International Association
for Cryptologic Research

We construct new functional encryption schemes that combine the access control functionality of attribute-based encryption with the possibility of performing linear operations on the encrypted data. While such a primitive could be easily realized from fully fledged functional encryption schemes, what makes our result interesting is the fact that our schemes simultaneously achieve all the following properties. They are public-key, efficient and can be proved secure under standard and well established assumptions (such as LWE or pairings). Furthermore, security is guaranteed in the setting where adversaries are allowed to get functional keys that decrypt the challenge ciphertext. Our first results are two functional encryption schemes for the family of functions that allow users to embed policies (expressed by monotone span programs) in the encrypted data, so that one can generate functional keys to compute weighted sums on the latter. Both schemes are pairing-based and quite generic: they combine the ALS functional encryption scheme for inner products from Crypto 2016 with any attribute-based encryption schemes relying on the dual-system encryption methodology. As an additional bonus, they yield simple and elegant multi-input extensions essentially for free, thereby broadening the set of applications for such schemes. Multi-input is a particularly desirable feature in our setting, since it gives a finer access control over the encrypted data, by allowing users to associate different access policies to different parts of the encrypted data. Our second result builds identity-based functional encryption for inner products from lattices. This is achieved by carefully combining existing IBE schemes from lattices with adapted, LWE-based, variants of ALS. We point out to intrinsic technical bottlenecks to obtain richer forms of access control from lattices. From a conceptual point of view, all our results can be seen as further evidence that more expressive forms of functional encryption can be realized under standard assumptions and with little computational overhead.

We will discuss the question of minimizing different complexity measures of cryptographic primitives, some known results and remaining challenges, and how the study of this question can have impact beyond cryptography.

An aggregate signature allows one to generate a short aggregate of signatures from different signers on different messages. A sequential aggregate signature (SeqAS) scheme allows the signers to aggregate their individual signatures in a sequential manner. All existing SeqAS schemes that do not use the random oracle assumption either require a large public key or the security depends upon some non-standard interactive/static assumptions. In this paper, we present an efficient SeqAS scheme with constant-size public key under the SXDH assumption. In the process, we first obtain an optimized (and more efficient) variant of Libert et al's randomizable signature scheme. While both the schemes are more efficient than the currently best ones that rely on some static assumption, they are only slightly costlier than the most efficient ones based on some interactive assumption.

Contract fraud is a big nuisance in our society. People are scammed largely because of vague language used in contracts, which can cause misunderstandings. Therefore, people will seek professional help to review over ambiguous terms, especially, when signing a big contract, for example, leasing or buying property. With the advent of Ethereum blockchain, a new type of contract, named smart contract, is emerging nowadays, enabling people to describe a complicated logic as an automatically executable computer program. However, due to the lack of the computer background and software development experience, many people have difficulty in understanding blockchain-based smart contracts, which is adverse to the popularization of Ethereum. It has resulted in a new wave of contract fraud caused by smart contracts, which are self-executing and self-enforcing but also hard to understand by people. To fill this huge gap, we propose an approach to enable people without computer background to understand and operate Ethereum smart contracts. In doing so, smart contract fraud can be deterred if people have a better understanding of contract terms. Particularly, we investigate the general rules of the smart contract code, and build a novel tool named SMTranslator to automatically generate readable document. SMTranslator first translates smart contracts into standard structured files and identifies the core statement of each function in smart contracts. By exploiting the custom natural language generation, we generate the documents for smart contracts that can provide correct and understandable descriptions. We collect numerous contracts in Ethereum and select a number of typical contracts to conduct the experiments. Extensive experimental results demonstrate the feasibility and effectiveness of our approach.

Homomorphic Encryption is an elegant cryptographic solution to protect the privacy of users while keeping the conveniences of cloud computing. Using homomorphic encryption, users can upload their encrypted data to the cloud and can still perform computation on the encrypted data.

Applications are invited for one postdoc position in designing hardware architectures for accelerating homomorphic computing on the encrypted data. The researcher will perform algorithmic optimizations, design optimized hardware architectures, and explore the design-space to construct efficient homomorphic encryption processors on FPGA platforms.

Please apply to the official application portal before 1st June 2020.

More information: https://bham.taleo.net/careersection/external/jobdetail.ftl?job=200001O8&tz=GMT%2B01%3A00&tzname=Europe%2FLondon

Closing date for applications:

Contact: Dr. Sujoy Sinha Roy

More information: https://bham.taleo.net/careersection/external/jobdetail.ftl?job=200001O8&tz=GMT%2B01%3A00&tzname=Europe%2FLondon

The School of Informatics, Computing & Cyber Systems at Northern Arizona University is seeking a postdoctoral scientist in computational diversity for cybersecurity to work on a US Air Force Research Laboratory funded project. The successful candidates will work closely with the Principal Investigator and collaborators in the development, analysis, and implementation of innovative algorithms, architectures, and implementations. Exceptional candidates from all relevant areas will be considered, but specific topics of research interest include computer architecture and microarchitecture, hardware-based security and cryptographic systems. While the project is open to international candidates, there may be certain limitations. The start date is negotiable, but should not be later than October 1, 2020.

