IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
27 October 2021
Long Meng, Liqun Chen
ePrint Report24 October 2021
New jersey Institute of Technology
Job PostingThe successful candidate will hold a faculty appointment in the department of Computer Science and is expected to lead the creation of the Institute for Cybersecurity, which builds on top of existing research and educational strengths in the area of cybersecurity and will span multiple departments across NJIT. As the Director of the Institute for Cybersecurity, the successful candidate must attract funding and develop collaborative relationships with industry.
NJIT is designated a Carnegie R1 Research University, with $161M research expenditures in FY20. The Computer Science Department is ranked 77 nationally by csrankings.org, and has 29 tenured/tenure track faculty, with eight NSF CAREER awardees and one DARPA Young Investigator recipient, and a research expenditure of 12 Million dollars in FY20. The department has strong connections with local industry and works closely with many companies through student Capstone projects, internships, co-ops and joint R&D projects.
To formally apply for the position, please submit your application (including CV and Cover letter) to NJIT’s career site: https://njit.csod.com/ux/ats/careersite/1/home/requisition/3409?c=njit
You must also submit additional candidate materials online at https://academicjobsonline.org/ajo/jobs/19436
the additional candidate materials include a cover letter, CV, Research Statement, Teaching Statement, and the contact information for at least three references. Applications received by December 31, 2021 will receive full consideration. However, applications are reviewed until all the positions are filled. Contact address for inquiries: cs-faculty-search@njit.edu.
Closing date for applications:
Contact: cs-faculty-search@njit.edu
More information: https://njit.csod.com/ux/ats/careersite/1/home/requisition/3409?c=njit
New Jersey Institute of Technology
Job PostingNJIT is designated a Carnegie R1 Research University, with $161M research expenditures in FY20. The Computer Science Department is ranked 77 nationally by csrankings.org, and has 29 tenured/tenure track faculty, with eight NSF CAREER awardees and one DARPA Young Investigator award, and a research expenditure of 12 Million dollars in FY20. The Computer Science Department enrolls approximately 1,900 students at all levels across eleven programs of study and takes part, alongside the Department of Informatics and the Department of Data Science, in the Ying Wu College of Computing. The College has an enrollment of more than 3,300 students in computing disciplines, and graduates more than 900 computing professionals every year; as such, it is the largest purveyor of computing talent in the tristate (NY, NJ, CT) area.
To formally apply for the position, please submit your application (including CV and Cover letter) to NJIT’s career site: https://njit.csod.com/ux/ats/careersite/1/home/requisition/3343?c=njit
You must also submit additional candidate materials online at https://academicjobsonline.org/ajo/jobs/19180
The additional candidate materials include a cover letter, CV, Research Statement, Teaching Statement, and the contact information for at least three references.
Applications received by December 31, 2021 will receive full consideration. However, applications are reviewed until all the positions are filled. Contact address for inquiries: cs-faculty-search@njit.edu.
Closing date for applications:
Contact: cs-faculty-search@njit.edu
More information: https://njit.csod.com/ux/ats/careersite/1/home/requisition/3343?c=njit
5ire.org
Job Posting5ireChain is a fifth-generation blockchain that aims to bring a paradigm shift from a for-profit to a for-benefit economy. 5ire's mission is to accelerate the implementation of the United Nations 2030 Agenda for Sustainable Development.
“We’re building 5ireChain to eliminate intermediaries and bring all the impact makers onto a level playing field where they can use the shared language of the UN SDGs. We want businesses to act as a force for good and help move the world from a for-profit paradigm to a for-benefit paradigm, facilitating the transition from the fourth industrial revolution to the fifth industrial revolution and building for-benefit incentive and reward distribution mechanisms.
We are currently in a research phase, working with models and simulations. In the near future, we will start implementing the research. You will have the opportunity to participate in developing -and improving- the state of the art of blockchain technologies, as well as turning them into a reality. You’ll be working directly with the existing research and development team.
Areas of interest:
Complexity theory, approximation algorithms, algorithmic game theory, mechanism design, computational social choice, crypto-economics, and governance. Consensus protocols, finality gadgets, inter-operability across blockchains, zero-knowledge proofs.
Key Responsibilities:
Designing and analyzing incentive mechanisms (rewards, slashings, handling of reports) of decentralized protocols.
