This is an extension to the quantum setting of the work of Simon (Eurocrypt 1998) who showed a similar result in the classical setting.

Homomorphic secret sharing (HSS) allows $n$ clients to secret-share data to $m$ servers, who can then homomorphically evaluate public functions over the shares. A natural application is outsourced computation over private data. In this work, we present the first plain-model homomorphic secret sharing scheme that supports the evaluation of polynomials with degree higher than 2. Our construction relies on any degree-$k$ (multi-key) homomorphic encryption scheme and can evaluate degree-$\left( (k+1)m -1 \right)$ polynomials, for any polynomial number of inputs $n$ and any sub-logarithmic (in the security parameter) number of servers $m$. At the heart of our work is a series of combinatorial arguments on how a polynomial can be split into several low-degree polynomials over the shares of the inputs, which we believe is of independent interest.

Similar to digital circuits, analog and mixed-signal (AMS) circuits are also susceptible to supply-chain attacks such as piracy, overproduction, and Trojan insertion. However, unlike digital circuits, supply-chain security of AMS circuits is less explored. In this work, we propose to perform “logic locking” on digital section of the AMS circuits. The idea is to make the analog design intentionally suffer from the effects of process variations, which impede the operation of the circuit. Only on applying the correct key, the effect of process variations are mitigated, and the analog circuit performs as desired. We provide the theoretical guarantees of the security of the circuit, and along with simulation results for the band-pass filter, low-noise amplifier, and low-dropout regulator, we also show experimental results of our technique on a band-pass filter.

A large number of studies on passwords make use of passwords leaked by attackers who compromised online services. Frequently, these leaks contain only the passwords themselves, or basic information such as usernames or email addresses. While metadata-rich leaks exist, they are often limited in the variety of demographics they cover.

In this work, we analyze a meta-data rich data leak from a Middle Eastern bank with a demographically-diverse user base. We provide an analysis of passwords created by groups of people of different cultural backgrounds, some of which are under-represented in existing data leaks, e.g., Arab, Filipino, Indian, and Pakistani.

The contributions provided by this work are many-fold. First, our results contribute to the existing body of knowledge regarding how users include personal information in their passwords. Second, we illustrate the differences that exist in how users from different cultural/linguistic backgrounds create passwords. Finally, we study the (empirical and theoretical) guessability of the dataset based on two attacker models, and show that a state of the art password strength estimator inflates the strength of passwords created by users from non-English speaking backgrounds. We improve its estimations by training it with contextually relevant information.

Scalability of distributed ledgers is a key adoption factor. As an alternative to blockchain-based protocols, directed acyclic graph (DAG) protocols are proposed with the intention to allow a higher volume of transactions to be processed. However, there is still limited understanding of the behaviour and security considerations of DAG-based systems. We present an asynchronous, continuous time, and multi-agent simulation framework for DAG-based cryptocurrencies. We model honest and semi-honest actors in the system to analyse the behaviour of one specific cryptocurrency, IOTA. Our simulations show that the agents that have low latency and a high connection degree have a higher probability of having their transactions accepted in the network with honest and semi-honest strategies. Last, the simulator is built with extensibility in mind. We are in the process of implementing SPECTRE as well as including malicious agents.

Designing a secure and efficient handover authentication scheme has always been a concern of cellular networks especially in 4G Long Term Evolution (LTE) wireless networks. What makes their handover so complex, is the presence of different types of base stations namely eNodeB (eNB) and Home eNodeB (HeNB). In addition, they cannot directly communicate with each other. Recently, an efficient proxy signature-based handover authentication scheme has been suggested by Qui et al. Despite its better performance and security advantages than previous schemes, it suffers serious vulnerabilities, namely being prone to DoS attack , eNB impersonation attack and lack of perfect forward secrecy. In this paper, we propose an improved handover authentication scheme in LTE wireless networks that resists against such attacks. Further, we validate the security of the proposed scheme using Real-Or- Random (ROR) model and ProVerif analysis tool. The results confirm our security claims of the proposed scheme. In addition, the performance analysis shows that compared to other schemes, our proposed scheme is more efficient.

Event date: 18 May 2019
Submission deadline: 10 February 2019
Notification: 3 March 2019

Simultaneous Multithreading (SMT) architectures are attractive targets for side-channel enabled attackers, with their inherently broader attack surface that exposes more per physical core microarchitecture components than cross-core attacks. In this work, we explore SMT execution engine sharing as a side-channel leakage source. We target ports to stacks of execution units to create a high-resolution timing side-channel due to port contention, inherently stealthy since it does not depend on the memory subsystem like other cache or TLB based attacks. Implementing said channel on Intel Skylake and Kaby Lake architectures featuring Hyper-Threading, we mount and end-to-end attack that recovers a P-384 private key from an OpenSSL-powered TLS server using a small number of repeated TLS handshake attempts. Furthermore, we show that traces targeting shared libraries, static builds, and SGX enclaves are essentially identical, hence our channel has wide target application.

Why work at Promise?

