IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
22 January 2021
Jorai Rijsdijk, Lichao Wu, Guilherme Perin, Stjepan Picek
ePrint ReportIn this paper, we propose to use reinforcement learning to tune the convolutional neural network hyperparameters. In our framework, we investigate the Q-Learning paradigm and develop two reward functions that use side-channel metrics. We mount an investigation on three commonly used datasets and two leakage models where the results show that reinforcement learning can find convolutional neural networks exhibiting top performance while having small numbers of trainable parameters. We note that our approach is automated and can be easily adapted to different datasets. Finally, several of our newly developed architectures outperform the current state-of-the-art results.
Aysajan Abidin, Mohieddine El Soussi, Jac Romme, Pepijn Boer, Dave Singelée, Christian Bachmann
ePrint ReportAmanda Resende, Davis Railsback, Rafael Dowsley, Anderson C. A. Nascimento, Diego F. Aranha
ePrint ReportCarsten Baum, Cyprien Delpech de Saint Guilhem, Daniel Kales, Emmanuela Orsini, Peter Scholl, Greg Zaverucha
ePrint ReportMichiel Van Beirendonck, Jan-Pieter D'Anvers, Ingrid Verbauwhede
ePrint Report20 January 2021
Technology Innovation Institute (TII) - Abu Dhabi, UAE
Job PostingTechnology Innovation Institute - Cryptography Research Centre
In our connected digital world, secure and reliable cryptography is the foundation of digital information security and data integrity. We address the world’s most pressing cryptographic questions. Our work covers post-quantum cryptography, lightweight cryptography, cloud encryption schemes, secure protocols, quantum cryptographic technologies and cryptanalysis.
As a Vulnerability Researcher you will be in charge of:
Must have:
Nice to have:
Closing date for applications:
Contact:
Mehdi Messaoudi
Talent Acquisition Manager
mehdi.messaoudi@tii.ae
More information: https://tii.ae/
Technology Innovation Institute (TII) - Abu Dhabi, UAE
Job PostingTechnology Innovation Institute - Cryptography Research Centre
In our connected digital world, secure and reliable cryptography is the foundation of digital information security and data integrity. We address the world’s most pressing cryptographic questions. Our work covers post-quantum cryptography, lightweight cryptography, cloud encryption schemes, secure protocols, quantum cryptographic technologies and cryptanalysis.
As a Lead Hardware Security Researcher you will be in charge of:
Must have:
Closing date for applications:
Contact:
Mehdi Messaoudi
Talent Acquisition Manager
mehdi.messaoudi@tii.ae
More information: https://tii.ae/
University of Canterbury, School of Mathematics and Statistics, Christchurch, New Zealand
Job PostingClosing date for applications:
Contact: Prof. Felipe Voloch
More information: http://www.math.canterbury.ac.nz/~f.voloch/prospective.html
SPRING Lab, EPFL
Job PostingWe have a postdoc opening in the area of privacy engineering to be hosted at the SPRING Lab @EPFL headed by Carmela Troncoso, working on the design, evaluation, and deployment of privacy-preserving systems.
The postdoc will be collaborating on lab projects oriented to creating new privacy-preserving primitives and integrating them into end-to-end systems. The systems we develop at the lab aim to enable users to enjoy technological advances while minimizing the risks of abuse of the data in the system and the system’s impact on society. Our system design projects are typically in collaboration with a stakeholder with high stakes in protecting their users, such as NGOs, governments, or educational institutions. More information about our research: https://www.epfl.ch/labs/spring/
The position is to be filled as soon as possible
We are also looking for motivated PhD students to build privacy-preserving systems. If you are interested in this position please refer to our doctoral school: https://www.epfl.ch/education/phd/edic-computer-and-communication-sciences/
Next application deadline: April 15 2021
Closing date for applications:
Contact: To apply please follow the instructions here: https://recruiting.epfl.ch/Vacancies/1612/Description/2
For any question please contact Carmela Troncoso
More information: https://recruiting.epfl.ch/Vacancies/1612/Description/2
19 January 2021
Queen’s University Belfast
Job PostingClosing date for applications:
Contact: You must clearly demonstrate how you meet the criteria when you submit your application. For further information please contact Resourcing Team, Queen's University Belfast, BT7 1NN. Telephone (028) 9097 3044 or email resourcing@qub.ac.uk.
More information: https://hrwebapp.qub.ac.uk/tlive_webrecruitment/wrd/run/ETREC107GF.open?VACANCY_ID=867106E9Ng&WVID=6273090Lgx&LANG=USA
University of Lyon, Saint-Etienne, France
Job PostingClosing date for applications:
Contact: To apply please send your detailed CV (with publication list), motivation for applying (1 page) and names of at least two persons who can provide reference letters (e-mail). Contact: Prof. Lilian BOSSUET lilian.bossuet(at)univ-st-etienne.fr
More information: https://laboratoirehubertcurien.univ-st-etienne.fr/en/teams/secure-embedded-systems-hardware-architectures.html.
