IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
24 October 2021
Maikel Kerkhof, Lichao Wu, Guilherme Perin, Stjepan Picek
ePrint ReportThis paper analyzes the limitations of the existing loss functions and then proposes a novel side-channel analysis-optimized loss function: Focal Loss Ratio (FLR), to cope with the identified drawbacks observed in other loss functions. To validate our design, we 1) conduct a thorough experimental study considering various scenarios (datasets, leakage models, neural network architectures) and 2) compare with other loss functions commonly used in the deep learning-based side-channel analysis (both ``traditional'' one and those designed for side-channel analysis). Our results show that FLR loss outperforms other loss functions in various conditions while not having computation overheads compared to common loss functions like categorical cross-entropy.
Keitaro Hashimoto, Shuichi Katsumata, Eamonn Postlethwaite, Thomas Prest, Bas Westerbaan
ePrint ReportWe propose Chained CmPKE, a CGKA with an asymmetric bandwidth cost: in a group of $N$ members, a commit message costs $O(N)$ to upload and $O(1)$ to download, for a total bandwidth cost of $O(N)$. In contrast, TreeKEM [19, 24, 76] costs $\Omega(\log N)$ in both directions, for a total cost $\Omega(N\log N)$. Our protocol relies on generic primitives, and is therefore readily post-quantum.
We go one step further and propose post-quantum primitives that are tailored to Chained CmPKE, which allows us to cut the growth rate of uploaded commit messages by two or three orders of magnitude compared to naive instantiations. Finally, we realize a software implementation of Chained CmPKE. Our experiments show that even for groups with a size as large as $N = 2^{10}$, commit messages can be computed and processed in less than 100 ms.
Veronika Kuchta, Joseph K. Liu
ePrint ReportTianyu Zheng, Shang Gao, Bin Xiao, Yubo Song
ePrint ReportWe further use our proof scheme to implement both multiple ring signature schemes and RingCT protocols. For multiple ring signatures, we need to add a boundary constraint for the number $k$ to avoid the proof of an empty secret set. Thus, an improved version called bounded any-out-of-many proof is presented, which preserves all nice features of the original protocol such as high anonymity and logarithmic size. As for the RingCT, both the original and bounded proofs can be used safely. The result of the performance evaluation indicates that our RingCT protocol is more efficient and secure than others. We also believe our techniques are applicable in other privacy-preserving occasions.
23 October 2021
Visa Research, Palo Alto, CA
Job PostingThe Visa Research Advanced Cryptography team is seeking research interns in areas including Post-Quantum Cryptography, Multi-Party Computation and Zero-Knowledge Proofs. As an integral member of the extended Research team, interns will contact world-class research activities with fellow researchers, and work closely with product and technology teams to ensure the successful creation and application of disruptive and innovative security technologies.
To apply and for further details see https://smrtr.io/6zLhF
Closing date for applications:
Contact: Gaven Watson (gawatson@visa.com)
More information: https://smrtr.io/6zLhF
Zoom Video Communications
Job PostingZoom Security Engineering is hiring a Cryptography Intern for Summer 2022 to join the End-To-End-Encryption (E2EE) team. Come have a tangible impact on the security of a product used by millions of people, and help us design and deploy new cryptographic features across all of Zoom’s products!
In particular, we are developing and deploying new cryptographic protocols for privacy preserving and auditable data structures (such as transparency trees), e2ee communications and identity assertions.
Candidates should have a love for cryptography and security, an interest in bridging the gap between the academic literature and industry requirements/constraints, and an appreciation for simple and elegant solutions.
Job Responsibilities:
- Survey the academic literature for existing solutions to a problem, recommending the most suitable given Zoom’s constraints
- Develop new solutions to the problems above that are tailored to Zoom’s needs, analyze their security and submit academic papers to crypto/security conferences
- Write architecture and design documents describing the problem, solution and security tradeoffs. These will both be shared internally to guide the implementation, and externally for transparency and community feedback. See https://github.com/zoom/zoom-e2e-whitepaper/ for an example
- Occasionally review implementations for security vulnerabilities and compliance with the specifications above
Job requirements:
- Pursuing a PhD in Computer Science or related field, with a focus on Cryptography
- Experience with threat modelling, formalizing new cryptographic primitives/protocols, and formally proving/analyzing their security
- Ability to clearly and concisely communicate ideas about complex systems, both in written and spoken word
- (Preferred) Some experience writing Go and/or C++, with awareness of secure coding practices
Closing date for applications:
Contact: Antonio Marcedone
More information: https://zoom.wd5.myworkdayjobs.com/en-US/Zoom/job/Remote--NY---New-York-City/XMLNAME-2022-Summer-Cryptography--INTERN-_R6582
University of St. Gallen, Switzerland
Job Posting- Development and implementation of concepts and research results, both individually and in collaboration with researchers and PhD students,
- Run of experiments and simulation of realistic conditions to test the performance of developed algorithms and protocols,
- Development, maintenance and organization of software,
- Support to BSc, MSc and PhD students, postdocs and researchers who use the lab,
- Responsibility for day routines in the lab, for example purchases, installations, bookings, inventory,
- Demonstrations and lab tours for external visitors,
- Producing media content for our group web page and social media platforms.
