International Association
for Cryptologic Research

Song, Huang, Mu, and Wu proposed a new code-based signature scheme, the Rank Quasi-Cyclic Signature (RQCS) scheme (PKC 2019, Cryptology ePrint Archive 2019/053), which is based on RQC, an IND-CCA2 KEM scheme, proposed by Aguilar Melchor et al. (NIST PQC Standardization Round 1). Their scheme is an analogue to the Schnorr signature scheme.

In this short note, we investigate the security of the RQCS scheme. We report a key-recovery known-message attack by following the discussion in Aragon, Blazy, Gaborit, Hauteville, and Zémor (Cryptology ePrint Archive 2018/1192) and an experimental result. The key-recovery attack requires only one signature to retrieve a secret key and recovers a key less than 10 seconds.

The main result of this note is a severe flaw in the description of the zk-SNARK in [BCTV14]. The flaw stems from including redundant elements in the CRS, as compared to that of the original Pinocchio protocol [PHGR16], which are vital not to expose. The flaw enables creating a proof of knowledge for \emph{any} public input given a valid proof for \emph{some} public input. We also provide a proof of security for the [BCTV14] zk-SNARK in the generic group model, when these elements are excluded from the CRS, provided a certain linear algebraic condition is satisfied by the QAP polynomials.

The Walnut Digital Signature Algorithm (WalnutDSA) is a group-theoretic, public-key method that is part of the NIST Post-Quantum Cryptography standardization process. Prior to its submission to NIST, Hart et al published an attack that, when it produces a signature forgery, it is found to be orders of magnitude longer than a valid signature making it invalid due to its length. In addition to being identified as a forgery by our current method, we show that with a modest parameter-only increase we can block this attack to the desired security level without a significant impact on the performance while making WalnutDSA completely secure against this attack.

Event date: 10 May to 14 May 2020

The group is active both in developing key technologies that ship with IBM products and in maintaining a strong academic research profile and has a dual focus on blockchain and on system security. In particular, the group is part of the core team that designs and develops Hyperledger Fabric, the popular open source blockchain platform.

This is an excellent opportunity for highly qualified and creative candidates with an ambition to work with an international team of researchers in a world-class industrial research organization.

Requirements

Candidates are expected to have the following background and interests

· A Master\'s degree in Computer Science or a closely related discipline

· strong knowledge of programming languages (in particular C/C++, and optionally golang, bash, python)

· strong skills and experience in system-level programming, large distributed systems, and optionally blockchain

· experience with open source projects and a strong understanding of DevOps

· ability to manage multiple and changing priorities

· fluency in English

The position is available immediately. The successful candidate will enjoy an internationally competitive salary and work in a collaborative and creative group in an exclusive research environment.

Diversity

IBM is committed to diversity at the workplace. We offer a diverse, independent professional activity, with experienced colleagues in a friendly atmosphere on our campus.

You will find a dynamic, multi-cultural environment, and flexible work conditions.

How to apply

Please send your CV including contact information for references and Ref No. 2019_001

to:

Judith Blanc

HR Business Partner

IBM Research — Zurich

Säumerstrasse 4

8803 Rüschlikon

Switzerland

email: jko (at) zurich.ibm.com

For technical information, please contact:

Dr. Andreas Kind, Manager Industry Solutions and Blockchain

email:ank (at) zurich.ibm.com.

Closing date for applications: 31 July 2019

More information: https://www.zurich.ibm.com/careers/

Distributed systems and Blockchain

Project description

We research and develop scalable, fault-tolerant and secure distributed and blockchain systems that drive a new generation of financial and digital transactions.

We are looking for highly motivated and enthusiastic software engineers and distributed systems researchers to join the Industry Platforms and Blockchain Group at IBM Research – Zurich. You will be expected to contribute to the architecture definition and implementation in our blockchain projects, notably their aspects pertaining to distributed systems. You will be able to directly contribute and make impact not only on IBM products, but also on the Hyperledger Fabric open source project. The researchers in the group have deep expertise and knowledge in scalable, fault-tolerant and secure distributed systems. Software to be developed will be included in critical production system and is expected to be of high quality, modularity, maintainability, scalability, and resilience.

