International Association
for Cryptologic Research

Tightly secure cryptographic schemes have been extensively studied in the fields of chosen-ciphertext secure public-key encryption (CCA-secure PKE), identity-based encryption (IBE), signature and more. We extend tightly secure cryptography to inner product functional encryption (IPFE) and present the first tightly secure schemes related to IPFE.

We first construct a new IPFE scheme that is tightly secure in the multi-user and multi-challenge setting. In other words, the security of our scheme does not degrade even if an adversary obtains many ciphertexts generated by many users. Our scheme is constructible on a pairing-free group and secure under the matrix decisional Diffie-Hellman (MDDH) assumption, which is the generalization of the decisional Diffie-Hellman (DDH) assumption. Applying the known conversions by Lin (CRYPTO 2017) and Abdalla et al. (CRYPTO 2018) to our scheme, we can obtain the first tightly secure function-hiding IPFE scheme and multi-input IPFE (MIPFE) scheme respectively.

Our second main contribution is the proposal of a new generic conversion from function-hiding IPFE to function-hiding MIPFE, which was left as an open problem by Abdalla et al. (CRYPTO 2018). We can obtain the first tightly secure function-hiding MIPFE scheme by applying our conversion to the tightly secure function-hiding IPFE scheme described above.

Finally, the security reductions of all our schemes are fully tight, which means that the security of our schemes is reduced to the MDDH assumption with a constant security loss.

Encrypt-then-MAC (EtM) is a popular mode for authenticated encryption (AE). Unfortunately, almost all designs following the EtM paradigm, including the AE suites for TLS, are vulnerable against nonce misuse. A single repetition of the nonce value reveals the hash key, leading to a universal forgery attack. There are only two authenticated encryption schemes following the EtM paradigm which can resist nonce misuse attacks, the GCM-RUP (CRYPTO-17) and the GCM/2+ (INSCRYPT-12). However, they are secure only up to the birthday bound in the nonce respecting setting, resulting in a restriction on the data limit for a single key. In this paper we show that nEHtM, a nonce-based variant of EHtM (FSE-10) constructed using a block cipher, has a beyond birthday bound (BBB) unforgeable security that gracefully degrades under nonce misuse. We combine nEHtM with the CENC (FSE-06) mode of encryption using the EtM paradigm to realize a nonce-based AE, CWC+. CWC+ is very close (requiring only a few more xor operations) to the CWC AE scheme (FSE-04) and it not only provides BBB security but also gracefully degrading security on nonce misuse.

In this paper, using Mixed Integer Linear Programming, a new automatic search tool for truncated differential characteristic is presented. While the previous MILP models for truncated differential characteristic has been used just as a facilitator for finding the maximal probability bit-wise differential characteristic, ours treats truncated differential characteristic as an independent distinguisher. Our method models the problem of finding a maximal probability truncated differential characteristic, being able to distinguish the cipher from a pseudo random permutation. Our model enjoys a word-wise variable definitions which makes it much simpler and more easily solvable than its bit-wise counterpart. Using this method, we analyse Midori64 and SKINNY64/64,128 block ciphers, for both of which the existing results are improved. In both cases, the truncated differential characteristic is much more efficient than the upper bound of (bit-wise) differential characteristic proven by the designers, for all number of rounds. More specifically, the highest possible rounds, for which a differential characteristic can exist for Midori64 and SKINNY64/64,128, are 6 and 7 rounds respectively, for which differential characteristics with maximum probabilities of $2^{-60}$ and $2^{-52}$ may exist. However, we present new truncated differential characteristics for 6-round of Midori64 with probability $2^{-54}$. In case of SKINNY64/64,128, the gap is much wider, where for 7 rounds we find a truncated characteristic with probability $2^{-4}$, and even a 10-round truncated characteristic can be found with probability $2^{-40}$. Moreover, our result outperforms the only truncated differential analysis that exists on Midori64. This method can be used as a new tool for differential analysis of SPN block ciphers.

