International Association
for Cryptologic Research

The increasing popularity of blockchain technology has affected the way we view many fields related to computer science, with E-commerce being no exception. The distributed nature and transparency of blockchain-based systems is one of its main perks, but it also raises some issues when it comes to privacy. Zero-knowledge proofs are very powerful building blocks when it comes to building privacy-preserving protocols, so, naturally, they have attracted a lot of attention in the last years. Following the recent collapse of the very popular crypto exchange FTX, we believe it is important to analyse how such events can be prevented in the future. This paper aims to highlight solutions that use zero-knowledge to prove solvency.

Blockchain is a newly emerging technology, however, it has proven effective in many applications because it provides multiple advantages, mainly as it represents a trust system in which data is encrypted in a way that cannot be tampered with or forged. Because it contains many details such as smart contracts, consensus, authentication, etc. the blockchain is a fertile ground for researchers where they can continually improve previous versions of these concepts. This paper introduces a new multi-signature scheme based on RSA. This scheme is designed to reduce the blockchain's size and prevent known attacks and is also applicable in many other settings that require multi-signatures. Our scheme is in the plain public key model, which means nodes do not need to prove knowledge or possession of their private key. In which, whatever the number of signers, the final signature size is equal to $O(k)$ where $k$ is a security parameter and no interaction between signers is needed. To verify that a number of parties have signed a shared message $m$, a verifier needs the signature, list of signers, and the message $m$. The presented practical short accountable-subgroup multi-signature (ASM) scheme allows a valid signature to disclose which subset generated the signature. It is worth noting that our multi-signatures with public key aggregation is an interactive two-round protocol and a multi-signature model applied to the entire block and not to individual transactions.

Visa Research is a growing group within Visa. We are located in the Palo Alto. The team itself is highly collaborative, working together not only on projects and research but also known to go hiking and have lunch together. 

Currently, we focus on building research teams in key areas: Data Analytics, Cryptography, and Future of Payment(Blockchain), and Artificial Intelligence. We are looking for outstanding researcher interns as part of the growing team! 

Visa Research’s goal of security is to enable policy-enforced, full lifecycle protection for data at rest, in transit and during computation for all payment-related scenarios. We accomplish this through fundamental and applied research in the areas of security and cryptography.

The internship will focus on developing new and impactful research in the chosen area. You will work closely with our team members to define and solve a state of the art research problem. In most cases, the final deliverable will be a research publication at a top-tier conference. Candidates should be able to demonstrate research proficiency (eg existing publications) and be able to perform research in both a group and self-guided setting.

Specific areas of interest include :

• Post Quantum Cryptography
• Quantum Cryptography
• Secure Multiparty Computation
• Zero Knowledge Proofs
• Blockchain & Consensus Protocols

Closing date for applications:

Contact: perindal@visa.com

More information: https://jobs.smartrecruiters.com/Visa/743999878021251-intern-visa-research-phd-

The Information Security Research Group at University College London offers a full-time PhD position in applied cryptography under the supervision of Dr. Philipp Jovanovic. This 4-year position is fully funded and has a starting date of September/October 2023 or shortly thereafter.

The position provides an excellent opportunity for students to develop cryptographic tools to improve the privacy, scalability, and security of next-generation decentralized systems. Candidates with research interests in one or more of the following areas are particularly encouraged to apply: blockchains and cryptocurrencies, threshold cryptography, multiparty computation, zero-knowledge proofs, consensus, distributed systems, cryptoeconomics. Successful applicants will work in an exciting international environment, conduct cutting-edge research in the above-mentioned fields, and publish and present their results at top venues for research in blockchains, cryptography, and IT security.

Closing date for applications:

Contact: Philipp Jovanovic p.jovanovic@ucl.ac.uk

More information: https://www.notion.so/philipp-jovanovic/Fully-funded-PhD-Position-in-Applied-Cryptography-The-WebN-Scholarship-in-Information-Security-536378d8a85c4306b9a6c2b0cdf1eb1b

Applications are invited for a post of Research Associate (RA) to work on the R&D project titled "Construction of permutation polynomials, and computation of generalized differential and boomerang uniformities of some classes of functions over finite fields," sanctioned by the Science and Engineering Research Board (SERB), Govt. of India, for a period of three years. The RA will be initially appointed for a period of one year and may be extended for a maximum of three years depending on performance, which will be evaluated at the completion of each year. The post is purely temporary and co-terminus with the project.

