International Association
for Cryptologic Research

To support our growth and in order to strengthen our team, we are looking for an Embedded Cryptographic Software Engineer (M/F). You will be based in Singapore and participate in the development of the Secure-IC portfolio of secure solutions. Missions consist in:

• Ensuring the various phases of specifications for applications embedding cryptography
• C and C++ programming and testing
• Integration and validation on target embedded microprocessor. (knowledge of ARM processors is preferable)
• Developing non-regression tests along with benchmarking tests
• Bringing innovative ideas to improve our products, the quality of deliveries and development processes
• Delivery of customers projects (consulting and training)

Requirements:

• Embedded software development engineer with 5 years minimum experience in an equivalent position
• First experience in the field of automotive: CAN bus, automotive Ethernet
• Master’s degree (or higher) in Computer Science, Mathematics or similar field
• Proficiency in C/C++ language and assembly skills
• Knowledge of ARM processors, development for security and safety
• Proficiency in English
• Knowledge of cryptography
• Excellent communication skills
• Ability to work in a team
• Outstanding analytical and problem-solving skills

  Closing date for applications:

  Contact: Sylvain Guilley

The Cryptography and Privacy Engineering Group (ENCRYPTO) @Department of Computer Science @Technical University of Darmstadt offers a full position for a Doctoral Researcher (Research Assistant/PhD Student) in Cryptography & Privacy Engineering, available immediately and for up to 3 years with the possibility of extension.

Our mission is to demonstrate that privacy can be efficiently protected in real-world applications via cryptographic protocols.

TU Darmstadt is a top research university for IT security, cryptography and computer science in Europe. The position is based in the City of Science Darmstadt, which is very international, livable and well-connected in the Rhine-Main area around Frankfurt. Initially, no knowledge of German is necessary and TU Darmstadt offers corresponding support.

Job description

As doctoral researcher @ENCRYPTO, you conduct research, build prototype implementations, and publish and present the results at top venues. You will also participate in teaching and supervise thesis students and student assistants. The position is co-funded by the ERC Starting Grant “Privacy-preserving Services on the Internet” (PSOTI), where we build privacy-preserving services on the Internet, which includes designing protocols for privately processing data among untrusted service providers using secure multi-party computation and implementing a scalable framework.

Your profile

• Completed Master's degree (or equivalent) at a top university with excellent grades in IT security, computer science, applied mathematics, electrical engineering, or a similar area.
• Extensive knowledge in applied cryptography/IT security and excellent software development skills.
• Additional knowledge in cryptographic protocols (ideally secure computation) is a plus.
• You are self-motivated, reliable, creative, can work independently, and want to do excellent research on challenging scientific problems with practical relevance.
• The working language at ENCRYPTO is English, so you must be able to discuss/write/present scientific results in English, whereas German is not required.

no application deadline

Closing date for applications:

Contact: Thomas Schneider (schneider@encrypto.cs.tu-darmstadt.de)

More information: https://encrypto.de/PHD-STUDENT

The Institute of Distributed Systems at Ulm University is searching for enthusiastic PostDoc and Ph.D.-level researchers who are expected to support and strengthen our research activities in the area of security and privacy in vehicular networking and automotive systems. You will contribute to ongoing projects, as well as new project proposals. As PostDoc, you will also be involved in project management and support the supervision of PhD candidates.

The ideal candidate for the PostDoc position has a Ph.D. degree in computer science, or a closely related discipline, from an internationally-renowned university, a strong background in system security with focus on vehicular security and privacy, documented by high-quality publications, and a strong motivation to become part of our team.
For Ph.D.-level researchers, we require a M.Sc. degree in computer science, or a closely related discipline, from an internationally-renowned university with a visible focus in system security.
Proficient knowledge of written and spoken English is required for both positions. Conversational German skills are a substantial advantage.
We are one of the leading research groups in vehicular security and privacy. Our group and university offer a unique environment for automotive-related research with excellent facilities and highly competitive salary. Automotive technologies are a priority area at Ulm University, and many research groups are active in fields like vehicle-driver interaction and automated driving. Being situated in Southern Germany between Stuttgart and Munich, we are located in the right heart of German car industry in one of the strongest economic regions in Europe. We have strong ties with companies like Daimler, Audi, BMW, and Bosch and many of those companies have research or development labs at our campus.

