IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
26 September 2022
Akinori Hosoyamada, Takanori Isobe, Yosuke Todo, Kan Yasuda
ePrint ReportFuyuki Kitagawa, Ryo Nishimaki
ePrint ReportIn this work, we introduce the notion of secret-key functional encryption (SKFE) with secure key leasing, where a decryption key can be securely leased in the sense of secure software leasing. We also instantiate it with standard cryptographic assumptions. More specifically, our contribution is as follows.
- We define the syntax and security definitions for SKFE with secure key leasing. - We achieve a transformation from standard SKFE into SKFE with secure key leasing without using additional assumptions. Especially, we obtain bounded collusion-resistant SKFE for $\mathsf{P/poly}$ with secure key leasing based on post-quantum one-way functions since we can instantiate bounded collusion-resistant SKFE for $\mathsf{P/poly}$ with the assumption.
Some previous secure software leasing schemes capture only pirate software that runs on an honest evaluation algorithm (on a legitimate platform). However, our secure key leasing notion captures arbitrary attack strategies and does not have such a limitation.
As an additional contribution, we introduce the notion of single-decryptor FE (SDFE), where each functional decryption key is copy-protected. Since copy-protection is a stronger primitive than secure software leasing, this notion can be seen as a stronger cryptographic primitive than FE with secure key leasing. More specifically, our additional contribution is as follows.
- We define the syntax and security definitions for SDFE. - We achieve collusion-resistant single-decryptor PKFE for $\mathsf{P/poly}$ from post-quantum indistinguishability obfuscation and quantum hardness of the learning with errors problem.
Nan Wang, Sid Chi-Kin Chau
ePrint ReportYun Lu, Yu Wei, Malik Magdon-Ismail, Vassilis Zikas
ePrint ReportOur work aims to address the above limitation. In a nutshell we devise a methodology for domain experts with limited knowledge of security to estimate the (differential) privacy of an arbitrary mechanism. Our Eureka moment is the utilization of a link---which we prove---between the problems of DP parameter-estimation and Bayes optimal classifiers in machine learning, which we believe can be of independent interest. Our estimator methodology uses this link to achieve two desirable properties: (1) it is black-box, i.e., does not require knowledge of the underlying mechanism, and (2) it has a theoretically-proven accuracy, which depends on the underlying classifier used. This allows domain experts to design mechanisms that they conjecture offer certain (differential) privacy guarantees---but maybe cannot prove it---and apply our method to confirm (or disprove) their conjecture.
More concretely, we first prove a new impossibility result, stating that for the classical DP notion there is no black-box poly-time estimator of $(\epsilon,\delta)$-DP. This motivates a natural relaxation of DP, which we term relative DP. Relative DP preserves the desirable properties of DP---composition, robustness to post processing, and robustness to the discovery disclosure of new data---and applies in most practical settings where privacy is desired. We then devise a black-box poly-time $(\epsilon,\delta)$-relative DP estimator---the first to support mechanisms with large output spaces while having tight accuracy bounds. As a result of independent interest, we apply this theory to develop the first approximate estimator for the standard, i.e., non-relative, definition of Distributional Differential Privacy (DDP) -- aka noiseless privacy.
To demonstrate both our theory and its potential for practical impact, we devised a proof-of-concept implementation of our estimator and benchmarked it against well-studied DP mechanisms. We show that in reasonable execution time our estimator can reproduce the tight, analytically computed $\epsilon, \delta$ trade-off of Laplacian and Gaussian mechanisms---to our knowledge, the first black box estimator to do so, and for the Sparse Vector Technique, our outputs are comparable to that of a more specialized state-of-the-art $(\epsilon, \delta)$-DP estimator.
Julien Devevey, Omar Fawzi, Alain Passelègue, Damien Stehlé
ePrint ReportYuval Ishai, Arpita Patra, Sikhar Patranabis, Divya Ravi, Akshayaram Srinivasan
ePrint Report-- For a natural class of protocols, specifically, those with a universal output decoder, we show that the size of the TP must necessarily be exponential in the number of parties. This result holds irrespective of the computational assumptions used in the protocol. The class of protocols to which our lower bound applies is broad enough to capture prior results in the area, implying that the prior techniques necessitate the use of an exponential-sized TP. We additionally rule out the possibility of achieving information-theoretic full security (without the restriction of using a universal output decoder) using a “small” TP in the plain model (i.e., without any setup).