Closing date for applications:

Contact: Sartaj Ul Hasan (sartaj.hasan[at]iitjammu.ac.in)

More information: https://www.iitjammu.ac.in/post/advt-IITJMU-RC-RP00141-2023-A-18-research-associate

The research focus of the Implementation Security group at the Faculty of Computer Science is on the security of implementations. A large part of our research is dedicated to hardware security, protection against physical attacks (side-channel analysis and fault-injection attacks), security analysis of real-world systems particularly internet of things, and efficient hardware and software implementation of cryptographic primitives including fully homomorphic encryption schemes. This includes various implementation platforms like ASICs, FPGAs, and micro-processors. The Implementation Security group is looking for excellent B.Sc. and M.Sc. graduates with outstanding grades and degrees in computer science, computer engineering, electrical engineering, and mathematics. In addition, we are looking for outstanding postdoctoral candidates from these fields.

Initially, we offer three-year fully funded positions for B.Sc. and M.Sc. graduates. The expectation is to work towards a doctorate. Postdoctoral positions are initially offered to two years. Both PhD and Postdoctoral positions are subject to extensions. The salary will be according to the remuneration group E 13 TV-L (full time).

Our offerings:

• Excellent research environment with award-winning scientists, Open team culture,
• Programs designed to support parents,
• Support measures for women in IT security,
• Excellent support for doctoral and postdoctoral researchers,
• Opportunities for academic and professional development,
• Budget for courses, conferences, equipment and international exchange

Please send your complete application documents in one single pdf file to: amir.moradi@rub.de. The required documents are: CV, transcript of records of BSc., transcript of records of MSc. (if applicable).

Closing date for applications:

Contact:

Prof. Amir Moradi

https://informatik.rub.de/impsec/personen/moradi/

More information: https://informatik.rub.de/impsec/

ARC (Australian Research Council) PhD scholarship is available at the University of Southern Queensland, Australia ---Research Area: Computer Network Security ---Scholarship Amount: AU$32,000 per year for 3 years Requirements:   Good research track record and skills.   English: IELTS >= 6.5 TOFEL: Paper-based, >= 570 Electronic or computer based, >= 230 Internet based, >= 90 ,Or meet the enrolment in an Australian University ---For more PhD enrolment information, please check out the link of https://www.unisq.edu.au/handbook/current/sciences/DPHD.html Contact: Professor Yan Li - Yan.Li@usq.edu.au

Closing date for applications:

Contact: Professor Yan Li with email: Yan.Li@usq.edu.au

More information: https://www.unisq.edu.au/handbook/current/sciences/DPHD.html

We give a construction of a 2-round blind signature scheme based on the hardness of standard lattice problems (Ring/Module-SIS/LWE and NTRU) with a signature size of 22 KB. The protocol is round-optimal and has a transcript size that can be as small as 60 KB. This blind signature is around $4$ times shorter than the most compact lattice-based scheme based on standard assumptions of del Pino and Katsumato (Crypto 2022) and around $2$ times shorter than the scheme of Agrawal et al. (CCS 2022) based on their newly-proposed one-more-SIS assumption. We also give a construction of a ``keyed-verification'' blind signature scheme in which the verifier and the signer need to share a secret key. The signature size in this case is only $48$ bytes, but more work needs to be done to explore the efficiency of the protocol which generates the signature.

Masking has become one of the most effective approaches for securing hardware designs against side-channel attacks. Irrespective of the effort put into correctly implementing masking schemes on a field programmable gate array (FPGA), leakage can be unexpectedly observed. This is due to the fact that the assumption underlying all masked designs, i.e., the leakages of different shares are independent of each other, may no longer hold in practice. In this regard, extreme temperatures have been shown to be an important factor in inducing leakage, even in correctly-masked designs. This has previously been verified using an external heat generator (i.e., a climate chamber). In this paper, we examine whether the leakage can be induced using the circuit components themselves. Specifically, we target masked neural networks (NNs) in FPGAs, with one of the main building blocks being block random access memory (BRAM) and flip-flops (FFs). In this respect, thanks to the inherent characteristics of NNs, our novel internal heat generators leverage solely the memories devoted to storing the user’s input, especially when frequently writing alternating patterns into BRAMs and FFs. The possibility of observing first-order leakage is evaluated by considering one of the most recent and successful first-order secure masked NNs, namely ModuloNET. ModuloNET is specifically designed for FPGAs, where BRAMs are used for storing the inputs and intermediate computations. Our experimental results demonstrate that undesirable first-order leakage can be observed by increasing the temperature when an alternating input is applied to the masked NN. To give a better understanding of the impact of extreme heat, we further perform a similar test on the design with FFs storing the input, where the same conclusion can be drawn.