Duties include:

1. Perform research in the broad area of hardware-centric cybersecurity
2. Publish papers and present research results at conferences and symposia
3. Write grant and contract proposals
4. Supervise and coordinate the efforts of PhD, MS, and undergraduate students on a day-to-day basis
5. Assist in preparing progress reports to funding agencies

The ideal candidate should have:

1. Earned doctoral (Ph.D. or Sc.D.) degree in Computer Science, Electrical Engineering or closely related area by the start date.
2. Demonstrated expertise in one or more of the following areas: computer architecture and microarchitecture, hardware-based security and cryptographic systems
3. Demonstrated academic excellence through scholarly publications, i.e. at least one publication in top-ranked conferences/journals
4. Excellent communication skills; experience in effectively working with people from a variety of culturally diverse backgrounds; experience in mentoring undergraduate and graduate students

Closing date for applications:

Contact: Dr. Paul Flikkema (paul.flikkema@nau.edu)

More information: https://in.nau.edu/human-resources/current-job-openings/

We are looking for talented and motivated Post-Docs to work on the ERC AdG project PROCONTRA: Smart-Contract Protocols: Theory for Applications. The project is about theoretical and applied aspects of blockchain and smart contracts.

The ideal candidates should have a PhD degree in cryptography (or related field) from a leading university, and a proven record of publications in top cryptography/security/TCS venues.

We offer competitive salary and a budget for conference travel and research visit.

The project is expected to start on Sep 1, 2020. There is no specific deadline for this call, but we will start looking at the applications from Jun 15th, 2020. Please apply using the link provided below.

Closing date for applications:

Contact: Stefan Dziembowski

More information: https://www.crypto.edu.pl/positions

We are looking for talented and motivated PhD students to work on the ERC AdG project PROCONTRA: Smart-Contract Protocols: Theory for Applications. The project is about theoretical and applied aspects of blockchain and smart contracts. It is mostly focused on theory, but it has also some programming tasks.

The ideal candidates should have an MSc degree in computer science or mathematics from a leading university, and be familiar with the probability theory, computational complexity, algebra, and number theory. The knowledge of cryptography, information theory, and game theory is a significant plus, but is not a prerequisite. The candidates must be fluent in written and spoken English

The successful candidates will be enrolled to the PhD program at the University of Warsaw (Poland). The deadline for the application to this program is Jun 28, 2020, but please contact the project’s PI (Stefan Dziembowski) before applying there. Please do it by Jun 15, 2020 via the web-form available at the address provided below.

Starting date: Oct 1, 2020
Expected salary: around 5,000 PLN/month (net)
Duration: 4 years (negotiable)

Closing date for applications:

Contact: Stefan Dziembowski

More information: https://www.crypto.edu.pl/positions

TU Wien (Vienna University of Technology), TU Graz (Graz University of Technology), and JKU Linz (Johannes Kepler University), are recruiting up to 15 doctoral candidates with a negotiable starting date for the joint doctoral program on Logical Methods in Computer Science (LogiCS), funded by the Austrian Science Fund (FWF). Application deadline: June 12, 2020 RESEARCH AREAS At the moment we are particularly looking for candidates interested in the following areas: * Automated Software Verification * Description Logics * Epistemic logic in distributed computing * Explainable AI * Fixed-Parameter Algorithms and Complexity * Formal Verification of hybrid systems * Knowledge Representation and Reasoning * Model Checking * Modeling and analysis of digital integrated circuits * Networking and Communication Technology * Normative Reasoning * Ontology-based Data Access * Security and Privacy * Scheduling and logic programming * Study of the Interaction between rules from a knowledge base and rules arising from machine learning * Topology in distributed computing * Quantified Boolean Formulas POSITIONS AND FUNDING * We are looking for 15 very strong doctoral students. * The doctoral positions are fully funded for at least 3 years according to the funding scheme of the Austrian Science Fund (FWF). (This entails an employment contract for 30h\week, 39.000 EUR gross per year) * The location of the research post is Vienna, or Graz, Austria.