For more information visit:
https://www.uni-ulm.de/in/vs/inst/offene-stellen/postdoc-and-phd-level-researchers-vehicular-security-privacy/

Closing date for applications:

Contact: Prof. Dr. Frank Kargl (vs-jobs@uni-ulm.de)

More information: https://www.uni-ulm.de/in/vs/inst/offene-stellen/postdoc-and-phd-level-researchers-vehicular-security-privacy/

Guessing entropy is a common choice for a side-channel analysis metric, and it represents the average rank position of a key candidate among all possible key guesses. In the profiled side-channel analysis, the guessing entropy behavior can be very informative about the trained or profiled model. However, to achieve reliable conclusions about the profiled model's performance, guessing entropy behavior should be stable to avoid misleading conclusions in the attack phase.

In this work, we investigate this problem of misleading conclusions from the entropy behavior, and we define two new concepts, simple and generalized guessing entropy. We demonstrate that the first one needs only a limited amount of attack traces but can lead to wrong interpretations about leakage detection. The second concept requires a large (sometimes unavailable) amount of attack traces, but it represents the optimal way of calculating guessing entropy. To quantify the profiled model's learnability, we first define a leakage distribution metric to estimate the underlying leakage model. This metric, together with the generalized guessing entropy results for all key candidates, can estimate the leakage learning or detection when a necessary amount of attack traces are available in the attack phase. By doing so, we provide a tight estimation of profiled side-channel analysis model learnability. We confirm our observations with a number of experimental results.

Event date: 21 October to 23 October 2020
Submission deadline: 11 August 2020
Notification: 17 September 2020

The Applied Crypto Group of the University of Luxembourg has multiple post-doc positions, funded by the H2020 ERC programme.

Possible topics of interests are:

• fully homomorphic encryption and multilinear maps
• public-key cryptanalysis
• side channel attacks and countermeasures
• white-box cryptography
• blockchain applications

Candidates must have a Ph.D. degree in cryptography or related field. The duration of the positions is 2.5 years. The post-docs will be members of the Security and Trust (SnT) research center from the University of Luxembourg (>200 researchers in all aspects of IT security). We offer a competitive salary (about 60,000 euro/year).

Deadline for application: September 15th, 2020.

Closing date for applications:

Contact: Jean-Sebastien Coron: jean-sebastien.coron@uni.lu

More information: http://www.crypto-uni.lu/vacancies.html

This work presents new speed records for XMSS (RFC 8391) signature verification on embedded devices. For this we make use of a probabilistic method recently proposed by Perin, Zambonin, Martins, Custodio, and Martina (PZMCM) at ISCC 2018, that changes the XMSS signing algorithm to search for fast verifiable signatures. We improve the method, ensuring that the added signing cost for the search is independent of the message length. We provide a statistical analysis of the resulting verification speed and support it by experiments. We present a record setting RFC compliant implementation of XMSS verification on the ARM Cortex-M4. At a signing time of about one minute on a general purpose CPU, we create signatures that are verified about $1.44$ times faster than traditionally generated signatures. Adding further implementation optimizations to the verification algorithm we reduce verification time by over a factor two from $13.85$ million to $6.56$ million cycles.

In contrast to previous works, we provide a detailed security analysis of the resulting signature scheme under classical and quantum attacks that justifies our selection of parameters. On the way, we fill a gap in the security analysis of XMSS as described in RFC 8391 proving that the modified message hashing in the RFC does indeed mitigate multi-target attacks. This was not shown before and might be of independent interest.

In our daily lives we constantly use and trust Public-Key Cryptography to exchange keys over insecure communication channels. With the development and progress in the research field of quantum computers, well established schemes like RSA and ECC are more and more threatened. The urgent demand to find and standardize new schemes – which are secure in a post-quantum world – was also realized by the National Institute of Standards and Technology which announced a Post-Quantum Cryptography Standardization Project in 2017. Currently, this project is in the third round and one of the submitted candidates is the Key Encapsulation Mechanism scheme BIKE.

In this work we investigate different strategies to efficiently implement the BIKE algorithm on FPGAs. To this extend, we improve already existing polynomial multipliers, propose efficient strategies to realize polynomial inversions, and implement the Black-Gray-Flip decoder for the first time. Additionally, our implementation is designed to be scalable and generic with the BIKE specific parameters. All together, the fastest designs achieve latencies of 2.69 ms for the key generation, 0.1 ms for the encapsulation, and 104.04 ms for the decapsulation considering the first security level.

