International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News

Here you can see all recent updates to the IACR webpage. These updates are also available:

email icon
via email
RSS symbol icon
via RSS feed

24 February 2021

Yaroslav Balytskyi, Manohar Raavi, Anatoliy Pinchuk, Sang-Yoon Chang
ePrint Report ePrint Report
Quantum Key Distribution or QKD provides symmetric key distribution using the quantum mechanics/channels with new security properties. The security of QKD relies on the difficulty of the quantum state discrimination problem. We discover that the recent developments in PT symmetry can be used to expedite the quantum state discrimination problem and therefore to attack the BB84 QKD scheme. We analyze the security of the BB84 scheme and show that the attack significantly increases the eavesdropping success rate over the previous Hermitian quantum state discrimination approach. We design and analyze the approaches to attack BB84 QKD protocol exploiting an extra degree of freedom provided by the PT-symmetric quantum mechanics.
Expand
Hamidreza Amini Khorasgani, Hemanta K. Maji, Hai H. Nguyen
ePrint Report ePrint Report
Noise, which cannot be eliminated or controlled by parties, is an incredible facilitator of cryptography. For example, highly efficient secure computation protocols based on independent samples from the doubly symmetric binary source (BSS) are known. A modular technique of extending these protocols to diverse forms of other noise without incurring any loss of round and communication complexity is the following strategy. Parties, beginning with multiple samples from an arbitrary noise source, non-interactively, albeit, securely, simulate the BSS samples. After that, they can use custom-designed efficient multi-party solutions for BSS.

Khorasgani, Maji, and Nguyen (EPRINT--2020) introduce the notion of secure non-interactive simulation (SNIS) as a natural cryptographic extension of concepts like non-interactive simulation and non-interactive correlation distillation in theoretical computer science and information theory. In SNIS, the parties apply local reduction functions to their samples to produce the samples of another distribution. This work studies the decidability problem of whether a sample from the noise $(X,Y)$ can securely and non-interactively simulate BSS samples. As is standard in analyzing non-interactive simulations, our work relies on Fourier analytic techniques to approach this decidability problem. Our work begins by algebraizing the simulation-based security definition of SNIS. Then, using this algebraized definition of security, we analyze the properties of the Fourier spectrum of the reduction functions.

Given $(X,Y)$ and BSS with parameter $\epsilon$, our objective is to distinguish between the following two cases. (A) Does there exist a SNIS from BSS$(\epsilon)$ to $(X,Y)$ with $\delta$-insecurity? (B) Do all SNIS from BSS$(\epsilon)$ to $(X,Y)$ incur $\delta'$-insecurity, where $\delta'>\delta$? We prove that there exists a bounded computable time algorithm achieving this objective for the following cases. (1) $\delta=\bigO{1/n}$ and $\delta'=$ positive constant, and (2) $\delta=$ positive constant, and $\delta'=$ another (larger) positive constant. We also prove that $\delta=0$ is achievable only when $(X,Y)$ is another BSS, where $(X,Y)$ is an arbitrary distribution over $\minusoo\times\minusoo$. Furthermore, given $(X,Y)$, we provide a sufficient test determining if simulating BSS samples incurs a constant-insecurity, irrespective of the number of samples of $(X,Y)$.

Technically, our work proceeds by demonstrating that the weight of the Fourier spectrum of the reduction functions is at most $\bigO{\delta}$ on higher-order components, where $\delta$ is the insecurity of the SNIS.
Expand

23 February 2021

National Yunlin University of Science and Technology, Douliou, Yunlin County, Taiwan
Job Posting Job Posting

Keywords: Post-quantum cryptography, multivariate cryptography, multi-party computation, cryptographic protocols.

National Yunlin University of Science and Technology, Douliou, Yunlin County, Taiwan. YUNTECH is looking forward to recruiting young, talented and self-motivated students on two Ph.D. positions at PhD program of “Electrical Engineering and Computer Science” and “Information Management” to work on any of the following areas of applied cryptography under the supervision of Dr. Saru Kumari. Dr. Saru Kumari will join YUNTECH on 1st August 2021.