- The successful applicant is expected to hold or to be about to receive a M.Sc. degree in Computer Science, Electrical Engineering, Applied Mathematics or similar fields, preferably with a focus in Security and Privacy for Computer Science Systems.
- We are looking for a strongly motivated and self-driven person who is able to work and learn new things independently.
- Good command of English is required.
- You should have a good academic track record and well developed analytical and problem solving skills.
- Excellent programming skills and familiarity with cryptographic libraries.
- Previous experience in implementation projects with C++, Matlab/Simulink, Python is desired.
Apply onlinehttps://jobs.unisg.ch/offene-stellen/cryptography-engineer-m-w-d/634aea27-37d2-4f1f-ab25-2d3c0a622fc0
Closing date for applications:
Contact: Katerina Mitrokotsa
More information: https://jobs.unisg.ch/offene-stellen/cryptography-engineer-m-w-d/634aea27-37d2-4f1f-ab25-2d3c0a622fc0
University of St. Gallen, Switzerland
Job PostingYour profile
- The PhD student is expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics.
- Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial.
Apply online: https://jobs.unisg.ch/offene-stellen/phd-position-in-applied-cryptography-and-information-security-m-w-d/09f75f22-649c-48a6-9aa4-659bbd686a84
Closing date for applications:
Contact: Katerina Mitrokotsa
More information: https://jobs.unisg.ch/offene-stellen/phd-position-in-applied-cryptography-and-information-security-m-w-d/09f75f22-649c-48a6-9aa4-659bbd686a84
CryptoLux Group, University of Luxembourg
Job Posting
Your role
The successful candidate will join the CryptoLux research team led by Prof. Alex Biryukov. He or she will contribute to a research project on future directions in cryptography and IT security and is expected to perform the following tasks:
- Shaping research directions and producing results in one or more of the following topics:
- Applied Cryptography (symmetric, lightweight, AE, White-box etc.)
- Financial cryptography, cryptocurrencies, blockchain technologies
- Privacy enhancing technologies (Tor, zero-knowledge, eID, etc)
- Disseminating results through scientific publications
- Providing guidance to Ph.D. and M.Sc. students
- a Ph.D. degree in Computer Science, Applied Mathematics, Electrical Engineering, or a related field;
- Competitive research record in applied cryptography or information security (at least one paper in top 10 IT security conferences)
- Strong mathematical and algorithmic CS background
- Fluent written and verbal communication skills in English
Starting date 1-Feb-2022 or later upon agreement. Early submission is encouraged; applications will be processed upon receipt.
Closing date for applications:
Contact: Prof. Alex Biryukov
More information: https://cryptolux.org
Indian Institute of Technology Bhilai, Raipur, Chhattisgarh, India
Job PostingNumber of positions: 2
Qualifications: Bachelor’s Degree in Engineering or Technology or MSc in Computer Science or MCA from a recognized university or equivalent
Desired Qualifications:
- Degree in Computer Science with highly coding proficiency
- A good knowledge of Cryptography, Security, Embedded Systems, Programming.
- Preference will be given to candidates having NET/GATE scores and working experience relevant to the project
Candidates should only apply using the application form given in the link (https://iitbhilai.ac.in/index.php?pid=adv_oct21_3) and send it to deciphered.recruitment@gmail.com.
Last Date of Application: 31st October 2021
Closing date for applications:
Contact:
Dr. Dhiman Saha
Assistant Professor
Department of EECS
IIT Bhilai
Research Group: http://de.ci.phe.red/
More information: https://iitbhilai.ac.in/index.php?pid=adv_oct21_3
KETS Quantum Security
Job PostingClosing date for applications:
Contact: careers@kets-quantum.com
More information: https://ketsquantum.livevacancies.co.uk/#/job/details/14?target=frame
IRMAR (Institute of Research in Maths in Rennes - France)
Job PostingSee link for further information.
