IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
12 October 2021
Vadim Lyubashevsky, Damien Stehlé
ePrint ReportMarkku-Juhani O. Saarinen
ePrint ReportHadi Soleimany, Nasour Bagheri, Hosein Hadipour, Prasanna Ravi, Shivam Bhasin, Sara Mansouri
ePrint ReportPsi Vesely, Kobi Gurkan, Michael Straka, Ariel Gabizon, Philipp Jovanovic, Georgios Konstantopoulos, Asa Oines, Marek Olszewski, and Eran Tromer
ePrint ReportBehzad Abdolmaleki, Daniel Slamanig
ePrint ReportIn this work we revisit the notion of trapdoor smooth projective hash functions (TSPHFs) in the light of an updatable CRS. TSPHFs have been introduced by Benhamouda et al. (CRYPTO'13) and can be seen as a special type of a 2-round ZK proof system. In doing so, we first present a framework called lighter TSPHFs (L-TSPHFs). Building upon it, we introduce updatable L-TSPHFs as well as instantiations in bilinear groups. We then show how one can generically construct updatable quasi-adaptive zero-knowledge arguments from updatable L-TSPHFs. Our instantiations are generic and more efficient than existing ones. Finally, we discuss applications of (updatable) L-TSPHFs to efficient (updatable) 2-round ZK arguments as well as updatable password-authenticated key-exchange (uPAKE).
Youssef El Housni, Aurore Guillevic
ePrint ReportDavid Balbás
ePrint ReportIn this survey, we give an overview of the hardness results for LWE and Ring-LWE, aiming to connect both problems and to provide good intuition to the reader. We present a proof of the strongest hardness result for Ring-LWE available the literature, which is a reduction from ideal lattice problems to its decision form. We start by introducing both Ring-LWE and LWE and their mathematical foundations, focusing on lattices and algebraic number theory. Then, we sketch the classical hardness proof for LWE and extend the proof techniques to the ring case. We also introduce informal discussions on parameter choices, weaknesses, related work, and open problems.
Behzad Abdolmaleki, Giulio Malavolta, Ahmadreza Rahimi
ePrint ReportYouliang Tian, Zhiying Zhang, Jinbo Xiong, Jianfeng Ma
ePrint ReportAnnouncement
Proposals for three to five years are accepted from higher education institutions and non-profit research organizations anywhere in the world. The ACE programme is being launched with a budget of 100,000,000 ALGO for the next ten years.
See the ACE website for further details.
Hwajeong Seo, Reza Azarderakhsh
ePrint ReportCarl Bootland, Wouter Castryck, Alan Szepieniec, Frederik Vercauteren
ePrint ReportAmit Behera, Or Sattath, Uriel Shinar
ePrint Report11 October 2021
Radboud University, Nijmegen, The Netherlands
Job PostingThe Digital Security Group of Radboud University is one of the leading groups in computer security in The Netherlands and Europe, and one of the pioneers in permutation-based crypto and corresponding leakage-resilient modes.
The successful candidate should ideally have a master in Computer Science, Mathematics, or Electrical engineering. Applications will be considered until the positions are filled.
To apply, please send the following documents to dis-secr (at) cs.ru.nl, with the subject "PhD position in cryptography":
- a motivation letter
- your cv
- your master diploma certificate (scanned)
- transcript of the courses you took (including grades)
- up to 3 references
To enquire about the positions you can contact: Joan Daemen, joan (at) cs.ru.nl, Lejla Batina, lejla (at) cs.ru.nl, and Bart Mennink, b.mennink (at) cs.ru.nl
Closing date for applications:
Contact: dis-secr (at) cs.ru.nl
University of Waterloo
Job PostingClosing date for applications:
Contact: Anwar Hasan
Arizona State University
Job PostingPlease see more information at https://nitrieu.github.io/position/.
Closing date for applications:
Contact: Ni Trieu
More information: https://nitrieu.github.io/position/
IDEAS NCBR Ltd. (https://ideas-ncbr.pl/en)
Job PostingClosing date for applications:
Contact: Prof. Stefan Dziembowski
NTNU - Norwegian University of Science and Technology, Trondheim, Norway
Job PostingThe Department of Mathematical Sciences at NTNU is looking for a post-doc in public-key cryptography. The position is hosted by Jiaxin Pan. It is funded by a project from the Research Council of Norway with focus on provable security. Potential topics are, but not limited to, digital signatures, zero-knowledge proofs, and post-quantum cryptography.