We are a high-energy, innovation-focused team of engineers and technologists passionate about leveraging advanced cryptographic primitives. Promise’s environment is highly collaborative, and the ideal candidate will have an eye for detail and be a team player who enjoys working with others to find cutting-edge solutions to tricky problems. Come join us!

What we are looking for in the Senior Cryptography Engineer?

This role is ideal for cryptography scientists who have deep research experience and familiarity with evolving and established post quantum cryptographic protocols and their implementation.

Preferred areas of research interest would be post-quantum cryptography. Candidates are required to have a Ph.D. in Computer Science, ECE or a related area, by the time of appointment and an outstanding research record. Solid background in cryptography, network security, distributed systems, protocols and algorithms, is highly desirable.

What you will be responsible doing?

1. Design and architect post quantum cryptography protocols in distributed p2p systems

2. Work with core internal team and external open source community

3. Collaborate with engineering and product teammates to produce protocol specification that help serve Promise customer objectives

4. Collaborate and support other teams in developing crypto economic consensus protocol

5. Identify and recommend technologies to solve technical challenges such as proof sizes

6. Interest in working in startup environments with a brisk pace and constantly changing challenges

Salary and Benefits:

Please get more information and apply here: https://aquila-1.workable.com/jobs/860808

Closing date for applications:

Contact: Head of Recruiting

jobs (at) promiseprotocols.com

More information: https://aquila-1.workable.com/jobs/860808

The Applied Security and Information Assurance (APSIA) is seeking to recruit a highly motivated post-doc with a strong research profile to complement and strengthen the group’s existing expertise. Applications from candidates with expertise in the core areas of the group are welcome, but consideration will also be given to candidates with expertise that would extend our expertise, see topics below.

The APSIA team, led by Prof. Peter Y. A. Ryan, is part of the SnT and is a dynamic and growing research group, over 20 strong, performing cutting edge research in information assurance, cryptography, and privacy. The group specializes in the mathematical modelling of security mechanisms and systems, especially crypto protocols (classical and quantum), and socio-technical systems. The group is particularly strong in verifiable voting systems.

For further information you may check: www.securityandtrust.lu and https://wwwen.uni.lu/snt/research/apsia.

Ref: R-STR-5004-00-B

Fixed Term Contract 2 years (CDD), full-time 40 hrs/week

Number of positions: 1

Start date: Late 2018/early 2019 upon agreement.

Your Role

The successful candidate will contribute to the research goals of the APSIA group. The APSIA Group specializes in the design and analysis of secure systems:

Cryptographic Protocols

Quantum Cryptographic Protocols

Cryptographic Algorithms and Primitives

Verifiable Voting Schemes

Socio-Technical Analysis of Security

Privacy Enhancing Technologies

but applications are also welcome in

post-quantum crypto

FinTech

Distributed Ledger Technologies

The tasks associated with the role include:

Contributing to the group’s research directions.

Disseminating results through scientific publications

Coordinating research projects and delivering outputs

Help preparing new research proposals

Providing guidance to PhD and MSc students

Opportunities to do some teaching will be available.

Closing date for applications: 30 November 2018

Contact: Peter Y A Ryan, peter.ryan (at) uni.lu

More information: http://emea3.mrted.ly/1ztz4

At ING, increasing the pace of innovation is a strategic priority of the Think Forward strategy. We need to get faster and better at innovating so we can stay abreast of the pace of change around us. Blockchain technology is one of the innovation enablers at ING and the Blockchain program encompasses all of our efforts to explore and unlock its business value. As such, the Blockchain program at ING is directly responsible for all DLT related initiatives at ING globally.

The Blockchain program is also responsible for identifying and piloting the most promising use cases. To do so, we constantly scope the environment for relevant opportunities, actively engage with and educate the organization about the technology’s potential as well as researching trends within the industry. This allows us to have a comprehensive approach in our delivery of business value.

We are looking for an eager collaborator to support the management of the program. Your main tasks that you will be performing are:

•Produce software solutions based on Distributed Ledger technology;

•Research actively latest development in the cryptography and DLT space;

•Implementing improvements to existing DL technologies;

•Assess and deep dive on various ledger technologies.

Relevant stakeholders: you will be working with the DLT team, and reporting to the Chapter lead.

Your personal profile:

•Master’s degree in Computer Science.

•Curious by nature, willing to experiment.

•Ability to think from a business perspective when considering alternatives.

•Excellent team player.

•Intrinsic motivation for blockchain (i.e. some prior knowledge).

•Fast learner

•Knowledge of Kotlin / Solidity / Go is a plus

Must be proficient in at least one of the skills below (and motivation and basic-knowledge in the other).

You will be fully part of an enthusiastic multi-disciplinary team that has a willingness to help you grow and learn as much as possible throughout your position.

Closing date for applications: 30 March 2019

Contact: Stanley Waccary

Business manager Innovation

Stanley.Waccary (at) ing.com

More information: https://www.ing.jobs/Nederland/Vacatures/Vacature/DLT-Development-Engineer-Cryptography-1.htm?org=searchresult

Cambridge Quantum Computing is looking to hire a Research Scientist for its Cambridge team to work ona variety of projects including quantum resistance in cryptocurrencies. The successful candidate will join the Cambridge office and will be working in a highly dynamic, research-focused group with scientific direction from leading researchers. With the freedom to think independently and creatively this is an excellent opportunity for the successful candidate to build their career.

