IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
30 December 2018
Alexander Nilsson, Thomas Johansson, Paul Stankovski Wagner
Cheng Chen, Nicholas Genise, Daniele Micciancio, Yuriy Polyakov, Kurt Rohloff
The linear-function construction is first proposed in our work, and can be used to efficiently obfuscate binary classifiers by utilizing the token-based model where the number and format of queries can be restricted by the token generator. Our implementation can evaluate obfuscated binary classifiers in less than 1 millisecond and requires a program size of only 8MB for the case of 16 2-byte features. We also present an optimized TBO implementation for conjunctions, which outperforms the prior recent implementation of distributional VBB conjunction obfuscator by one order of magnitude and reduces the program size by a factor of 3. The token-based model also provides protection against exhaustive search attacks the VBB implementation is prone to. The last group of TBO constructions implemented in our work deals with obfuscating permutation and general branching programs.
To enable efficient implementation of all these constructions, we developed many algorithmic and code-level optimizations that can also be applied to other lattice-based cryptography primitives.
M. Delcourt, T. Kleinjung, A.K. Lenstra, S. Nath, D. Page, N. Smart
Taiga Mizuide, Atsushi Takayasu, Tsuyoshi Takagi
Tomer Ashur, Raluca Posteuca
Dan Boneh, Yuval Ishai, Alain Passel\`egue, Amit Sahai, David J. Wu
We present several concrete new PRF candidates that follow the above approach. Our main candidate is a weak PRF candidate (whose conjectured pseudorandomness only holds for uniformly random inputs) that first applies a secret mod-2 linear mapping to the input, and then a public mod-3 linear mapping to the result. This candidate can be implemented by depth-2 $ACC^0$ circuits. We also put forward a similar depth-3 strong PRF candidate. Finally, we present a different weak PRF candidate that can be viewed as a deterministic variant of ``Learning Parity with Noise'' (LPN) where the noise is obtained via a mod-3 inner product of the input and the key.
The advantage of our approach is twofold. On the theoretical side, the simplicity of our candidates enables us to draw natural connections between their hardness and questions in complexity theory or learning theory (e.g., learnability of depth-2 $ACC^0$ circuits and width-3 branching programs, interpolation and property testing for sparse polynomials, and natural proof barriers for showing super-linear circuit lower bounds). On the applied side, the ``piecewise-linear'' structure of our candidates lends itself nicely to applications in secure multiparty computation (MPC). Using our PRF candidates, we construct protocols for distributed PRF evaluation that achieve better round complexity and/or communication complexity (often both) compared to protocols obtained by combining standard MPC protocols with PRFs like AES, LowMC, or Rasta (the latter two are specialized MPC-friendly PRFs). Our advantage over competing approaches is maximized in the setting of MPC with an honest majority, or alternatively, MPC with preprocessing.
Finally, we introduce a new primitive we call an encoded-input PRF, which can be viewed as an interpolation between weak PRFs and standard (strong) PRFs. As we demonstrate, an encoded-input PRF can often be used as a drop-in replacement for a strong PRF, combining the efficiency benefits of weak PRFs and the security benefits of strong PRFs. We conclude by showing that our main weak PRF candidate can plausibly be boosted to an encoded-input PRF by leveraging error-correcting codes.
Lilya Budaghyan, Claude Carlet, Tor Helleseth, Nikolay Kaleyski
For a given function $F$ and value $v$, we describe an efficient method for finding all sets of points $\{ u_1, u_2, \dots, u_K \}$ such that setting $G(u_i) = F(u_i) + v$ and $G(x) = F(x)$ for $x \ne u_i$ is APN.
Thomas Debris-Alazard, Nicolas Sendrier, Jean-Pierre Tillich
26 December 2018
Paris, France, 6 May - 7 May 2019
Submission deadline: 15 January 2019
Notification: 1 March 2019
23 December 2018
Cryptolux/SnT, University of Luxembourg
The successful candidate will join the CryptoLUX group led by Prof. Alex Biryukov. He or she will contribute to a research project on future directions in cryptography and IT security and is expected to perform the following tasks:
• Shaping research directions and producing results in one or more of the following topics:
o Financial cryptography, cryptocurrencies, blockchain technologies
o Privacy enhancing technologies
• Disseminating results through scientific publications
• Providing guidance to Ph.D. and M.Sc. students
• Coordinating research projects
• Attracting funding in cooperation with academic and industrial partners
Closing date for applications: 31 January 2019
Contact: Prof. Alex Biryukov
More information: https://www.cryptolux.org/index.php/Vacancies
University of Twente, The Netherlands
The Computer Science Department at the University of Twente (UT) in the Netherlands is currently looking for a talented junior researcher in the intersection of Applied Cryptography and Biometrics. Funded via a collaborative research project between the UT’s “Services and Cyber-Security (SCS)” group and the “Data Management and Biometrics (DMB)” group, we are offering a position (with a competitive salary) of up to 12 months for a visiting PhD student or a post-doc.
Concretely, the research project is dealing with biometric recognition in the encrypted domain and we are looking for a talented junior researcher who has expertise in the design and analysis of cryptographic protocols, is familiar with proving such protocols secure in the malicious model, and has some experience with (somewhat) homomorphic encryption schemes. Additionally, the potential candidate should have good programming skills as we aim at the implementation of a research prototype of the to-be-designed cryptographic protocols. Since these protocols will be used in the context of biometric recognition, it is of advantage if the potential candidate has been exposed to some digital signal processing in biometric systems.