Closing date for applications: 31 July 2019

Contact: Judith Blanc

HR Business Partner

Säumerstrasse 4

8803 Rüschlikon

Switzerland

jko (at) zurich.ibm.com

More information: https://www.zurich.ibm.com/careers/

DTU Compute’s Section for Cyber Security invites applications for appointment as a postdoctoral researcher within the area of symmetric cryptology. The position is available from 1 May 2019 or according to mutual agreement.

The aim of the new position is to expand the Section’s research in symmetric cryptology and align it with potential novel threats.

The research field of this new Postdoc position is within analysis and design of symmetric cryptographic algorithms, both basic primitives and modes of operation. Correspondingly, we aim to hire a postdoc with a track record in symmetric cryptography and cryptanalysis.

Responsibilities and tasks

The main tasks of the postdoc position are to analyze existing symmetric cryptographic primitives as well as to design and evaluate new primitives to address novel challenges. In this position, you will actively engage in our ongoing and prospective research activities on analysis and design of block ciphers, hash functions, authentication schemes and authentication encryption.

External stays are planned at our research partners in Europe.

Qualifications

Candidates should have a PhD degree (or equivalent) within mathematics, computer science or electric engineering with a focus on cryptology or a closely related field. If you are close to completing your PhD studies, your application will also be considered. You must have contributed with high-quality research to the area of cryptology or a closely related field.

Application procedure

Please submit your online application no later than 1 March 2019 (local time). Apply online at www.career.dtu.dk

Read the full job description at

https://www.dtu.dk/english/about/job-and-career/vacant-positions/job?id=1804831b-d132-4570-b6e6-46324b1a14c7

Closing date for applications: 1 March 2019

Contact: Further information can be obtained from Assoc. Prof. Andrey Bogdanov (anbog (at) dtu.dk). Please do not send applications to this e-mail address.

More information: https://www.dtu.dk/english/about/job-and-career/vacant-positions/job?id=1804831b-d132-4570-b6e6-46324b1a14c7

Applications are invited for PhD studentships in areas such as: (1) Post-quantum cryptography; (2) Physical attacks of IoT devices; (3) Privacy-aware cybercrime tracking; (4) Edge-based solutions to IoT attacks; (5) Activity Recognition in Social Media videos; (5) Defending ML-based Network Security Systems from Adversarial Attacks.

Students will be based in the Centre for Secure Information Technology (CSIT), Queens University Belfast. CSIT is recognised by the UK National Cyber Security Centre as an Academic Centre of Excellence (ACE) in Cyber Security Research. It is also host to the UK Research Institute in Secure Hardware and Embedded Systems (RISE).

ACADEMIC REQUIREMENTS:

A minimum 2.1 honours degree or equivalent in Computer Science, Electrical and Electronic Engineering, Mathematics or closely related discipline is required.

Available to eligible UK and EU citizens only.

Applicants should apply electronically through the Queen’s online application portal at: https://dap.qub.ac.uk/portal/

Closing date for applications: 8 March 2019

Contact: Professor Maire O\'Neill,Email: m.oneill AT ecit.qub.ac.uk

More information: https://www.qub.ac.uk/csit/PhD-in-Cyber-Security-Centre-for-Doctoral-Training/PhDResearchProjects2019/

The work of the Protocol Engineering Groups and Systems R&D team spans all layers of the tech stack for the Ethereum blockchain. Our work covers both public chain and enterprise, including crypto-economics, consensus, networking, storage, cryptography and virtual machine operations. Some of the challenges we have been focusing on include scalability, privacy, permissioning, and robustness — and there are plenty of other areas we’d like to be working on.

The Role

We are seeking applied researchers from a variety of backgrounds who are able to think deeply and creatively about protocol-level blockchain challenges and translate that work into practical outputs for PegaSys, enterprises seeking to use Ethereum and the wider blockchain community.

The Profile We are Seeking

• Computer Science, Mathematics or Physics Master degree. PhD is a bonus.

• Strong familiarity with advanced computer science and mathematical concepts

• Expertise in using formal verification tools especially in the context of analysing distributed systems

• Capable of articulating theories and related proof in a language suitable for scientific publication. Track record of previous scientific publications is a bonus.

• Well versed in analysing existing code in a number of languages including Java, Go, Rust, etc.

• Capable of deep and creative thinking.

