IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
14 June 2021
Nils Fleischhacker, Kasper Green Larsen, Mark Simkin
In this work we construct robust property-preserving hash functions for the hamming-distance predicate which distinguishes inputs with a hamming distance at least some threshold $t$ from those with distance less than $t$. The security of the construction is based on standard lattice hardness assumptions.
Our construction has several advantages over the best known previous construction by Fleischhacker and Simkin (Eurocrypt 2021). Our construction relies on a single well-studied hardness assumption from lattice cryptography whereas the previous work relied on a newly introduced family of computational hardness assumptions. In terms of computational effort, our construction only requires a small number of modular additions per input bit, whereas the work of Fleischhacker and Simkin required several exponentiations per bit as well as the interpolation and evaluation of high-degree polynomials over large fields. An additional benefit of our construction is that the description of the hash function can be compressed to $\lambda$ bits assuming a random oracle. Previous work has descriptions of length $\bigO{\ell \lambda}$ bits for input bit-length $\ell$, which has a secret structure and thus cannot be compressed.
We prove a lower bound on the output size of any property-preserving hash function for the hamming distance predicate. The bound shows that the size of our hash value is not far from optimal.
Madhurima Mukhopadhyay, Palash Sarkar
Akashdeep Saha, Urbi Chatterjee, Debdeep Mukhopadhyay, Rajat Subhra Chakraborty
Amund Askeland, Sondre Rønjom
Jongkil Kim, Seyit Camtepe, Joonsang Baek, Willy Susilo, Josef Pieprzyk, Surya Nepal
Yael Tauman Kalai, Vinod Vaikuntanathan, Rachel Yun Zhang
- First, we show that Kilian's protocol, instantiated with a computationally non-signaling PCP (Brakerski, Holmgren, and Kalai, STOC 2017) and a somewhere statistically binding hash family (Hubacek and Wichs, ITCS 2015), is an SSS argument.
- Secondly, we show that the soundness of SSS arguments can be proved in a straight-line manner, implying that they are also post-quantum sound if the underlying assumption is post-quantum secure. This provides a straightforward proof that Kilian's protocol, instantiated this way, is post-quantum sound under the post-quantum hardness of LWE (though we emphasize that a computationally non-signaling PCP exists only for deterministic languages, and more generally, for specific subclasses of non-deterministic languages such as $\mathsf{NTISP}$, but not for all of $\mathsf{NP}$).
- We put forward a natural conjecture that constant-round SSS arguments can be soundly converted into non-interactive arguments via the Fiat-Shamir transformation. We argue that SSS arguments evade the current Fiat-Shamir counterexamples, including the one for Kilian's protocol (Bartusek, Bronfman, Holmgren, Ma and Rothblum, TCC 2019) by requiring additional properties from both the hash family and the PCP.
As an additional result, we show that by using a computationally non-signaling PCP and a somewhere statistically binding hash family, one can efficiently convert any succinct non-interactive argument (SNARG) for $\mathsf{BatchNP}$ into a SNARG for $\mathsf{P}$.
Sven Heiberg, Kristjan Krips, Jan Willemson
Yongjun Zhao, Huaxiong Wang, Kwok-Yan Lam
Unfortunately, existing volume-hiding SSE schemes do not support atomic updates (i.e., addition/deletion of an arbitrary keyword-document pair), which is the most common update operation considered in the SSE literature. Meanwhile, recent volumetric attacks (Wang et al., EuroS&P 20 & Blackstone et al., NDSS 20) indeed target dynamic databases.
We initiate a formal study of volume-hiding dynamic SSE. We extend the existing definition of volume-hiding leakage function into the dynamic setting and present efficient constructions VH-DSSE and VH-DSSE^k . VH-DSSE suffers from non-negligible correctness error. To remedy the disadvantage of VH-DSSE, we propose a multi-copy construction VH-DSSE^k that amplifies correctness by parallel repetition. As a side contribution, both VH-DSSE and VH-DSSE^k satisfy the strongest notions of backward-privacy, which is the first one in the literature, to the best of our knowledge.