Fault Injection (FI) attacks have become a practical threat to modern cryptographic implementations. Such attacks have recently focused more on exploitation of implementation-centric and device-specific properties of the faults. In this paper, we consider the parallel between SCA attacks and FI attacks; specifically, that many FI attacks rely on the data-dependency of activation and propagation of a fault, and SCA attacks similarly rely on data-dependent power usage. In fact, these are so closely related that we show that existing SCA attacks can be directly applied in a purely FI setting, by translating power FI results to generate FI 'probability traces' as an analogue of power traces. We impose only the requirements of the equivalent SCA attack (e.g., knowledge of the input plaintext for CPA on the first round), along with a way to observe the status of the target (whether or not it has failed and been "muted" after a fault). We also analyse existing attacks such as Fault Template Analysis in the light of this parallel, and discuss the limitations of our methodology.

To demonstrate that our attacks are practical, we first show that SPA can be used to recover RSA private exponents using FI attacks. Subsequently, we show the generic nature of our attacks by performing DPA on AES after applying FI attacks to several different targets (with AVR, 32-bit ARM and RISC-V CPUs), using different software on each target, and do so with a low-cost (i.e., less than $50) power fault injection setup. We call this technique Fault Correlation Analysis (FCA), since we perform CPA on fault probability traces. To show that this technique is not limited to software, we also present FCA results against the hardware AES engine supported by one of our targets. Our results show that even without access to the ciphertext (e.g., where an FI redundancy countermeasure is in place, or where ciphertext is simply not exposed to an attacker in any circumstance) and in the presence of jitter, FCA attacks can successfully recover keys on each of these targets.

This paper extends an abstract formal model of UTxO-based and account-based transactions to allow the creation and use of multiple cryptocurrencies on a single ledger. The new model also includes a general framework to establish and enforce monetary policies for created currencies. In contrast to alternative approaches, all currencies in this model exist natively on the ledger and do not necessarily depend on a main currency. In comparison to non-native approaches based on scripts and smart contracts, native currencies allow smaller transactions that can be more efficiently processed and can be moved between chains through a sidechain approach.

Broadcast (BC) is a crucial ingredient for many protocols in distributed computing and cryptography. In this paper we study its communication complexity against an adversary that controls a majority of the parties. In this setting, all known protocols either exhibit a communication complexity of more than $O(n^3)$ bits (where $n$ is the number of parties) or crucially rely on a trusted party to generate cryptographic keys before the execution of the protocol. We give the first protocol for BC that achieves $\tilde O(n^2 \cdot \kappa)$ bits of communication (where $\kappa$ is the security parameter) under a dishonest majority and minimal cryptographic setup assumptions, i.e., where no trusted setup is required and parties just need to generate their own cryptographic keys. Our protocol is randomized and combines the classic Dolev-Strong protocol with network gossiping techniques to minimize communication. Our analysis of the main random process employs Chernoff bounds for negatively-associated variables and might be of independent interest.

This article presents a proposal for an asymmetric white-box scheme. While symmetric white-box is a well studied topic (in particular for AES white-box) with a rich literature, there is almost no public article on the topic of asymmetric white-box. However, asymmetric white-box designs are used in practice by the industry and are a real challenge. Proprietary implementations can be found in the wild but are usually heavily obfuscated and their design is not public, which makes their study impractical. The lack of public research on that topic makes it hard to assess the security of those implementations and can cause serious security issues. Our main contribution is to bring a public proposal for an asymmetric white-box scheme. Our proposal is a lattice-based cryptographic scheme that combines classical white-box techniques and arithmetic techniques to offer resilience to the white-box context. In addition, thanks to some homomorphic properties of our scheme, we use homomorphic encoding techniques to increase the security of our proposal in a white-box setting. The resulting scheme successfully performs a decryption function without exposing its secret key while its weight remains under 20 MB. While some of our techniques are designed around specific characteristics of our proposal, some of them may be adapted to other asymmetric cryptosystems. Moreover, those techniques can be used and improved in a less restrictive model than the white-box one: the grey-box model. This proposal aims to raise awareness from the research community on the study of asymmetric white-box cryptography.

