International Association
for Cryptologic Research

We improve upon the security of (tweakable) correlation-robust hash functions, which are essential components of garbling schemes and oblivious-transfer extension schemes. We in particular focus on constructions from permutations, and improve upon the work by Guo et al. (IEEE S&P '20) in terms of security and efficiency.

We present a tweakable one-call construction which matches the security of the most secure two-call construction -- the resulting security bound takes form O((p+q)q/2^n), where q is the number of construction evaluations and p is the number of direct adversarial queries to the underlying n-bit permutation, which is modeled as random. Moreover, we present a new two-call construction with much better security degradation -- in particular, for applications of interest, where only a constant number of evaluations per tweak are made, the security degrades as O((sqrt(q)p+q^2)/2^n).

Our security proof relies on on the sum-capture theorems (Babai ’02; Steinberger ’12, Cogliati and Seurin ’18), as well as on new balls-into-bins combinatorial lemmas for limited independence ball-throws.

Of independent interest, we also provide a self-contained concrete security treatment of oblivious transfer extension.

Event date: 26 May 2022
Submission deadline: 27 January 2022
Notification: 27 February 2022

Event date: 7 September to 9 September 2022
Submission deadline: 23 May 2022
Notification: 11 July 2022

Event date: 10 July to 16 July 2022
Submission deadline: 1 March 2022
Notification: 15 April 2022

Event date: 10 July to 16 July 2022
Submission deadline: 1 March 2022
Notification: 15 April 2022

Event date: 29 August to 31 August 2022
Submission deadline: 25 March 2022
Notification: 25 May 2022

Event date: 7 November to 10 November 2022
Submission deadline: 24 May 2022
Notification: 28 August 2022

Event date: 13 June to 17 June 2022

The project is related to Building Trust on Computing Platform and Standardization of Elliptic Curve Cryptography for Indian Smart-Card Operating System
Fellowship: Rs. 42,000 per month + HRA
Age Limit: 40 years
Qualifications:

• Master's Degree in Engineering or Technology from a recognized University or equivalent; and
• Four years experience in Research and Development in Industrial and Academic Institutions or Science and Technology Organisations and Scientific activities and services
  OR
  Doctoral Degree in Science / Engineering / Technology from a recognized University or equivalent

Desired Qualifications: a. Have a good knowledge of Cryptography, Security, Embedded Systems, Programming. b. Preference will be given to candidates having NET/GATE scores and working experience relevant to the projects.

Employment Type: Contract

How to Apply:
Candidates should only apply using the application form given in the link. A duly completed application form along with the candidate’s detailed CV must be mailed to the PI, Dr. Dhiman Saha at deciphered.recruitment@gmail.com

For more info on the research group visit: http://de.ci.phe.red

Closing date for applications:

Contact: Dr. Dhiman Saha
Assistant Professor
Department of EECS, IIT Bhilai
Email: dhiman@iitbhilai.ac.in, decipheredlab@iitbhilai.ac.in Website: http://dhimans.in

More information: https://www.iitbhilai.ac.in/index.php?pid=adv_jan22_2

An exciting project to derive a sustainable and environmental-friendly consensus protocol for permissionless blockchain.

We are looking for a candidate with an outstanding PhD in cryptography and/or blockchain and a strong publication record in this field. The postdoc position will start asap and it is funded for 2 years.

To apply please send your detailed CV (with publication list) to Joseph Liu.

More information about our Blockchain Centre can be found here: https://www.monash.edu/blockchain

Closing date for applications:

Contact: Joseph Liu ( joseph . liu @ monash . edu )

We solve the millionaires problem in the semi-trusted model with homomorphic encryption without using intermediate decryptions. This leads to the computationally least expensive solution with homomorphic encryption so far, with a low bandwidth and very low storage complexity. The number of modular multiplications needed is less than the number of modular multiplications needed for one Pallier encryption. The output of the protocol can be either publicly known, encrypted, or secret-shared. The private input of the first player is computationally secure towards the second player, and the private input of the second player is even unconditionally secure towards the first player. We also introduce an efficient client-server solution for the millionaires problem with similar security properties

We consider that multiple noisy observations of a remote source are used by different nodes in the same network to compute a function of the noisy observations under joint secrecy, joint privacy, and individual storage constraints, as well as a distortion constraint on the function computed. Suppose that an eavesdropper has access to one of the noisy observations in addition to the public messages exchanged between legitimate nodes. This model extends previous models by 1) considering a remote source as the source of dependency between the correlated random variables observed at different nodes; 2) allowing the function computed to be a distorted version of the target function, which allows to reduce the storage rate as compared to a reliable function computation scenario in addition to reducing secrecy and privacy leakages; 3) introducing a privacy metric that measures the information leakage about the remote source to the fusion center in addition to the classic privacy metric that measures the leakage to an eavesdropper; 4) considering two transmitting nodes to compute a function rather than one node. Single-letter inner and outer bounds are provided for the considered lossy function computation problem, and exact lossy rate regions are characterized for two special cases in which either the computed function is partially invertible or the function is invertible and the measurement channel of the eavesdropper is physically degraded with respect to the measurement channel of the fusion center.