    Design of post-quantum cryptographic protocols
    Software and hardware implementation of post-quantum cryptographic protocols
    Multi-party computation
    Cryptographic protocols and their implementation
    Privacy-preserving cryptographic protocols for cloud/edge/fog computing
    Multivariate cryptographic protocols
Requisites for Ph.D. students:
    A bachelor & master degree in Computer Science/Information Security
    Strong mathematical background
    Proficient written and verbal communication skills in English
    Basic knowledge of blockchain technology
    Elementary knowledge of crypto-currencies and their security

What we provide: As one of the best engineering and technology universities, YUNTECH provides students with excellent academic and practical training, an excellent research environment, and strong supervision by world-class scholars. We help graduates to develop their career in information and telecommunication industry and semiconductor industry, the outstanding industry of Taiwan in the world. Students recommended by Dr Kumari will get a full tuition waiver and a monthly stipend.

How to apply:
    CV (highlighting their interests and strengths)
    Transcripts
    via email with the subject line:- “Application for Ph.D. in applied cryptography at YUNTECH”, to Dr Saru Kumari at saryusiirohi@gmail.com keeping cc Hsin-I Huang (Sandy) at hsinyier@yuntech.edu.tw

        Application guide: https://reurl.cc/qmLgbg

        Application deadline: May 21, 2021.

      Closing date for applications:

      Contact: Dr Saru Kumari at saryusiirohi@gmail.com keeping cc Hsin-I Huang (Sandy) at hsinyier@yuntech.edu.tw

      More information: https://eng.yuntech.edu.tw/

Expand
Villanova University, Philadelphia, PA, USA
Job Posting Job Posting
There is one Ph.D. position opening at Dr. Jiafeng Harvest Xie's research group at the Department of Electrical and Computer Engineering of Villanova University, Villanova, PA (west of Philadelphia), USA. The research topics of this position primarily focused on cryptanalysis of the post-quantum cryptosystems. Interested ones are warmly welcomed to send their resume/CV to Dr. Xie through email: jiafeng.xie@villanova.edu

Requirements: preferred to be at the majors of Cryptography, Mathematics, Computer Science, Computer Engineering, Electrical Engineering and related others. Familiar with cryptanalysis and fault attack/detection will be desirable. Proficiency in programming languages such as C/C++ etc. Good at English communication and writing. Great enthusiasm of doing research oriented tasks. Excellent team work member.

Degree: both B.S. and M.S. graduates or similar are warmly welcomed to apply. Start date: Fall 2021. It is always better to apply as early as possible. Positions are open until they are filled.

The 2021 U.S. News & World Report ranks Villanova as tied for the 53th best National University in the U.S (Famous Alumni includes the Current First Lady of the United States, etc.).

Brief introduction of Dr. Xie: Dr. Jiafeng Harvest Xie is currently an Assistant Professor at the Department of Electrical and Computer Engineering of Villanova University. His research interests include cryptographic engineering, hardware security, and VLSI digital design. He is the Best Paper Awardee of IEEE HOST 2019. He has served the Associate Editor for Microelectronics Journal, IEEE Access, and IEEE Trans. Circuits and Systems II. He has also been awarded the 2019 IEEE Access Outstanding Associate Editor.

Closing date for applications:

Contact: Jiafeng Xie

More information: https://www1.villanova.edu/villanova/engineering/departments/ece/facultyStaff/biodetail.html?mail=jiafeng.xie@villanova.edu&xsl=bio_long

Expand
IRISA, Rennes, France
Job Posting Job Posting
We aim to analyze and protect post-quantum schemes against side-channel attacks (starting with code-based cryptosystems), in particular implementations submitted to NIST. Having found flaws in these implementations, we will design countermeasures at the compilation (assembly language) level, to appropriately harden the code while preserving the algorithm. During the project, the candidate will work on countermeasures specific to post-quantum schemes and their actual implementation at the compilation level. More than the binaries, the methodology, the tools, and the solutions to various faced practical issues will be of great interest to the community. Depending on the background and interests of the candidate, we are open to adjustments to the research strategies.

