IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
24 September 2021
Jorge Chavez-Saab, Francisco Rodríguez Henríquez, Mehdi Tibouchi
Loïs Huguenin-Dumittan, Serge Vaudenay
Poulami Das, Andreas Erwig, Sebastian Faust, Julian Loss, Siavash Riahi
Ehsan Ebrahimi
In this paper, we propose an XOR-homomorphic commitment scheme based on the Learning Parity with Noise (LPN) problem and use it to construct an efficient quantum computationally zero-knowledge interactive proof system for the graph 3-coloring problem.
Aleksei Udovenko
This work describes new theoretical and practical insights into traditional bit-based division property. We focus on analyzing and exploiting monotonicity/convexity of division property and its relation to the graph indicator. In particular, our investigation leads to a new compact representation of propagation, which allows CNF/MILP modeling for larger S-Boxes, such as 16-bit Super-Sboxes of lightweight block ciphers or even 32-bit random S-boxes. This solves the challenge posed by Derbez and Fouque (ToSC 2020), who questioned the possibility of SAT/SMT/MILP modeling of 16-bit Super-Sboxes. As a proof-of-concept, we model the Super-Sboxes of the 8-round LED by CNF formulas, which was not feasible by any previous approach.
Our analysis is further supported by an elegant algorithmic framework. We describe simple algorithms for computing division property of a set of $n$-bit vectors in time $O(n2^n)$, reducing such sets to minimal/maximal elements in time $O(n2^n)$, computing division property propagation table of an $n\times m$-bit S-box and its compact representation in time $O((n+m)2^{n+m})$. In addition, we develop an advanced algorithm tailored to "heavy" bijections, allowing to model, for example, a randomly generated 32-bit S-box.
Song Bian, Dur E Shahwar Kundi, Kazuma Hirozawa, Weiqiang Liu, Takashi Sato
Kazuhiko Minematsu, Akiko Inoue, Katsuya Moriwaki, Maki Shigeri, Hiroyasu Kubo
Seungjin Baek, Hocheol Nam, Yongwoo Oh, Muoi Tran, Min Suk Kang
David W. H. A. da Silva, Luke Harmon, Gaetan Delavignette, Carlos Araujo
Emma Dauterman, Vivian Fang, Ioannis Demertzis, Natacha Crooks, Raluca Ada Popa
Dirk Fischer
In this work, a quantal version of the classical cryptographic Diffie-Hellman key exchange protocol is introduced. It is called Quantum Diffie-Hellman key exchange. Unlike for the existing quantum key distribution protocols, actual quantum states, and not their measurement outcomes, are regarded as finally exchanged keys/information. By implementation of that quantal Diffie-Hellman version, both communication parties in the end are in possession of identically prepared, and secret quantum states. Thus the cryptographically important principle of forward secrecy is now available in a quantum physical framework. As a merit of the quantum setting, an improvement of the classical Diffie-Hellman protocol is also achieved, as neither of the two parties exactly know the final, exchanged states.
Leonid Azriel, Julian Speit, Nils Albartus, Ran Ginosara, Avi Mendelson, Christof Paar
Florian Stolz, Nils Albartus, Julian Speith, Simon Klix, Clemens Nasenberg, Aiden Gula, Marc Fyrbiak, Christof Paar, Tim Güneysu, Russell Tessier
In this work, we first review state-of-the-art solutions from industry and academia and demonstrate their ineffectiveness with respect to reverse-engineering and design manipulation. We then describe the design and implementation of novel hardware obfuscation primitives based on the intrinsic structure of FPGAs. Based on our primitives, we design and implement LifeLine, a hardware design protection mechanism for FPGAs using hardware/software co-obfuscated cryptography. We show that LifeLine offers effective protection for a real-world adversary model, requires minimal integration effort for hardware designers, and retrofits to already deployed (and so far vulnerable) systems.
Runchao Han, Jiangshan Yu, Haoyu Lin, Shiping Chen, Paulo Esteves-Veríssimo
Nathan Geier
Nathan Geier
We formulate and prove the computational analog of this tight bound. Our proof is entirely different from the proof in the statistical case, which is non-constructive. As a corollary, we show that if $X$ and $Y$ are $d$ indistinguishable, then $k$ independent copies of $X$ and $k$ independent copies of $Y$ are almost $1-(1-d)^k$ indistinguishable for smaller circuits, as against $d\cdot k$ using the looser bound. Our bounds are useful in settings where only weak (i.e. non-negligible) indistinguishability is guaranteed. We demonstrate this in the context of cryptography, showing that our bounds yield simple analysis for amplification of weak oblivious transfer protocols.
