IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
24 October 2021
Hyesun Kwak, Dongwon Lee, Yongsoo Song, Sameer Wagh
ePrint ReportIn this work, we formalize a new variant of HE called Multi-Group Homomorphic Encryption (MGHE). Stated informally, an MGHE scheme provides a seamless integration between MPHE and MKHE, thereby enjoying the best of both worlds. In this framework, a group of parties generates a public key jointly which results in the compactness of ciphertexts and the efficiency of homomorphic operations similar to MPHE. However, unlike MPHE, it also supports computations on encrypted data under different keys similar to MKHE.
We provide the first construction of such an MGHE scheme from BFV and demonstrate experimental results. More importantly, the joint public key generation procedure of our scheme is fully non-interactive so that the set of computing parties does not have to be determined and no information about other parties is needed in advance of individual key generation. At the heart of our construction is a novel re-factoring of the relinearization key.
Long Meng, Liqun Chen
ePrint ReportBhaskar Roberts, Mark Zhandry
ePrint ReportAshrujit Ghoshal, Riddhi Ghosal, Joseph Jaeger, Stefano Tessaro
ePrint ReportThis paper introduces a new class of memory-tight reductions which leverage random strings in the interaction with the adversary to hide state information, thus shifting the memory costs to the adversary.
We exhibit this technique with several examples. We give memory-tight proofs for digital signatures allowing many forgery attempts when considering randomized message distributions or probabilistic RSA-FDH signatures specifically. We prove security of the authenticated encryption scheme Encrypt-then-PRF with a memory-tight reduction to the underlying encryption scheme. By considering specific schemes or restricted definitions we avoid generic impossibility results of Auerbach et al. (CRYPTO '17) and Ghoshal et al. (CRYPTO '20).
As a further case study, we consider the textbook equivalence of CCA-security for public-key encryption for one or multiple encryption queries. We show two qualitatively different memory-tight versions of this result, depending on the considered notion of CCA security.
Maikel Kerkhof, Lichao Wu, Guilherme Perin, Stjepan Picek
ePrint ReportThis paper analyzes the limitations of the existing loss functions and then proposes a novel side-channel analysis-optimized loss function: Focal Loss Ratio (FLR), to cope with the identified drawbacks observed in other loss functions. To validate our design, we 1) conduct a thorough experimental study considering various scenarios (datasets, leakage models, neural network architectures) and 2) compare with other loss functions commonly used in the deep learning-based side-channel analysis (both ``traditional'' one and those designed for side-channel analysis). Our results show that FLR loss outperforms other loss functions in various conditions while not having computation overheads compared to common loss functions like categorical cross-entropy.
Keitaro Hashimoto, Shuichi Katsumata, Eamonn Postlethwaite, Thomas Prest, Bas Westerbaan
ePrint ReportWe propose Chained CmPKE, a CGKA with an asymmetric bandwidth cost: in a group of $N$ members, a commit message costs $O(N)$ to upload and $O(1)$ to download, for a total bandwidth cost of $O(N)$. In contrast, TreeKEM [19, 24, 76] costs $\Omega(\log N)$ in both directions, for a total cost $\Omega(N\log N)$. Our protocol relies on generic primitives, and is therefore readily post-quantum.
We go one step further and propose post-quantum primitives that are tailored to Chained CmPKE, which allows us to cut the growth rate of uploaded commit messages by two or three orders of magnitude compared to naive instantiations. Finally, we realize a software implementation of Chained CmPKE. Our experiments show that even for groups with a size as large as $N = 2^{10}$, commit messages can be computed and processed in less than 100 ms.
Veronika Kuchta, Joseph K. Liu
ePrint ReportTianyu Zheng, Shang Gao, Bin Xiao, Yubo Song
ePrint ReportWe further use our proof scheme to implement both multiple ring signature schemes and RingCT protocols. For multiple ring signatures, we need to add a boundary constraint for the number $k$ to avoid the proof of an empty secret set. Thus, an improved version called bounded any-out-of-many proof is presented, which preserves all nice features of the original protocol such as high anonymity and logarithmic size. As for the RingCT, both the original and bounded proofs can be used safely. The result of the performance evaluation indicates that our RingCT protocol is more efficient and secure than others. We also believe our techniques are applicable in other privacy-preserving occasions.
23 October 2021
Visa Research, Palo Alto, CA
Job PostingThe Visa Research Advanced Cryptography team is seeking research interns in areas including Post-Quantum Cryptography, Multi-Party Computation and Zero-Knowledge Proofs. As an integral member of the extended Research team, interns will contact world-class research activities with fellow researchers, and work closely with product and technology teams to ensure the successful creation and application of disruptive and innovative security technologies.
