International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News

If you have a news item you wish to distribute, they should be sent to the communications secretary. See also the events database for conference announcements.

Here you can see all recent updates to the IACR webpage. These updates are also available:

email icon
via email
RSS symbol icon
via RSS feed

14 November 2022

Qianqian Yang, Ling Song, Siwei Sun, Danping Shi, Lei Hu
ePrint Report ePrint Report
The double boomerang connectivity table (DBCT) is a new table proposed recently to capture the behavior of two consecutive S-boxes in boomerang attacks. In this paper, we observe an interesting property of DBCT of S-box that the ladder switch and the S-box switch happen in most cases for two continuous S-boxes, and for some S-boxes only S-box switch and ladder switch are possible. This property implies an additional criterion for S-boxes to resist the boomerang attacks and provides as well a new evaluation direction for an S-box. Using an extension of the DBCT, we verify that some boomerang distinguishers of TweAES and Deoxys are flawed. On the other hand, inspired by the property, we put forward a formula for estimating boomerang cluster probabilities. Furthermore, we introduce the first model to search for boomerang distinguishers with good cluster probabilities. Applying the model to CRAFT, we obtain 9-round and 10-round boomerang distinguishers with a higher probability than that of previous works.
Expand
Fabrice Benhamouda, Shai Halevi, Lev Stambler
ePrint Report ePrint Report
Secret-sharing allows splitting a piece of secret information among a group of shareholders, so that it takes a large enough subset of them to recover it. In weighted secret-sharing, each shareholder has an integer weight and it takes a subset of large-enough weight to recover the secret. Schemes in the literature for weighted threshold secret sharing either have share sizes that grow linearly with the total weight, or ones that depend on huge public information (essentially a garbled circuit) of size (quasi)polynomial in the number of parties.

To do better, we investigate a relaxation, $(\alpha, \beta)$-ramp weighted secret sharing, where subsets of weight $\beta W$ can recover the secret (with $W$ the total weight), but subsets of weight $\alpha W$ or less cannot learn anything about it. We give two distinct types of constructions. The first is based on simple rounding, and has a share size which is linear in the number of parties and in $1/\epsilon$ (where $\epsilon=\beta-\alpha$).

