IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
31 May 2022
Péter Kutas and Christophe Petit
ePrint ReportThe best-known protocol following that approach is the supersingular isogeny Diffie-Hellman protocol (SIDH); this protocol was turned into the CCA-secure key encapsulation mechanism SIKE, which was submitted to and remains in the third round of NIST's post-quantum standardization process as an ``alternate'' candidate.
Isogeny-based cryptography generally relies on the conjectured hardness of computing an isogeny between two isogenous elliptic curves, and most cryptanalytic work referenced on SIKE's webpage exclusively focuses on that problem.
Interestingly, the hardness of this problem is sufficient for neither SIDH nor SIKE. In particular, these protocols reveal additional information on the secret isogeny, in the form of images of specific torsion points through the isogeny.
This paper surveys existing cryptanalysis approaches exploiting this often called ``torsion point information'', summarizes their current impact on SIKE and related algorithms, and suggests some research directions that might lead to further impact.
Binbin Tu, Yu Chen, Qi Liu, and Cong Zhang
ePrint ReportIn this work, we propose a generic framework of using the leveled fully homomorphic encryption and a newly introduced protocol called permute matrix Private EQuality Test (pm-PEQT) to construct the \emph{unbalanced} PSU that is secure against semi-honest adversaries. By instantiating the pm-PEQT, we obtain fast unbalanced PSU protocols with a small communication overhead. Our protocol has communication complexity \emph{linear in the size of the smaller set, and logarithmic in the larger set}. More precisely, if the set sizes are $|X|\ll |Y|$, our protocol achieves a communication overhead of $O(|X|\log |Y|)$.
Finally, we implement our protocols that can compare with the state-of-the-art PSU. Experiments show that our protocols are more efficient than all previous protocols in the unbalanced case, especially, the larger the difference of two set sizes, the better our protocols perform. Our running-time-optimized benchmarks show that it takes 18.782 seconds of computation and 2.179 MB of communication to compute the union between $2^{10}$ strings and $2^{19}$ strings. Compared to prior secure PSU proposed by Jia et al. (Usenix Security 2022), this is roughly a $300 \times$ reduction in communication and $20 \times$ reduction in computational overhead with a single thread in WAN/LAN settings.
Yu Chen, Min Zhang, Cong Zhang, and Minglang Dong
ePrint ReportWe demonstrate the practicality of our framework with implementations. By plugging our cwPRF-based mqRPMT to the general framework, we obtain the first PSU protocol with strict linear complexity. For input sets of size $2^{20}$, the resulting PSU protocol requires roughly 80 MB bandwidth, and 50 seconds using 8 threads. To the best of our knowledge, it requires the least communication among all the known PSU protocols. By plugging our FHE-based mqRPMT$^*$ to the general framework, we obtain a PSU$^*$ suitable for unbalanced setting, whose communication complexity is linear in the size of the smaller set, and logarithmic in the larger set.
29 May 2022
Mysten Labs
Job PostingSuccessful applicants will work closely with experts in both academia and industry including George Danezis, Konstantinos Chalkias, Foteini Baldimtsi, Alberto Sonnino, François Garillot, Sam Blackshear, Lefteris Kokoris-Kogias, while enjoying a high degree of ownership & autonomy in working conditions & task prioritization.
Ideal candidate expectations:
- PhD or PostDoc researcher - or - engineer in cryptography, software security or distributed systems.
- at least one publication in any of the top cryptography, privacy and security conferences, such as: CCS, S&P, CRYPTO, USENIX SECURITY, EUROCRYPT, ASIACRYPT, NDSS, FC, AsiaCCS, EUROS&P, PETS, CT-RSA, ESORICS etc.
- Understanding of fundamental cryptographic schemes & underlying math for any of the following: hash functions, finite field arithmetic, polynomials (FFT) & elliptic curves, bilinear pairings, threshold signatures.
- Experience implementing high-performance & parallelizable protocols in languages such as Rust, Go, Java, or C/C++, and Github portfolio or productionized implementation will be a plus.
Our team is 100% remote & we are hiring across the world. Here at Mysten Labs, you’ll be joining a world class team with tremendous growth potential. We raised our 1st funding round ($36m series A) from top Silicon Valley VCs led by Andreessen Horowitz (a16z) with participation from Redpoint, Lightspeed, Coinbase Ventures, Electric Capital, Standard Crypto, NFX, Slow Ventures, Scribble Ventures, Samsung Next, Lux Capital etc.