This paper provides proofs of the results of Laisant - Beaujeux: (1) If an integer of the form $n=4k+1$, $k>0$ is prime, then $\left(\begin{array}{c}n-1\\m\end{array}\right)\equiv1(mod\,n),m=\frac{n-1}{2}$, and (2) If an integer of the form $n=4k+3$, $k\geq0$ is prime, then $\left(\begin{array}{c}n-1\\m\end{array}\right)\equiv-1(mod\,n),m=\frac{n-1}{2}$. In addition, the author proposes important conjectures based on the converse of the above theorems which aim to establish primality of $n$. These conjectures are scrutinized by the given combinatorial primality test algorithm which can also distinguish patterns of prime $n$ whether it is of the form $4k+1$ or $4k+3$.

We observe that if a party breaks one cryptographic assumption, construction, or system, then it can reduce the trust in any other. This highlights a shortcoming in the common interpretation of the provable security paradigm that may lead to unwarranted trust. This may have practical implications.

Then we argue that the provable security paradigm remains sound in applications provided that assumptions are made with care. We also strengthen the argument for the study of combiners and constructions based on generic assumptions, and transparent standardization processes in applied cryptography.

In this paper we analyze the new AEAD mode called the Multilinear Galois Mode (MGM) originally proposed in CTCrypt 2017. This mode is currently considered in the Russian Standardization system as the main contender to be adopted as a standard AEAD mode. The analysis of the MGM mode was carried out in the paradigm of provable security, in other words, lower security bounds were obtained for the Privacy and Authenticity notions. These bounds show that the privacy and authenticity of this mode is provably guaranteed (under security of the used block cipher) up to the birthday paradox bound.

Internet-of-Things (IoT) applications often require constrained devices to be deployed in the field for several years, even decades. Protection of these tiny motes is crucial for end-to-end IoT security. Secure boot and attestation techniques are critical requirements in such devices which rely on public key Sign/Verify operations. In a not-so-distant future, quantum computers are expected to break traditional public key Sign/Verify functions (e.g. RSA and ECC signatures). Hash Based Signatures (HBS) schemes, on the other hand, are promising quantum-resistant alternatives. Their security is based on the security of cryptographic hash function which is known to be secure against quantum computers. The XMSS signature scheme is a modern HBS construction with several advantages but it requires thousands of hash operations per Sign/Verify operation, which could be challenging in resource constrained IoT motes. In this work, we investigated the use of the XMSS scheme targeting IoT constrained. We propose a latency-area optimized XMSS Sign or Verify scheme with 128-bit post-quantum security. An appropriate HW-SW architecture has been designed and implemented in FPGA and Silicon where it spans out to 1521 ALMs and 13.5k gates respectively. In total, each XMSS Sign/Verify operation takes 4.8 million clock cycles in our proposed HW-SW hybrid design approach which is 5.35 times faster than its pure SW execution latency on a 32-bit microcontroller.

Internet of Things (IoT) have seen tremendous growth and are being deployed pervasively in areas such as home, surveillance, health-care and transportation. These devices collect and process sensitive data with respect to user's privacy. Protecting the privacy of the user is an essential aspect of security, and anonymous attestation of IoT devices are critical to enable privacy-preserving mechanisms. Enhanced Privacy ID (EPID) is an industry-standard cryptographic scheme that offers anonymous attestation. It is based on group signature scheme constructed from bilinear pairings, and provides anonymity and sophisticated revocation capabilities (private-key based revocation and signature-based revocation). Despite the interesting privacy-preserving features, EPID operations are very computational and memory intensive. In this paper, we present a small footprint anonymous attestation solution based on EPID that can meet the stringent resource requirements of IoT devices. A specific modular-reduction technique targeting the EPID prime number has been developed resulting in 50% latency reduction compared to conventional reduction techniques. Furthermore, we developed a multi-exponentiation technique that significantly reduces the runtime memory requirements. Our proposed design can be implemented as SW-only, or it can utilize an integrated Elliptic Curve and Galois Field HW accelerator. The EPID SW stack has a small object code footprint of 22kB. We developed a prototype on a 32-bit microcontroller that computes EPID signature generation in 17.9s at 32MHz.

