IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
14 July 2022
Haetham AL ASWAD, Cécile PIERROT
ePrint ReportJianfang "Danny" Niu
ePrint ReportShweta Agrawal, Jung Hee Cheon, Hyeongmin Choe, Damien Stehlé, Anshu Yadav
ePrint ReportIn this work, we provide an efficient, round-optimal (two-round) blind signature scheme from the hardness of the discrete log (DL) problem {\it and} the learning with errors problem in the (non black-box) random oracle model. Our construction enjoys {\it post-quantum} blindness and does not rely on idealizations such as the algebraic group model or generic group model. We provide a concrete instantiation of our construction. Specifically, our blind signature size and verification time is the same as base Schnorr signature scheme which is used for a building block, making the signature extremely short and the verification extremely fast.
To the best of our knowledge, ours is the first efficient candidate from standard assumptions which simultaneously achieves (very) short signatures, fast verification time, post-quantum blindness and round optimality.
Carlo Brunetta, Hans Heum, Martijn Stam
ePrint ReportTymoteusz Chojecki, Vasyl Ustimenko
ePrint ReportXiao Liang, Omkant Pandey, Takashi Yamakawa
ePrint ReportWe achieve our results through a new technique for constant-round non-malleable commitments which is easier to use in the post-quantum setting. The technique also yields an almost elementary proof of security for constant-round non-malleable commitments in the classical setting, which may be of independent interest.
As an application, when combined with existing work, our results yield the first constant-round post-quantum secure multiparty computation under the $\mathit{polynomial}$ hardness of quantum fully-homomorphic encryption and quantum learning with errors.
Marc Fischlin, Felix Rohrbach, Tobias Schmalz
ePrint ReportBesides formalizing the notion of the universal random oracle model we show that the model is asymptotically equivalent to Unruh's auxiliary-input random oracle model (Crypto 2007). In Unruh's model the adversary receives some inefficiently computed information about the random oracle as extra input. Noteworthy, while security in the universal random oracle model implies security in the auxiliary-input random oracle model tightly, the converse implication introduces an inevitable security loss. This implies that the universal random oracle model provides stronger guarantees in terms of concrete security. Validating the model we finally show, via a direct proof with concrete security, that a universal random oracle is one-way.
Indian Institute of Technology Kharagpur
Job PostingLab websites:
1. http://cse.iitkgp.ac.in/resgrp/seal/
2. https://sites.google.com/view/hardware-and-cyber-physical-se/home?authuser=1
3. Youtube Channel: https://www.youtube.com/channel/UC-343QYYo1bhSGW1JLXDANA
Closing date for applications:
Contact: Prof Debdeep Mukhopadhyay Computer Science and Engineering Indian Institute of Technology Kharagpur West Bengal, 721302, India
More information: http://www.iitkgp.ac.in/temporary-jobs
Ruhr-University Bochum and Max Planck Institute for Security and Privacy
Job Posting- Security of smart contracts
- Formal verification of smart contracts
- Security of blockchain consensus protocols
- A Master’s degree or equivalent (or be close to completing one) in computer science, mathematics, or related fields.
- Outstanding candidates with a Bachelor’s degree will also be considered.
- Excellent communication/writing skills in English; knowledge of German is not required.
- An outstanding track record in classes related to IT security, cryptography, or formal methods/mathematics.
The positions are fully funded (100%) and paid according to the E-13 pay category. To apply, please send an email to both Dr. Schneidewind and Prof. Dr. Karame with the following documents in a single PDF:
- CV, including transcripts.
- A brief cover letter describing your research interests.
- Contact details of 2-3 potential references
Closing date for applications:
Contact: Prof. Dr. Ghassan Karame (ghassan.karame@rub.de) and Dr. Clara Schneidewind (clara.schneidewind@mpi-sp.org)
More information: https://informatik.rub.de/infsec/
Postdoctoral Researcher and Research Fellow positions in ICT (Cybersecurity, Cryptography, and More)
Helsinki Institute for Information Technology, Helsinki, Finland
Job PostingThe Helsinki Institute for Information Technology (HIIT) in cooperation with the Finnish Center for Artificial Intelligence (FCAI) invite applications for Postdoctoral Researchers for a term of two years with the possibility of a one year extension. HIIT offers a HIIT Postdoctoral Fellow position for two years, with the possibility of a one year extension. For more senior candidates, HIIT offers a HIIT Research Fellow position of three years, with the possibility of a two year extension. The length of the contract as well as the starting and ending dates are negotiable.