The second type of schemes is based on a novel connection between weighted secret sharing and wiretap channels. We observe that for certain additive-noise $(\mathcal{R},\mathcal{A})$ wiretap channels, any semantically secure scheme can be naturally transformed into an $(\alpha,\beta)$-ramp weighted secret-sharing, where $\alpha,\beta$ are essentially the respective capacities of the channels $\mathcal{A},\mathcal{R}$. These constructions eliminate or reduce the dependence on the number of parties, at the price of increased dependence on $1/\epsilon$. We present two instantiations of this type of construction, one using Binary Symmetric wiretap Channels, and the other using additive Gaussian Wiretap Channels.
Expand
Tomer Ashur, Al Kindi, Willi Meier, Alan Szepieniec, Bobbin Threadbare
ePrint Report ePrint Report
This note specifies two instances of a hash function obtained from applying the Marvellous design strategy to a specific context. The context in question is native hashing in a STARKVirtual Machine such as Miden.
Expand
Carla Ràfols, Alexandros Zacharakis
ePrint Report ePrint Report
In settings such as delegation of computation where a prover is doing computation as a service for many verifiers, it is important to amortize the prover’s costs without increasing those of the verifier. We introduce folding schemes with selective verification. Such a scheme allows a prover to aggregate m NP statements $x_i\in \mathcal{L}$ in a single statement $x\in\mathcal{L}$. Knowledge of a witness for $x$ implies knowledge of witnesses for all $m$ statements. Furthermore, each statement can be individually verified by asserting the validity of the aggregated statement and an individual proof $\pi$ with size sublinear in the number of aggregated statements. In particular, verification of statement $x_i$ does not require reading (or even knowing) all the statements aggregated. We demonstrate natural folding schemes for various languages: inner product relations, vector and polynomial commitment openings and relaxed R1CS of NOVA. All these constructions incur a minimal overhead for the prover, comparable to simply reading the statements.
Expand
Daniel Nager
ePrint Report ePrint Report
In this paper we study linearization proposed on ePrint 2021/583, that's addressed to entropic quasigroups cryptography. We show how this attack can be avoided and actually linearization can be used to build valid cryptosystems.
Expand
Anita Aghaie, Amir Moradi, Johannes Tobisch, Nils Wisiol
ePrint Report ePrint Report
Using a novel circuit design, we investigate if the modeling-resistance of delay-based, CMOS-compatible strong PUFs can be increased by the usage of multiple delay lines. Studying a circuit inspired by the Arbiter PUF, but using four instead of merely two delay lines, we obtain evidence showing that the usage of many delay lines does not significantly increase the security of the strong PUF circuit. Based on our findings, we suggest future research directions.
Expand
Fei Tang, Guowei Ling, Chaochao Cai, Jinyong Shan, Xuanqi Liu, Peng Tang, Weidong Qiu
ePrint Report ePrint Report
Additively Homomorphic Encryption (AHE) has been widely used in various applications, such as federated learning, blockchain, and online auctions. Elliptic Curve (EC) based AHE has the advantages of efficient encryption, homomorphic addition, scalar multiplication algorithms, and short ciphertext length. However, EC-based AHE schemes require solving a small exponential Elliptic Curve Discrete Logarithm Problem (ECDLP) when running the decryption algorithm, i.e., recovering the plaintext $m\in\{0,1\}^\ell$ from $m \ast G$. Therefore, the decryption of EC-based AHE schemes is inefficient when the plaintext length $\ell > 32$. This leads to people being more inclined to use RSA-based AHE schemes rather than EC-based ones.

This paper proposes an efficient algorithm called $\mathsf{FastECDLP}$ for solving the small exponential ECDLP at $128$-bit security level. We perform a series of deep optimizations from two points: computation and memory overhead. These optimizations ensure efficient decryption when the plaintext length $\ell$ is as long as possible in practice. Moreover, we also provide a concrete implementation and apply $\mathsf{FastECDLP}$ to some specific applications. Experimental results show that $\mathsf{FastECDLP}$ is far faster than the previous works. For example, the decryption can be done in $0.35$ ms with a single thread when $\ell = 40$, which is about $30$ times faster than that of Paillier. Furthermore, we experiment with $\ell$ from $32$ to $54$, and the existing works generally only consider $\ell \leq 32$. The decryption only requires $1$ second with $16$ threads when $\ell = 54$. In the practical applications, we can speed up model training of existing vertical federated learning frameworks by $4$ to $14$ times. At the same time, the decryption efficiency is accelerated by about $140$ times in a blockchain financial system (ESORICS 2021) with the same memory overhead.
Expand
Chanki Kim, Young-Sik Kim, Jong-Seon No
ePrint Report ePrint Report
For the fast cryptographic operation, we newly propose a key encapsulation mechanism (KEM) called layered ROLLO-I by using block-wise interleaved ideal LRPC (BII-LRPC) codes. By multiplying random polynomials by small-sized ideal LRPC codes, faster operation can be obtained with an additional key size. Finally, some parameters of the proposed algorithm are suggested and compared with that of the existing ROLLO-I scheme.
Expand
Peter Gaži, Ling Ren, Alexander Russell
ePrint Report ePrint Report
Nakamoto's longest-chain consensus paradigm now powers the bulk of the world's cryptocurrencies and distributed finance infrastructure. An emblematic property of longest-chain consensus is that it provides probabilistic settlement guarantees that strengthen over time. This makes the exact relationship between settlement error and settlement latency a critical aspect of the protocol that both users and system designers must understand to make informed decisions. A recent line of work has finally provided a satisfactory rigorous accounting of this relationship for proof-of-work longest-chain protocols, but those techniques do not appear to carry over to the proof-of-stake setting.