Fault Template Attack (FTA) is a recently proposed class of fault attacks, which exploits the fact that activation and propagation of a fault through combinational logic is data-dependent. Even at the presence of masking and state-of-the-art fault countermeasures, FTA can perform key recovery even at the middle rounds of block ciphers without any access to the ciphertexts. The templates can combine information from different fault locations and cipher executions. This capability of templates is quite powerful and may lead to stronger attacks. In this paper, we enhance the FTA attacks by considering side-channel in- formation during fault injection. Some of the recently proposed combined countermeasures against Statistical Ineffective Fault Analysis (SIFA) and Side-Channel Attack (SCA) fall prey against FTA after this enhance- ment. The success of the proposed attacks stem from some non-trivial fault propagation properties of S-Boxes, which remained unexplored in the original FTA proposal. We also relax the fault model to some extent from that of the original FTA. The proposed attacks are validated on the hardware implementation of a masked χ 3 S-Box through gate-level power trace simulation, establishing its practicality and efficacy.

To mitigate side-channel attacks, real-world implementations of public-key cryptosystems adopt state-of-the-art countermeasures based on randomization of the private or ephemeral keys. Usually, for each private key operation, a "scalar blinding" is performed using 32 or 64 randomly generated bits. Nevertheless, horizontal attacks based on a single trace still pose serious threats to protected ECC or RSA implementations. If the secrets learned through a single-trace attack contain too many wrong (or noisy) bits, the cryptanalysis methods for recovering remaining bits become impractical due to time and computational constraints. This paper proposes a deep learning-based framework to iteratively correct partially correct secret keys resulting from a clustering-based horizontal attack. By testing the trained network on scalar multiplication (or exponentiation) traces, we demonstrate that a deep neural network can significantly reduce the number of error bits from randomized scalars (or exponents). When a simple horizontal attack can recover around 52% of private key bits, the proposed iterative framework improves the private key correctness to 100%. Our attack model remains fully unsupervised and excludes the need to know where the error or noisy bits are located in each separate randomized private key.

Application of masking, known as the most robust and reliable countermeasure to side-channel analysis attacks, on various cryptographic algorithms has dedicated a lion’s share of research to itself. The difficulty originates from the fact that the overhead of application of such an algorithmic-level countermeasure might not be affordable. This includes the area- and latency overheads as well as the amount of fresh randomness required to fulfill the security properties of the resulting design. There are already techniques applicable in hardware platforms which consider glitches into account. Among them, classical threshold implementations force the designers to use at least three shares in the underlying masking. The other schemes, which can deal with two shares, often necessitates the use of fresh randomness. Here, in this work, we present a technique allowing us to use two shares to realize the first-order glitch-extended probing secure masked realization of several functions including the Sbox of Midori, PRESENT, PRINCE, and AES ciphers without any fresh randomness.

An affine determinant program ADP: {0,1}^n → {0,1} is specified by a tuple (A,B_1,...,B_n) of square matrices over F_q and a function Eval: F_q → {0,1}, and evaluated on x \in {0,1}^n by computing Eval(det(A + sum_{i \in [n]} x_i B_i)).

In this work, we suggest ADPs as a new framework for building general-purpose obfuscation and witness encryption. We provide evidence to suggest that constructions following our ADP-based framework may one day yield secure, practically feasible obfuscation.

As a proof-of-concept, we give a candidate ADP-based construction of indistinguishability obfuscation (iO) for all circuits along with a simple witness encryption candidate. We provide cryptanalysis demonstrating that our schemes resist several potential attacks, and leave further cryptanalysis to future work. Lastly, we explore practically feasible applications of our witness encryption candidate, such as public-key encryption with near-optimal key generation.