All excellent researchers in any area of ICT can be considered, but priority is given to candidates who support one (or more) of the HIIT strategic focus areas:
- Artificial Intelligence
- Computational Health
- Cybersecurity
- Data Science
- Foundations of Computing
Closing date for applications:
Contact: Russell W. F. Lai (russell.lai at aalto dot fi)
More information: https://www.aalto.fi/en/open-positions/postdoctoral-researcher-and-research-fellow-positions-in-ict
Indian Institute of Science (IISc), Bangalore, India
Job PostingThe applicant is expected to have completed a PhD degree (recently) in Cryptography or a related subject with strong publication records. A background in theoretical aspects of secure multiparty computation and/or experience in coding for practical aspects of secure computation is expected. Postdoctoral fellows are expected to actively interact with PhD students and contribute to the lab's projects. The tenure of the position is for one year and can be extended further.
You can apply through and find further details regarding opportunities at CrIS here - https://www.csa.iisc.ac.in/~cris/opportunities.html
Closing date for applications:
Contact: Professor Arpita Patra
More information: https://www.csa.iisc.ac.in/~cris/about.html
Indian Institute of Science (IISc), Bangalore, India
Job PostingThis position is open for post-graduate (BTech/MSc/MS/MTech/Dual degree/Integrated Mtech) students interested in getting more research experience. Applicants who have credited a cryptography course in their home institute and/or who have worked on a related topic for their master's thesis are preferred.
You can apply through and find further details regarding opportunities at CrIS here - https://www.csa.iisc.ac.in/~cris/opportunities.html
Closing date for applications:
Contact: Professor Arpita Patra
More information: https://www.csa.iisc.ac.in/~cris/about.html
Chair of »Media Security« at Bauhaus-Universität Weimar
Job PostingResearch topics include:
- primitives for symmetric cryptosystems (block ciphers, hash functions, ...)
- algorithms for secret-key encryption, authentication, and authenticated encryption
- quantum algorithms and their application in attacks on symmetric cryptosystems
- hash-based signature schemes
- language-theoretic security methods for the secure communication protocols
perform research to further the research assistant's own scientific qualification, publish and present results at workshops and conferences, participate in teaching and the university's self-administration, supervise students, and assist with external funding proposals.
Hiring requirements:
- successfully completed university studies (diploma, master or equivalent) in computer science or a closely related field
- an excellent track record in classes related to cryptography or quantum algorithms, or in general excellent results in mathematics and theoretical computer science
- very good programming skills and very good knowledge of English, written and spoken
- willingness to imparting specialized knowledge to students, own familiarization with new research areas and to the presentation of scientific results at international conferences
- good knowledge of German is an advantage for carrying out teaching, but not required; also beneficial is experience with Linux, git, and LaTeX
Please send us your application with the usual documents (at least: cover letter, curriculum vitae, relevant degree certificates/grade overviews, research interests, if available: List of publications) and electronic contact details for at least two references by email (one PDF) or by post.
Deadline: August 31, 2022
Closing date for applications:
Contact: Frau Thielken: emmely.kornelia.thielken@uni-weimar.de
More information: https://www.uni-weimar.de/en/university/news/job-openings/m-wp-10-22/
TU Darmstadt, Germany
Job PostingJob description: You'll work in the collaborative research center CROSSING funded by the German Research Foundation (DFG). In our subproject E4 Compiler for Privacy-Preserving Protocols, we build compilers to automatically generate optimized secure multi-party computation protocols for privacy-preserving applications. See https://encrypto.de/CROSSING for details. You conduct research, implement prototypes, and publish&present the results at top venues. You'll participate in teaching and supervise thesis students & student assistants.
We offer: We demonstrate that privacy is efficiently protectable in real-world applications via cryptographic protocols. Our open and international working environment facilitates excellent research in a sociable team. TU Darmstadt is a top research university for IT security, cryptography and CS in Europe. Darmstadt is a very international, livable and well-connected city in the Rhine-Main area around Frankfurt. Knowledge of German is beneficial, but not required, and TU Darmstadt offers corresponding support.
