IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
17 September 2021
University of South Florida, The Department of Computer Science and Engineering, Tampa, FL, USA.
Job PostingTrustworthy Machine Learning (TML)
- Privacy-Preserving Machine Learning
- Secure multi-party computation for TML
- New cryptographic schemes for consensus and distributed transactions in Blockchains
- Practical quantum-safe cryptographic deployments for Blockchains
- Lightweight cryptography for IoT
- Efficient cryptography for vehicular and unmanned aerial systems
- Efficient digital signatures
- Searchable encryption, Oblivious RAM, and multi-party computation
- A BS degree in ECE/CS with a high-GPA
- Very good programming skills (e.g., C, C++), familiarity with Linux
- MS degree in ECE/CS/Math is a big plus. Publications in security and privacy are highly desirable
- Transcripts
- Curriculum vitae
- Three reference letters (send by referees)
- Research statement
- GRE and TOEFL
Closing date for applications:
Contact: Person to Contact:
Dr. Attila A. Yavuz
Email: attilaayavuz@usf.edu
Webpage : http://www.csee.usf.edu/~attilaayavuz/
More information: http://www.csee.usf.edu/~attilaayavuz/article/PositionDescrption_at_USF.pdf
University of Hamburg, Germany
Job PostingUniversity of Hamburg is a University of Excellence and one of the most research-focused universities in Germany. The research group “Security in Distributed Systems” is working on the intersection of security and privacy research, with a focus on distributed systems, data protection, anonymity, and cryptography.
Your Profile
We are looking for a new member of our team that will be working as a full-time PhD student in research and teaching. Your tasks will include:
- Development, implementation, analysis, and evaluation of complex and secure IT-systems
- Academic services in a third-party funded project
- Working with bleeding-edge technology and research literature from security, cryptography, and privacy
- Publication of research results in national/international venues
- Support for teaching
Completed MSc degree (or equivalent) in IT-Security, computer science or a strongly related field. You are highly motivated, curious, reliable, and creative. You must be interested in system security, applied cryptography and/or privacy research. You must have experience in security in open and distributed communication systems and fundamental knowledge in cryptography and IT-Security. Experience with machine learning and advanced software engineering skills, especially with a focus on application security and cryptography are a bonus. Programming skills in higher languages like C/C++ and Python are required. Fluent English, spoken and written, and good communication skills are mandatory. Knowledge of German is helpful; we expect the willingness to learn German for non-native German speakers.
We offer great and flexible working conditions in a highly motivated team of researchers with many opportunities for collaboration. The university supports their employees with many interesting opportunities for personal development.
Closing date for applications:
Contact: Prof. Hannes Federrath
hannes.federrath@uni-hamburg.de
https://www.inf.uni-hamburg.de/inst/ab/snp/team/federrath.html
Research & Development Group, Horizen Labs; Milano, Italy
Job PostingHorizen Labs is a blockchain technology company that designs, develops, and delivers powerful, scalable, and reliable distributed ledger solutions for business.
Our Core Engineering Team is an innovative and collaborative group of researchers and software engineers who are dedicated to the design and development of world-class blockchain-based products. We are looking for a cryptographer, or applied cryptographer, to join our growing crypto team based in Milan, Italy. Currently, the team is developing a protocol suite for SNARK-based proof-composition, but its duties reach beyond that, developing privacy-enhancing solutions for our sidechain ecosystem.
Responsabilities- Design privacy-enhancing technology built on SNARK-based protocols
- Perform collaborative research and assist technical colleagues in their development work
- Participate in standards-setting
- Ph.D. in mathematics, computer science, or cryptography
- Solid foundations in zero-knowledge and cryptographic protocols
- Publications in acknowledged venues on applied or theoretical cryptography, preferably cryptographic protocols or PETs
- Strong problem-solving skills
- The ability to work in a team setting as well as autonomously
- Foundations in blockchain technology and experience in reading Rust are a plus
- A competitive salary plus pre-series A stock options
- Flexible working hours, including the possibility of remote working
- The opportunity to work with talented minds on challenging topics in this field, including the most recent advancements in zero-knowledge
- A nice and informal team setting to conduct research and development of high-quality open source solutions
If you are interested in this position, you might want to take a look at our recent publications (IACR eprints 2021/930, 2021/399, 2020/123) and our latest podcast on zeroknowledge.fm (Episode 178). For further questions, please contact the email below.
Closing date for applications:
Contact: recruiting@horizenlabs.io
More information: https://horizenlabs.io/
Mohammed VI Polytechnic University (UM6P), Benguerir. Morroco
Job PostingPostdoctoral position in Blockchain and IoT Security The School of Computer Science at Mohammed VI Polytechnic University (UM6P), Benguerir, Morocco is currently looking for motivated and talented Postdoctoral researchers in the area of Blockchain and IoT Security. The successful candidates will primarily be working on the following topics (but not limited to):
- Blockchain and Cryptocurrencies
- Applications of Blockchain
- IoT Security
- Publish in high impact journals in the field.
