IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
23 October 2022
Hauke Steffen, Georg Land, Lucie Kogelheide, Tim Güneysu
ePrint ReportYael Tauman Kalai, Alex Lombardi, Vinod Vaikuntanathan
ePrint ReportWe obtain our result by showing how to instantiate the Fiat-Shamir heuristic, under DDH, for a variant of the Goldwasser-Kalai-Rothblum (GKR) interactive proof system. Our new technical contributions are (1) giving a $TC^0$ circuit family for finding roots of cubic polynomials over a special family of characteristic $2$ fields (Healy-Viola, STACS '06) and (2) constructing a variant of the GKR protocol whose invocations of the sumcheck protocol (Lund-Fortnow-Karloff-Nisan, STOC '90) only involve degree $3$ polynomials over said fields. Along the way, since we can instantiate Fiat-Shamir for certain variants of the sumcheck protocol, we also show the existence of (sub-exponentially) computationally hard problems in the complexity class $\mathsf{PPAD}$, assuming the sub-exponential hardness of DDH. Previous $\mathsf{PPAD}$ hardness results all required either bilinear maps or the learning with errors assumption.
Pia Bauspieß, Tjerand Silde, Alexandre Tullot, Anamaria Costache, Christian Rathgeb, Jascha Kolberg, Christoph Busch
ePrint ReportIn this work, we present a protocol for secure and efficient biometrics-authenticated key exchange that fulfils the above requirements of biometric information protection compliant with ISO/IEC 24745. The protocol is based on established fuzzy vault schemes and validated with good recognition performance. We build our protocol from established primitives for password-authenticated key exchange using oblivious pseudo-random functions. Our protocol is independent of the biometric modality and can be instantiated both based on the security of discrete logarithms and lattices.
We provide an open-source implementation of our protocol instantiated with elliptic curves and a state-of-the art unlinkable fingerprint fuzzy vault scheme that is practical with transaction times of less than one second from the image capture to the completed key exchange.
Thibauld Feneuil, Matthieu Rivain
ePrint ReportIn this work, we show how applying a threshold linear secret sharing scheme (threshold LSSS) can be beneficial to the MPC-in-the-Head paradigm. For a general MPC protocol model capturing most of the existing MPCitH schemes, we show that our approach improves the soundness of the underlying proof system from $1/N$ down to $1/\binom{N}{\ell}$, where $N$ is the number of parties and $\ell$ is the threshold of the sharing scheme. While very general, our technique is limited to a number of parties $N \leq |\mathbb{F}|$, where $\mathbb{F}$ is the field underlying the statement, because of the MDS conjecture.
Applying our approach with a low-threshold LSSS also boosts the performance of the proof system by making the MPC emulation cost independent of $N$ for both the prover and the verifier. The gain is particularly significant for the verification time which becomes logarithmic in $N$ (while the prover still has to generate and commit the $N$ input shares). We further generalize and improve our framework: we show how homomorphic commitments can get rid of the linear complexity of the prover, we generalize our result to any quasi-threshold LSSS, and we describe an efficient batching technique relying on Shamir's secret sharing. We finally apply our techniques to specific use-cases. We first propose a variant of the recent SDitH signature scheme achieving new interesting trade-offs. In particular, for a signature size of 10 KB, we obtain a verification time lower than $0.5$ ms, which is competitive with SPHINCS+, while achieving much faster signing. We further apply our batching technique to two different contexts: batched SDitH proofs and batched proofs for general arithmetic circuits based on the Limbo proof system. In both cases, we obtain an amortized proof size lower than $1/10$ of the baseline scheme when batching a few dozen statements, while the amortized performances are also significantly improved.