Sri AravindaKrishnan Thyagarajan, Tiantian Gong, Adithya Bhat, Aniket Kate, Dominique Schröder
We present Opensquare, a decentralized repeated modular squaring service, that overcomes the above concerns. Opensquare lets clients outsource their repeated modular squaring computation via smart contracts to any computationally powerful servers that offer computational services for rewards in an unlinkable manner. Opensquare naturally gives us publicly computable heuristics about a pre-specified number ($T$) and the corresponding reward amounts of repeated squarings necessary for a time period. Moreover, Opensquare rewards multiple servers for a single request, in a sybil resistant manner to incentivise maximum server participation and is therefore resistant to censorship and single-points-of failures. We give game-theoretic analysis to support the mechanism design of Opensquare: (1) incentivises servers to stay available with their services, (2) minimizes the cost of outsourcing for the client, and (3) ensures the client receives the valid computational result with high probability. To demonstrate practicality, we also implement Opensquare's smart contract in Solidity and report the gas costs for all of its functions. Our results show that the on-chain computational costs for both the clients and the servers are quite low, and therefore feasible for practical deployments and usage.
23 September 2021
Ruhr University Bochum, Germany
The chair for Security Engineering at Ruhr University Bochum, Germany, is seeking for PhD students and Post-Docs in the areas of cryptographic hardware/software, side-channel analysis, FPGA security, etc.
For PhD positions, candidates must hold an MSc (or equivalent) in computer engineering, electrical engineering or computer science. The candidates are required to have outstanding grades.
For Post-Doc positions, candidates must hold a PhD in computer engineering, electrical engineering or computer science. Furthermore, they must have a demonstrated record of top-quality research in foundations of cryptographic hardware and embedded systems. This is usually proved by publications in IACR conferences, particularly CHES.
Please send your application per email (as a single PDF) to Amir Moradi (amir.moradi at rub.de). The application should include a full CV, a cover letter motivating you application, a short description of your two best research articles (for Post-Doc positions). Review of applications will begin immediately and will continue until the positions are filled, the starting date is flexible.
Closing date for applications:
Contact: Amir Moradi
More information: https://www.seceng.rub.de/moradi
Sri AravindaKrishnan Thyagarajan, Guilhem Castagnos, Fabien Laguillaumie, Giulio Malavolta
In this work, we set out to resolve these two issues and propose an efficient timed commitment scheme that also satisfies the strong notion of CCA-security. Specifically, our scheme has a transparent (i.e. public-coin) one-time setup and the amount of sequential computation is essentially independent of the number of participants. As a key technical ingredient, we propose the first (linearly) homomorphic time-lock puzzle with a transparent setup, from class groups of imaginary quadratic order. To demonstrate the applicability of our scheme, we use it to construct a new distributed randomness generation protocol, where $n$ parties jointly sample a random string. Our protocol is the first to simultaneously achieve (1) high scalability in the number of participants, (2) transparent one-time setup, (3) lightning speed in the optimistic case where all parties are honest, and (4) ensure that the output random string is unpredictable and unbiased, even when the adversary corrupts $n-1$ parties. To substantiate the practicality of our approach, we implemented our protocol and our experimental evaluation shows that it is fast enough to be used in practice. We also evaluated a heuristic version of the protocol that is at least 3 orders of magnitude more efficient both in terms of communication size and computation time. This makes the protocol suitable for supporting hundreds of participants.
Mike Hamburg
The Bernstein-Yang right-to-left modular inversion algorithm is notable for taking constant, asymptotically subquadratic time. Right-to-left algorithms are tricky to adapt for the Jacobi symbol, because they do not consider the signs of the values being operated on. But the Jacobi symbol is defined only on positive integers, and the rules for computing it need corrections if negative integers are introduced.
In this short paper, we show how to overcome this difficulty and produce a right-to-left Jacobi symbol algorithm based on Bernstein-Yang.