Closing date for applications:

Contact: Mihaela Rozman, Technische Universitat Wien, Favoritenstrasse 9-11, 1040 Wien

More information: https://logic-cs.at/phd/

Noroff University College seeks to appoint new academic staff in the area of Cyber Security. You will join a team of international staff with whom you will be expected to work in very close collaboration, in undertaking research in the area and engaging in the delivery and management of the newly launched Bachelor in Cyber Security. This degree has a shared common first year with the Digital Forensics and Applied Data Science Bachelors degrees within the Faculty. As such, evidence of prior teamwork and excellent communication skills are essential. Candidates should have a postgraduate qualification (preferably Ph.D) in Computer Science, Computer Security or a related field. The ability to teach a variety of subjects is essential, in particular a range of information security related subjects. Relevant skills and experience in the following areas are required for this post: ● Penetration testing practice and procedures - practical and research experience; ● A demonstrable technical skillset and experience relating to tools, techniques, methodologies, standards, and models for Computer Network Attack (CNO), Computer Network Defence (CND) and Computer Network Exploitation (CNE). ● Exposure to and willingness to teach one or more of the following specialist topics:  Penetration Testing  Web Security  Vulnerability Management  Exploit Development/Bug Hunting  Applied Cryptography  Information Security Principles  Incident Response and Management Compensation to commensurate with the candidate’s qualifications and relevant experience. Closing date for this application is 31 May 2020. We interview continuously and suitable candidates will be contacted to take part in the interview process. For full job description and application form, please visit our website on https://www.noroff.no/om/ledige-stillinger

Closing date for applications:

Contact: Ezanne van Niekerk - jobs@noroff.no '

More information: https://www.noroff.no/om/ledige-stillinger

We give a framework for relating the concrete security of a “reference” protocol (say, one appearing in an academic paper) to that of some derived, “real” protocol (say, appearing in a cryptographic standard). It is based on the indifferentiability framework of Maurer, Renner, and Holenstein (MRH), whose application has been exclusively focused upon non-interactive cryptographic primitives, e.g., hash functions and Feistel networks. Our extension of MRH is supported by a clearly defined execution model and two composition lemmata, all formalized in a modern pseudocode language. Together, these allow for precise statements about game-based security properties of cryptographic objects (interactive or not) at various levels of abstraction. As a real-world application, we design and prove tight security bounds for a potential TLS 1.3 extension that integrates the SPAKE2 password-authenticated key-exchange into the handshake.

We present a new methodology for building formally verified cryptographic libraries that are optimized for multiple architectures. In particular, we show how to write and verify generic crypto code in the F* programming language that exploits single-instruction multiple data (SIMD) parallelism. We show how this code can be compiled to platforms that supports vector instructions, including ARM Neon and Intel AVX, AVX2, and AVX512. We apply our methodology to obtain verified vectorized implementations on all these platforms for the Chacha20 encryption algorithm, the Poly1305 one-time MAC, and the SHA-2 and Blake2 families of hash algorithms.

A distinctive feature of our approach is that we aggressively share code and verification effort between scalar and vectorized code, between vectorized code for different platforms, and between implementations of different cryptographic primitives. By doing so, we significantly reduce the manual effort needed to add new implementations to our verified library. In this paper, we describe our methodology and verification results, evaluate the performance of our code, and describe its integration into the larger HACL⋆ crypto library. Our vectorized code has already been incorporated into several software projects, including the Firefox web browser.

At CRYPTO 2019, Gohr first introduces the deep learning based cryptanalysis on round-reduced SPECK. Using a deep residual network, Gohr trains several neural network based distinguishers on 8-round SPECK-32/64. The analysis follows an `all-in-one' differential cryptanalysis approach, which considers all the output differences effect under the same input difference.

Usually, the all-in-one differential cryptanalysis is more effective than that only uses one single differential trail. However, when the cipher is non-Markov or its block size is large, it is usually very hard to fully compute. Inspired by Gohr's work, we try to simulate the all-in-one differentials for such non-Markov ciphers through deep learning. As proof of works, we trained several distinguishing attacks following machine learning simulated all-in-one differential approach. We present 8-round differntial distinguishers for Gimli-Hash and Gimli-Cipher, each with trivial complexity. Finally, we explore more on choosing an efficient machine learning model and show a three layer neural network can be used.

We present a methodology for finding minimal number of output shares in $d + 1$ TI by modeling the sharing as set covering problem and using different discrete optimization techniques to find solutions. We demonstrate the results of our technique by providing optimal or near-optimal sharings of several classes of Boolean functions of any degree up to 8 variables, for first and second order TI. These solutions present new lower bounds for the total number of shares for these types of functions

Zero-knowledge proofs of satisfiability of linear equations over a group are often used as a building block of more complex protocols. In particular, in an asymmetric bilinear group we often have two commitments in different sides of the pairing, and we want to prove that they open to the same value. This problem was tackled by González, Hevia and Ràfols (ASIACRYPT 2015), who presented an aggregated proof, in the QA-NIZK setting, consisting of only four group elements. In this work, we present a more efficient proof, which is based on the same assumptions and consists of three group elements. We argue that our construction is optimal in terms of proof size.

This paper tells the origin story of Rescue, a family of cryptographic algorithms in the Marvellous cryptoverse.