Key Requirements

A degree in Mathematics or other quantitative disciplines such as Physics or Computer Science with a strong mathematical component.

A Passion for approaching complex problems with the goal to design and deliver novel practical solutions.

Experience writingelegant, functional and well tested code in languagessuch as python, matlab, C/C++ etc.

The ability to understand technical and advanced material and translate this into code.

DesirableRequirements

Interest in the Blockchain and its protocols, Several Existing Cryptocurrencies, FinTech, mining, “proof of work” concept etc.

Some elementary knowledge of quantum computing (what is it, why in theory it can compromise cyber security in several aspects of our day to day life)

All candidates must be eligible to live and work in the UK.

The successful candidate will be compensated with a competitive salary and will join the company’s attractive share option and bonus scheme.

Closing date for applications: 1 December 2018

At DarkMatter, we are building an organization of specialists to provide the ultimate integrated cyber security protection available. Whatever the scope, scale or sensitivity of our clients’ work, we\'ll assess their risks, resolve their vulnerabilities and always keep them ahead of the threat, offering them the best possible products and solutions.

As a Senior Cryptography Engineer - Cloud Engineer, you will:

- Design, implement and deploy cryptographic algorithms tailored for a cloud environment.

- Conduct research and development in differential privacy, secret sharing, multi-party secure computation and fully homomorphic encryption.

- Perform security assessments of crypto-primitives, cryptosystems and cloud security solutions at the theoretical and implementation level.

- Work closely with the other teams in the organization to design and deploy safe cloud-based solutions .

- Be involved in the integration of developed cryptosystems within DarkMatter products.

- Enjoy all the cultural, educational and travel opportunities Abu Dhabi offers

To bring your dream to life, you’ll need:

- PhD degree in Cryptography, Applied Cryptography, Information Theory and Mathematics or Computer Science.

- Extensive experience developing in various programming languages.

- A desire to innovate in the UAE

 

Closing date for applications: 17 February 2019

Contact: Mehdi Messaoudi

Sourcing Specialist - Recruitment

More information: https://careers.darkmatter.ae/jobs/senior-cryptography-engineer-cloud-engineer-abu-dhabi-united-arab-emirates

The Engineering Cryptographic Protocols (ENCRYPTO) Group at TU Darmstadt, Germany is looking for a research assistant (doctoral researcher / PhD student) in Techniques for Protecting Privacy in Applications.

The ENCRYPTO group is member of the Center for Research in Security and Privacy (CRISP) and the profile area Cybersecurity at TU Darmstadt (CYSEC). We develop methods and tools for protecting privacy in applications. See https://encrypto.de for details.

The candidate will do cutting-edge research on techniques for protecting privacy in applications such as cryptographic protocols that scale to real-world problem sizes, including secure multi-party computation and private information retrieval.

The candidate is expected to have a completed Master (or equivalent) degree with excellent grades in IT security, computer science, electrical engineering, mathematics, or a closely related field. Solid knowledge in IT security, applied cryptography, efficient algorithms, circuit design, and excellent programming skills are required. Additional knowledge in cryptographic protocols, parallel computing, compiler construction, programming languages, and software engineering is a plus.

Review of applications starts immediately until the position is filled.

Please consult the webpage given below for more details and how to apply.

Closing date for applications:

Contact: Prof. Thomas Schneider

More information: https://encrypto.de/jobs/CRISP2

Choosing safe post-quantum parameters for the new CSIDH isogeny-based key-exchange system requires concrete analysis of the cost of quantum attacks. The two main contributions to attack cost are the number of queries in hidden-shift algorithms and the cost of each query. This paper analyzes algorithms for each query, introducing several new speedups while showing that some previous claims were too optimistic for the attacker. This paper includes a full computer-verified simulation of its main algorithm down to the bit-operation level.

Thanks to the ease of access and low expenses, it is now popular for people to store data in cloud servers. To protect sensitive data from being leaked to the outside, people usually encrypt the data in the cloud. However, management of these encrypted data becomes a challenging problem, e.g. data classification. Besides, how to selectively share data with other users is also an important and interesting problem in cloud storage. In this paper, we focus on ciphertext-policy attribute based encryption with equality test (CP-ABEET). People can use CP-ABEET to implement not only flexible authorization for the access to encrypted data, but also efficient data label classification, i.e. test of whether two encrypted data contain the same message. We construct an efficient CP-ABEET scheme, and prove its security based on a reasonable number-theoretic assumption. Compared with the only existing CP-ABEET scheme, our construction is more efficient in key generation, and has shorter attribute-related secret keys and better security.

Many cryptographic mechanisms depend on the availability of secure random numbers. In practice, the sources of random numbers can be unreliable for many reasons. There exist ways to improve the reliability of randomness, but these often do not work well with practical constraints. One proposal to reduce the impact of untrusted randomness is the proposal by Cremers et al. [draft-irtf-cfrg-randomness-improvements-03.txt], which aims to be effective in existing deployments.