Requirements:

  • PhD in related research areas
  • integration into the research environment
  • willingness to supervise Ph.D. student(s)
  • motivation to publish in A/A∗conferences

    Closing date for applications:

    Contact: Annelie Heuser, annelie.heuser@irisa.fr

  • Expand
    Kudelski Security, Switzerland and USA
    Job Posting Job Posting

    Kudelski Security, a division of the Kudelski Group, is an innovative, independent Swiss provider of tailored cyber and media security solutions to enterprises and public sector institutions. Founded in 2012, Kudelski Security is headquartered in Phoenix, Arizona and Cheseaux-sur-Lausanne, Switzerland, and has offices all around the globe. For more information, please visit: www.kudelskisecurity.com

    The Kudelski Security Research Team is looking for one (or more) researchers experienced with cryptography. You’ll join a multi-disciplinary team with members focused on cutting edge areas such as cryptography, quantum security, privacy preserving technologies, and AI security just to name a few. The position can be on-site or remote, and includes attractive salary and benefits depending on your seniority level.

    Principal Duties:

  • A 50% split between activities generating revenue and research
  • Security audit of source code and architecture of cryptographic implementations
  • Create viable research projects from your own ideas or from other researchers and engineers
  • Identify areas of interest for further research and development
  • Create new intellectual property
  • Manage the lifecycle of research projects
  • Represent Kudelski Security in public forums (blogs, conferences, journals) through original publications
  • Mentor team members in your area

    Required:

  • Proven experience demonstrating knowledge of cryptography (such as blog posts, published source code, academic papers, etc.)
  • At minimum Bachelor’s degree in computer science, computer engineering, information security or related field of study
  • Good knowledge of a modern programming language such as Go, Rust, Python as well as C/C++
  • Comfortable reading code developed in multiple programming languages
  • 5+ years of experience in cybersecurity, research, or applied cryptography
  • Strong written and verbal communication skills in English
  • Ability to interface effectively with customers and internal stakeholders

    For further information: https://careers.nagra.com/?page=adverti

    Closing date for applications:

    Contact: tommaso.gagliardoni@kudelskisecurity.com

    More information: https://careers.nagra.com/?page=advertisement_display&id=11828

  • Expand
    Lucerne University of Applied Sciences and Arts, Rotkreuz, Switzerland
    Job Posting Job Posting
    We are seeking a research associate to work research projects in IT security and practical aspects of quantum cryptography. This position is part of the Swiss National Science Foundation Practice-to-Science grant “Quantum cryptography in practice”. Candidates should have good software engineering skills and a strong background in IT security and/or cryptography; knowledge in quantum information advantageous. Both junior and more senior candidates are considered. For junior candidates, there exists the possibility to combine the employment with enrollment in a study-programm towards a Master of Science in Engineering (MSE) Further information and an online application form please check the link above.

    Closing date for applications:

    Contact: Dr. Esther Hänggi

    More information: https://recruitingapp-2678.umantis.com/Vacancies/2063/Description/1

    Expand
    Lucerne University of Applied Sciences and Arts, Rotkreuz, Switzerland
    Job Posting Job Posting
    We are seeking a highly motivated PhD student to work on practical aspects of quantum cryptography. The position is part of the Swiss National Science Foundation Practice-to-Science grant “Quantum cryptography in practice”. This project investigates practical quantum key distribution and quantum random number generation protocols, analyzes their security and develops secure and efficient alternative protocols. It devises methods to assess and quantify the quality and “quantumness” of quantum random number generators. The PhD student will be employed and hosted at the Lucerne School of Computer Science and Information Technology in Roktkreuz, Switzerland and will be enrolled in the doctoral programm of ETH Zurich. For further information and an online application form please use the link above.