To apply and for further details see https://smrtr.io/6zLhF
Closing date for applications:
Contact: Gaven Watson (gawatson@visa.com)
More information: https://smrtr.io/6zLhF
Zoom Video Communications
Job PostingZoom Security Engineering is hiring a Cryptography Intern for Summer 2022 to join the End-To-End-Encryption (E2EE) team. Come have a tangible impact on the security of a product used by millions of people, and help us design and deploy new cryptographic features across all of Zoom’s products!
In particular, we are developing and deploying new cryptographic protocols for privacy preserving and auditable data structures (such as transparency trees), e2ee communications and identity assertions.
Candidates should have a love for cryptography and security, an interest in bridging the gap between the academic literature and industry requirements/constraints, and an appreciation for simple and elegant solutions.
Job Responsibilities:
- Survey the academic literature for existing solutions to a problem, recommending the most suitable given Zoom’s constraints
- Develop new solutions to the problems above that are tailored to Zoom’s needs, analyze their security and submit academic papers to crypto/security conferences
- Write architecture and design documents describing the problem, solution and security tradeoffs. These will both be shared internally to guide the implementation, and externally for transparency and community feedback. See https://github.com/zoom/zoom-e2e-whitepaper/ for an example
- Occasionally review implementations for security vulnerabilities and compliance with the specifications above
Job requirements:
- Pursuing a PhD in Computer Science or related field, with a focus on Cryptography
- Experience with threat modelling, formalizing new cryptographic primitives/protocols, and formally proving/analyzing their security
- Ability to clearly and concisely communicate ideas about complex systems, both in written and spoken word
- (Preferred) Some experience writing Go and/or C++, with awareness of secure coding practices
Closing date for applications:
Contact: Antonio Marcedone
More information: https://zoom.wd5.myworkdayjobs.com/en-US/Zoom/job/Remote--NY---New-York-City/XMLNAME-2022-Summer-Cryptography--INTERN-_R6582
University of St. Gallen, Switzerland
Job Posting- Development and implementation of concepts and research results, both individually and in collaboration with researchers and PhD students,
- Run of experiments and simulation of realistic conditions to test the performance of developed algorithms and protocols,
- Development, maintenance and organization of software,
- Support to BSc, MSc and PhD students, postdocs and researchers who use the lab,
- Responsibility for day routines in the lab, for example purchases, installations, bookings, inventory,
- Demonstrations and lab tours for external visitors,
- Producing media content for our group web page and social media platforms.
- The successful applicant is expected to hold or to be about to receive a M.Sc. degree in Computer Science, Electrical Engineering, Applied Mathematics or similar fields, preferably with a focus in Security and Privacy for Computer Science Systems.
- We are looking for a strongly motivated and self-driven person who is able to work and learn new things independently.
- Good command of English is required.
- You should have a good academic track record and well developed analytical and problem solving skills.
- Excellent programming skills and familiarity with cryptographic libraries.
- Previous experience in implementation projects with C++, Matlab/Simulink, Python is desired.
Apply onlinehttps://jobs.unisg.ch/offene-stellen/cryptography-engineer-m-w-d/634aea27-37d2-4f1f-ab25-2d3c0a622fc0
Closing date for applications:
Contact: Katerina Mitrokotsa
More information: https://jobs.unisg.ch/offene-stellen/cryptography-engineer-m-w-d/634aea27-37d2-4f1f-ab25-2d3c0a622fc0
University of St. Gallen, Switzerland
Job PostingYour profile
- The PhD student is expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics.
- Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial.
Apply online: https://jobs.unisg.ch/offene-stellen/phd-position-in-applied-cryptography-and-information-security-m-w-d/09f75f22-649c-48a6-9aa4-659bbd686a84
Closing date for applications:
Contact: Katerina Mitrokotsa
More information: https://jobs.unisg.ch/offene-stellen/phd-position-in-applied-cryptography-and-information-security-m-w-d/09f75f22-649c-48a6-9aa4-659bbd686a84
CryptoLux Group, University of Luxembourg
Job Posting
Your role
The successful candidate will join the CryptoLux research team led by Prof. Alex Biryukov. He or she will contribute to a research project on future directions in cryptography and IT security and is expected to perform the following tasks:
- Shaping research directions and producing results in one or more of the following topics:
- Applied Cryptography (symmetric, lightweight, AE, White-box etc.)