Song, Huang, Mu, and Wu proposed a new code-based signature scheme, the Rank Quasi-Cyclic Signature (RQCS) scheme (PKC 2019, Cryptology ePrint Archive 2019/053), which is based on RQC, an IND-CCA2 KEM scheme, proposed by Aguilar Melchor et al. (NIST PQC Standardization Round 1). Their scheme is an analogue to the Schnorr signature scheme.

In this short note, we investigate the security of the RQCS scheme. We report a key-recovery known-message attack by following the discussion in Aragon, Blazy, Gaborit, Hauteville, and Zémor (Cryptology ePrint Archive 2018/1192) and an experimental result. The key-recovery attack requires only one signature to retrieve a secret key and recovers a key less than 10 seconds.

The main result of this note is a severe flaw in the description of the zk-SNARK in [BCTV14]. The flaw stems from including redundant elements in the CRS, as compared to that of the original Pinocchio protocol [PHGR16], which are vital not to expose. The flaw enables creating a proof of knowledge for \emph{any} public input given a valid proof for \emph{some} public input. We also provide a proof of security for the [BCTV14] zk-SNARK in the generic group model, when these elements are excluded from the CRS, provided a certain linear algebraic condition is satisfied by the QAP polynomials.

The Walnut Digital Signature Algorithm (WalnutDSA) is a group-theoretic, public-key method that is part of the NIST Post-Quantum Cryptography standardization process. Prior to its submission to NIST, Hart et al published an attack that, when it produces a signature forgery, it is found to be orders of magnitude longer than a valid signature making it invalid due to its length. In addition to being identified as a forgery by our current method, we show that with a modest parameter-only increase we can block this attack to the desired security level without a significant impact on the performance while making WalnutDSA completely secure against this attack.

Event date: 10 May to 14 May 2020

The group is active both in developing key technologies that ship with IBM products and in maintaining a strong academic research profile and has a dual focus on blockchain and on system security. In particular, the group is part of the core team that designs and develops Hyperledger Fabric, the popular open source blockchain platform.

This is an excellent opportunity for highly qualified and creative candidates with an ambition to work with an international team of researchers in a world-class industrial research organization.

Requirements

Candidates are expected to have the following background and interests

· A Master\'s degree in Computer Science or a closely related discipline

· strong knowledge of programming languages (in particular C/C++, and optionally golang, bash, python)

· strong skills and experience in system-level programming, large distributed systems, and optionally blockchain

· experience with open source projects and a strong understanding of DevOps

· ability to manage multiple and changing priorities

· fluency in English

The position is available immediately. The successful candidate will enjoy an internationally competitive salary and work in a collaborative and creative group in an exclusive research environment.

Diversity

IBM is committed to diversity at the workplace. We offer a diverse, independent professional activity, with experienced colleagues in a friendly atmosphere on our campus.

You will find a dynamic, multi-cultural environment, and flexible work conditions.

How to apply

Please send your CV including contact information for references and Ref No. 2019_001

to:

Judith Blanc

HR Business Partner

IBM Research — Zurich

Säumerstrasse 4

8803 Rüschlikon

Switzerland

email: jko (at) zurich.ibm.com

For technical information, please contact:

Dr. Andreas Kind, Manager Industry Solutions and Blockchain

email:ank (at) zurich.ibm.com.

Closing date for applications: 31 July 2019

More information: https://www.zurich.ibm.com/careers/

Distributed systems and Blockchain

Project description

We research and develop scalable, fault-tolerant and secure distributed and blockchain systems that drive a new generation of financial and digital transactions.

We are looking for highly motivated and enthusiastic software engineers and distributed systems researchers to join the Industry Platforms and Blockchain Group at IBM Research – Zurich. You will be expected to contribute to the architecture definition and implementation in our blockchain projects, notably their aspects pertaining to distributed systems. You will be able to directly contribute and make impact not only on IBM products, but also on the Hyperledger Fabric open source project. The researchers in the group have deep expertise and knowledge in scalable, fault-tolerant and secure distributed systems. Software to be developed will be included in critical production system and is expected to be of high quality, modularity, maintainability, scalability, and resilience.