-- In order to get around the above negative result, we consider protocols without a universal output decoder. The main positive result in our work is a construction of such a fully-secure MPC protocol assuming the existence of a succinct Functional Encryption scheme. We also give evidence that such an assumption is likely to be necessary for fully-secure MPC in certain restricted settings.
-- Finally, we explore the possibility of achieving full-security with a semi-honest TP that could collude with other malicious parties (which form a dishonest majority). In this setting, we show that even fairness is impossible to achieve regardless of the “small TP” requirement.
Trevor Yap, Adrien Benamira, Shivam Bhasin, Thomas Peyrin
ePrint ReportUniversity of St.Gallen, Switzerland
Job PostingThe student is expected to work on topics that include security and privacy issues in biometric authentication. More precisely, the student will be working on investigating efficient and privacy-preserving authentication that provides: i) provable security guarantees, and ii) rigorous privacy guarantees.
Key Responsibilities:
- Perform exciting and challenging research in the domain of information security and cryptography.
- Support and assist in teaching computer security and cryptography courses.
- The PhD student is expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics.
- Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial.
- Excellent programming skills.
- Excellent written and verbal communication skills in English
Please apply by 15th October 2022.
Closing date for applications:
Contact:
Eriane Breu, eriane.breu@unisg.ch (Administrative matters)
Prof. Katerina Mitrokotsa, katerina.mitrokotsa@unisg.ch (Research related questions)
IHUB NTIHAC FOUNDATION, IIT Kanpur, Kanpur-208016, U.P., INDIA
Job PostingClosing date for applications:
Contact: Submissions are accepted only through an email to Professor Manindra Agrawal (manindra@cse.iitk.ac.in), Director, C3iHub, IIT Kanpur.
More information: https://www.linkedin.com/jobs/view/cryptanalyst-at-c3i-hub-3243352185/?originalSubdomain=in
24 September 2022
Okinawa Institute of Science and Technology Graduate University
Job PostingThe Okinawa Institute of Science and Technology (OIST) is a dynamic and growing graduate university in Japan. We are inviting applications for tenure-track and tenured faculty positions in the areas of Quantum Information Science and Quantum Technology, Applied Cryptography and Cyber Security.
Successful candidates will have an opportunity to join our vibrant, collaborative, interdisciplinary research community. They will:
- establish and run an active independent Research Unit with generous internal funding, including funds for several research staff;
- supervise and mentor PhD students, develop and teach graduate courses, and actively contribute to university services;
- receive access to cutting-edge core research facilities, including imaging, sequencing, instrumentation, nanofabrication, and high-performance computing, with dedicated support staff;
- enjoy a competitive remuneration package with additional benefits, such as housing allowance.
OIST is actively seeking applications from women and underrepresented groups.
Deadline for applications: 30 Nov 2022 at 12:59 PM JST.
About OIST
OIST is a dynamic and growing graduate university in Japan, offering a world-class research environment and opportunities for cross-disciplinary research. We have no departments, and we currently have 89 Research Units. English is the official language of the university, and the research community is fully international, with more than 50 countries represented. The campus is located on 85 hectares of protected forestland overlooking beautiful shorelines and coral reefs in subtropical Okinawa, Japan. To learn more about OIST, visit www.oist.jp
Closing date for applications:
Contact: Dr. Milind Purohit, Dean of Faculty Affairs (faculty-recruiting at oist.jp)
More information: https://groups.oist.jp/facultypositions
National University of Singapore
Job PostingClosing date for applications:
Contact: Faculty search committee chair Prof. Joxan Jaffar (joxan@comp.nus.edu.sg) Head, Prof. Lee Wee Sun (leews@comp.nus.edu.sg)
More information: https://www.comp.nus.edu.sg/images/resources/content/dept-compscience/20210923_DCS_Poster_v4.pdf
Lund University
Job PostingClosing date for applications:
Contact: Prof. Christian Gehrmann
More information: https://lu.varbi.com/en/what:job/jobID:543355/type:job/where:4/apply:1
University of South Florida, The Department of Computer Science and Engineering, Tampa, FL, USA.
