International Association
for Cryptologic Research

Event date: 22 August to 24 August 2019
Submission deadline: 31 May 2019
Notification: 21 June 2019

The School of Cyber Science and Engineering of Shanghai Jiao Tong University was founded in October 2000. It was the first school-level training base for high-level information security professionals in China and was jointly established by the Ministry of Education of China, the Ministry of Science and Technology of China, and the Shanghai Municipal People’s Government. In order to dock the international academic frontiers and national development strategies, the key research areas of school\'s planning include: 1) Theory of Cryptography and Algorithms, 2) Quantum Computing and Post-quantum Cryptography, 3) Software and System Security, 4) Hardware and Embedded System Security, 5) Security Architecture, 6) Information Content Security, 7) Artificial Intelligence Security, 8) Cloud Security and Big Data Privacy Protection, 9) Industrial Internet, Wireless Network and Internet of Things Security, 10) Blockchain and Financial Security.

The school now has 20 open positions on the cyberspace security including 1) tenured full professors, 2) tenure-track associate professors, 3) tenure-track assistants professors, 4) full-time research fellows and postdoctoral. Applicants should have (a) a doctoral degree in Computer Science, Electronic Engineering, Communication, Mathematics, Statistics, Physics closely related to cyberspace security; (b) an established track record in research and scholarship; (c) expertise in the abovementioned 10 strategic research areas; and (d) a demonstrated commitment to excellence in teaching. We sincerely invite academic talents engaged in research related to cyberspace security from both abroad and domestic to join us. The school will provide highly competitive remuneration packages, superior research conditions and high-quality graduate students. We will assist to apply for various national, provincial and ministerial level talent programs. The university will also assist on employment of spouses, schooling for children and medical care.

Please refer to the link: http://english.seiee.sjtu.edu.cn/english/info/14810.htm

Closing date for applications: 15 August 2019

Contact: Dawu GU, Professor/Head of School of the CSE

Email: dwgu (at) sjtu.edu.cn

Identiq is introducing a new paradigm in the Identity verification market, offering strong identity verification, while preserving privacy and meeting strict regulation, such as GDPR. It is set to take over this market, and capture a significant market share in the near future.

The company is developing a unique solution, based on cryptographic protocols and multi-party computation techniques, which allows users to be validated without compromising their privacy.

The company was founded by Itay Levy, a serial entrepreneur with multiple exits in his past, Ido Shilon the general manager of Nielsen Exelate, and Uri Arad PayPal Israel’s Chief Technologist. The company closed its first financing round, with participation by strong Israeli and US investors.

Responsibilities

The job responsibilities include the design and analysis of cryptographic primitives and a full protocol involving multi-party-computation techniques, as well as bringing the protocol from design to implementation. You will be collaborating with our world-renown cryptography advisors and our top-tier technology teams. You will be inventing new encryption schemes, design computationally, and communication efficient protocols, and will be writing proofs of security and privacy under various adversary models.

This is a full-time position, reporting directly to the company’s head of research.

Qualifications

- Strong background in multi-party computation and homomorphic encryption

- Theoretical and applied experience in cryptographic protocols design

- Cryptographic protocol design and analysis

- M.Sc. in mathematics, computer science, or similar field, with specialization in cryptography and security. PhD an advantage

- Programming in C/C++/Java/C#/Go or similar languages

- Experience in protocol simulation and verification tools an advantage

Interested candidates should submit their resumes to jobs (at) identiq.com

Closing date for applications: 31 March 2019

In a joined project Telecom ParisTech and Telecom SudParis are proposing a 1 year renewable PostDoc on the topic hereunder.

Blockchain, security and privacy issues

The first 6 months consist in delivering a state of the art, plus refining on research objectives. Here are three examples of further specific topics:

A. Anonymization and micropayment channels

Such transactions appear only in a consolidated form in the blockchain. They can be managed by smart contracts, or payment providers, which have a privileged view on these transactions. A point of interest is anonymization and description of possible attacks on anonymity. A long term goal could be designing tools for monitoring and de-anonymisation.

B. Security analysis of the network layer of blockchain

The underlying network of can leak information on the identity of the users/participants. Such analysis was done on the Bitcoin network, but cannot be generalized. The research would consist in selecting another relevant example then analyzing in depth availability / performance / anonymization. Possible tools are tomography of networks, topology analysis or e.g. addresses links.

C. Fully anonymous blockchains

Contrary to Bitcoin [ACM18], Zcash and Monero enable fully anonymous paiments [OM18]. Ethereum on its side makes possible multiparty pooling of transactions [Meiklejohn & Mercer PETS18]. It could be interesting to quantify the practical usage and weaknesses of these tools [Usx18]. Getting used to monitoring tools will be usefull, as well as technological watch (including social media: reddit, discord, medium, telegram or blogs).