Primarily, ensuring that solutions are sound and diving deeper into their formal definition.
What will help you get there:
Familiarity with the application of formal method techniques. (Provable security, Security proofs … would be a plus.)
Publications in Consensus engines, system security, applied cryptography, distributed systems, or privacy are highly desirable.
Experience in multi-agent decision-making mechanisms such as committee elections, referenda, auctions, and general on-chain governance is not required but would be a significant advantage.
Closing date for applications:
Contact:
Zakaria Salek
zakaria@5ire.org
More information: https://dotjobs.net/jobs/716f807d-ffdf-4558-996e-21fbd50f6b5d_consensus-distributed-systems-researcher-architect
Daniel J. Bernstein, Tanja Lange
ePrint Report$S$-unit attacks are a rapidly developing line of attacks against structured lattice problems. These include the quantum polynomial-time attacks that broke the cyclotomic case of Gentry's original STOC 2009 FHE system under minor assumptions, and newer attacks that have broken through various barriers previously claimed for this line of work.
$S$-unit attacks take advantage of auxiliary lattices, standard number-theoretic lattices called $S$-unit lattices. Spherical models have recently been applied to these auxiliary lattices to deduce core limits on the power of $S$-unit attacks.
This paper shows that these models underestimate the power of $S$-unit attacks: $S$-unit lattices, like the lattice $Z^d$, have much shorter vectors and reduce much more effectively than predicted by these models. The attacker can freely choose $S$ to make the gap as large as desired, breaking through the core limits previously asserted for $S$-unit attacks.
Omri Shmueli
ePrint ReportPublic-key semi-quantum money (Radian and Sattath, AFT 2019) is a quantum money scheme where the algorithm of the bank is completely classical, and quantum banknotes are publicly verifiable on any quantum computer. In particular, such scheme relies on local quantum computation and only classical communication. The only known construction of public-key semi-quantum is based on quantum lightning (Zhandry, EUROCRYPT 2019), which is based on a computational assumption that is now known to be broken.
In this work, we construct public-key semi-quantum money, based on quantum-secure indistinguishability obfuscation and the sub-exponential hardness of the Learning With Errors problem. The technical centerpiece of our construction is a new 3-message protocol, where a classical computer can delegate to a quantum computer the generation of a quantum state that is both, unclonable and publicly verifiable.
Théodore Conrad-Frenkiel, Rémi Géraud-Stewart, David Naccache
ePrint ReportA common practice thwarting such attacks consists in applying the Fujisaki-Okamoto (FO, \cite{DBLP:conf/pkc/FujisakiO99}) transformation before encrypting. However, not all NTRU protocols enforce this protection. In particular the DPKE version of NTRU \cite{DBLP:conf/eurocrypt/SaitoXY18} is susceptible to such an attack.
Andrea Caforio, Daniel Collins, Ognjen Glamocanin, Subhadeep Banik
ePrint ReportYang Wang, Yanmin Zhao, Mingqiang Wang
ePrint ReportMatteo Campanelli, Bernardo David, Hamidreza Khoshakhlagh, Anders Konring, Jesper Buus Nielsen
ePrint ReportJan-Pieter D'Anvers, Daniel Heinz, Peter Pessl, Michiel van Beirendonck, Ingrid Verbauwhede
ePrint ReportAleksei Udovenko, Giuseppe Vitto
ePrint ReportFabian Hertel, Nicolas Huber, Jonas Kittelberger, Ralf Kuesters, Julian Liedtke, Daniel Rausch
ePrint ReportIn this paper, we propose and implement several new Ordinos instantiations in order to support Borda voting, the Hare-Niemeyer method for proportional representation, multiple Condorcet methods, and Instant-Runoff Voting. Our instantiations, which are based on suitable secure multi-party computation (MPC) components, offer the first tally-hiding implementations for these voting methods. To evaluate the practicality of our MPC components and the resulting e-voting systems, we provide extensive benchmarks for all our implementations.