The problem of reliable function computation is extended by imposing privacy, secrecy, and storage constraints on a remote source whose noisy measurements are observed by multiple parties. The main additions to the classic function computation problem include 1) privacy leakage to an eavesdropper is measured with respect to the remote source rather than the transmitting terminals' observed sequences; 2) the information leakage to a fusion center with respect to the remote source is considered as another privacy leakage metric; 3) two transmitting node observations are used to compute a function. Inner and outer bounds on the rate regions are derived for lossless single-function computation with two transmitting nodes, which recover previous results in the literature, and for special cases that consider invertible functions exact rate regions are characterized.

Bitcoin is the most secure blockchain in the world, supported by the immense hash power of its Proof-of-Work miners, but consumes huge amount of energy. Proof-of-Stake chains are energy-efficient, have fast finality and accountability, but face several fundamental security issues: susceptibility to non-slashable long-range safety attacks, non-slashable transaction censorship and stalling attacks and difficulty to bootstrap new PoS chains from low token valuation. We propose Babylon, a blockchain platform which combines the best of both worlds by reusing the immense Bitcoin hash power to enhance the security of PoS chains. Babylon provides a data-available timestamping service, securing PoS chains by allowing them to timestamp data-available block checkpoints, fraud proofs and censored transactions on Babylon. Babylon miners merge mine with Bitcoin and thus the platform has zero additional energy cost. The security of a Babylon-enhanced PoS protocol is formalized by a cryptoeconomic security theorem which shows slashable safety and liveness guarantees.

The ever-increasing cohort of cryptocurrency users saw a sharp increase in different types of crypto-wallets in the past decade. However, different wallets are non-uniformly adopted in the population today; Specifically, emerging multi-device wallets, even with improved security and availability guarantees over their counterparts, are yet to receive proportionate attention and adoption. This work presents a data-driven investigation into the perceptions of cryptocurrency users towards multi-device wallets today, using a survey of255crypto-wallet users. Our results revealed two significant groups within our participants—Newbies and Non-newbies. These two groups statistically significantly differ in their usage of crypto-wallets. However, both of these groups were concerned with the possibility of their keys getting compromised and yet are unfamiliar with the guarantees offered by multi-device wallets. After educating the participants about the more secure multi-device wallets, around 70% of the participants preferred them; However, almost one-third of participants were still not comfortable using them. Our qualitative analysis revealed a gap between the actual security guarantees and mental models for these participants—they were afraid that using multi-device wallets will result in losing control over keys (and in effect funds) due to the distribution of key shares. We also investigated the preferred default settings for crypto-wallets across our participants, since multi-device wallets allow a wide range of key-share distribution settings. In the distributed server settings of the multi-device wallets, the participants preferred a smaller number of reputed servers (as opposed to a large non-reputed pool). Moreover, considerations about the threat model further affected their preferences, signifying a need for contextualizing default settings. We conclude the discussion by identifying concrete, actionable design avenues for future multi-device wallet developers to improve adoption.

The NTRU problem is a promising candidate to build efficient Fully Homomorphic Encryption (FHE). However, all the existing proposals (e.g. LTV, YASHE) need so-called `overstretched' parameters of NTRU to enable homomorphic operations. It was shown by Albrecht et al. (CRYPTO 2016) that these parameters are vulnerable against subfield lattice attacks.

Based on a recent, more detailed analysis of the overstretched NTRU assumption by Ducas and van Woerden (ASIACRYPT 2021), we construct two FHE schemes whose NTRU parameters lie outside the overstretched range. The first scheme is based solely on NTRU and demonstrates competitive performance against the state-of-the-art FHE schemes including TFHE. Our second scheme, which is based on both the NTRU and LWE assumptions, outperforms TFHE with a 28% faster bootstrapping and 45% smaller bootstrapping and key-switching keys.

A forward-secure public-key encryption (PKE) scheme prevents eavesdroppers from decrypting past ciphertexts in order to mitigate the damage caused by a potential secret key compromise. In prior works, forward security in a non-interactive setting, such as forward-secure PKE, is achieved by constantly updating (secret) keys. In this paper, we formalize the notion of blockchain-based forward-secure PKE and show the feasibility of constructing a forward-secure PKE scheme without key update (i.e. both the public key and the secret key are immutable), assuming the existence of a proof-of-stake blockchain with the distinguishable forking property introduced by Goyal, et al. (TCC 2017). Our construction uses the proof-of-stake blockchain as an immutable decryption log and witness encryption by Garg, et al. (STOC 2013) to ensure that the same ciphertext cannot be decrypted twice, thereby rendering a compromised secret key useless with respect to decryption of past ciphertext the legitimate user has already decrypted.