[ACM18] S. Meiklejohn and al. A Fistful of Bitcoins: Characterizing Payments Among Men with No Names. Communications ACM.

[OM18] C Orlandi and S Meiklejohn. QuisQuis: A New Design for Anonymous Cryptocurrencies.

[Usx18] G. Kappos and al. An Empirical Analysis of Anonymity in Zcash. 27th USENIX Security Symposium.

Closing date for applications: 31 August 2019

Contact: Please send your resume and/or questions to Gerard Memmi : gerard.memmi \'at\' telecom-paristech.fr

We are recruiting a project fellow/senior project fellow to work on applications of blockchain technology in ensuring food and drug safety.

Candidates are expected to have completed a PhD in computer science or a related discipline (in particular, candidates with a background from biotech or chemical engineering will also be considered); or with significant experience in applied research and knowledge transfer activities.

The appointee is expected to take charge of the development of the system. He/she will assume senior level of responsibility, including project management, supervising of project personnels, communicate with relevant academia staff members and meeting regularly with our industry partners.

The position is funded by the project titled \"Blockchain-Based Food and Drug Counterfeit Detection and Regulatory System\" funded by the Innovation and Technology Commission of Hong Kong.

Closing date for applications: 30 April 2019

Contact: Man Ho Allen Au

More information: http://www4.comp.polyu.edu.hk/~csallen

Applications are invited for a PhD fellowship at the Computer Science Department in the IT University of Copenhagen, Denmark. The PhD fellowship includes a salary and tuition for the duration of PhD studies, as well as access to the Danish public education and healthcare systems.

Project: Cryptographic Protocols for Scalable Privacy Preserving Blockchains

Current blockchain consensus protocols underpinning the security of cryptocurrencies and smart contracts suffer from a number of bottlenecks that severely limit the transaction throughput of such systems. Moreover, the few cryptocurrencies that offer strong privacy guarantees are not compatible with the current techniques for achieving higher throughputs. Besides scalability concerns, current privacy preserving cryptocurrencies and smart contracts are also incompatible with legal financial regulations since they do not allow for lawful audits.

The successful candidate will work on a project aiming at solving these issues by means of more efficient consensus protocols and multiparty computation techniques. We will investigate efficient cryptographic protocols for two main tasks: (1) scalable blockchain based consensus compatible with privacy preserving cryptocurrencies and (2) accountable privacy preserving cryptocurrency and smart contract systems that adhere to financial regulations. The research will be focused on developing new provably secure frameworks for building such protocols with high concrete efficiency.

This project will be carried out in cooperation with the Concordium Foundation.

Qualifications:

We are looking for motivated candidates with a background in discrete mathematics and/or theoretical computer science. Experience with distributed systems or cryptography will be considered an advantage. Candidates should have an MsC degree (or equivalent) or a BsC degree plus one year of Master level studies (equivalent to 4 years of studies).

Closing date for applications: 25 March 2019

Contact: Bernardo David, Associate Professor, beda (at) itu.dk

More information: https://candidate.hr-manager.net/ApplicationInit.aspx?cid=119&ProjectId=181022&DepartmentId=3439&MediaId=5

The department of Mathematics and Computer Science at TU/e has opened a broad hiring call in mathematics. Cryptography is not mentioned explicitly in the call but is located in the mathematics side of the department and thus eligible.

The cryptographers at TU/e would be happy to see good applications in crypto. Given the exisiting crypto group https://www.win.tue.nl/cc/, researchers at tenure track or assistant professor level are particularly encouraged to apply.

Note that applications must be submitted via the webpage. Application by email is not possible.

Closing date for applications: 1 April 2019

Contact:

• Tanja Lange (t.lange (at) tue.nl) for questions regarding cryptography
• Prof. Dr. Barry Koren for general questions about the department (as listed on the job opening page)
• Mrs. Marjolein von Reth, HR Advisor for personnel questions (as listed on the job opening page)

More information: https://jobs.tue.nl/nl/vacature/faculty-members-mathematics-assistant-associate-and-full-professors-439183.html

We are seeking to fill a post-doctoral researcher position at IBM Research – Zurich in the field of cryptography. The position is part of the EU H2020 project PRIViLEDGE, which focuses on privacy in distributed ledgers.

Particular topics of interest include, but are not limited to

Blockchains and distributed-ledger technologies

Verifiable computing and zero-knowledge proofs

Foundations & solutions for real-world cryptography.