This article develops explicit, rigorous settlement bounds for proof-of-stake longest-chain protocols, placing them on equal footing with their proof-of-work counterparts. Our techniques apply with some adaptations also to the proof-of-work setting where they provide improvements to the state-of-the-art settlement bounds for proof-of-work protocols.
Expand
Lione, Francia, 22 April - 23 April 2023
Event Calendar Event Calendar
Event date: 22 April to 23 April 2023
Submission deadline: 1 March 2023
Notification: 17 April 2023
Expand
Sousse, Tunisia, 19 July - 21 July 2023
Event Calendar Event Calendar
Event date: 19 July to 21 July 2023
Submission deadline: 26 February 2023
Expand
Paris cedex 12, France, 23 April - 28 April 2023
Event Calendar Event Calendar
Event date: 23 April to 28 April 2023
Submission deadline: 30 November 2022
Notification: 15 January 2023
Expand
University of Washington Tacoma
Job Posting Job Posting
The School of Engineering and Technology (SET) at the University of Washington (UW) Tacoma invites applications for a full-time tenure-track Assistant Professor position in the Computer Science and Systems (CSS) program. This full-time position has a nine-month service period beginning September 2023. The successful candidate will pursue a vigorous research agenda while demonstrating passion for teaching. The successful candidate will teach classes at graduate and undergraduate levels, conduct research that complements inquiry within the school, actively participate in university and professional service, while promoting a diverse and inclusive community of faculty, staff, and students. Highly qualified applicants from any area of computer science or related fields will be considered. The CSS program offers bachelors, masters, and doctoral degrees and faculty engage in research in Bioinformatics, Cryptography and Information Security, Data Science and Machine Learning, Distributed Systems (Cloud Computing, Internet of Things, Smart Cities, and Vehicular Networks), GIS, and other areas. The CSS program is within SET at the University of Washington Tacoma, one of three UW campuses. Applications must be submitted electronically to: http://apply.interfolio.com/116931 .

Closing date for applications:

Contact: Questions related to this position are to be directed to the search committee chair, Dr. Wes J. Lloyd, at wlloyd@uw.edu.

More information: http://apply.interfolio.com/116931

Expand
University College Cork, Ireland
Job Posting Job Posting

Two doctoral positions in cryptography and privacy are open in the Security Group at University College Cork (UCC), Ireland. Both positions are fully funded through research grants.

The first PhD will investigate adaptive privacy-preservation in IoT, and is funded by a Science Foundation Ireland grant (part of the CONNECT Centre). Research work will focus on local differential privacy and homomorphic encryption in IoT settings.
The second PhD will investigate anonymity and privacy of health data, and how they can be securely shared across different European health system. The position is funded by the EU Horizon Europe SECURED project. Research will focus on statistical re-identification attacks on anonymous health datasets. It will also explore privacy-preserving synthetic data generation.

Candidates should have a background/strong interest in security and privacy, as well as a good grasp of mathematics. Previous experience in cryptography is an asset, but is not required. Applicants should hold a good honours undergraduate or Masters degree in computer science, computer engineering, mathematics, or other relevant subject.

The successful applicant will receive a tax-free stipend of €18,500 per annum for up to four years, and tuition fees will be covered by the grant. The Government of Ireland is currently reviewing PhD stipends, and it is likely that the stipend will increase to match inflation.
A research and travel budget is also available to present at international conferences, purchase equipment etc.
The PhDs will work under the supervision of Dr. Paolo Palmieri (and Dr. Hazel Murray, MTU, in the first project). They will join the thriving Security Group at UCC, where several other PhDs and PostDocs are carrying out related research, and will have the opportunity to collaborate with the group extensive network of international collaborations.

Deadline: November 22, but early applications are encouraged

Closing date for applications:

Contact: Please submit your application using the web form at the link above. Please include: a cover letter; an up to date CV; and university transcripts.