Lucjan Hanzlik, Daniel Slamanig
ePrint ReportIn this paper we address this problem by introducing and formalizing the notion of core/helper anonymous credentials (CHAC). The model considers a constrained core device (e.g., a SIM card) and a powerful helper device (e.g., a smartphone). The key idea is that the core device performs operations that do not depend on the size of the credential or the number of attributes, but at the same time the helper device is unable to use the credential without its help. We present a provably secure generic construction of CHACs using a combination of signatures with flexible public keys (SFPK) and the novel notion of aggregatable attribute-based equivalence class signatures (AAEQ) along with a concrete instantiation. The key characteristics of our scheme are that the size of showing tokens is independent of the number of attributes in the credential(s) and that the core device only needs to compute a single elliptic curve scalar multiplication, regardless of the number of attributes. We confirm the practical efficiency of our CHACs with an implementation of our scheme on a Multos smart card as the core and an Android smartphone as the helper device. A credential showing requires less than 500 ms on the smart card and around 200 ms on the smartphone (even for a credential with 1000 attributes).
Qi Lei, Zijia Yang, Qin Wang, Yaoling Ding, Zhe Ma , An Wang
ePrint ReportTo bridge this gap, we propose a dimension reduction tool for high-dimensional traces by combining signal-to-noise ratio (SNR) analysis and autoencoder. With the designed asymmetric undercomplete autoencoder (UAE) architecture, we extract a small group of critical features from numerous time samples. The compression rate by using our UAE method reaches 40x on synchronized datasets and 30x on desynchronized datasets. This preprocessing step facilitates the profiled attacks by extracting potential leakage features. To demonstrate its effectiveness, we evaluate our proposed method on the raw ASCAD dataset with 100,000 samples in each trace. We also derive desynchronized datasets from the raw ASCAD dataset and validate our method under random delay effect. As current MLP and CNN structures cannot exploit the S-box leakage either before or after autoencoder preprocessed traces, here, we further propose a $2^n$-structure MLP network as the attack model. By applying UAE and $2^n$-structure MLP network on these traces, experimental results show that all correct subkeys on synchronized datasets (16 S-boxes) and desynchronized datasets are successfully revealed within hundreds of seconds. This shows that our autoencoder can significantly facilitate DL-based profiled attacks on high-dimensional datasets.
Koji Nuida
ePrint ReportBen Marshall, Dan Page
ePrint ReportAayush Jain, Alexis Korb, Paul Lou, Amit Sahai
ePrint ReportIn particular, we show that when $m\geq n$ and the sets of indices corresponding to the variables present in each monomial exhibit a weak expansion property with expansion factor greater than $1/2$ for unions of at most $4$ sets, then a non-trivial distinguisher exists.
Overwhelming Distinguishers: Next we consider the problem of amplifying the success probability of the distinguisher, to guarantee that it succeeds with probability $1-n^{-\omega(1)}$. We obtain such an overwhelming distinguisher for natural random classes of homogeneous multilinear constant degree $d$ polynomials, denoted by $\mathcal{Q}_{n,d,p}$, and natural input distributions $\mathcal{D}$ such as discrete Gaussians or uniform distributions over bounded intervals. The polynomials are chosen by independently sampling each coefficient to be $0$ with probability $p$ and uniformly from $\cD$ otherwise. For these polynomials, we show a surprisingly simple distinguisher that requires $p> n\log n/\binom{n}{d}$ and $m\geq \tilde{O}(n^{2})$ samples, independent of the degree $d$. This is in contrast with the setting for refutation, where we have sum-of-squares lower bounds against constant degree sum-of-squares algorithms (Grigoriev, TCS 01; Schoenebeck, FOCS 08) for this parameter regime for degree $d>6$.
Guilherme Perin, Lichao Wu, Stjepan Picek
ePrint ReportOur results emphasize that deep neural networks as profiling models show successful key recovery independently of explored feature selection scenarios against first-order masked software implementations of AES 128. Concerning the number of features, we found three main observations: 1) scenarios with less carefully selected point-of-interest and larger attacked trace intervals are the ones with better attack performance in terms of the required number of traces during the attack phase; 2) optimizing and reducing the number of features does not necessarily improve the chances to find good models from the hyperparameter search; and 3) in all explored feature selection scenarios, the random hyperparameter search always indicate a successful model with a single hidden layer for MLPs and two hidden layers for CNNs, which questions the reason for using complex models for the considered datasets. Our results demonstrate the key recovery with a single attack trace for all datasets for at least one of the feature selection scenarios.