Closing date for applications:
Contact: David Lubicz (DGA) or Jade Nardi (IRMAR)
More information: http://jnardi.perso.math.cnrs.fr/fichiers/fichierspageweb/postdoc_offer.pdf
Dakshita Khurana
ePrint ReportNIDI arguments allow a prover P to send a single message to verifier V, given which V obtains a sample d from a (secret) distribution D, together with a proof of membership of d in an NP language L. The soundness guarantee is that if the sample d obtained by the verifier V is not in L, then V outputs $\bot$. The privacy guarantee is that secrets about the distribution remain hidden: for every pair of distributions $D_0$ and $D_1$ of instance-witness pairs in L such that instances sampled according to $D_0$ or $D_1$ are (sufficiently) hard-to-distinguish, a NIDI that outputs instances according to $D_0$ with proofs of membership in L is indistinguishable from one that outputs instances according to $D_1$ with proofs of membership in L.
- We build NIDI arguments for sufficiently hard-to-distinguish distributions assuming sub-exponential indistinguishability obfuscation and sub-exponential one-way functions.
- We demonstrate preliminary applications of NIDI and of our techniques to obtaining the first (relaxed) non-interactive constructions in the plain model, from well-founded assumptions, of:
1. Commit-and-prove that provably hides the committed message
2. CCA-secure commitments against non-uniform adversaries.
The commit phase of our commitment schemes consists of a single message from the committer to the receiver, followed by a randomized output by the receiver (that need not necessarily be returned to the committer).
Amey Bhangale, Chen-Da Liu-Zhang, Julian Loss, Kartik Nayak
ePrint ReportMarc Joye
ePrint ReportThis guide is intended to practitioners. It explains the inner-workings of TFHE, a torus-based fully homomorphic encryption scheme. More exactly, it describes its implementation on a discretized version of the torus. It also explains in detail the technique of the programmable bootstrapping.
Zeta Avarikioti, Krzysztof Pietrzak, Iosif Salem, Stefan Schmid, Samarth Tiwari, Michelle Yeo
ePrint ReportIn this work, we present an opt-in rebalancing protocol that is both private and globally optimal, meaning our protocol maximizes the total amount of rebalanced funds. We study rebalancing from the framework of linear programming. To obtain full privacy guarantees, we leverage multi-party computation in solving the linear program, which is executed by selected participants to maintain efficiency. Finally, we efficiently decompose the rebalancing solution into incentive-compatible cycles which conserve user balances when executed atomically.
Anubhab Baksi, Vishnu Asutosh Dasu, Banashri Karmakar, Anupam Chattopadhyay, Takanori Isobe
ePrint ReportJiaxin Guan, Mark Zhandry
ePrint ReportIn this work, we consider whether inhomogeneous polynomials, such as $2x^2+3x+1$, can have useful cryptographic applications. We focus on the case of polynomials mod $2^n$, due to some useful mathematical properties. The natural group structure no longer exists, so the quantum attacks but also applications no longer immediately apply. We nevertheless show classical polynomial-time attacks on analogs of hard problems from the homogeneous setting. We conclude by proposing new computational assumptions relating to these inhomogeneous polynomials, with cryptographic applications.
Nishanth Chandran, Pouyan Forghani, Juan Garay, Rafail Ostrovsky, Rutvik Patel, Vassilis Zikas
ePrint ReportIn this work we provide a universally composable definition of almost-everywhere security, which allows us to automatically and accurately capture the guarantees of AE-MPC (as well as AE-communication, the analogous “best-possible security” version of secure communication) in the Universal Composability (UC) framework of Canetti. Our result offers the first simulation-based treatment of this important but under-investigated problem, along with the first simulation-based proof of AE-MPC.
Craig Gentry, Shai Halevi, Vadim Lyubashevsky
ePrint ReportWe present a non-interactive PVSS scheme in which the underlying encryption scheme is based on the learning with errors (LWE) problem. While lattice-based encryption schemes are very fast, they have issues with bandwidth (long ciphertexts and public keys). We deal with the bandwidth issue in two ways. First, we adapt the Peikert-Vaikuntanathan-Waters (PVW) encryption scheme to the multi-receiver setting so that the bulk of the parties' keys is a common random string, and so that we get good amortized communication: $\Omega(1)$ plaintext/ciphertext rate (rate $\approx 1/60$ for 100 parties, $\approx 1/8$ for 1000 parties, approaching 1/2 as the number of parties grows). Second, we use bulletproofs over a DL-group of order about 256 bits to get compact proofs of correct encryption of shares. Switching from the lattice setting to the DL setting is relatively painless, as we equate the LWE modulus with the order of the group, and apply dimension reduction to vectors before the switch to minimize the number of exponentiations in the bulletproof. An implementation of our PVSS for 1000 parties showed that it's quite practical, and should remain so with up to a two order of magnitude increase in the group size.