Closing date for applications: 31 July 2019

Contact: Judith Blanc

HR Business Partner

Säumerstrasse 4

8803 Rüschlikon

Switzerland

jko (at) zurich.ibm.com

More information: https://www.zurich.ibm.com/careers/

DTU Compute’s Section for Cyber Security invites applications for appointment as a postdoctoral researcher within the area of symmetric cryptology. The position is available from 1 May 2019 or according to mutual agreement.

The aim of the new position is to expand the Section’s research in symmetric cryptology and align it with potential novel threats.

The research field of this new Postdoc position is within analysis and design of symmetric cryptographic algorithms, both basic primitives and modes of operation. Correspondingly, we aim to hire a postdoc with a track record in symmetric cryptography and cryptanalysis.

Responsibilities and tasks

The main tasks of the postdoc position are to analyze existing symmetric cryptographic primitives as well as to design and evaluate new primitives to address novel challenges. In this position, you will actively engage in our ongoing and prospective research activities on analysis and design of block ciphers, hash functions, authentication schemes and authentication encryption.

External stays are planned at our research partners in Europe.

Qualifications

Candidates should have a PhD degree (or equivalent) within mathematics, computer science or electric engineering with a focus on cryptology or a closely related field. If you are close to completing your PhD studies, your application will also be considered. You must have contributed with high-quality research to the area of cryptology or a closely related field.

Application procedure

Please submit your online application no later than 1 March 2019 (local time). Apply online at www.career.dtu.dk

Read the full job description at

https://www.dtu.dk/english/about/job-and-career/vacant-positions/job?id=1804831b-d132-4570-b6e6-46324b1a14c7

Closing date for applications: 1 March 2019

Contact: Further information can be obtained from Assoc. Prof. Andrey Bogdanov (anbog (at) dtu.dk). Please do not send applications to this e-mail address.

More information: https://www.dtu.dk/english/about/job-and-career/vacant-positions/job?id=1804831b-d132-4570-b6e6-46324b1a14c7

Applications are invited for PhD studentships in areas such as: (1) Post-quantum cryptography; (2) Physical attacks of IoT devices; (3) Privacy-aware cybercrime tracking; (4) Edge-based solutions to IoT attacks; (5) Activity Recognition in Social Media videos; (5) Defending ML-based Network Security Systems from Adversarial Attacks.

Students will be based in the Centre for Secure Information Technology (CSIT), Queens University Belfast. CSIT is recognised by the UK National Cyber Security Centre as an Academic Centre of Excellence (ACE) in Cyber Security Research. It is also host to the UK Research Institute in Secure Hardware and Embedded Systems (RISE).

ACADEMIC REQUIREMENTS:

A minimum 2.1 honours degree or equivalent in Computer Science, Electrical and Electronic Engineering, Mathematics or closely related discipline is required.

Available to eligible UK and EU citizens only.

Applicants should apply electronically through the Queen’s online application portal at: https://dap.qub.ac.uk/portal/

Closing date for applications: 8 March 2019

Contact: Professor Maire O\'Neill,Email: m.oneill AT ecit.qub.ac.uk

More information: https://www.qub.ac.uk/csit/PhD-in-Cyber-Security-Centre-for-Doctoral-Training/PhDResearchProjects2019/

The work of the Protocol Engineering Groups and Systems R&D team spans all layers of the tech stack for the Ethereum blockchain. Our work covers both public chain and enterprise, including crypto-economics, consensus, networking, storage, cryptography and virtual machine operations. Some of the challenges we have been focusing on include scalability, privacy, permissioning, and robustness — and there are plenty of other areas we’d like to be working on.