Physical Unclonable Functions (PUFs) are used in various key-generation schemes and protocols. Such schemes are deemed to be secure even for PUFs with challenge-response behavior, as long as no responses and no reliability information about the PUF are exposed. This work, however, reveals a pitfall in these con- structions: When using state-of-the-art helper data algorithms to correct noisy PUF responses, an attacker can exploit the publicly accessible helper data and challenges. We show that with this public information and the knowledge of the underlying error correcting code, an attacker can break the security of the system: The redundancy in the error correcting code reveals machine learnable features and labels. Learning these features and labels results in a predictive model for the dependencies between different challenge-response pairs (CRPs) without direct access to the actual PUF response. We provide results based on simulated data of a k-SUM PUF model and an Arbiter PUF model. The analysis reveals that especially the frequently used repetition code is vulnerable: Already the observation of 800 challenges and helper data bits suffices to reduce the entropy of the key down to one bit in this case. The analysis also shows that even other linear block codes like the BCH, the Reed-Muller, or the Single Parity Check code are affected by the problem. The code dependent insights we gain from the analysis allow us to suggest mitigation strategies for the identified attack. While the shown vulnerability brings Machine Learning (ML) one step closer to realistic attacks on key-storage systems with PUFs, our analysis also allows for a better understanding and evaluation of existing approaches and protocols with PUFs. Therefore, it brings the community a step further towards a more complete leakage assessment of PUFs.

Software updates for blockchain systems become a real challenge when they impact the underlying consensus mechanism. The activation of such changes might jeopardize the integrity of the blockchain by resulting in chain splits. Moreover, the software update process should be handed over to the community and this means that the blockchain should support updates without relying on a trusted party. In this paper, we introduce the notion of updatable blockchains and show how to construct blockchains that satisfy this definition. Informally, an updatable blockchain is a secure blockchain and in addition it allows to update its protocol preserving the history of the chain. In this work, we focus only on the processes that allow securely switching from one blockchain protocol to another assuming that the blockchain protocols are correct. That is, we do not aim at providing a mechanism that allows reaching consensus on what is the code of the new blockchain protocol. We just assume that such a mechanism exists (like the one proposed in NDSS 2019 by Zhang et. al), and show how to securely go from the old protocol to the new one. The contribution of this paper can be summarized as follows. We provide the first formal definition of updatable ledgers and propose the description of two compilers. These compilers take a blockchain and turn it into an updatable blockchain. The first compiler requires the structure of the current and the updated blockchain to be very similar (only the structure of the blocks can be different) but it allows for an update process more simple, efficient. The second compiler that we propose is very generic (i.e., makes few assumptions on the similarities between the structure of the current blockchain and the update blockchain). The drawback of this compiler is that it requires the new blockchain to be resilient against a specific adversarial behaviour and requires all the honest parties to be online during the update process. However, we show how to get rid of the latest requirement (the honest parties being online during the update) in the case of proof-of-work and proof-of-stake ledgers.

Revocable identity-based encryption (RIBE) is an extension of IBE with an efficient key revocation mechanism. Revocable hierarchical IBE (RHIBE) is its further extension with key delegation functionality. Although there are various adaptively secure pairing-based RIBE schemes, all known hierarchical analogs only satisfy selective security. In addition, the currently known most efficient adaptively secure RIBE and selectively secure RHIBE schemes rely on non-standard assumptions, which are referred to as the augmented DDH assumption and $q$-type assumptions, respectively. In this paper, we propose a simple but effective design methodology for RHIBE schemes. We provide a generic design framework for RHIBE based on an HIBE scheme with a few properties. Fortunately, several state-of-the-art pairing-based HIBE schemes have the properties. In addition, our construction preserves the sizes of master public keys, ciphertexts, and decryption keys, as well as the complexity assumptions of the underlying HIBE scheme. Thus, we obtain the first RHIBE schemes with adaptive security under the standard $k$-linear assumption. We prove adaptive security by developing a new proof technique for RHIBE. Due to the compactness-preserving construction, the proposed R(H)IBE schemes have similar efficiencies to the most efficient existing schemes.

The advent of decentralized trading markets introduces a number of new challenges for consensus protocols. In addition to the 'usual' attacks - a subset of the validators trying to prevent disagreement -- there is now the possibility of financial fraud, which can abuse properties not normally considered critical in consensus protocols. We investigate the issues of attackers manipulating or exploiting the order in which transactions are scheduled in the blockchain. More concretely, we look into relative order fairness, i.e., ways we can assure that the relative order of transactions is fair. We show that one of the more intuitive definitions of fairness is impossible to achieve. We then present Wendy, a group of low overhead protocols that can implement different concepts of fairness. Wendy acts as an aditional widget for an existing blockchain, and is largely agnostic to the underlying blockchain and its security assumptions. Furthermore, it is possible to apply a the protocol only for a subset of the transactions, and thus run several independent fair markets on the same chain.