The position is available immediately. The successful candidate will enjoy an internationally competitive salary and work in a collaborative and creative group in an exclusive research environment.

The Industry Platforms and Blockchain group at IBM Research – Zurich offers an exciting research environment with the opportunity to collaborate with researchers working on various aspects of security and cryptography, including blockchain, lattice-based cryptography, provably secure protocol design and system security.

Cooperation with other academic and industry researchers within IBM as well as acquisition of external research funding, such as European grants (including ERC), is also possible and encouraged.

The positions offer the opportunity to live in the Zurich area, which is consistently ranked as one of the world’s top five cities with the highest quality of life.

Requirements

Candidates are required to have a PhD in Computer Science, Mathematics, or related field by the time of appointment and an outstanding research record, demonstrated in the form of publications at top cryptography or security conferences (Crypto, Eurocrypt, CCS, S&P etc.).

Diversity

IBM is committed to diversity at the workplace. With us you will find an open, multicultural environment. Excellent flexible working arrangements enable both women and men to strike the desired balance between their professional development and their personal lives.

Closing date for applications: 20 December 2019

Contact: Please send your application including Ref No. 2019_10 to:

Judith Blanc

jko (at) zurich.ibm.com

HR Business Partner

IBM Research – Zurich

Säumerstrasse 4

8803 Rüschlikon

Switzerland

More information: https://www.zurich.ibm.com/careers/

In view of its ongoing development, the crypto group of the University of Versailles St-Quentin-en-Yvelines (France) invites applications for the following full-time position.

A faculty position at the tenured Assistant Professor (\"Maître de Conférences\") level is open to highly qualified candidates who are committed to a career in research and teaching. Preference will be given to candidates with strong research achievements in one or several of the areas related to the general fields of cryptology and/or information security.

Responsibilities include research, supervision of undergraduates and graduate students, preparation and management of research projects, and teaching in various study programs.

How to apply? Read carefully all the information on the official webpage below (in French). In summary:

• Registration of applications on the GALAXIE portal is open until Tuesday, March 26, 2019 at 16h (Paris time).
• Once the inscription on GALAXIE validated, an identifier and a password are automatically generated and sent within 48 hours after this registration, to the e-mail address indicated on GALAXIE.
• The upload of the complete application file must then be made on the UVSQ portal no later than Tuesday, March 26, 2019 at 23:59 (Paris time).

IMPORTANT NOTE: A \"qualification aux fonctions de Maître de Conférences\" certificate from to the french \"Conseil National des Universités\" is usually required to apply. However candidates who already hold an Assistant Professor (or equivalent) position may be exempted from this certificate.

Closing date for applications: 26 March 2019

Contact:

Louis GOUBIN, Full Professor, head of the \"Cryptology and Information Security\" group

louis.goubin (at) uvsq.fr

More information: https://tinyurl.com/y4c4vwl9

The Research Group at Nanyang Technological University (NTU), Singapore, led by Prof. Anupam Chattopadhyay is seeking skilled and motivated Post-Doctoral candidates to participate in multiple upcoming projects focusing on microprocessor security. The research team is currently funded by several large and strategic research grants in various domains ranging from microprocessor to system security. Interested applicants are encouraged to send their detailed CV, cover letter and two letters of references to Prof. Anupam Chattopadhyay (anupam at ntu.edu.sg).

We are soliciting candidates to have an sound knowledge in cryptography and outstanding background in digital/system design, including relevant experience in managing large-scale projects in C/C++/VHDL/Verilog. Candidates with prior industrial experience and familiarity with commercial processor architectures are preferred.

Review of applications starts immediately and will continue until the position is filled.

Closing date for applications: 31 December 2019

We introduce a general framework encompassing the main hard problems emerging in lattice-based cryptography, which naturally includes the recently proposed Mersenne prime cryptosystem, but also code-based cryptography. The framework allows to easily instantiate new hard problems and to automatically construct post-quantum secure primitives from them. As a first basic application, we introduce two new hard problems and the corresponding encryption schemes.

Concretely, we study generalizations of hard problems such as SIS, LWE and NTRU to free modules over quotients of \(\mathbb{Z}[X]\) by ideals of the form \((f,g)\), where \(f\) is a monic polynomial and \(g \in \mathbb{Z}[X]\) is a ciphertext modulus coprime to \(f\). For trivial modules (i.e. of rank one) the case \(f=X^n+1\) and \(g = q \in \mathbb{Z}_{>0}\) corresponds to ring-LWE, ring-SIS and NTRU, while the choices \(f = X^n- 1\) and \(g = X - 2\) essentially cover the recently proposed Mersenne prime cryptosystems. At the other extreme, when considering modules of large rank and letting \(\deg f = 1\) one recovers the framework of LWE and SIS.