Elena Kirshanova, Thijs Laarhoven
10 June 2021
NIT Jamshedpur, India, 16 November - 17 November 2021
Submission deadline: 30 June 2021
Notification: 1 September 2021
Tsinghua University, IIIS, Beijing
We are seeking one to two software engineers who can contribute to implementing a software system for privacy-preserving DNA synthesis screening in the Secure DNA project. We are a group of researchers from Tsinghua University, MIT, Aarhus University, Shanghai Jiao Tong University, and other world-leading academic institutions. Our goal is to develop an automatic and accurate screening system that can effectively block hazardous DNA sequences from being produced, while at the same time providing superior levels of security guarantees, in terms of not disclosing the submitted DNA orders or the potential hazards that are not yet public. To learn more visit our website or read the technical whitepaper.
Your Responsibilities- Develop and implement the software system that realizes secure DNA synthesis.
- Develop the frontend that integrates the system into the production environments of our DNA vendor partners.
- Strong software development experience, especially large-scale systems and/or security-critical software.
- Strong knowledge and experience in software programming, such as C++, Rust, or Go.
- Familiarity with common cryptographic software libraries and implementations.
- Experience in distributed systems.
- Basic theoretical background in cryptography and system security.
- English communication and reading/writing capabilities.
- Passion for modern cryptography-based secure computing.
- Involved in world-leading research projects and teamed up with top scientists around the world, including Turing award winners.
- Competitive salary and other benefits from Tsinghua University.
- Future opportunities in long-term collaboration with other research projects at Tsinghua.
Closing date for applications:
Contact: Mingyu Gao, gaomy@tsinghua.edu.cn
More information: https://www.securedna.org
Tsinghua University, IIIS, Beijing
We are seeking a principal software architect who can contribute to implementing a software system for privacy-preserving DNA synthesis screening in the Secure DNA project. We are a group of researchers from Tsinghua University, MIT, Aarhus University, Shanghai Jiao Tong University, and other world-leading academic institutions. Our goal is to develop an automatic and accurate screening system that can effectively block hazardous DNA sequences from being produced, while at the same time providing superior levels of security guarantees, in terms of not disclosing the submitted DNA orders or the potential hazards that are not yet public. To learn more visit our website or read the technical whitepaper.
Your Responsibilities- Design and propose the system architecture for the software system that realizes the proposed algorithm based on distributed oblivious pseudo-random functions.
- Assemble and lead the engineer team to implement the proposed software system.
- Deploy the system into the production environments of our DNA vendor partners.
- 5+ years of experience working with secure software system development and deployment.
- Strong knowledge and experience in software programming, such as C++, Rust, or Go.
- Familiarity with common cryptographic software libraries and implementations.
- Fluent in English communication and reading/writing.
- Experience in team management.
- Familiarity with modern cryptography-based securing computing algorithms.
- Some familiarity with basic biological knowledge and DNA synthesis.
- Flexible work hours and arrangement; remote and/or part-time are both acceptable.
- Involved in world-leading research projects with Turing award winners.
- A critical role in implementing the important bio-security system that will be deployed world-wide.
- Competitive salary and other benefits from Tsinghua University.
- Future opportunities in long-term collaboration with other research projects at Tsingh
Closing date for applications:
Contact: Mingyu Gao, gaomy@tsinghua.edu.cn
More information: https://www.securedna.org
University of Surrey, Surrey Centre for Cyber Security, UK
Early Career Fellowship in Cyber Security (Lecturer A)
https://jobs.surrey.ac.uk/vacancy.aspx?ref=026221
Lecturer / Senior Lecturer in Cyber Security
https://jobs.surrey.ac.uk/vacancy.aspx?ref=027721
Positions are available for researchers at different stages of their careers and in a range of security topics such as:
- applied cryptography (incl. post-quantum cryptography, distributed cryptography)
- privacy enhancing technologies (incl. anonymisation, secure multi-party computation, computing on encrypted data)
- software security (e.g., malware analysis)
- system security (incl., security of autonomous or cyber-physical systems)
- security architectures (incl., trusted computing, TEEs)
- security protocols for blockchain and/or machine learning
- tool-assisted formal verification of security and privacy
Please follow the above links for more details.