    Closing date for applications:

    Contact: Dr. Esther Hänggi

    More information: https://recruitingapp-2678.umantis.com/Vacancies/2062/Description/1

    Expand
    University of St. Gallen, School of Computer Science, Switzerland
    Job Posting Job Posting
    We are looking for a bright and motivated research engineer in the area of cryptography, security and privacy to join the team of Prof. Mitrokotsa at the cybersecurity chair (Univ. of St. Gallen). As a research engineer in the Cyber Security chair you will establish and work in a state-of-the-art IoT (Internet of Things) lab with smart devices (ranging from Raspberry Pi's, sensors, RFID tags, RFID readers) and you will work with world-leading researchers to implement, test, and showcase secure and privacy-preserving protocols and algorithms. Many projects are done in collaboration with other academic and industrial partners.
    Responsibilities: More specifically, the job includes:
    • Development and implementation of concepts and research results, both individually and in collaboration with researchers and PhD students,
    • Run of experiments and simulation of realistic conditions to test the performance of developed algorithms and protocols,
    • Development, maintenance and organization of software,
    • Support to BSc, MSc and PhD students, postdocs and researchers who use the lab,
    • Responsibility for the daily routines in the lab, for example purchases, installations, bookings, inventory,
    • Producing media content for our group web page and social media platforms.
    Your profile:
    • The successful applicant is expected to hold or to be about to receive a M.Sc. degree in Computer Science, Electrical Engineering, Applied Mathematics or similar fields, preferably with a focus in Security and Privacy for Computer Science Systems.
    • We are looking for a strongly motivated and self-driven person who is able to work and learn new things independently. Good command of English is required.
    • You should have a good academic track record and well developed analytical and problem solving skills.
    • Excellent programming skills and familiarity with cryptographic libraries.
    • Previous experience in implementation projects with C++, Matlab, Python is desired.
    Expand
    Inria and ENS, Paris, France
    Job Posting Job Posting

    We are looking for talented and motivated Post-docs to work on the ERC Advanced Grant project PARQ: Lattices in a Parallel and Quantum World. The project aims at studying the best parallel and quantum algorithms for lattice problems, and proposing automated tools to select safe parameters for lattice-based cryptography. It is hosted by the Inria cryptography team Cascade, located at ENS in downtown Paris. (see https://crypto.di.ens.fr/web2py )

    The ideal candidates should have a PhD degree from a leading university, and a proven record of lattice-related publications in top venues. We offer a competitive salary and a budget for conference travel and research visits. Positions can be filled from April 1st, 2021. If you're interested, please send as soon as possible (and before June 1st, 2021):

    • Your curriculum vitae
    • Your two best publications
    • Research statement
    • Reference letters if possible

    To apply: https://jobs.inria.fr/public/classic/fr/offres/2021-03340

    Closing date for applications:

    Contact: Phong Q. Nguyen ( Phong.Nguyen at inria.fr )

    More information: https://jobs.inria.fr/public/classic/fr/offres/2021-03340

    Expand
    University College Cork, Ireland
    Job Posting Job Posting

    The School of Computer Science & IT at University College Cork is a partner in the Science Foundation Ireland Centre for Research Training on Artificial Intelligence, which funds a number of 4-year PhD scholarships. The scholarships include full payment of university fees and a monthly tax-free stipend of €1,500, as well as a budget for equipment, travel, and training.

    We are currently looking for candidates interested to work on privacy-preserving machine learning/artificial intelligence. Topics of interests include: advanced encryption for neural networks; anonymity and differential privacy; model ownership (watermarking and fingerprinting) and related attacks.

    Interested candidates should write to Dr Paolo Palmieri (p.palmieri@cs.ucc.ie). Expressions of interest for the 2021-2022 call need to be received by February 26, 2021. Early applications will be given priority.