Exploiting data sparsity is crucial for the scalability of many data analysis tasks. However, while there is an increasing interest in efficient secure computation protocols for distributed machine learning, data sparsity has so far not been considered in a principled way in that setting.

We propose sparse data structures together with their corresponding secure computation protocols to address common data analysis tasks while utilizing data sparsity. In particular, we define a Read-Only Oblivious Map primitive (ROOM) for accessing elements in sparse structures, and present several instantiations of this primitive with different trade-offs. Then, using ROOM as a building block, we propose protocols for basic linear algebra operations such as Gather, Scatter, and multiple variants of sparse matrix multiplication. Our protocols are easily composable by using secret sharing. We leverage this, at the highest level of abstraction, to build secure end-to-end protocols for non-parametric models ($k$-nearest neighbors and naive Bayes classification) and parametric models (logistic regression) that enable secure analysis on high-dimensional datasets. The experimental evaluation of our protocol implementations demonstrates a manyfold improvement in the efficiency over state-of-the-art techniques across all applications.

Our system is designed and built mirroring the modular architecture in scientific computing and machine learning frameworks, and inspired by the Sparse BLAS standard.

In a (ciphertext policy) attribute-based encryption (ABE) scheme, a ciphertext is associated with a predicate $\phi$ and a secret key is associated with a string $x$ such that a key decrypts a ciphertext if and only of $\phi(x) = 1$. Moreover, the scheme should be collusion-resistant meaning that no colluding set of users can learn about the message if none of their secret keys can individually decrypt the ciphertext. Traditionally, in an ABE scheme, there exists a central authority that generates the keys for each users. In a multi-authority attribute-based encryption (MA-ABE) scheme, individual components of the secret keys are generated by different key-generating authorities.

Although the notion of MA-ABE is a natural extension of the standard ABE, its realization has so far been limited. Indeed, all existing MA-ABE constructions rely solely on bilinear maps and can only support predicates that are computable by monotone boolean formulas. In this work, we construct the first collusion-resistant MA-ABE scheme that can support circuit predicates from the Learning with Errors (LWE) assumption. Our construction works in a new model that we call the OT model, which can be viewed as a direct relaxation of the traditional GID model that previous MA-ABE constructions consider. We believe that the new OT model is a compelling alternative to the traditional GID model as it captures the core requirements for an MA-ABE scheme. The techniques that are used to construct MA-ABE in this model can also be used as a stepping stone towards constructing MA-ABE in the stronger GID model in the future.

We observe that any key agreement protocol satisfying perfect completeness, regardless of its round complexity, can be used to construct a non-interactive commitment scheme.

This observation simplifies the cryptographic assumptions required for some protocols that utilize non-interactive commitments and removes the need for ad-hoc constructions of non-interactive commitments from specific assumptions such as Learning with Errors.

A fundamental problem in the theory of secure multi-party computation (MPC) is to characterize functions with more than 2 parties which admit MPC protocols with information-theoretic security against passive corruption. This question has seen little progress since the work of Chor and Ishai (1996), which demonstrated difficulties in resolving it. In this work, we make significant progress towards resolving this question in the important case of aggregating functionalities, in which m parties P1, . . . , Pm hold inputs x1, . . . , xm and an aggregating party P0 must learn f(x1,...,xm).

We uncover a rich class of algebraic structures that are closely related to secure computability, namely, “Commuting Permutations Systems” (CPS) and its variants. We present an extensive set of results relating these algebraic structures among themselves and to MPC, including new protocols, impossibility results and separations. Our results include a necessary algebraic condition and slightly stronger sufficient algebraic condition for a function to admit information-theoretically secure MPC protocols.

We also introduce and study new models of minimally interactive MPC (called UNIMPC and UNIMPC*), which not only help in understanding our positive and negative results better, but also open up new avenues for studying the cryptographic complexity landscape of multi-party functionalities. Our positive results include novel protocols in these models, which may be of independent practical interest.

Finally, we extend our results to a definition that requires UC security as well as semi-honest security (which we term strong security). In this model we are able to carry out the characterization of all computable functions, except for a gap in the case of aggregating functionalities.

At Eurocrypt'18, Cid, Huang, Peyrin, Sasaki, and Song introduced a new tool called Boomerang Connectivity Table (BCT) for measuring the resistance of a block cipher against the boomerang attack which is an important cryptanalysis technique introduced by Wagner in 1999 against block ciphers. Next, Boura and Canteaut introduced an important parameter related to the BCT for cryptographic Sboxes called boomerang uniformity.

