IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
23 July 2022
Stephane Lemieux
ePrint ReportSteven Lambregts, Huanhuan Chen, Jianting Ning, Kaitai Liang
ePrint ReportTahoura Mosavirik, Patrick Schaumont, Shahin Tajik
ePrint ReportMarco Calderini, Riccardo Longo, Massimiliano Sala, Irene Villa
ePrint Report21 July 2022
Lucerne University of Applied Sciences and Arts
Job PostingCandidates should have a strong background in IT security and cryptography and/or good software engineering skills; knowledge in quantum information is advantageous. Both junior and more senior candidates are considered. For junior candidates, there exists the possibility to combine the employment with enrollment in a study-programm towards a PhD or a Master of Science in Engineering (MSE).
Closing date for applications:
Contact: Please apply online via the links provided above. For any further Information contact Prof. Dr. Esther Hänggi, esther.haenggi@hslu.ch
More information: https://recruitingapp-2678.umantis.com/Vacancies/2466/Description/1
University of Surrey
Job PostingThis post offers an exciting opportunity for an appointment in the Secure Systems group. Suitable areas of expertise that complement and extend strengths of the group include (but are not limited to): software security, program analysis, formal verification of software/systems, practical system security, trusted systems, distributed systems, complex systems and networks, as well as the interface between security and machine learning.
Candidates to the post should have a PhD in a relevant subject or equivalent professional experience. An ability to secure research funding and produce high quality outputs and manage research projects and supervise research students is also required. It is expected that the post-holder will also contribute to high quality teaching in cyber security and fundamental topics in computer science at undergraduate and post-graduate level and to supervise undergraduate projects and dissertations.
The University and the Department specifically are committed to building a culturally diverse organisation and strongly encourages applications from female and minority candidates. The Department of Computer Science was awarded a Bronze Athena SWAN award, in recognition of our commitment to equality and diversity.
The University of Surrey is committed to providing an inclusive environment that offers equal opportunities for all. We place great value on diversity and are seeking to increase the diversity within our community. Therefore, we particularly encourage applications from under-represented groups, such as people from Black, Asian and minority ethnic groups and people with disabilities.
Closing date for applications:
Contact: Professor Steve Schneider
s.schneider@surrey.ac.uk
More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=045822
20 July 2022
Huijia Lin, Tianren Liu
ePrint ReportIn this work, we improve the simplicity and efficiency of two-round MPC in the setting with dishonest majority and malicious security. Our protocols make use of the Random Oracle (RO) and a generalization of the Oblivious Linear Evaluation (OLE) correlated randomness, called tensor OLE, over a finite field $\mathbb{F}$, and achieve the following:
- MPC for Boolean Circuits: Our two-round, maliciously secure MPC protocols for computing Boolean circuits, has overall (asymptotic) computational cost $O(S\cdot n^3 \cdot \log |\mathbb{F}|)$, where $S$ is the size of the circuit computed, $n$ the number of parties, and $\mathbb{F}$ a field of characteristic two. The protocols also make black-box calls to a Pseudo-Random Function (PRF).
- MPC for Arithmetic Branching Programs (ABPs): Our two-round, information theoretically and maliciously secure protocols for computing ABPs over a general field $\mathbb{F}$ has overall computational cost $O(S^{1.5}\cdot n^3\cdot \log |\mathbb{F}|)$, where $S$ is the size of ABP computed.
Both protocols achieve security levels inverse proportional to the size of the field $|\mathbb{F}|$.
Our construction is built upon the simple two-round MPC protocols of [Lin-Liu-Wee TCC'20], which are only semi-honest secure. Our main technical contribution lies in ensuring malicious security using simple and lightweight checks, which incur only a constant overhead over the complexity of the protocols by Lin, Liu, and Wee. In particular, in the case of computing Boolean circuits, our malicious MPC protocols have the same complexity (up to a constant overhead) as (insecurely) computing Yao's garbled circuits in a distributed fashion.
Finally, as an additional contribution, we show how to efficiently generate tensor OLE correlation in fields of characteristic two using OT.
Vladimir Sedlacek, Vojtech Suchanek, Antonin Dufka, Marek Sys, Vashek Matyas
ePrint ReportFor this purpose, we put together the largest publicly available database of standard curves. To identify unexpected properties of standard generation methods and curves, we simulate over 250 000 curves by mimicking the generation process of four standards. We compute 22 different properties of curves and analyze them with automated methods to pinpoint deviations in standard curves, pointing to possible weaknesses.
Noemi Glaeser, Matteo Maffei, Giulio Malavolta, Pedro Moreno-Sanchez, Erkan Tairi, Sri AravindaKrishnan Thyagarajan
ePrint ReportA recent work of Tairi et al. [IEEE S&P 2021] formalizes the notion of a coin mixing service and proposes A$^{2}$L, a new cryptographic protocol that simultaneously achieves high efficiency and interoperability. In this work, we identify a gap in their formal model and substantiate the issue by showing two concrete counterexamples: we show how to construct two encryption schemes that satisfy their definitions but lead to a completely insecure system.
To amend this situation, we investigate secure constructions of coin mixing services. First, we develop the notion of blind conditional signatures (BCS), which acts as the cryptographic core for coin mixing services. We propose game-based security definitions for BCS and propose A$^{2}$L$^{+}$, a modified version of the protocol by Tairi et al. that satisfies our security definitions. Our analysis is in an idealized model (akin to the algebraic group model) and assumes the hardness of the one-more discrete logarithm problem. Finally, we propose A$^{2}$L$^\text{UC}$, another construction of BCS that achieves the stronger notion of UC-security (in the standard model), albeit with a significant increase in computation cost. This suggests that constructing a coin mixing service protocol secure under composition requires more complex cryptographic machinery than initially thought.
Martin R. Albrecht, Valerio Cini, Russell W. F. Lai, Giulio Malavolta, Sri AravindaKrishnan Thyagarajan
ePrint ReportIn this work, we make progress on this question. We propose the first lattice-based SNARK that simultaneously satisfies many desirable properties: It (i) is tentatively post-quantum secure, (ii) is publicly-verifiable, (iii) has a logarithmic-time verifier and (iv) has a purely algebraic structure making it amenable to efficient recursive composition. Our construction stems from a general technical toolkit that we develop to translate pairing-based schemes to lattice-based ones. At the heart of our SNARK is a new lattice-based vector commitment (VC) scheme supporting openings to constant-degree multivariate polynomial maps, which is a candidate solution for the open problem of constructing VC schemes with openings to beyond linear functions. However, the security of our constructions is based on a new family of lattice-based computational assumptions which naturally generalises the standard Short Integer Solution (SIS) assumption.