    Applicants should include:

    1. a brief cover letter (1 page max) explaining their interest in the project topic, and mentioning any previous experience in privacy/cryptography/security;
    2. a curriculum vitae, mentioning the final grade/CGPA for each degree.
    Shortlisted students will be asked to submit a full application (including academic transcripts, evidence of English language proficiency, and references) at a later stage.

    Closing date for applications:

    Contact: Dr. Paolo Palmieri (p.palmieri@cs.ucc.ie)

    Expand
    University of Calgary, Calgary, AB, Canada
    Job Posting Job Posting
    The Department of Electrical and Computer Engineering in the Schulich School of Engineering at the University of Calgary is pleased to invite applications for a tenure-track Assistant Professor position in Secure Software Systems with an anticipated start date of July 1, 2021. Candidates with an earned doctoral degree in Software Engineering or a related discipline, or those who will have earned a doctoral degree by the anticipated start date, and who have the potential for excellence in research and teaching are invited to apply. The successful candidate should have research experience in one of the following topics:
  • engineering safe, dependable, and secure software systems
  • privacy and security in software
  • security testing
  • secure software defined network
  • cybersecurity
  • The successful candidate will have a demonstrated record of high-quality research publications. They are expected to demonstrate the potential to establish an externally funded research program, and to achieve international recognition within five years. They will have the ability to attract excellent trainees, students, and future researchers. The successful candidates will develop and teach a range of undergraduate and graduate courses in the Software Engineering Program. The successful candidate will have excellent written and oral communication skills and provide evidence of successful teaching ability. Candidates should be eligible for registration as a Professional Engineer with the Association of Professional Engineers and Geoscientists of Alberta (APEGA). Experience working in industry or on industrial projects is an asset.

    Closing date for applications:

    Contact: Prof. Andy Knight (Department Head) Email: eceinfo@ucalgary.ca

    More information: https://engg.careers.ucalgary.ca/jobs/6242346-assistant-professor-secure-software-systems-department-of-electrical-and-computer-engineering

    Expand

    21 February 2021

    Virtual event, Anywhere on Earth, 26 July - 28 July 2021
    Event Calendar Event Calendar
    Event date: 26 July to 28 July 2021
    Submission deadline: 15 March 2021
    Notification: 12 April 2021
    Expand
    Virtual event, Anywhere on Earth, 8 September - 10 September 2021
    Event Calendar Event Calendar
    Event date: 8 September to 10 September 2021
    Submission deadline: 29 March 2021
    Notification: 28 May 2021
    Expand

    20 February 2021

    Yunwen Liu, Siwei Sun, Chao Li
    ePrint Report ePrint Report
    The differential-linear attack, combining the power of the two most effective techniques for symmetric-key cryptanalysis, was pro- posed by Langford and Hellman at CRYPTO 1994. From the exact for- mula for evaluating the bias of a differential-linear distinguisher (JoC 2017), to the differential-linear connectivity table (DLCT) technique for dealing with the dependencies in the switch between the differential and linear parts (EUROCRYPT 2019), and to the improvements in the con- text of cryptanalysis of ARX primitives (CRYPTO 2020), we have seen significant development of the differential-linear attack during the last four years. In this work, we further extend this framework by replacing the differential part of the attack by rotational-xor differentials. Along the way, we establish the theoretical link between the rotational-xor dif- ferential and linear approximations, revealing that it is nontrivial to directly apply the closed formula for the bias of ordinary differential- linear attack to rotational differential-linear cryptanalysis. We then re- visit the rotational cryptanalysis from the perspective of differential- linear cryptanalysis and generalize Morawiecki et al.’s technique for an- alyzing Keccak, which leads to a practical method for estimating the bias of a (rotational) differential-linear distinguisher in the special case where the output linear mask is a unit vector. Finally, we apply the rota- tional differential-linear technique to the permutations involved in FRIET, Xoodoo, Alzette, and SipHash. This gives significant improvements over existing cryptanalytic results, or offers explanations for previous exper- imental distinguishers without a theoretical foundation. To confirm the validity of our analysis, all distinguishers with practical complexities are verified experimentally.
    Expand
    Alessandro Chiesa, Eylon Yogev
    ePrint Report ePrint Report
    Succinct non-interactive arguments (SNARGs) in the random oracle model (ROM) have several attractive features: they are plausibly post-quantum; they can be heuristically instantiated via lightweight cryptography; and they have a transparent (public-coin) parameter setup.