Your profile:
- Completed Master's degree (or equivalent) at a top university with excellent grades in IT security, computer science, or a similar area.
- Extensive knowledge in applied cryptography/IT security and very good software development skills. Knowledge in cryptographic protocols (ideally MPC) is a plus.
- • Experience in hardware synthesis/compiler construction is beneficial.
- Self-motivated, reliable, creative, can work independently, and want to do excellent research.
- Our working language is English: able to discuss/write/present scientific results in English. German is beneficial but not required.
Closing date for applications:
Contact: Thomas Schneider (application@encrypto.cs.tu-darmstadt.de)
More information: https://encrypto.de/2022-CROSSING
13 July 2022
CHES
The registration site is now open. Early registration is until August 18th.
12 July 2022
Avijit Dutta, Mridul Nandi, Suprita Talnikar
ePrint ReportFabio Campos, Michael Meyer, Krijn Reijnders, Marc Stöttinger
ePrint ReportNils Wisiol, Patrick Gersch, Jean-Pierre Seifert
ePrint ReportBar Alon, Moni Naor, Eran Omri, Uri Stemmer
ePrint ReportIn this work, we introduce the \emph{Gulliver multi-party computation model} (GMPC) to realistically capture the above scenario. The GMPC model considers a single highly powerful party, called the {\em server} or {\em Gulliver}, that is connected to $n$ users over a star topology network (alternatively formulated as a full network, where the server can block any message). The users are significantly less powerful than the server, and, in particular, should have both computation and communication complexities that are polylogarithmic in $n$. Protocols in the GMPC model should be secure against malicious adversaries that may corrupt a subset of the users and/or the server.
Designing protocols in the GMPC model is a delicate task, since users can only hold information about $\operatorname{polylog}(n)$ other users (and, in particular, can only communicate with $\operatorname{polylog}(n)$ other users). In addition, the server can block any message between any pair of honest parties. Thus, reaching an agreement becomes a challenging task. Nevertheless, we design generic protocols in the GMPC model, assuming that at most $\alpha<1/6$ fraction of the users may be corrupted (in addition to the server). Our main contribution is a variant of Feige's committee election protocol [FOCS 1999] that is secure in the GMPC model. Given this tool we show: \begin{enumerate} \item Assuming fully homomorphic encryption (FHE), any computationally efficient function with $O\left(n\cdot\operatorname{polylog}(n)\right)$-size output can be securely computed in the GMPC model.
\item Any function that can be computed by a circuit of $O(\operatorname{polylog}(n))$ depth, $O\left(n\cdot\operatorname{polylog}(n)\right)$ size, and bounded fan-in and fan-out can be securely computed in the GMPC model {\em without assuming FHE}.
\item In particular, {\em sorting} can be securely computed in the GMPC model without assuming FHE. This has important applications for the {\em shuffle model of differential privacy}, and resolves an open question of Bell et al. [CCS 2020]. \end{enumerate}
11 July 2022
Itamar Levi, Carmit Hazay
ePrint ReportTo date, garbling sachems were not studied per their side-channel attacks (SCA) security characteristics, even though SCA pose a significant security threat to cryptographic devices. In this research we demonstrate that adversaries utilizing advanced SCA tools such as horizontal attacks, mixed with advanced hypothesis building and standard (vertical) SCA tools, can jeopardize garbling implementations.
Our main observation is that garbling schemes utilizing a global secret $\Delta$ open a door to quite trivial side-channel attacks. We model our side-channel attacks on the garbler's device and discuss the asymmetric setting where various computations are not performed on the evaluator side. This enables dangerous leakage extraction on the garbler and renders our attack impossible on the evaluator's side.
Theoretically, we first demonstrate on a simulated environment, that such attacks are quite devastating. Concretely, our attack is capable of extracting $\Delta$ when the circuit embeds only $8$ input non-linear gates with fifth/first-order attack Success-Rates of $0.65$/$0.7$. With as little as $3$ such gates, our attack reduces the first-order Guessing Entropy of $\Delta$ from $128$ to $\sim48$-bits. We further demonstrate our attack via an implementation and measurements data over an STM 32-bit processor software implementing circuit garbling, and discuss their limitations and mitigation tactics on logical, protocol and implementation layers.