Closing date for applications:
Contact: Informal inquiries can be sent to Dr. Mark Manulis (m.manulis at surrey.ac.uk)
More information: https://www.surrey.ac.uk/department-computer-science
University of St. Gallen, Switzerland
- Development and implementation of concepts and research results, both individually and in collaboration with researchers and PhD students
- Run of experiments and simulation of realistic conditions to test the performance of developed algorithms and protocols
- Development, maintenance and organization of software
- Support to BSc, MSc and PhD students, postdocs and researchers who use the lab
- Responsibility for the daily routines in the lab, for example purchases, installations, bookings, inventory
- Demonstrations and lab tours for external visitors
- Producing media content for our group web page and social media platforms.
- The successful applicant is expected to hold or to be about to receive a M.Sc. degree in Computer Science, Electrical Engineering, Applied Mathematics or similar fields, preferably with a focus in Security and Privacy for Computer Science Systems.
- We are looking for a strongly motivated and self-driven person who is able to work and learn new things independently.
- Good command of English is required.
- You should have a good academic track record and well developed analytical and problem solving skills.
- Excellent programming skills and familiarity with cryptographic libraries.
- Previous experience in implementation projects with C++, Matlab, Python is desired.
Closing date for applications:
Contact: Prof. Katerina Mitrokotsa
More information: https://jobs.unisg.ch/offene-stellen/research-engineer-security-and-privacy-m-f-d/634aea27-37d2-4f1f-ab25-2d3c0a622fc0
CSEM, Neuchâtel / AAU, Department of Artificial Intelligence and Cybersecurity, Klagenfurt, Austria
You will conduct research towards a distributed intrusion detection system for constrained devices in real-world IoT applications. The intrusion detection system (IDS) you will develop will facilitate detection and containment of a security breach in the Edge, making the IoT applications of tomorrow more secure and reliable.
Your activity will be at an exciting intersection of the following fields:- Embedded development. The constrained nature of low-power embedded world will present you with stimulating research challenges. You will implement and test your results on real-world, low-power embedded HW platforms, maintaining a steady link between your research and practice and ensuring a real-world impact.
- Applied security. To defend from attacks, you will get intimately familiar with them. You will acquire knowledge of different types of intrusion, how they manage to penetrate a system, and how they can be recognized.
- Artificial intelligence. Modern IDS systems rely on AI. You will review the state of the art, select the most viable AI algorithms for an IDS in the constrained setting of IoT Edge, and carefully tweak them for the job.
- Distributed computing. A swarm of Things in the Edge can, collaboratively monitor itself much more effectively than a single device. You will combine all the above and deploy a distributed IDS on a group of constrained embedded devices, identifying the tradeoffs between efficiency and overhead.
We are looking for a student who has a Masters (or equivalent) degree in Electrical Engineering, Electronics or Computer Science with background and passion in (most of):
- Solid understanding of machine learning concepts and some practice
- Proficiency with programming in C
- Experience with embedded development is an advantage
- Background in applied cryptography and security is an advantage
- Fluency in English is required, proficiency in French is an advantage.
- Good communication and interpersonal skills.
Closing date for applications:
Contact: To apply visit https://www.csem.ch/page.aspx?pid=47528&jobid=122842.
You will be based in part at CSEM (Switzerland), and in part at the Cybersecurity Research Group at AAU (Austria); you need to be eligible to work in Europe, and you need to be flexible as you will travel regularly.