Melissa Azouaoui, Olivier Bronchain, Gaëtan Cassiers, Clément Hoffmann, Yulia Kuzovkova, Joost Renes, Markus Schönauer, Tobias Schneider, François-Xavier Standaert, Christine van Vredendaal
ePrint ReportMarcel Armour, Elizabeth A. Quaglia
ePrint ReportDPKE's threat model assumes powerful adversaries who can coerce users to reveal plaintexts; it is thus reasonable to consider other advanced capabilities, such as the ability to subvert algorithms in a so-called Algorithm Substitution Attack (ASA). An ASA replaces a trusted algorithm with a subverted version that undermines security from the point of view of the adversary while remaining undetected by users. ASAs have been considered against a number of primitives including digital signatures, symmetric encryption and pseudo-random generators. However, public-key encryption has presented a less fruitful target, as the sender's only secrets are plaintexts and ASA techniques generally do not provide sufficient bandwidth to leak these.
In this work, we show that subversion attacks against deniable encryption schemes present an attractive opportunity for an adversary. We note that whilst the notion is widely accepted, there are as yet no practical deniable PKE schemes; we demonstrate the feasibility of ASAs targeting deniable encryption using a representative scheme as a proof of concept. We also provide a formal model and discuss how to mitigate ASAs targeting deniable PKE schemes. Our results strengthen the security model for deniable encryption and highlight the necessity of considering subversion in the design of practical schemes.
Han Wu, Xiaoyun Wang, Guangwu Xu
ePrint ReportHan Wu, Xiaoyun Wang, Guangwu Xu
ePrint ReportChandan Kumar, Mahendra Rathor, Urbi Chatterjee
ePrint ReportJian Liu, Jingyu Li, Di Wu, Kui Ren
ePrint ReportIn this paper, we propose a homomorphic constant-weight equality operator that supports batch processing, hence it can perform thousands of equality checks with a much smaller amortized cost. Based on this improved homomorphic equality operator, we propose a novel PIR protocol named PIRANA, which inherits all advantages of CwPIR with a significant improvement in supporting more elements. We further extend PIRANA to support multi-query. To the best of our knowledge, PIRANA is the first multi-query PIR that can save both computation and communication. Our experimental results show that our single-query PIRANA is upto 30.8× faster than CwPIR; our multi-query PIRANA saves upto 163.9× communication over the state-of-the-art multi-query PIR (with a similar computational cost).
Youssef EL Housni, Gautam Botrel
ePrint ReportGheorghe Pojoga, Kostas Papagiannopoulos
ePrint ReportMurat Burhan İlter, Ali Aydin Selcuk
ePrint ReportIn this paper, we conducted a MILP-based analysis of the cipher, where we incorporated exact probabilities rather than just the number of active S-boxes into the model. Through the MILP analysis, we were able to find differential and linear distinguishers for up to 5 rounds of FUTURE, extending the known distinguishers of the cipher by one round.
Giovanni Deligios, Chen-Da Liu-Zhang
ePrint Report\emph{Perfectly-secure} SMT protocols in synchronous and asynchronous networks are resilient up to $\ell/2$ and $\ell/3$ corruptions respectively. In this work, we ask whether it is possible to achieve a perfect SMT protocol that simultaneously tolerates $t_s < \ell/2$ corruptions when the network is synchronous, and $t_a < \ell/3$ when the network is asynchronous.
We completely resolve this question by showing that perfect SMT is possible if and only if $2t_a + t_s < \ell$. In addition, we provide a concretely round-efficient solution for the (slightly worse) trade-off $t_a + 2t_s < \ell$.
As a direct application of our results, following the recent work by Appan, Chandramouli, and Choudhury [PODC'22], we obtain an $n$-party perfectly-secure synchronous multi-party computation protocol with asynchronous fallback over any network with connectivity $\ell$, as long as $t_a + 3t_s
20 October 2022
atlanTTic Research Center, Universidade de Vigo; Vigo, Spain
Job Posting2 PhD positions are available at the AtlanTTic Research Center (https://atlanttic.uvigo.es/en/) from the Universidade de Vigo. The positions are available to start at the end of 2022, covering a duration of 3-4 years, and including travel budget for attendance to conference and summer schools.
