IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
19 December 2022
Azade Rezaeezade, Lejla Batina
ePrint ReportMaria Corte-Real Santos, Craig Costello, Sam Frengley
ePrint ReportXianrui Qin, Shimin Pan, Arash Mirzaei, Zhimei Sui, Oğuzhan Ersoy, Amin Sakzad, Muhammed F. Esgin, Joseph K. Liu, Jiangshan Yu, Tsz Hon Yuen
ePrint ReportIn this paper, we propose the first Bitcoin-compatible PCH that achieves relationship anonymity and supports variable amounts for payment. To achieve this, we have several layers of technical constructions, each of which could be of independent interest to the community. First, we propose $\textit{BlindChannel}$, a novel bi-directional payment channel protocol for privacy-preserving payments, where {one of the channel parties} is unable to see the channel balances. Then, we further propose $\textit{BlindHub}$, a three-party (sender, tumbler, receiver) protocol for private conditional payments, where the tumbler pays to the receiver only if the sender pays to the tumbler. The appealing additional feature of BlindHub is that the tumbler cannot link the sender and the receiver while supporting a variable payment amount. To construct BlindHub, we also introduce two new cryptographic primitives as building blocks, namely $\textit{Blind Adaptor Signature}$(BAS), and $\textit{Flexible Blind Conditional Signature}$. BAS is an adaptor signature protocol built on top of a blind signature scheme. Flexible Blind Conditional Signature is a new cryptographic notion enabling us to provide an atomic and privacy-preserving PCH. Lastly, we instantiate both BlindChannel and BlindHub protocols and present implementation results to show their practicality.
Thomas Peyrin, Quan Quan Tan
ePrint ReportBenoît Libert, Alain Passelègue, Mahshid Riahinia
ePrint ReportThéophile Wallez, Jonathan Protzenko, Benjamin Beurdouche, Karthikeyan Bhargavan
ePrint ReportWe present a precise, executable, machine-checked formal specification of TreeSync, and show how it can be composed with other components to implement the full MLS protocol. Our specification is written in F* and serves as a reference implementation of MLS; it passes the RFC test vectors and is interoperable with other MLS implementations. Using the DY* symbolic protocol analysis framework, we formalize and prove the integrity and authentication guarantees of TreeSync, under minimal security assumptions on the rest of MLS. Our analysis identifies a new attack and we propose several changes that have been incorporated in the latest MLS draft. Ours is the first testable, machine-checked, formal specification for MLS, and should be of interest to both developers and researchers interested in this upcoming standard.
Reham Almukhlifi, Poorvi Vora
ePrint ReportAndrew Fregly, Joseph Harvey, Burton S. Kaliski Jr., Swapneel Sheth
ePrint ReportMelissa Chase, Hannah Davis, Esha Ghosh, Kim Laine
ePrint Report15 December 2022
Yuan Tian
ePrint ReportPranav Shriram A, Nishat Koti, Varsha Bhat Kukkala, Arpita Patra, Bhavish Raj Gopal
ePrint ReportThomas Hanson, Qian Wang, Santosh Ghosh, Fernando Virdia, Anne Reinders, Manoj R. Sastry
ePrint ReportStefan Kölbl
ePrint ReportCas Cremers, Alexander Dax, Aurora Naska
ePrint ReportThe SPDM protocol inherits requirements and design ideas from IETF's TLS 1.3. However, its state machines and transcript handling are substantially different and more complex. While architecture, specification, and open-source libraries of the current versions of SPDM are publicly available, these include no significant security analysis of any kind.
In this work we develop the first formal model of the SPDM protocol, notably of the current version 1.2.1, and formally analyze its main security properties.
14 December 2022
Ottawa, Canada, 3 March -
Event CalendarKIT, Institute of Information Security and Dependability (KASTEL), Karlsruhe, Germany
Job PostingYou are part of the KASTEL Security Research Labs and conduct research as part of the Cryptography and Security group of the Institute of Information Security and Dependability. You will conduct independent research in the field of cryptography while also guiding PhD students. In addition, you will perform teaching duties.