    The canonical construction of a SNARG in the ROM is due to Micali (FOCS 1994), who showed how to use a random oracle to compile any probabilistically checkable proof (PCP) with sufficiently-small soundness error into a corresponding SNARG. Yet, while Micali's construction is a seminal result, it has received little attention in terms of analysis in the past 25 years.

    In this paper, we observe that prior analyses of the Micali construction are not tight and then present a new analysis that achieves tight security bounds. Our result enables reducing the random oracle's output size, and obtain corresponding savings in concrete argument size.

    Departing from prior work, our approach relies on precisely quantifying the cost for an attacker to find several collisions and inversions in the random oracle, and proving that any PCP with small soundness error withstands attackers that succeed in finding a small number of collisions and inversions in a certain tree-based information-theoretic game.
    Expand
    Fukang Liu, Takanori Isobe, Willi Meier, Kosei Sakamoto
    ePrint Report ePrint Report
    AEGIS-128 and Tiaoxin are two AES-based primitives submitted to the CAESAR competition. Among them, AEGIS-128 has been selected in the final portfolio for high-performance applications, while Tiaoxin is a third-round candidate. Although both primitives adopt a stream cipher based design, they are quite different from the well-known bit-oriented stream ciphers like Trivium and the Grain family. Their common feature consists in the round update function, where the state is divided into several 128-bit words and each word has the option to pass through an AES round or not. During the 6-year CAESAR competition, it is surprising that for both primitives there is no third-party cryptanalysis of the initialization phase. Due to the similarities in both primitives, we are motivated to investigate whether there is a common way to evaluate the security of their initialization phases. Our technical contribution is to write the expressions of the internal states in terms of the nonce and the key by treating a 128-bit word as a unit and then carefully study how to simplify these expressions by adding proper conditions. As a result, we found that there are several groups of weak keys with $2^{96}$ keys each in 5-round AEGIS-128 and 8-round Tiaoxin, which allows us to construct integral distinguishers with time complexity $2^{32}$ and data complexity $2^{32}$. Based on the distinguisher, the time complexity to recover the weak key is $2^{72}$ for 5-round AEGIS-128. However, the weak key recovery attack on 8-round Tiaoxin will require the usage of a weak constant occurring with probability $2^{-32}$. We expect that this work can advance the understanding of the designs similar to AEGIS and Tiaoxin.
    Expand
    Hemanta K. Maji, Hai H. Nguyen, Anat Paskin-Cherniavsky, Tom Suad, Mingyuan Wang
    ePrint Report ePrint Report
    Efficient Reed-Solomon code reconstruction algorithms, for example, by Guruswami and Wootters (STOC--2016), translate into local leakage attacks on Shamir secret-sharing schemes over characteristic-2 fields. However, Benhamouda, Degwekar, Ishai, and Rabin (CRYPTO--2018) showed that the Shamir secret sharing scheme over prime-fields is leakage resilient to one-bit local leakage if the reconstruction threshold is roughly 0.87 times the total number of parties. In several application scenarios, like secure multi-party multiplication, the reconstruction threshold must be at most half the number of parties. Furthermore, the number of leakage bits that the Shamir secret sharing scheme is resilient to is also unclear.