Public-key encryption with keyword search (PEKS) does not provide trapdoor privacy, i.e., keyword information is leaked through trapdoors. To prevent this information leakage, public key authenticated encryption with keyword search (PAEKS) has been proposed, where a sender's secret key is required for encryption, and a trapdoor is associated with not only a keyword but also the sender. Liu et al. (ASIACCS 2022) proposed a generic construction of PAEKS based on word-independent smooth projective hash functions (SPHFs) and PEKS. In this paper, we propose a new generic construction of PAEKS. The basic construction methodology is the same as that of the Liu et al. construction, where each keyword is converted into an extended keyword using SPHFs, and PEKS is used for extended keywords. Nevertheless, our construction is more efficient than Liu et al.'s in the sense that we only use one SPHF, but Liu et al. used two SPHFs. In addition, for consistency we considered a security model that is stronger than Liu et al.'s. Briefly, Liu et al. considered only keywords even though a trapdoor is associated with not only a keyword but also a sender. Thus, a trapdoor associated with a sender should not work against ciphertexts generated by the secret key of another sender, even if the same keyword is associated. Our consistency definition considers a multi-sender setting and captures this case. In addition, for indistinguishability against chosen keyword attack (IND-CKA) and indistinguishability against inside keyword guessing attack (IND-IKGA), we use a stronger security model defined by Qin et al. (ProvSec 2021), where an adversary is allowed to query challenge keywords to the encryption and trapdoor oracles. We also highlight several issues associated with the Liu et al. construction in terms of hash functions, e.g., their construction does not satisfy the consistency that they claimed to hold.

We build the first sub-linear (in fact, potentially constant-time) public-key searchable encryption system: − server can publish a public key $PK$. − anybody can build an encrypted index for document $D$ under $PK$. − client holding the index can obtain a token $z_w$ from the server to check if a keyword $w$ belongs to $D$. − search using $z_w$ is almost as fast (e.g., sub-linear) as the non-private search. − server granting the token does not learn anything about the document $D$, beyond the keyword $w$. − yet, the token $z_w$ is specific to the pair $(D, w)$: the client does not learn if other keywords $w'\neq w$ belong to $D$, or if w belongs to other, freshly indexed documents $D'$. − server cannot fool the client by giving a wrong token $z_w$. We call such a primitive Encapsulated Search Index (ESI). Our ESI scheme can be made $(t, n)$- distributed among $n$ servers in the best possible way: non-interactive, verifiable, and resilient to any coalition of up to $(t − 1)$ malicious servers. We also introduce the notion of delegatable ESI and show how to extend our construction to this setting. Our solution — including public indexing, sub-linear search, delegation, and distributed token generation — is deployed as a commercial application by Atakama.

The South African Reserve Bank Research Chair in the Faculty of Commerce at the University of Cape Town is inviting applications for PhD students and Postdoctoral Research Fellows. The overarching theme of the fellowships is “the future of finance” and students and recent graduates with a background in economics, computer science, mathematics, finance, and related disciplines are invited to apply. Any of the following research areas is of particular interest: Central bank digital currencies Financial interconnectedness Cybersecurity Successful applicants will work within a research group that strives for academic excellence and is interested in all aspects of central bank digital currencies (including financial stability, privacy, interoperability, and inclusivity), as well as all aspects of cybersecurity (in particular economic and network models of cybersecurity). Applications open now and are considered on a rolling basis until 30 April or until the positions are filled. Appointments are for as soon as is feasible. The tenure of the Postdoctoral fellowship is for up to three years, while the tenure for PhD positions is usually three years, but can be extended for up to five years. Due to the ongoing pandemic, successful applicants can choose to work remotely in 2022. Postdoctoral fellows receive a fellowship of R350,000 per annum and no benefits are included in the value of the fellowship. An additional travel allowance of R30,000 p.a. is available for successful applicants. The successful applicant will be required to comply with the University’s approved policies, procedures and practises for the postdoctoral sector. PhD students receive a fellowship of R210,000 p.a. and an additional travel allowance of R20,000 p.a. in addition to access to university-wide funding for conference travel. We typically arrange for PhD students to spend at least one semester at a leading international university and help organize an internship at a leading international policy institution. PhD students are expected to have extremely strong quantitative skills.

Closing date for applications:

Contact: anda.ngcaba@uct.ac.za

More information: https://www.finhub.org.za/vacancies#research_team