E-mail applications will not be considered, but informal inquiries are welcome, and can be sent to Dr. Paolo Palmieri at p.palmieri@cs.ucc.ie

More information: https://ucc.qualtrics.com/jfe/form/SV_dmVI6vyPTRwgs2G

Expand
Eindhoven Technical University (TU/e)
Job Posting Job Posting
I am searching for outstanding Ph.D. candidates to start in the early months of 2023. The positions will be part of the Coding and Cryptography group at TU/e.

Possible topics fall into the field of provable security with a focus on the construction of efficient cryptographic building blocks and protocols, including
  • (post-quantum) secure key exchange and messaging protocols and
  • (post-quantum) secure digital signatures and public key encryption in realistic security models
  • impossibility results/lower bounds for provably secure constructions.
The fully-funded positions offer exciting research in a highly international research environment. Candidates from outside of the Netherlands can be eligible for an additional tax reduction scheme.

Requirements:
  • a Master's degree (or equivalent) with excellent grades in computer science, mathematics, or IT security.
  • strong mathematical and/or algorithmic/theoretical CS background.
  • good knowledge of cryptography and provable security.
  • good written and verbal communication skills in English (Dutch is not required).
TU/e embraces diversity and inclusion. Therefore, people from all backgrounds are invited to apply, without regard to sex, gender, race, ethnicity, nationality, age, socioeconomic status, identity, visible or invisible disability, religion, or sexual orientation.

To apply, prepare a single PDF file that includes a CV with a course list and grades. The application deadline is December 15th, 2022.

Applications and questions can be directed to s.schage@tue.nl.

Closing date for applications:

Contact: Sven Schäge

More information: https://www.tue.nl/en/research/research-groups/mathematics/discrete-mathematics/coding-theory-and-cryptology/

Expand
University of York, UK
Job Posting Job Posting

The Department of Computer Science at the University of York has several PhD studentships available for exceptional Home (UK & Ireland) and Overseas students through the Doctoral Centre for Safe, Ethical and Secure Computing (SEtS).

The Cyber Security and Privacy Research Group at the Department calls for students who are interested in pursuing a PhD in the following topics:

  • Security of New and Emerging Networks: including security of Internet of Things (IoT) devices and networks, security and safety in robotics and autonomous systems, security and safety of unmanned aerial vehicles (UAV), and security of underwater networks and communications,
  • Usable Security and Privacy: Web measurement to analyse and combat web tracking, developing privacy-enhancing technologies. usable security and privacy, and human factors in cyber security and privacy,
  • Applied Cryptography: Design and analysis of provably-secure cryptographic schemes and protocols, especially those that preserve or enhance privacy, and including but not limited to automated formal analysis and mechanisation of proofs of security protocols,
  • Malware Analysis and Detection: including different types of malware, such as ransomware and spyware, malware targeting mobile platforms (e.g. Android) or industrial control systems and critical infrastructure,
  • Machine Learning for IoT Security: Machine learning techniques for IoT behavioural fingerprinting and attack detection for network security, and
  • Privacy-Preserving Machine Learning: Edge based machine learning systems such as federated learning, and how to quantify, control, and manage privacy in such systems.

The available projects are supervised by a combination of faculty members including Dr. Roberto Metere, Dr. Siamak F. Shahandashti, Dr. Vasileios Vasilakis, Dr. Yuchen Zhao, and Dr. Poonam Yadav.

For more information please visit https://docs.google.com/document/d/1VtrNtFG1zy54o0BzymHj56gY--YEw2ch3EG18gnb3Lc

Closing date for applications:

Contact: sets-csp-group@york.ac.uk

More information: https://docs.google.com/document/d/1VtrNtFG1zy54o0BzymHj56gY--YEw2ch3EG18gnb3Lc

Expand
University of York, UK
Job Posting Job Posting

The Department of Computer Science is a research-intensive department made up of over 70 academics delivering on-campus programmes to more than 800 students and online courses to over 1500 students. Our vision is to be internationally leading on education and research into engineering safe, ethical and secure computational systems.