The Role

We are seeking applied researchers from a variety of backgrounds who are able to think deeply and creatively about protocol-level blockchain challenges and translate that work into practical outputs for PegaSys, enterprises seeking to use Ethereum and the wider blockchain community.

The Profile We are Seeking

• Computer Science, Mathematics or Physics Master degree. PhD is a bonus.

• Strong familiarity with advanced computer science and mathematical concepts

• Expertise in using formal verification tools especially in the context of analysing distributed systems

• Capable of articulating theories and related proof in a language suitable for scientific publication. Track record of previous scientific publications is a bonus.

• Well versed in analysing existing code in a number of languages including Java, Go, Rust, etc.

• Capable of deep and creative thinking.

• Have a drive for excellence and quality

• Passionate about blockchain consensus protocol research and blockchain technology in general

• Previous experience either in leading small/medium teams or as member of well-functioning self-organising teams

• Willing collaborator: swift to seek support and advice; equally ready to give support and advice to others.

• Comfortable with working remotely, and will make progress without supervision while proactively keeping in contact with other remote collaborators.

Closing date for applications: 31 July 2019

Contact: Roberto Saltini

More information: https://consensys.net/open-roles/1522894/

The Research Group at Nanyang Technological University (NTU), Singapore, led by Prof. Anupam Chattopadhyay is seeking skilled and motivated PhD candidates to participate in an upcoming project focusing on System-on-Chip (SoC) security. The research team is currently funded by several large and strategic research grants in different domains ranging from microprocessor to system security. Interested applicants are encouraged send their detailed CV, cover letter and two letters of references to Prof. Anupam Chattopadhyay (anupam at ntu.edu.sg).

We are soliciting candidates to have an introductory knowledge in cryptography and strong background in digital/system design, including relevant experience in managing large-scale programming projects in C/C++/VHDL/Verilog. Candidates with prior industrial experience and familiarity with commercial processor architectures are preferred.

Review of applications starts immediately and will continue until the position is filled.

Closing date for applications:

PhD and Post-Doc Positions on Privacy Technologies at UCL

I have funding for 2-3 PhD studentships and 1 post-doctoral positions (24 months) in my group at UCL Computer Science to work on research problems at the intersection of privacy and machine learning.

For an overview of my work in this area, please visithttps://emilianodc.com/privacyML/

FUNDING

These positions are funded by a mix of industry grants, thanks to the generous support of Amazon, Cisco, Microsoft Research, and the UK Government.

UCL DOCTORAL TRAINING CENTRE IN CYBERSECURITY

Moreover, we have recently been awarded funding for a Doctoral Training Centre (DTC) in Cybersecurity (see https://epsrc.ukri.org/newsevents/news/seventy-five-centres-for-doctoral-training-announced-by-ukri-to-develop-the-skills-needed-for-uk-prosperity/) so *additional* positions will be funded through the centre.

Other researchers working on security and privacy at UCL include: Nicolas Courtois, George Danezis, Sarah Meiklejohn, Steven Murdoch, Angela Sasse, plus a couple more faculty that we are in the process of recruiting. The Centre will have a strongly interdisciplinary focus, and will involve colleagues in the Crime Science (e.g., Shane Johnson) and Public Policy (e.g., Madeline Carr).

DATES AND ELIGIBILITY

The PhD students will start in September/October 2019. Alas, some of the funding is limited to people who have lived in the UK for at least 3 years prior to the start of the PhD.

The post-doctoral research should start in the summer and have already completed their PhD or about to.

APPLICATION

For both the PhD and the post-doc positions, please send an email to jobs (at) emilianodc.com if you are interested.
For the PhD positions, you will also have to apply through http://www.cs.ucl.ac.uk/prospective_students/phd_programme/applying/ (even though the next deadline is April 17th, please apply ASAP).

 

Closing date for applications: 30 April 2019

Contact: Emiliano De Cristofaro, Associate Professor at UCL

jobs (at) emilianodc.com

More information: https://emilianodc.com/positions.html

Event date: 7 July 2019
Submission deadline: 15 February 2019
Notification: 10 April 2019