    Towards this objective, we study the Shamir secret-sharing scheme's leakage-resilience over a prime-field $F$. The parties' secret-shares, which are elements in the finite field $F$, are naturally represented as $\lambda$-bit binary strings representing the elements $\{0,1,\dotsc,p-1\}$. In our leakage model, the adversary can independently probe $m$ bit-locations from each secret share. The inspiration for considering this leakage model stems from the impact that the study of oblivious transfer combiners had on general correlation extraction algorithms, and the significant influence of protecting circuits from probing attacks has on leakage-resilient secure computation.

    Consider arbitrary reconstruction threshold $k\geq 2$, physical bit-leakage parameter $m\geq 1$, and the number of parties $n\geq 1$. We prove that Shamir's secret-sharing scheme with random evaluation places is leakage-resilient with high probability when the order of the field $F$ is sufficiently large; ignoring polylogarithmic factors, one needs to ensure that $\log \abs F \geq n/k$. Our result, excluding polylogarithmic factors, states that Shamir's scheme is secure as long as the total amount of leakage $m\cdot n$ is less than the entropy $k\cdot\lambda$ introduced by the Shamir secret-sharing scheme. Note that our result holds even for small constant values of the reconstruction threshold $k$, which is essential to several application scenarios.

    To complement this positive result, we present a physical-bit leakage attack for $m=1$ physical bit-leakage from $n=k$ secret shares and any prime-field $F$ satisfying $\abs F=1\mod k$. In particular, there are (roughly) $\abs F^{n-k+1}$ such vulnerable choices for the $n$-tuple of evaluation places. We lower-bound the advantage of this attack for small values of the reconstruction threshold, like $k=2$ and $k=3$, and any $\abs F=1\mod k$. In general, we present a formula calculating our attack's advantage for every $k$ as $\abs F\rightarrow\infty.$

    Technically, our positive result relies on Fourier analysis, analytic properties of proper rank-$r$ generalized arithmetic progressions, and B\'ezout's theorem to bound the number of solutions to an equation over finite fields. The analysis of our attack relies on determining the ``discrepancy'' of the Irwin-Hall distribution. A probability distribution's discrepancy is a new property of distributions that our work introduces, which is of potential independent interest.
    Expand
    Hwajeong Seo, Pakize Sanal, Wai-Kong Lee, Reza Azarderakhsh
    ePrint Report ePrint Report
    In this paper, we firstly presented optimized implementations of Montgomery multiplication on 64-bit ARM processors by taking advantages of Karatsuba algorithm and efficient multiplication instruction sets for ARM64 architectures. The implementation of Montgomery multiplication improved the performance of public key cryptography (e.g. CSIDH, ECC, and RSA) implementations on ARM64 architectures, directly. Last but not least, the performance of Karatsuba algorithm does not ensure the fastest speed record, while it is determined by the clock cycles per multiplication instruction of target ARM architectures. In particular, recent Apple processors based on ARM64 architecture show lower cycles per instruction of multiplication than that of ARM Cortex-A series. For this reason, the schoolbook method shows much better performance than the sophisticated Karatsuba algorithm on Apple processors. With this observation, we can determine the proper approach for multiplication of cryptography library (e.g. MS-SIDH) on Apple processors and ARM Cortex-A processors.
    Expand
    Sravya Yandamuri, Ittai Abraham, Kartik Nayak, Michael K. Reiter
    ePrint Report ePrint Report
    Agreement protocols for partially synchronous or asynchronous networks tolerate fewer than one-third Byzantine faults. If parties are equipped with trusted hardware that prevents equivocation, then fault tolerance can be improved to fewer than one-half Byzantine faults, but typically at the cost of increased communication complexity. In this work, we present results that use small trusted hardware without worsening communication complexity assuming the adversary controls a fraction of the network that is less than one-half. Our results include a version of HotStuff that retains linear communication complexity in each view and a version of the VABA protocol with quadratic communication, both leveraging trusted hardware to tolerate a minority of corruptions. Our results use expander graphs to achieve efficient communication in a manner that may be of independent interest.
    Expand
    ◄ Previous Next ►