Job PostingUSF is a Rank-1 Research University, and USF CSE is top 15% among Computer Science departments in public universities based on Academic Analytics data based on Scholarly Research Index (and top 8th for patents in the USA). USF offers an excellent working environment, all within proximity to high-tech industry and the beautiful beaches of sunny Florida. Tampa/Orlando area is in Florida High Technology Corridor and harbors major tech and research companies. The qualified candidate will have opportunities for research internships in lead-industrial companies. Topics include:
Trustworthy Machine Learning (TML)
- Privacy-Preserving Machine Learning
- Secure multi-party computation for TML
- New cryptographic schemes for consensus and distributed transactions in Blockchains
- Practical quantum-safe cryptographic deployments for Blockchains
- Lightweight cryptography for IoT
- Efficient cryptography for vehicular and unmanned aerial systems
- Searchable encryption, Oblivious RAM, and multi-party computation
- A BS degree in ECE/CS with a high-GPA
- Very good programming skills (e.g., C, C++), familiarity with Linux
-
MS degree in ECE/CS/Math is a big plus. Publications will be regarded as a plus but not required.
Closing date for applications:
Contact: Associate Prof. Dr. Attila A. Yavuz
Email: attilaayavuz@usf.edu
Email: attila.yavuz@gmail.com
Webpage : http://www.csee.usf.edu/~attilaayavuz/More information: https://cse.usf.edu/~attilaayavuz/Recruiting/[FallSpring2023]PositionDescrption_at_USF.pdf
Nation Towers, Tower A, United Arab Emirates, 13 November - 16 November 2022
Event Calendar23 September 2022
Jie Chen, Yu Li, Jinming Wen, Jian Weng
ePrint ReportMore concretely, our IB-ME is constructed from a variant of two-level anonymous IBE. We observed that this two-level IBE with anonymity and unforgeability satisfies the same functionality of IB-ME, and its security properties cleverly meet the two requirements of IB-ME (Privacy and Authenticity). The privacy property of IB-ME relies on the anonymity of this two-level IBE, while the authenticity property is corresponding to the unforgeability in the 2nd level. This variant of two-level IBE is built from dual pairing vector spaces, and both security reductions rely on dual system encryption.
Lorenzo Grassi
ePrint Report19 September 2022
Yu Long Chen
ePrint ReportWe also present a framework to use the new techniques, which provides the bad events that need to be excluded in order to apply the public permutation mirror theory. Furthermore, we showcase the new technique on three examples: the Tweakable Even-Mansour cipher by Cogliati et al. (CRYPTO ’15), the two permutation variant of the pEDM PRF by Dutta et al. (ToSC ’21(2)), and the two permutation variant of the nEHtM\(_p\) MAC algorithm by Dutta and Nandi (AFRICACRYPT ’20). With this new tool we prove the multi-user security of these constructions in a considerably simplified way.
Hanno Becker, Matthias J. Kannwischer
ePrint ReportAmos Treiber, Dirk Müllmann, Thomas Schneider, Indra Spiecker genannt Döhmann
ePrint ReportSecure Multi-Party Computation (MPC) is often seen as a technological means to solve privacy conflicts where actors want to exchange and analyze data that needs to be protected due to data protection laws. In this interdisciplinary work, we investigate the problem of private information exchange between LEAs from both a legal and technical angle. We give a legal analysis of secret-sharing based MPC techniques in general and, as a particular application scenario, consider the case of matching LE databases for lawful information exchange between LEAs. We propose a system for lawful information exchange between LEAs using MPC and private set intersection and show its feasibility by giving a legal analysis for data protection and a technical analysis for workload complexity. Towards practicality, we present insights from qualitative feedback gathered within exchanges with a major European LEA.