• Have a drive for excellence and quality

• Passionate about blockchain consensus protocol research and blockchain technology in general

• Previous experience either in leading small/medium teams or as member of well-functioning self-organising teams

• Willing collaborator: swift to seek support and advice; equally ready to give support and advice to others.

• Comfortable with working remotely, and will make progress without supervision while proactively keeping in contact with other remote collaborators.

Closing date for applications: 31 July 2019

Contact: Roberto Saltini

More information: https://consensys.net/open-roles/1522894/

The Research Group at Nanyang Technological University (NTU), Singapore, led by Prof. Anupam Chattopadhyay is seeking skilled and motivated PhD candidates to participate in an upcoming project focusing on System-on-Chip (SoC) security. The research team is currently funded by several large and strategic research grants in different domains ranging from microprocessor to system security. Interested applicants are encouraged send their detailed CV, cover letter and two letters of references to Prof. Anupam Chattopadhyay (anupam at ntu.edu.sg).

We are soliciting candidates to have an introductory knowledge in cryptography and strong background in digital/system design, including relevant experience in managing large-scale programming projects in C/C++/VHDL/Verilog. Candidates with prior industrial experience and familiarity with commercial processor architectures are preferred.

Review of applications starts immediately and will continue until the position is filled.

Closing date for applications:

PhD and Post-Doc Positions on Privacy Technologies at UCL

I have funding for 2-3 PhD studentships and 1 post-doctoral positions (24 months) in my group at UCL Computer Science to work on research problems at the intersection of privacy and machine learning.

For an overview of my work in this area, please visithttps://emilianodc.com/privacyML/

FUNDING

These positions are funded by a mix of industry grants, thanks to the generous support of Amazon, Cisco, Microsoft Research, and the UK Government.

UCL DOCTORAL TRAINING CENTRE IN CYBERSECURITY

Moreover, we have recently been awarded funding for a Doctoral Training Centre (DTC) in Cybersecurity (see https://epsrc.ukri.org/newsevents/news/seventy-five-centres-for-doctoral-training-announced-by-ukri-to-develop-the-skills-needed-for-uk-prosperity/) so *additional* positions will be funded through the centre.

Other researchers working on security and privacy at UCL include: Nicolas Courtois, George Danezis, Sarah Meiklejohn, Steven Murdoch, Angela Sasse, plus a couple more faculty that we are in the process of recruiting. The Centre will have a strongly interdisciplinary focus, and will involve colleagues in the Crime Science (e.g., Shane Johnson) and Public Policy (e.g., Madeline Carr).

DATES AND ELIGIBILITY

The PhD students will start in September/October 2019. Alas, some of the funding is limited to people who have lived in the UK for at least 3 years prior to the start of the PhD.

The post-doctoral research should start in the summer and have already completed their PhD or about to.

APPLICATION

For both the PhD and the post-doc positions, please send an email to jobs (at) emilianodc.com if you are interested.
For the PhD positions, you will also have to apply through http://www.cs.ucl.ac.uk/prospective_students/phd_programme/applying/ (even though the next deadline is April 17th, please apply ASAP).

 

Closing date for applications: 30 April 2019

Contact: Emiliano De Cristofaro, Associate Professor at UCL

jobs (at) emilianodc.com

More information: https://emilianodc.com/positions.html

Event date: 7 July 2019
Submission deadline: 15 February 2019
Notification: 10 April 2019

Event date: 25 August to 28 August 2019

Event date: 2 October to 4 October 2019
Submission deadline: 4 May 2019
Notification: 22 June 2019

Event date: 27 May to 29 May 2019

Anonymous credential (AC) schemes are protocols which allow for authentication of authorized users without compromising their privacy. Of particular interest are non-interactive anonymous credential (NIAC) schemes, where the authentication process only requires the user to send a single message that still conceals its identity. Unfortunately, all known NIAC schemes in the standard model require pairing based cryptography, which limits them to a restricted set of specific assumptions and requires expensive pairing computations. The notion of keyed-verification anonymous credential (KVAC) was introduced in (Chase et al., CCS'14) as an alternative to standard anonymous credential schemes allowing for more efficient instantiations; yet, making existing KVAC non-interactive either requires pairing-based cryptography, or the Fiat-Shamir heuristic.