Personal qualification:
- You have a university degree (Master or equivalent) in computer science or a directly related field, and have completed an excellent PhD in cryptography.
- In addition, extensive expertise in a specialist subfield, such as
- secure multiparty computation,
- secure computation with trusted hardware, or
- post-quantum cryptography,
- Your research experience is evidenced by excellent publications at recognized international conferences.
- Teaching experience is highly desired.
- Furthermore, an interest in interdisciplinary research is desirable.
- Personally, you are characterized by an independent, structured way of working and a high degree of reliability.
- You also bring initiative, strong communication, and teamwork skills.
- The position requires a good command of the English language.
Contract duration: 2 years
Application up to: January 15, 2023
Closing date for applications:
Contact: Prof. Jörn Müller-Quade (joern.mueller-quade@kit.edu), Dr. Willi Geiselmann (willi.geiselmann@kit.edu)
More information: https://www.pse.kit.edu/english/karriere/joboffer.php?id=91701&new=true
Flensburg University of Applied Sciences
Job Posting- Internet and computer security
- distributed and decentralized security (e.g. cloud, blockchain)
- cryptography
Interested candidates will kindly include their full CV and transcripts in their applications and send to personal.bewerbungen@hs-flensburg.de. You may also contact Prof. Dr. Sebastian Gajek for details.
Deadline for applications is January 7th, 2023.
We encourage early applications and review of applications will begin immediately. Only shortlisted applications will be notified.
Closing date for applications:
Contact: Sebastian Gajek (sebastian.gajek@hs-flensburg.de)
More information: https://hs-flensburg.de/hochschule/stellenangebote/2022/11/w2-professur-fuer-it-sicherheit-und-internettechnologien-mwd
SnT, University of Luxembourg
Job Posting- applied or symmetric cryptography
- cryptofinance, cryptoeconomics, blockchains
- anonymity and privacy on the Internet
- Conduct, publish and present research results at conferences
- Provide guidance to the two Ph.D. students of the project
- Attract funding in cooperation with academic and industrial partners
- A Ph.D. degree in Computer Science, Applied Mathematics or a related field
- Competitive research record in applied cryptography or information security (at least one paper in top 10 IT security/crypto conferences)
- Strong mathematical and algorithmic CS background, economics/finance - a plus
- Good skills in programming and scripting languages
- Fluent written/verbal communication skills in English
Application Applications, written in English, should be submitted online and should include:
- A brief cover letter explaining the candidate's motivation and research interests
- Curriculum Vitae (including photo, education/research/work, publications, interests, contributions to open-source projects, participation in research competitions, olympiads, CTFs, etc.)
- Contact information of 3 referees
Closing date for applications:
Contact: Prof. Alex Biryukov (e-mail: first name dot family name (at) uni.lu)
More information: https://www.cryptolux.org/index.php/Vacancies
Queen's University Belfast
Job PostingThe successful candidate must have, and your application should clearly demonstrate you have:
Duration: This is a fixed term contact for 30 months, or available until 30/09/2025, whichever is sooner. Fixed term contract posts are available for the stated period in the first instance but in particular circumstances may be renewed or made permanent subject to availability of funding.
Application Deadline: 9 Jan 2023
Application details: https://www.jobs.ac.uk/job/CVV449/research-fellow-in-hardware-security
Closing date for applications:
Contact: Dr. Chongyan Gu (c.gu@qub.ac.uk)
More information: https://www.jobs.ac.uk/job/CVV449/research-fellow-in-hardware-security
University of Central Florida
Job PostingClosing date for applications:
Contact: Questions regarding this search may be directed to Dr. Yan Solihin (yan.solihin@ucf.edu) or Dr. Paul Gazzillo (paul.gazzillo@ucf.edu).