- Financial cryptography, cryptocurrencies, blockchain technologies
- Privacy enhancing technologies (Tor, zero-knowledge, eID, etc)
- Disseminating results through scientific publications
- Providing guidance to Ph.D. and M.Sc. students
- a Ph.D. degree in Computer Science, Applied Mathematics, Electrical Engineering, or a related field;
- Competitive research record in applied cryptography or information security (at least one paper in top 10 IT security conferences)
- Strong mathematical and algorithmic CS background
- Fluent written and verbal communication skills in English
Starting date 1-Feb-2022 or later upon agreement. Early submission is encouraged; applications will be processed upon receipt.
Closing date for applications:
Contact: Prof. Alex Biryukov
More information: https://cryptolux.org
Indian Institute of Technology Bhilai, Raipur, Chhattisgarh, India
Job PostingNumber of positions: 2
Qualifications: Bachelor’s Degree in Engineering or Technology or MSc in Computer Science or MCA from a recognized university or equivalent
Desired Qualifications:
- Degree in Computer Science with highly coding proficiency
- A good knowledge of Cryptography, Security, Embedded Systems, Programming.
- Preference will be given to candidates having NET/GATE scores and working experience relevant to the project
Candidates should only apply using the application form given in the link (https://iitbhilai.ac.in/index.php?pid=adv_oct21_3) and send it to deciphered.recruitment@gmail.com.
Last Date of Application: 31st October 2021
Closing date for applications:
Contact:
Dr. Dhiman Saha
Assistant Professor
Department of EECS
IIT Bhilai
Research Group: http://de.ci.phe.red/
More information: https://iitbhilai.ac.in/index.php?pid=adv_oct21_3
KETS Quantum Security
Job PostingClosing date for applications:
Contact: careers@kets-quantum.com
More information: https://ketsquantum.livevacancies.co.uk/#/job/details/14?target=frame
IRMAR (Institute of Research in Maths in Rennes - France)
Job PostingSee link for further information.
Closing date for applications:
Contact: David Lubicz (DGA) or Jade Nardi (IRMAR)
More information: http://jnardi.perso.math.cnrs.fr/fichiers/fichierspageweb/postdoc_offer.pdf
Dakshita Khurana
ePrint ReportNIDI arguments allow a prover P to send a single message to verifier V, given which V obtains a sample d from a (secret) distribution D, together with a proof of membership of d in an NP language L. The soundness guarantee is that if the sample d obtained by the verifier V is not in L, then V outputs $\bot$. The privacy guarantee is that secrets about the distribution remain hidden: for every pair of distributions $D_0$ and $D_1$ of instance-witness pairs in L such that instances sampled according to $D_0$ or $D_1$ are (sufficiently) hard-to-distinguish, a NIDI that outputs instances according to $D_0$ with proofs of membership in L is indistinguishable from one that outputs instances according to $D_1$ with proofs of membership in L.
- We build NIDI arguments for sufficiently hard-to-distinguish distributions assuming sub-exponential indistinguishability obfuscation and sub-exponential one-way functions.
- We demonstrate preliminary applications of NIDI and of our techniques to obtaining the first (relaxed) non-interactive constructions in the plain model, from well-founded assumptions, of:
1. Commit-and-prove that provably hides the committed message
2. CCA-secure commitments against non-uniform adversaries.
The commit phase of our commitment schemes consists of a single message from the committer to the receiver, followed by a randomized output by the receiver (that need not necessarily be returned to the committer).
Amey Bhangale, Chen-Da Liu-Zhang, Julian Loss, Kartik Nayak
ePrint ReportMarc Joye
ePrint ReportThis guide is intended to practitioners. It explains the inner-workings of TFHE, a torus-based fully homomorphic encryption scheme. More exactly, it describes its implementation on a discretized version of the torus. It also explains in detail the technique of the programmable bootstrapping.
Zeta Avarikioti, Krzysztof Pietrzak, Iosif Salem, Stefan Schmid, Samarth Tiwari, Michelle Yeo
ePrint ReportIn this work, we present an opt-in rebalancing protocol that is both private and globally optimal, meaning our protocol maximizes the total amount of rebalanced funds. We study rebalancing from the framework of linear programming. To obtain full privacy guarantees, we leverage multi-party computation in solving the linear program, which is executed by selected participants to maintain efficiency. Finally, we efficiently decompose the rebalancing solution into incentive-compatible cycles which conserve user balances when executed atomically.