Interested applicants should send their detailed CV and motivation letter explaining their qualifications regarding the above described topics to: application-dies (at) utwente.nl
The review of applications starts immediately and will stop as soon as the position is filled with a qualified person.
Closing date for applications: 31 January 2019
Contact: Applications should be sent to: application-dies (at) utwente.nl
Further questions can be directed to: Prof. Dr. Raymond Veldhuis (r.n.j.veldhuis (at) utwente.nl) and Dr. Andreas Peter (a.peter (at) utwente.nl)
University of Manchester, UK & Institute for Infocomm Research, Singapore
This project will perform research and development of practical privacy-preserving machine learning technologies to address the challenges faced in real-world applications. More specifically, the student will study advanced secure computation technologies such as differential privacy, homomorphic encryption and secure multiparty computations, and evaluate challenges in these technologies in terms of their applicability to machine learning technologies. A special attention will be given to practical challenges and restrictions (e.g., memory and computational capabilities of the data generators - IoT devices) that arise in applying these technologies to real-world applications.
In addition, the PhD student will be supervised jointly by research experts in two world-leading institutions – the University of Manchester (UoM) and the Institute for Infocomm Research (I²R) Singapore. The student will be hosted by both organisations: Year 1 & 4 at UoM in the UK and Year 2 & 3 at I²R in Singapore.
Closing date for applications: 31 January 2019
Contact: Dr Mustafa A. Mustafa email: mustafa.mustafa(at)manchester.ac.uk
More information: https://www.bmh.manchester.ac.uk/study/research/astar/projects/
Suhri Kim, Kisoon Yoon, Jihoon Kwon, Young-Ho Park, Seokhie Hong
Joohee Lee, Dongwoo Kim, Duhyeong Kim, Yongsoo Song, Junbum Shin, Jung Hee Cheon1
In this paper, we propose a new privacy-preserving user-centric biometric authentication (HDM-PPBA) based on Hamming distance, which shows a big improvement in efficiency to the previous works. It is based on our new single-key function-hiding inner product encryption, which encrypts and computes the Hamming distance of 145,832-bit binary in about 0.3 seconds on Intel Core i5 2.9GHz CPU. We show that it satisfies simulation-based security under the hardness assumption of Learning with Errors (LWE) problem. The storage requirements, bandwidth and time complexity of HDM-PPBA depend linearly on the bit-length of biometrics, and it is applicable to any large templates used in NIST IREX IX report with high efficiency.
Yevhenii ZOTKIN, Francis OLIVIER, Eric BOURBAO
19 December 2018
Itai Dinur, Niv Nadler
In this paper, we devise multi-target attacks on Picnic and its underlying ZK protocol, ZKB++. Given access to $S$ signatures, produced by a single or by several users, our attack can (information theoretically) recover the $\kappa$-bit signing key of a user in complexity of about $2^{\kappa - 7}/S$. This is faster than Picnic's claimed $2^{\kappa}$ security against classical (non-quantum) attacks by a factor of $2^7 \cdot S$ (as each signature contains about $2^7$ potential attack targets).
Whereas in most multi-target attacks, the attacker can easily sort and match the available targets, this is not the case in our attack on Picnic, as different bits of information are available for each target. Consequently, it is challenging to reach the information theoretic complexity in a computational model, and we had to perform cryptanalytic optimizations by carefully analyzing ZKB++ and its underlying circuit. Our best attack for $\kappa = 128$ has time complexity of $T = 2^{77}$ for $S = 2^{64}$. Alternatively, we can reach the information theoretic complexity of $T = 2^{64}$ for $S = 2^{57}$, given that all signatures are produced with the same signing key.
Our attack exploits a weakness in the way that the Picnic signing algorithm uses a pseudo-random generator. The attack is mitigated in the recent Picnic 2.0 version.
In addition to our attack on Picnic, we show that a recently proposed improvement of the ZKB++ protocol (due to Katz, Kolesnikov and Wang) is vulnerable to a similar multi-target attack.
Suhyeon Lee, Seungjoo Kim
Arijit Dutta, Saravanan Vijayakumaran
Min Liang
This article defines encrypted gate, which is denoted by $EG[U]:|\alpha\rangle\rightarrow\left((a,b),Enc_{a,b}(U|\alpha\rangle)\right)$. We present a gate-teleportation-based two-party computation scheme for $EG[U]$, where one party gives arbitrary quantum state $|\alpha\rangle$ as input and obtains the encrypted $U$-computing result $Enc_{a,b}(U|\alpha\rangle)$, and the other party obtains the random bits $a,b$. Based on $EG[P^x](x\in\{0,1\})$, we propose a method to remove the $P$-error generated in the homomorphic evaluation of $T/T^\dagger$-gate. Using this method, we design two non-interactive and perfectly secure QHE schemes named \texttt{GT} and \texttt{VGT}. Both of them are $\mathcal{F}$-homomorphic and quasi-compact (the decryption complexity depends on the $T/T^\dagger$-gate complexity).
Assume $\mathcal{F}$-homomorphism, non-interaction and perfect security are necessary property, the quasi-compactness is proved to be bounded by $O(M)$, where $M$ is the total number of $T/T^\dagger$-gates in the evaluated circuit. \texttt{VGT} is proved to be optimal and has $M$-quasi-compactness. According to our QHE schemes, the decryption would be inefficient if the evaluated circuit contains exponential number of $T/T^\dagger$-gates. Thus our schemes are suitable for homomorphic evaluation of any quantum circuit with low $T/T^\dagger$-gate complexity, such as any polynomial-size quantum circuit or any quantum circuit with polynomial number of $T/T^\dagger$-gates.