The workplace is in the city of Vigo, being ranked by OCU as the Spanish city with the highest life quality (https://www.idealista.com/en/news/lifestyle-in-spain/2021/06/02/13426-quality-of-life-in-spain-spanish-cities-with-the-best-and-worst-quality-of-life).
Both positions are funded by TRUMPET, which is an European project whose aim is to research and develop novel privacy enhancement methods for Federated Learning, and to deliver a scalable Federated AI service platform for the analysis of cross-border European datasets. The privacy guarantees of the platform will be validated for the scenario of cancer data coming from different European hospitals.
PhD candidates will contribute to two different central aspects: (1) research and implementation of secure methods for machine learning, and (2) measure the existing privacy leakage in federated learning scenarios.
Intended tasks:
Your profile:
Closing date for applications:
Contact: For more details, send an email to Alberto Pedrouzo (apedrouzo@gts.uvigo.es).
a16z Crypto (Andreessen-Horowitz)
Job Postinga16z Crypto Research is a new kind of multidisciplinary lab that bridges the worlds of academic theory and industry practice to advance the science and technology of the next generation of the internet. In addition to fundamental research, we collaborate with portfolio companies to solve hard technical and conceptual problems. We are seeking students with a strong research background and an interest in blockchains and web3 to join the group for the summer. Specific research areas of interest include cryptography, security, distributed computing, economics, incentives, finance, governance, market and mechanism design. This list is not exhaustive and we encourage applicants with different backgrounds who may have unique perspectives on the space to apply.
Responsibilities
-Pursue fundamental research on topics relevant to the firm
-Work with portfolio companies on technical research problems
-Contribute to blog posts, white papers, and other public expository content
-Meet with visitors from academia and industry and attend seminars
A typical schedule will have an intern spending ⅓ of their time working with the portfolio, ⅓ of the time pursuing personal research interests, and ⅓ of their time meeting with visitors/attending seminars, etc.
In-person residency required in New York, NY
Duration of internship: May 30–August 18, 2023 (minimum residency 10 weeks, maximum 12 weeks)
Preferred Qualifications A typical successful candidate is:
-Enrolled in a quantitative PhD program such as computer science, mathematics, economics, etc. (Exceptional masters and undergraduate students will also be considered.)
-Passionate and knowledgeable about blockchains/Web3 and their underlying technologies.
-Familiar with fundamental research and publishing in peer-reviewed conferences and journals.
Letters of recommendation (1-2 letters, optional): recommenders should email their letters of support to crypto-research-applications@a16z.com, with the name of the applicant in the subject line.
Closing date for applications:
Contact: Tim Roughgarden
More information: https://a16z.com/about/jobs/?gh_jid=5345713003
Universitat Rovira i Virgili, Department of Computer Science and Mathematics, Spain
Job PostingClosing date for applications:
Contact: Dr. Rolando Trujillo
Universitat Rovira i Virgili, Tarragona, Spain.
Job Posting
This position is funded by a 4-years PhD scholarship (that is equivalent to the former FPI grants).
Candidates who have completed (or are about to complete) a master in mathematics, computer science, or computer engineering are welcome to start the application by sending an email with a CV and a motivation letter to oriol.farras@urv.cat before November 15. Applicants should be able to start the PhD between January and July 2023. After receiving the email, we will provide more details about the grant application and the potential research projects. Students with a background in cryptography, algebraic geometry, matroid theory, or complexity theory are especially encouraged to apply.
Closing date for applications:
Contact: Oriol Farràs, oriol.farras@urv.cat
https://crises-deim.urv.cat/oriolfv/
TCC
Early Registration Closes on Oct 23rd https://tcc.iacr.org/2022/registration.php
18 October 2022
University of St. Gallen, Switzerland
Job PostingKey Responsibilities:
- Perform exciting and challenging research in the domain of information security and cryptography
- Support and assist in teaching computer security and cryptography courses
- The PhD student is expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics
- Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial
- Excellent programming skills
- Excellent written and verbal communication skills in English
Closing date for applications:
Contact: Katerina Mitrokotsa