A cryptographic framework, called encryption switching protocol (ESP), has been proposed recently, which enables ciphertexts encrypted under \emph{different} schemes to be converted to the same scheme without revealing the plaintexts. This solves a major issue in privacy-preserving applications, in which users can now encrypt their data under different schemes and still be able to process their encrypted data together. In this paper, we propose an improvement to ESP. In particular, we consider the multi-exponentiation with encrypted bases argument ({\sf MEB}) protocol, which is not only the essential component and efficiency bottleneck of ESP, but also has tremendous potential in many applications and can be used to speed up many intricate cryptographic protocols, such as proof of knowledge of a double logarithm. Based on our analysis and experiments, our proposed {\sf MEB} protocol can reduce the communication cost by $36\%$ when compared to the original protocol and reduce the computation cost of the verifier by $20\% - 47\%$ depending on the settings of experimental parameters. This is particularly useful for verifiers with weak computing power. We also provide a formal security proof to confirm the security of the improved {\sf MEB} protocol.

Security and Scalability are two major challenges that IoT is currently facing. Access control to critical IoT infrastructure is considered as top security challenge that IoT faces. Data generated by IoT devices may be driving many hard real time systems, thus it is of utmost importance to guarantee integrity and authenticity of the data and resources at the first place itself. Due to heterogeneous and constrained nature of IoT devices, traditional IoT security frameworks are not able to deliver scalable, efficient and manageable mechanisms to meet the requirements of IoT devices. On the other hand Blockchain technology has shown great potential to bridge the missing gap towards building a truly decentralized, trustworthy, secure and scalable environment for IoT. Allowing access to IoT resources and data managed through Blockchain will provide an additional security layer backed by the strongest cryptographic algorithms available. In this work we present a reputation driven dynamic access control framework for small scale IoT applications based on Proof of Authority Blockchain, we name it as Rep-ACM. In RepACM framework we build two major services, one for Reputation building (for better IoT device behaviour regulations) and other for Misbehaviour detection (for detecting any Misbehaviour on object resource usage). Both of these services work in coordination with other services of proposed framework to determine who can access what and under what conditions access should be granted. For Proof of Concept (PoC) we created private Ethereum network consisting of two Raspberry Pi single board computers, one desktop computer and a laptop as nodes. We configured Ethereum protocol to use Istanbul Byzantine Fault Tolerance (IBFT) as Proof of Authority (PoA) consensus mechanism for performance optimization in constrained environment. We deployed our model on private network for feasibility and performance analysis.

With the ongoing developments in artificial intelligence (AI), big data, and cloud services, fully homomorphic encryption (FHE) is being considered as a solution for preserving the privacy and security in machine learning systems. Currently, the existing FHE schemes are constructed using lattice-based cryptography. In state-of-the-art algorithms, a huge amount of computational resources are required for homomorphic multiplications and the corresponding bootstrapping that is necessary to refresh the ciphertext for a larger number of operations. Therefore, it is necessary to discover a new innovative approach for FHE that can reduce the computational complexity for practical applications. In this paper, we propose a code-based homomorphic operation scheme. Linear codes are closed under the addition, however, achieving multiplicative homomorphic operations with linear codes has been impossible until now. We strive to solve this problem by proposing a fully homomorphic code scheme that can support both addition and multiplication simultaneously using the Reed-Muller (RM) codes. This can be considered as a preceding step for constructing code-based FHE schemes. As the order of RM codes increases after multiplication, a bootstrapping technique is required to reduce the order of intermediate RM codes to accomplish a large number of operations. We propose a bootstrapping technique to preserve the order of RM codes after the addition or multiplication by proposing three consecutive transformations that create a one-to-one relationship between computations on messages and that on the corresponding codewords in RM codes.

FORS is the underlying hash-based few-time signing scheme in SPHINCS+, one of the nine signature schemes which advanced to round 2 of the NIST Post-Quantum Cryptography standardization competition. In this paper, we analyze the security of FORS with respect to adaptive chosen message attacks. We show that in such a setting, the security of FORS decreases significantly with each signed message when compared to its security against non-adaptive chosen message attacks. We propose a chaining mechanism that with slightly more computation, dynamically binds the Obtain Random Subset (ORS) generation with signing, hence, eliminating the oine advantage of adaptive chosen message adversaries. We apply our chaining mechanism to FORS and present DFORS whose security against adaptive chosen message attacks is equal to the non-adaptive security of FORS. In a nutshell, using SPHINCS+-128s parameters, FORS provides 75-bit security and DFORS achieves 150-bit security with respect to adaptive chosen message attacks after signing one message. We note that our analysis does not affect the claimed security of SPHINCS+. Nevertheless, this work provides a better understanding of FORS and other HORS variants and furnishes a solution if new adaptive cryptanalytic techniques on SPHINCS+ emerge.