- Participate to the supervision of PhD students and research internships.
- Ph.D. in the field of Cryptography, Computer security, or any related field.
- Strong publication record in high-impact conferences/journals.
- Very good programming skills (e.g., C, C++), familiarity with Linux
- Proficiency in English and ability to work in a team
- Outstanding analytical and problem-solving skills
The successful candidate will be employed by Mohammed VI Polytechnic University (UM6P) based at Benguerir (50 km north of Marrakech), Morocco. The net salary per month is 2000 USD. The initial appointment as a Postdoctoral researcher will be for one year renewable depending on satisfactory performance.
Applications and selection procedure:
Applications must be sent using a single electronic zipped folder with the mention of the job title in the mail subject. The folder must contain:
- A 1-page cover letter with main research interests.
- A detailed CV.
- A 1-page brief research statement.
- Contact information of 2 references (Applicants are assumed to have obtained their references’ consent to be contacted for this matter).
Closing date for applications:
Contact: Contact: Assoc. Prof. Mustapha Hedabou (mustapha.hedabou@um6p.ma)
More information: https://www.um6p-cs.ma/en/home/
NYU Shanghai, Engineering and Computer Science Faculty, Shanghai, China
Job PostingClosing date for applications:
Contact: NYU Shanghai Office of Faculty Recruitment
More information: https://apply.interfolio.com/93616
Colin O'Flynn
ePrint ReportNumerous standards have been developed for safety-critical systems, including the development of standards for increasing the rate of naturally occurring faults using particle sources. In this work, we demonstrate that desktop EMFI tooling can be used to accomplish similar testing, but with more control, effectively speeding up the evaluation process. We demonstrate that using EMFI tooling for safety evaluation allows us to recreate a highly publicized safety issue present in an automotive ECU -- one that could not easily be recreated previously with other techniques.
Akira Ito, Rei Ueno, Naofumi Homma
ePrint ReportEunsang Lee, Joon-Woo Lee, Young-Sik Kim, Jong-Seon No
ePrint ReportSusumu Kiyoshima
ePrint ReportConcretely, we show the following black-box (BB) impossibility results by relying on standard cryptographic primitives.
1. It is impossible to obtain 2-round delayed-input weak ZK arguments under polynomially hard falsifiable assumptions if BB reductions are used to prove soundness. This result holds even when non-black-box techniques are used to prove weak ZK.
2. It is impossible to obtain 2-round non-delayed-input strong WI arguments and 2-round publicly verifiable delayed-input strong WI arguments under polynomially hard falsifiable assumptions if a natural type of BB reductions, called "oblivious" BB reductions, are used to prove strong WI.
3. It is impossible to obtain 2-round delayed-input strong WI arguments under polynomially hard falsifiable assumptions if BB reductions are used to prove both soundness and strong WI (the BB reductions for strong WI are required to be oblivious as above). Compared with the above result, this result no longer requires public verifiability in the delayed-input setting.
Tsz Hon Yuen, Muhammed F. Esgin, Joseph K. Liu, Man Ho Au, Zhimin Ding
ePrint ReportConsidering the DL-based setting by using Schnorr identification scheme, our DualRing structure allows the signature size to be compressed into logarithmic size via an argument of knowledge system such as Bulletproofs. We further improve on the Bulletproofs argument system to eliminate about half of the computation while maintaining the same proof size. We call this Sum Argument and it can be of independent interest. This DL-based construction, named DualRing-EC, using Schnorr identification with Sum Argument has the shortest ring signature size in the literature without using trusted setup.
Considering the lattice-based setting, we instantiate DualRing by a canonical identification based on M-LWE and M-SIS. In practice, we achieve the shortest lattice-based ring signature, named DualRing-LB, when the ring size is between 4 and 2000. DualRing-LB is also 5x faster in signing and verification than the fastest lattice-based scheme by Esgin et al. (CRYPTO'19).
Hyunjun Kim, Kyungbae Jang, Gyeongju Song, Minjoo Sim, Siwoo Eum, Hyunji Kim, Hyeokdong Kwon, Wai-Kong Lee, Hwajeong Seo
ePrint ReportGyeongju Song, Kyungbae Jang, Hyunjun Kim, Siwoo Eum, Minjoo Sim, Hyunji Kim, Wai-Kong Lee, Hwajeong Seo
ePrint ReportYaobin Shen; Lei Wang; Dawu Gu
ePrint ReportLior Rotem
ePrint Report-- A batch PoCE for verifying $n$ instances with communication complexity $m\cdot c +{\sf k}_{\sf prf}$, verification time $m\cdot t + n\cdot m\cdot O(t_{\sf op} + t_{\sf prf})$ and soundness error $\delta + 2^{-m}$, where $\lambda$ is the security parameter, $m$ is an adjustable parameter that can take any integer value, and $t_{\sf op}$ is the time required to evaluate the group operation in the underlying group. This should be contrasted with the naive approach, in which the communication complexity and verification time are $n \cdot c$ and $n \cdot t$, respectively. The soundness of this compiler relies only on the soundness of the underlying PoCE and the existence of one-way functions.
