IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
14 December 2022
Helsinki Institute for Information Technology, Helsinki, Finland
Job PostingThe Helsinki Institute for Information Technology (HIIT) invites applications for Postdoctoral Fellows and Research Fellows. HIIT offers a HIIT Postdoctoral Fellow position up to three years. For more senior candidates, HIIT offers a HIIT Research Fellow position up to five years. The length of the contract as well as the starting and ending dates are negotiable.
All excellent researchers in any area of ICT can be considered, but priority is given to candidates who support one (or more) of the HIIT strategic focus areas:
- Artificial Intelligence
- Computational Health
- Cybersecurity
- Data Science
- Foundations of Computing
The deadline for applications is January 8th, 2023 at 11:59 PM (23:59 UTC+02:00). By applying to this call, organized by Helsinki Institute for Information Technology HIIT, you use one application to apply to positions for both of our hosting institutions, Aalto University and the University of Helsinki. Aalto University and the University of Helsinki are the two leading universities in Finland in computer science and information technology. Both are located in the Helsinki Metropolitan area, and the employing university will be determined by the supervising professor. Aalto University and the University of Helsinki are both committed to fostering an inclusive environment with people from diverse backgrounds, and researchers from underrepresented groups are particularly encouraged to apply.
Closing date for applications:
Contact:
For any question regarding the electronic application system, please contact Maaria Ilanko (firstname.lastname@aalto.fi)
For questions regarding these positions, please contact the HIIT coordinator at coordinator@hiit.fi
More information: https://www.hiit.fi/hiit-postdoctoral-and-research-fellow-positions/
Fortanix
Job PostingFortanix is hiring a Sr. Software Engineer, Cryptography. Join a passionate team that will highly appreciate your contributions.
You will- Implement and maintain production-ready cryptography code in Rust and C/C++, including post-quantum algorithms and secure cryptography APIs.
- Analyze state-of-the-art attacks and implement side-channel mitigations.
- Participate in peer code review, educate.
- Help deploy, monitor, and tune the performance of our software.
- Analyze existing internal and partner security designs.
Requirements: A Master's degree or PhD in Cryptography or a related field, or equivalent training or work experience. Uncompromising integrity, outstanding attention to detail, programming experience.
We can offer: competitive salary, relocation support, 25 holidays and travel expense remuneration.
Closing date for applications:
Contact: francisco.vialprado@fortanix.com
University of Amsterdam
Job PostingWhat are you going to do?
- Carry out original research in the field of implementation and applications of privacy preserving technologies for data analytics in healthcare
- Be active in the fundamental and/or applied research area, publishing in high level international journals and presenting at leading conferences
- Take part in ongoing educational activities, such as assisting in a course and guiding student thesis projects, at the BSc or MSc level
- Collaborate with other groups, institutes and/or companies by contributing expertise to joint research projects
- Contribute to activities and deliverables of the SECURED Horizon Europe Project
- An MSc degree in Computer Science, Computer Engineering, or Electrical Engineering (or a related discipline)
- Strong analytical and technical skills; Good problem-solving skills
- An interdisciplinary mindset and an open and proactive personality in interacting with researchers from different disciplines
- A strong scientific interest in security and privacy, in particular in at least one of the following two fields:
- efficient implementation of cryptographic and privacy preserving primitives, both in hardware and in software
- application, orchestration, and improvement of privacy-preserving techniques to achieve given data protection objectives
- The willingness to work in a highly international research team;
- Fluency in oral and written English and good presentation skills
- Ability to assess practical implementation of privacy preserving techniques
https://vacatures.uva.nl/UvA/job/Two-PhD-Positions-on-Efficient-Privacy-preserving-Techniques-for-Data-Analysis-and-Machine/760571702/
Closing date for applications:
Contact: Francesco Regazzoni
More information: https://tinyurl.com/4s4kzwn6
Chen-Da Liu-Zhang, Christian Matt, Søren Eller Thomsen
ePrint ReportMichael Walter
ePrint ReportIn this short note, we show that the claims made in the two aforementioned works with regards to the leakage through the timing side channel are false. We demonstrate that the active attack, a standard attack against IND-CPA secure LWE-based encryption, can be mounted just as efficiently without the "side channel information".