The Department of Computer Science is recruiting up to six lecturers to support the development and delivery of our degree programmes at both undergraduate and postgraduate level. This would include the ability to teach across our general range of subjects as well as more specialist modules in their own research area. We are particularly seeking candidates who enhance our existing research groups. Candidates must be able to supervise projects in one or more of the following key areas: Cyber Security, Artificial Intelligence and Data Analysis. We would consider candidates with non-traditional academic backgrounds where they have significant experience of working with, or in, a safety-critical industry.

Closing date for applications:

Contact: For informal enquiries: please contact Prof. Iain Bate at iain.bate@york.ac.uk.

More information: https://jobs.york.ac.uk/vacancy/lecturers-505454.html

Expand
Monash University, Department of Software Systems and Cybersecurity; Melbourne, Australia
Job Posting Job Posting

The post-quantum cryptography research group at the Department of Software Systems and Cybersecurity, Faculty of Information Technology, Monash University, Australia, has Ph.D. student scholarship openings for research projects funded by our Algorand Centre of Excellence ACE-SIP Program, including in particular the following areas:

1. Post-quantum cryptographic primitives and their practical applications in blockchain protocols.

2. Post-quantum Zero Knowledge Proof and SNARK protocols and their applications for privacy preserving blockchain transactions and smart contracts.

Students will have the opportunity to work in an excellent research environment and collaborate with experts in cryptography and blockchain systems, and with Algorand industry partners.

Monash University is among the leading universities in Australia and is located in Melbourne, ranked as Australia's most liveable city and among the most liveable cities in the world.

Applicants should have (or expected to complete in the next 12 months) a Masters or Honours equivalent qualification with a research thesis, with excellent grades in mathematics, theoretical computer science, cryptography, or closely related areas. They should have excellent English verbal and written communication skills. Programming experience and skills, especially in Sagemath/python/Magma and/or C/C++, are also highly desirable.

Closing date for applications:

Contact: To apply, email ron.steinfeld@monash.edu by 30 Nov 2022 with the subject “Algorand ACE PQC PhD Application” and attach a single pdf with cover letter stating research interests, CV (including qualifications with GPA grades, reference contact details), and ugrad and pgrad transcripts.

More information: http://ace-sip.org/

Expand
North Carolina State University
Job Posting Job Posting
Hardware Security Research Labs (HECTOR) at North Carolina State University is seeking two PhD student to carry out the research in funded projects on side-channel security and fault injection attacks on cryptography and AI/ML hardware.

To apply for the position, please send the following to aaysu@ncsu.edu :
1) Your detailed CV.
2) Your relevant publications (or pending papers).

Applicants with MS and industry experience will be favored. The projects cover full tuition fee, benefits (including health insurance), and the typical annual stipend in my group is $30k-35k – exceptions can be made for outstanding applicants.

Closing date for applications:

Contact: Dr. Aydin Aysu (aaysu@ncsu.edu)

Expand
Lucerne University of Applied Sciences
Job Posting Job Posting
The application security and cryptography group at the Lucerne School of Information Technology in Rotkreuz, Switzerland has open positions for PhD students and research associates to work on applied cryptography and quantum information projects.
  • Doctoral Position in Cryptography & Quantum Information (https://recruitingapp-2678.umantis.com/Vacancies/2467/Description/1)
  • Senior Research Associate Cryptography and Quantum Information (https://recruitingapp-2678.umantis.com/Vacancies/2466/Description/1)
  • Senior Research Associate Security Software Engineer (https://recruitingapp-2678.umantis.com/Vacancies/2465/Description/1) Candidates should have a strong background in IT security and cryptography and/or good software engineering skills; knowledge in quantum information is advantageous.

    Closing date for applications:

    Contact: For questions contact Esther Hänggi; applications via the link in the main text

  • Expand
    ◄ Previous Next ►