-- An improved batch PoCE based on the low order assumption. For verifying $n$ instances, the batch PoCE requires communication complexity $c +{\sf k}_{\sf prf}$ and verification time $t + n\cdot (t_{\sf prf} + \log(s)\cdot O(t_{\sf op}))$, and has soundness error $\delta + 1/s$. The parameter $s$ can take any integer value, as long as it is hard to find group elements of order less than $s$ in the underlying group. We discuss instantiations in which $s$ can be exponentially large in the security parameter $\lambda$.
If the underlying PoCE is constant round and public coin (as is the case for existing protocols), then so are all of our batch PoCEs. This implies that they can be made non-interactive using the Fiat-Shamir transform.
Additionally, for RSA groups with moduli which are the products of two safe primes, we show how to efficiently verify that certain elements are not of order $2$. This protocol, together with the second compiler above and any (single-instance) PoCE in these groups, yields an efficient batch PoCE in safe RSA groups. To complete the picture, we also show how to extend Pietrzak's protocol (which is statistically sound in the group $QR_N^+$ when $N$ is the product of two safe primes) to obtain a statistically-sound PoCE in safe RSA groups.
Benny Applebaum, Aarushi Goel
ePrint ReportClassical MPC results yield such elementary reductions in various cases including the setting of passive security with full corruption threshold $t<n$ (Yao, FOCS'86; Beaver, Micali, and Rogaway, STOC'90), the setting of full active security against a corrupted minority $t<n/2$ (Damg{\aa}rd and Ishai, Crypto'05), and, for $\NCone$ functionalities, even for the setting of full active (information-theoretic) security with full corruption threshold of $t<n$ (Ishai and Kushilevitz, FOCS'00). This leaves open the existence of an elementary reduction that achieves full active security in the dishonest majority setting for all efficiently computable functions.
Our main result shows that such a reduction is unlikely to exist. Specifically, the existence of a computationally secure elementary reduction that makes black-box use of a PRG and achieves a very weak form of partial fairness (e.g., that holds only when the first party is not corrupted) would allow us to realize any efficiently-computable function by a \emph{constant-round} protocol that achieves a non-trivial notion of information-theoretic passive security. The existence of the latter is a well-known 3-decade old open problem in information-theoretic cryptography (Beaver, Micali, and Rogaway, STOC'90).
On the positive side, we observe that this barrier can be bypassed under any of the following relaxations: (1) non-black-box use of a pseudorandom generator; (2) weaker security guarantees such as security with identifiable abort; or (3) an additional round of communication with the functionality $g$.
Lior Rotem, Gil Segev
ePrint ReportWe put forward a rigorous framework capturing the non-malleability of VCs, striking a careful balance between the existing weaker and stronger frameworks: We strengthen the framework of non-malleable non-interactive commitments by considering attackers that may be exposed to local openings, and we relax the framework of non-malleable zero-knowledge sets by focusing on membership proofs. In addition, we strengthen both frameworks by supporting (inherently-private) updates to entries of committed vectors, and discuss the benefits of non-malleable VCs in the context of both UTXO-based and account-based stateless blockchains, and in the context of simultaneous multi-round auctions (that have been adopted by the US Federal Communications Commission as the standard auction format for selling spectrum ranges).
Within our framework we present a direct approach for constructing non-malleable VCs whose efficiency essentially matches that of the existing standard VCs. Specifically, we show that any VC can be transformed into a non-malleable one, relying on a new primitive that we put forth. Our new primitive, locally-equivocable commitments with all-but-one binding, is evidently both conceptually and technically simpler compared to multi-trapdoor mercurial trapdoor commitments (the main building block underlying existing non-malleable zero-knowledge sets), and admits more efficient instantiations based on the same number-theoretic assumptions.
Ittai Abraham, Gilad Asharov, Avishay Yanai
ePrint ReportIn this paper, we close this gap by constructing a new secure computation protocol with perfect, optimal resilience and malicious security that incurs sharing of only $O(n)$ values per multiplication, thus, matching the semi-honest setting for protocols with round complexity that is proportional to the circuit depth. Our protocol requires a constant number of rounds per multiplication. Like BGW, it has an overall round complexity that is proportional only to the multiplicative depth of the circuit. Our improvement is obtained by a novel construction for {\em weak VSS for polynomials of degree-$2t$}, which incurs the same communication and round complexities as the state-of-the-art constructions for {\em VSS for polynomials of degree-$t$}.
Our second contribution is a method for reducing the communication complexity for any depth-1 sub-circuit to be proportional only to the size of the input and output (rather than the size of the circuit). This implies protocols with \emph{sublinear communication complexity} (in the size of the circuit) for perfectly secure computation for important functions like matrix multiplication.