In this work, we construct the first non-interactive keyed-verification anonymous credential (NIKVAC) system in the standard model, without pairings. Our scheme is efficient, attribute-based, supports multi-show unlinkability, and anonymity revocation. We achieve this by building upon a combination of algebraic \MAC with the recent designated-verifier non-interactive zero-knowledge (DVNIZK) proof of knowledge of (Couteau and Chaidos, Eurocrypt'18). Toward our goal of building NIKVAC, we revisit the security analysis of a MAC scheme introduced in (Chase et al., CCS'14), strengthening its guarantees, and we introduce the notion of oblivious non-interactive zero-knowledge proof system, where the prover can generate non-interactive proofs for statements that he cannot check by himself, having only a part of the corresponding witness, and where the proof can be checked efficiently given the missing part of the witness. We provide an efficient construction of an oblivious DVNIZK, building upon the specific properties of the DVNIZK proof system of (Couteau and Chaidos, Eurocrypt'18).

In this paper, we propose a Multi-Key Homomorphic Encryption (MKHE) which allows homomorphic evaluation of a binary gate (with bootstrapping) on ciphertexts encrypted under different keys. We generalize a low-latency homomorphic encryption scheme of Chillotti et al. (ASIACRYPT 2016) by exploiting a key-extension approach of Brakerski and Perlman (CRYPTO 2016).

All the prior works on MKHE were too inefficient to be used in practice. Our construction improved the performance in terms of both asymptotic and concrete complexity: the length of ciphertexts and the computational costs of a binary gate grow linearly and quadratically on the number of parties, respectively. Furthermore, our scheme is fully-dynamic so that no information about the involved parties needs to be known before the computation and the resulting ciphertext can be reused in further computation with newly joined parties.

To the best of our knowledge, this is the first work to implement an MKHE scheme. Our implementation takes about 0.15 (resp. 0.72) seconds to perform the gate bootstrapping when the number of involved parties is 2 (resp. 4).

Distributional collision resistance is a relaxation of collision resistance that only requires that it is hard to sample a collision (x,y) where x is uniformly random and y is uniformly random conditioned on colliding with x. The notion lies between one-wayness and collision resistance, but its exact power is still not well-understood. On one hand, distributional collision resistant hash functions cannot be built from one-way functions in a black-box way, which may suggest that they are stronger. On the other hand, so far, they have not yielded any applications beyond one-way functions.

Assuming distributional collision resistant hash functions, we construct constant-round statistically hiding commitment scheme. Such commitments are not known based on one-way functions and are impossible to obtain from one-way functions in a black-box way. Our construction relies on the reduction from inaccessible entropy generators to statistically hiding commitments by Haitner et al. (STOC '09). In the converse direction, we show that two-message statistically hiding commitments imply distributional collision resistance, thereby establishing a loose equivalence between the two notions.

A corollary of the first result is that constant-round statistically hiding commitments are implied by average-case hardness in the class SZK (which is known to imply distributional collision resistance). This implication seems to be folklore, but to the best of our knowledge has not been proven explicitly. We provide yet another proof of this implication, which is arguably more direct than the one going through distributional collision resistance.

A threshold signature scheme enables distributed signing among $n$ players such that any subgroup of size $t+1$ can sign, whereas any group with $t$ or fewer players cannot. While there exist previous threshold schemes for the ECDSA signature scheme, we present the first protocol that supports multiparty signatures for any $t \leq n$ with efficient, dealerless key generation. Our protocol is faster than previous solutions and significantly reduces the communication complexity as well. We prove our scheme secure against malicious adversaries with a dishonest majority. We implemented our protocol, demonstrating its efficiency and suitability to be deployed in practice.

Privacy and mutual authentication under corruption with temporary state disclosure are two significant requirements for real-life applications of RFID schemes. No RFID scheme is known so far to meet these two requirements. In this paper we propose two practical RFID schemes that fill this gap. The first one achieves destructive privacy, while the second one narrow destructive privacy, in Vaudenay's model with temporary state disclosure. Both of them provide mutual (reader-first) authentication. In order to achieve these privacy levels we use Physically Unclonable Functions (PUFs) to assure that the internal secret of the tag remains hidden against an adversary with invasive capabilities. Our first RFID scheme cannot be desynchronized for more than one step, while the second one avoids the use of random generators on tags. Detailed security and privacy proofs are provided.