The purpose of this paper is to present a brief state-of-the-art on the notion of boomerang uniformity of vectorial Boolean functions (or Sboxes) and provide new results. More specifically, we present a slightly different but more convenient formulation of the boomerang uniformity and prove some new identities. Moreover, we focus on quadratic permutations in even dimension and obtain general criteria by which they have optimal BCT. As a consequence of, two previously known results can be derived, and many new quadratic permutations with optimal BCT (optimal means that the maximal value in the Boomerang Connectivity Table equals the lowest known differential uniformity) can be found. In particular, we show that the boomerang uniformity of the binomial differentially $4$-uniform permutations presented by Bracken, Tan, and Tan equals $4$. Finally, we show a link between the boomerang uniformity and the nonlinearity for some special quadratic permutations.

We focus on securely computing the $k^\text{th}$-ranked integer in a sequence of integers distributed among $n$ parties, e.g., the largest or smallest integer or the median. Our specific objective is low interactivity between parties to support blockchains or other scenarios where multiple rounds are time-consuming. Hence, we dismiss powerful, yet highly-interactive MPC frameworks and propose SCIB, a special-purpose protocol for secure computation of the $k^\text{th}$-ranked integer. SCIB uses additively homomorphic encryption to implement core comparisons, but computes under distinct keys, chosen by each party to optimize the number of rounds. By carefully combining ECC Elgamal encryption, encrypted comparisons, ciphertext blinding, secret sharing, and shuffling, SCIB sets up a system of multi-scalar equations which we efficiently prove with Groth-Sahai ZK proofs. As a result, SCIB is secure in the malicious model and practical, requiring only 3 rounds (blockchain blocks). This number of rounds is constant in both bit length $\ell$ of integers and the number of parties $n$ which is optimal. Our implementation indicates that SCIB's main bottleneck, ZK proof computations, is small in practice: even for a large number of parties ($n=200$) and high-precision integers ($\ell=32$), computation time of all proofs is less than a single Bitcoin block interval.

Secure Multi-party Computation (MPC) is one of the most influential achievements of modern cryptography: it allows evaluation of an arbitrary function on private inputs from multiple parties without revealing the inputs. A crucial step of utilizing contemporary MPC protocols is to describe the function as a Boolean circuit. While efficient solutions have been proposed for special case of two-party secure computation, the general case of more than two-party is not addressed. This paper proposes MPCircuits, the first automated solution to devise the optimized Boolean circuit representation for any MPC function using hardware synthesis tools with new customized libraries that are scalable to multiple parties. MPCircuits creates a new end-to-end tool-chain to facilitate practical scalable MPC realization. To illustrate the practicality of MPCircuits, we design and implement a set of five circuits that represent real-world MPC problems. Our benchmarks inherently have different computational and communication complexities and are good candidates to evaluate MPC protocols. We also formalize the metrics by which a given protocol can be analyzed. We provide extensive experimental evaluations for these benchmarks; two of which are the first reported solutions in multi-party settings. As our experimental results indicate, MPCircuits reduces the computation time of MPC protocols by up to 4.2x.

We propose Path Oblivious Heap, an extremely simple, practical, and optimal oblivious priority queue. Path Oblivious Heap is only a small constant factor slower than the standard insecure binary heap. Our construction also implies a practical and optimal oblivious sorting algorithm.

Oblivious linear-function evaluation (OLE) is a secure two-party protocol allowing a receiver to learn a secret linear combination of a pair of field elements held by a sender. OLE serves as a common building block for secure computation of arithmetic circuits, analogously to the role of oblivious transfer (OT) for boolean circuits. A useful extension of OLE is vector OLE (VOLE), allowing the receiver to learn a linear combination of two vectors held by the sender. In several applications of OLE, one can replace a large number of instances of OLE by a smaller number of long instances of VOLE. This motivates the goal of amortizing the cost of generating long instances of VOLE. We suggest a new approach for fast generation of pseudo-random instances of VOLE via a deterministic local expansion of a pair of short correlated seeds and no interaction. This provides the first example of compressing a non-trivial and cryptographically useful correlation with good concrete efficiency. Our VOLE generators can be used to enhance the efficiency of a host of cryptographic applications. These include secure arithmetic computation and non-interactive zero-knowledge proofs with reusable preprocessing. Our VOLE generators are based on a novel combination of function secret sharing (FSS) for multi-point functions and linear codes in which decoding is intractable. Their security can be based on variants of the learning parity with noise (LPN) assumption over large fields that resist known attacks. We provide several constructions that offer tradeoffs between different efficiency measures and the underlying intractability assumptions.