HOW TO APPLY: Applicants are invited to e-mail their CV (use title: Summer 2022 Cryptography Internship) to jobs@mystenlabs.com
Closing date for applications:
Contact: Kostas Chalkias (Chief Cryptographer)
JP Morgan Chase, various locations in US
Job PostingWe are looking for a cryptography engineer who will be part of the Blockchain Technology Security Group to build foundational services for JP Morgan distributed ledger technology initiatives. In this role, you will be designing and coding security components and applications. You will have the exciting challenge of working on cutting-edge technology and building enterprise solutions that cater to all the lines of business. You’ll work in a collaborative, trusting, thought-provoking environment—one that encourages diversity of thought and creative solutions that are in the best interests of our customers globally
Qualifications
- Experience as applied cryptographer
- Experience with OpenSSL /TLS API; threading and socket programming in Linux, HSMs, and PKCS #11
- Solid understanding of Linux OS with strong knowledge of object oriented programming; specifically high-level languages such as Java, Python, Go, and node.js, C, C++ and Bash
- Familiar/Experience building solutions for digital assets and distributed ledger technology (blockchain) with focus on algorithms and data structures
- Desirable: Experience with multi-party computation (MPC) & HSMs and custody crypto assets
Closing date for applications:
Contact: France Law (france.law@jpmchase.com)
Telecom Paris, Institut Polytechnique de Paris
Job PostingClosing date for applications:
Contact: Hieu Phan (hieu.phan@telecom-paris.fr)
More information: https://institutminestelecom.recruitee.com/l/en/o/chaire-de-professeur-ou-professeure-junior-en-securite-des-grandes-infrastructures-numeriques-a-telecom-paris
28 May 2022
Ananya Appan, Anirudh Chandramouli, and Ashish Choudhury
ePrint ReportJason T. LeGrow, Yan Bo Ti, and Lukas Zobernig
ePrint ReportNico Döttling, Sanjam Garg, Sruthi Sekar, and Mingyuan Wang
ePrint ReportWith the goal of removing this problem, in this work, we initiate the study of big-key identity-based encryption (bk-IBE). In such a system, the master secret key is allowed to be large but we require that the identity-based secret keys are short. This allows users to use the identity-based short keys as the ephemeral secret keys that can be more easily carried around and allow for decrypting ciphertexts matching a particular identity, e.g. messages that were encrypted on a particular date. In particular:
-We build a new definitional framework for bk-IBE capturing a range of applications. In the case when the exfiltration is small our definition promises stronger security --- namely, an adversary can break semantic security for only a few identities, proportional to the amount of leakage it gets. In contrast, in the catastrophic case where a large fraction of the master secret key has been ex-filtrated, we can still resort to a guarantee that the ciphertexts generated for a randomly chosen identity (or, an identity with enough entropy) remain protected. We demonstrate how this framework captures the best possible security guarantees.
-We show the first construction of such a bk-IBE offering strong security properties. Our construction is based on standard assumptions on groups with bilinear pairings and brings together techniques from seemingly different contexts such as leakage resilient cryptography, reusable two-round MPC, and laconic oblivious transfer. We expect our techniques to be of independent interest.
Javad Ghareh Chamani, Dimitrios Papadopoulos, Mohammadamin Karbasforushan, and Ioannis Demertzis
ePrint ReportKyungbae Jang, Anubhab Baksi, Jakub Breier, Hwajeong Seo, and Anupam Chattopadhyay
ePrint ReportWe discuss about the the various choices made to keep the cost for the basic quantum circuit and that of the Grover's oracle search, and compare it with the levels of quantum security specified by the United States' National Institute of Standards and Technology (NIST). All in all, our work nicely fits in the research trend of finding the possible quantum vulnerability of symmetric key ciphers.
Pascal Lafourcade, Gael Marcadet, and Léo Robert
ePrint ReportMichele Ciampi, Divya Ravi, Luisa Siniscalchi, and Hendrik Waldner
ePrint ReportFollowing Garg et al., a sequence of works has matched this lower bound, but none of them achieved security with identifiable abort. In this work, we close this gap and show that four rounds of communication are also sufficient to securely realize any functionality with identifiable abort using standard and generic polynomial-time assumptions. To achieve this result we introduce the new notion of bounded-rewind secure MPC that guarantees security even against an adversary that performs a mild form of reset attacks. We show how to instantiate this primitive starting from any MPC protocol and by assuming trapdoor-permutations.
The notion of bounded-rewind secure MPC allows for easier parallel composition of MPC protocols with other (interactive) cryptographic primitives. Therefore, we believe that this primitive can be useful in other contexts in which it is crucial to combine multiple primitives with MPC protocols while keeping the round complexity of the final protocol low.
27 May 2022
Eindhoven University of Technology
Job PostingEindhoven University of Technology (TU/e), our Coding Theory and Cryptology (CC) group of the Discrete Mathematics (DM) cluster of the Department of Mathematics and Computer Science (M&CS) are looking for an (tenure-track) assistant professor in Cryptology. This vacancy is part of the Irène Curie Fellowship and is currently only open for female candidates.
The position will be part of the Coding Theory and Cryptology (CC) group, within the Discrete Mathematics (DM) cluster. The other group in DM is Discrete Algebra and Geometry. The CC group consists of one full professor (Lange), two associate professors (Schoenmakers and de Weger), and three assistant professors (Hülsing Ravagnani, and Schäge). CC provides undergraduate and graduate courses in cryptology, coding theory, algebra and number theory, as well as service teaching.
The ideal candidate has research experience complementing the existing strengths in CC and a background in mathematics but candidates from all areas of cryptology are encouraged to apply.
We look forward to your application and will screen it as soon as we have received it. Screening will continue until the position has been filled. We expect the first round of interviews in early July, so apply before June 20 to be considered in this round.
Closing date for applications:
Contact: Tanja Lange
More information: https://jobs.tue.nl/nl/vacature/assistant-professor-in-cryptology-936431.html
26 May 2022
Melbourne, Australia, 10 July - 14 July 2023
Event CalendarCopenhagen, Denmark, 1 August - 4 August 2022
School25 May 2022
Peeter Laud, Nikita Snetkov, and Jelizaveta Vakarjuk
ePrint ReportIn this work, we propose a new version of the two-party Crystals-Dilithium signature scheme. The security of our scheme is based on the hardness of Module-LWE and Module-SIS problems. In our construction, we follow a similar logic as Damgård et al. (PKC 2021) and use an additively homomorphic commitment scheme. However, compared to them, our protocol uses signature compression techniques from the original Crystals-Dilithium signature scheme which makes it closer to the version submitted to the NIST PQC
Seonggyeom Kim, Deukjo Hong, Jaechul Sung, and Seokhie Hong
ePrint ReportNavid Vafaei, Sara Zarei, Nasour Bagheri, Maria Eichlseder, Robert Primas, and Hadi Soleimany
ePrint Report-
Event CalendarSubmission deadline: 1 September 2022
Notification: 15 January 2023