Huawei International, Singapore
Job Posting
Qualifications:
Closing date for applications:
Contact: Dr. Cheng-Kang Chu (chu.cheng.kang@huawei.com)
More information: https://www.dropbox.com/s/7theyk6o0gl8254/Security-Researcher.pdf?dl=0
18 January 2021
Mohamed Fadl Idris, Je Sen Teh, Jasy Liew Suet Yan, Wei-Zhu Yeoh
ePrint ReportDorin-Marian Ionita, Emil Simion
ePrint ReportIndex Termselliptic curves, cryptography, diffie-hellman, FPGA, hardware security, high level synthesis
Peter Pessl, Lukas Prokop
ePrint ReportInterestingly, many of these KEMs exhibit structural similarities. They can be seen as variants of the encryption scheme of Lyubashevsky, Peikert, and Rosen, and employ the Fujisaki-Okamoto transform (FO) to achieve CCA2 security. The latter involves re-encrypting a decrypted plaintext and testing the ciphertexts for equivalence. This corresponds to the classic countermeasure of computing the inverse operation and hence prevents many fault attacks.
In this work, we show that despite this inherent protection, practical fault attacks are still possible. We present an attack that requires a single instruction-skipping fault in the decoding process, which is run as part of the decapsulation. After observing if this fault actually changed the outcome (effective fault) or if the correct result is still returned (ineffective fault), we can set up a linear inequality involving the key coefficients. After gathering enough of these inequalities by faulting many decapsulations, we can solve for the key using a bespoke statistical solving approach. As our attack only requires distinguishing effective from ineffective faults, various detection-based countermeasures, including many forms of double execution, can be bypassed.
We apply this attack to Kyber and NewHope, both of which belong to the aforementioned class of schemes. Using fault simulations, we show that, e.g., 6,500 faulty decapsulations are required for full key recovery on Kyber512. To demonstrate practicality, we use clock glitches to attack Kyber running on a Cortex M4. As we argue that other schemes of this class, such as Saber, might also be susceptible, the presented attack clearly shows that one cannot rely on the FO transform's fault deterrence and that proper countermeasures are still needed.
Monir Azraoui, Solenn Brunet, Sébastien Canard, Aïda Diop, Lélia Eveillard, Alicia Filipiak, Adel Hamdi, Flavie Misarsky, Donald Nokam Kuate, Marie Paindavoine, Quentin Santos, Bastien Vialla
ePrint ReportCYBERCRYPT is a collaborative and educational game that allows people to understand basic cryptographic mechanisms. It allows to discover from the oldest techniques (Scytale, Caesar and Vernam's encryption, Enigma machine) to most recent ones, currently implemented in our daily transactions (electronic signature, key exchange, etc.).
CYBERCRYPT allows, through several rich and comprehensive workshops, to discover the different techniques used in cryptography, and also highlights the crucial importance of cryptography to protect our digital daily life.
Dominique Unruh
ePrint ReportAs an application of our technique, we show the collision-resistance of the sponge construction based on invertible permutations. In particular, this shows the collision-resistance of SHA3 (in the random oracle model).
Ştefan Maftei, Marius Supuran, Emil Simion
ePrint ReportRan Canetti, Rosario Gennaro, Steven Goldfeder, Nikolaos Makriyannis, Udi Peled
ePrint Report* Only the last round of our protocols requires knowledge of the message, and the other rounds can take place in a preprocessing stage, lending to a non-interactive threshold ECDSA protocol.
* Our protocols withstand adaptive corruption of signatories. Furthermore, they include a periodic refresh mechanism and offer full proactive security.
* Our protocols realize an ideal threshold signature functionality within the UC framework, in the global random oracle model, assuming Strong RSA, DDH, semantic security of the Paillier encryption, and a somewhat enhanced variant of existential unforgeability of ECDSA.
* Both protocols achieve accountability by identifying corrupted signatories in case of failure to generate a valid signature.
The protocols provide a tradeoff between the number of rounds to generate a signature and the computational and communication overhead for the identification of corrupted signatories. Namely:
* For one protocol, signature generation takes only 4 rounds (down from the current state of the art of 8 rounds), but the identification process requires computation and communication that is quadratic in the number of parties.
* For the other protocol, the identification process requires computation and communication that is only linear in the number of parties, but signature generation takes 7 rounds.
These properties (low latency, compatibility with cold-wallet architectures, proactive security, identifiable abort and composable security) make the two protocols ideal for threshold wallets for ECDSA-based cryptocurrencies.