13 December 2022
Giulia Scaffino, Lukas Aumayr, Zeta Avarikioti, Matteo Maffei
ePrint ReportWe introduce Glimpse, a novel on-demand cross-chain synchronization primitive, which is both efficient in terms of on-chain costs and computational overhead, and expressive in terms of applications it supports. The key idea of Glimpse is to synchronize transactions on-demand, i.e., only those relevant to realize the cross-chain application of interest. We present a concrete instantiation which is compatible with blockchains featuring a limited scripting language (e.g., Bitcoin-based chains like Liquid), and, yet, can be used as a building block for the design of DeFi applications such as lending, pegs, wrapping/unwrapping of tokens, Proof-of-Burn, and verification of multiple oracle attestations. We formally define and prove Glimpse security in the Universal Composability (UC) framework and conduct an economical security analysis to identify the secure parameter space in the rational setting. Finally, we evaluate the cost of Glimpse for Bitcoin-like chains, showing that verifying a simple transaction has at most 700 bytes of on-chain overhead, resulting in a one-time fee of 3$, only twice as much as a basic Bitcoin transaction.
Endres Puschner, Thorben Moos, Steffen Becker, Christian Kison, Amir Moradi, Christof Paar
ePrint ReportBehzad Abdolmaleki, Saikrishna Badrinarayanan, Rex Fernando, Giulio Malavolta, Ahmadreza Rahimi, Amit Sahai
ePrint ReportYuejun Wang, Baocang Wang, Qiqi Lai, Yu Zhan
ePrint ReportTrevor Miller
ePrint ReportSafiullah Khan, Wai-Kong Lee, Angshuman Karmakar, Jose Maria Bermudo Mera, Abdul Majeed, Seong Oun Hwang
ePrint ReportFreja Elbro, Christian Majenz
ePrint ReportLingyue Qin, Jialiang Hua, Xiaoyang Dong, Hailun Yan, Xiaoyun Wang
ePrint ReportElena Dubrova, Kalle Ngo, Joel Gärtner
ePrint Report10 December 2022
Ruben Gonzalez, Thom Wiggers
ePrint ReportKEMTLS is a proposal for an alternative TLS handshake protocol that avoids authentication through signatures in the TLS handshake. Instead, it authenticates the peers through long-term KEM keys held in the certificates. The KEMs considered for standardization are more efficient in terms of computation and/or bandwidth than the post-quantum signature schemes.
In this work, we compare KEMTLS to TLS 1.3 in an embedded setting. To gain meaningful results, we present implementations of KEMTLS and TLS 1.3 on a Cortex-M4-based platform. These implementations are based on the popular WolfSSL embedded TLS library and hence share a majority of their code. In our experiments, we consider both protocols with the remaining NIST finalist signature schemes and KEMs, except for Classic McEliece which has too large public keys. Both protocols are benchmarked and compared in terms of run-time, memory usage, traffic volume and code size. The benchmarks are performed in network settings relevant to the Internet of Things, namely low-latency broadband, LTE-M and Narrowband IoT. Our results show that KEMTLS can reduce handshake time by up to 38%, can lower peak memory consumption and can save traffic volume compared to TLS 1.3.
Seth Hoffert
ePrint ReportCas Cremers, Charlie Jacomme, Aurora Naska
ePrint ReportYou Zhou, Zongyang Zhang, Haibin Zhang, Sisi Duan, Bin Hu, Licheng Wang, Jianwei Liu
ePrint ReportWe have implemented and deployed our system using up to 151 replicas on Amazon EC2. We demonstrate that even without using the technique of separating data transmission from agreement, Dory has up to 5x the throughput of Speeding Dumbo (sDumbo), while lowering the communication cost for different batch sizes.
Alexandra Mai
ePrint ReportTo investigate current commonalities and differences in SSI understanding, I contribute the first qualitative user study (N=13) on expert mental models of SSI and its associated threat landscape. The study results highlight the need for a general definition of SSI and further standards for such systems, as experts' perceptions of SSI requirements vary widely. Based on the expert interviews, I constructed a minimal knowledge map for (potential) SSI end-users and formulated design guidelines for SSI to facilitate broad adoption in the wild and improve privacy-preserving usage.
Sacha Servan-Schreiber, Simon Beyzerov, Eli Yablon, Hyojae Park
ePrint ReportIn this paper, we initiate the study of access control for FSS. Given the shares of f, the evaluators can ensure that the dealer is authorized to share the provided function. For a function family F and an access control list defined over the family, the evaluators receiving the shares of f ∈ F can efficiently check that the dealer knows the access key for f.
This model enables new applications of FSS, such as: – anonymous authentication in a multi-party setting, – access control in private databases, and – authentication and spam prevention in anonymous communication systems.
Our definitions and constructions abstract and improve the concrete efficiency of several re- cent systems that implement ad-hoc mechanisms for access control over FSS. The main building block behind our efficiency improvement is a discrete-logarithm zero-knowledge proof-of-knowledge over secret-shared elements, which may be of independent interest.
We evaluate our constructions and show a 50–70× reduction in computational overhead com- pared to existing access control techniques used in anonymous communication. In other applications, such as private databases, the processing cost of introducing access control is only 1.5–3× when amortized over databases with 500,000 or more items.