The candidate will work on theoretical aspects of public-key cryptography and is expected to publish at IACR conferences (such as Crypto, Eurocrypt, Asiacrypt, etc.) and renowned security conferences (such as IEEE S&P, ACM CCS, etc.). Thus, a track record of publications at these conferences is expected for the successful candidate.
Further details: The position holder will participate in many activities of the Cryptology Lab (NaCl) at NTNU which has 9 faculty members working on both applied and theoretical aspects of cryptology. The working place is in Trondheim, Norway. Trondheim is a modern European city with a rich cultural scene. It offers great opportunities for education (including international schools) and possibilities to enjoy nature, culture and family life and has low crime rates and clean air quality.
Application: More details are given here: https://www.jobbnorge.no/en/available-jobs/job/213223/postdoctoral-fellow-in-cryptography. We can only accept applications from this jobbnorge.no page.
Application deadline: 7th November 2021.
Starting date: May 2022, but it can be flexible. We encourage candidates who finish their PhD within (or before) 2022 to apply.
Duration: The position is for 3 years. The department might offer you 1 year in addition with teaching duties.
Closing date for applications:
Contact: Jiaxin Pan (first.last@ntnu.no)
More information: https://www.jobbnorge.no/en/available-jobs/job/213223/postdoctoral-fellow-in-cryptography
07 October 2021
Julien Duman, Kathrin Hövelmanns, Eike Kiltz, Vadim Lyubashevsky, Gregor Seiler, Dominique Unruh
ePrint ReportThe preference for using Ring/Module-LWE is due to the fact that this problem is at least as hard as NTRU, is more flexible in the algebraic structure due to the fact that no polynomial division is necessary, and that the decryption error is independent of the message. And indeed, the practical NTRU encryption schemes in the literature generally lag their Ring/Module-LWE counterparts in either compactness or speed, or both.
In this paper, we put the efficiency of NTRU-based schemes on equal (even slightly better, actually) footing with their Ring/Module-LWE counterparts. We provide several instantiations and transformations, with security given in the ROM and the QROM, that detach the decryption error from the message, thus eliminating the adversary's power to have any effect on it, which ultimately allows us to decrease parameter sizes. The resulting schemes are on par, compactness-wise, with their counterparts based on Ring/Module-LWE. Performance-wise, the NTRU schemes instantiated in this paper over NTT-friendly rings of the form $Z_q[X]/(X^d-X^{d/2}+1)$ are the fastest of all public key encryption schemes, whether quantum-safe or not. When compared to the NIST finalist NTRU-HRSS-701, our scheme is $15\%$ more compact and has a $15$X improvement in the round-trip time of ephemeral key exchange, with key generation being $35$X faster, encapsulation being $6$X faster, and decapsulation enjoying a $9$X speedup.
Julien Duman, Eike Kiltz, Kathrin Hövelmanns, Vadim Lyubashevsky, Gregor Seiler
ePrint ReportTo obtain even more confidence in the security of KEMs in the multi-user setting, it is a common design paradigm to also ``domain separate'' the random oracles of each user by including his public key as an input to the hash function. We are not aware of any formal analysis of this technique, but it was at least informally thought to be a computationally cheap way to add security. This design principle was carried over into the FO transformations used by several schemes in the NIST post-quantum standardization effort -- notably the lattice-based schemes Kyber and Saber, which are two of the four KEM finalists.
In this work, we formally analyze domain separation in the context of the FO transformation in the multi-user setting. We first show that including the public key in the hash function is indeed important for the tightness of the security reductions in the ROM and the QROM. At the same time, we show that including the \emph{entire} public key into the hash function is unnecessarily wasteful -- it is enough to include just a small (e.g. $32$ byte) unpredictable part of the key to achieve the same security. Reducing the input of the hash function results in a very noticeable improvement in the running time of the lattice-based KEMs. In particular, using this generic transform results in a 2X - 3X speed-up over the current (Round 3) key generation and encapsulation procedures in Kyber, and up to a $40\%$ improvement in the same functions in Saber.