The threat of chip-level tampering and its detection is a widely researched field. Hardware Trojan insertions are prominent examples of such tamper events. Altering the placement and routing of a design or removing a part of a circuit for side-channel leakage/fault sensitivity amplification are other instances of such attacks. While semi- and fully-invasive physical verification methods can confidently detect such stealthy tamper events, they are costly, time-consuming, and destructive. On the other hand, virtually all proposed non-invasive side-channel methods suffer from noise and, therefore, have low confidence. Moreover, they require activating the tampered part of the circuit (e.g., the Trojan trigger) to compare and detect the modification. In this work, we introduce a general non-invasive post-silicon tamper detection technique applicable to all sorts of tamper events at the chip level without requiring the activation of the malicious circuit. Our method relies on the fact that all classes of physical modifications (regardless of their physical, activation, or action characteristics) alter the impedance of the chip. Hence, characterizing the impedance can lead to the detection of the tamper events. To sense the changes in the impedance, we deploy known RF tools, namely, scattering parameters, in which we inject sine wave signals with high frequencies to the power distribution network (PDN) of the system and measure the “echo” of the signal. The reflected signals in various frequency bands reveal different tamper events based on their impact size on the die. To validate our claims, we performed extensive measurements on several proof-of-concept tampered hardware implementations realized on an FPGA manufactured with a 28 nm technology. Based on these groundbreaking results, we demonstrate that stealthy hardware Trojans, as well as sophisticated modifications of P&R, can be detected with high confidence.

We consider multi-party information-theoretic private computation. Such computation inherently requires the use of local randomness by the parties, and the question of minimizing the total number of random bits used for given private computations has received considerable attention in the literature.

In this work we are interested in another question: given a private computation, we ask how many of the players need to have access to a random source, and how many of them can be deterministic parties. We are further interested in the possible interplay between the number of random sources in the system and the total number of random bits necessary for the computation.

We give a number of results. We first show that, perhaps surprisingly, $t$ players (rather than $t+1$) with access to a random source are sufficient for the information-theoretic $t$-private computation of any deterministic functionality over $n$ players for any $t
We then turn to the question of the possible interplay between the number of random sources and the necessary number of random bits. Since for only very few settings in private computation meaningful bounds on the number of necessary random bits are known, we consider the AND function, for which some such bounds are known. We give a new protocol to $1$-privately compute the $n$-player AND function, which uses a single random source and $6$ random bits tossed by that source. This improves, upon the currently best known results (Kushilevitz et al., TCC'19), at the same time the number of sources and the number of random bits (KOPRT19 gives a $2$-source, $8$-bits protocol). This result gives maybe some evidence that for $1$-privacy, using the minimum necessary number of sources one can also achieve the necessary minimum number of random bits. We believe however that our protocol is of independent interest for the study of randomness in private computation.

This Paper proposes FssNN, a communication-efficient secure two-party computation framework for evaluating privacy-preserving neural network via function secret sharing (FSS) in semi-honest adversary setting. In FssNN, two parties with input data in secret sharing form perform secure linear computations using additive secret haring and non-linear computations using FSS, and obtain secret shares of model parameters without disclosing their input data. To decrease communication cost, we split the protocol into online and offline phases where input-independent correlated randomness is generated in offline phase while only lightweight ``non-cryptographic'' computations are executed in online phase. Specifically, we propose $\mathsf{BitXA}$ to reduce online communication in linear computation, DCF to reduce key size of the FSS scheme used in offline phase for nonlinear computation. To further support neural network training, we enlarge the input size of neural network to $2^{32}$ via ``MPC-friendly'' PRG.

We implement the framework in Python and evaluate the end-to-end system for private training between two parties on standard neural networks. FssNN achieves on MNIST dataset an accuracy of 98.0%, with communication cost of 27.52GB and runtime of 0.23h per epoch in the LAN settings. That shows our work advances the state-of-the-art secure computation protocol for neural networks.

We put forth a new cryptographic primitive for securely computing inner-products in a scalable, non-interactive fashion: any party can broadcast a public (computationally hiding) encoding of its input, and store a secret state. Given their secret state and the other party's public encoding, any pair of parties can non-interactively compute additive shares of the inner-product between the encoded vectors.

We give constructions of this primitive from a common template, which can be instantiated under either the LPN (with non-negligible correctness error) or the LWE (with negligible correctness error) assumptions. Our construction uses a novel twist on the standard non-interactive key exchange based on the Alekhnovich cryptosystem, which upgrades it to a non-interactive inner product protocol almost for free. In addition to being non-interactive, our constructions have linear communication (with constants smaller than all known alternatives) and small computation: using LPN or LWE with quasi-cyclic codes, we estimate that encoding a length-$2^{20}$ vector over a 32-bit field takes less that 2s on a standard laptop; decoding amounts to a single cheap inner-product.

We show how to remove the non-negligible error in our LPN instantiation using a one-time, logarithmic-communication preprocessing. Eventually, we show to to upgrade its security to the malicious model using new sublinear-communication zero-knowledge proofs for low-noise LPN samples, which might be of independent interest.

This paper aims to provide a security analysis comparison between three popular instant messaging apps: Signal, WhatsApp and Telegram. The analysis will focus on the encryption protocols used by each app and the security features they offer. The paper will evaluate the strengths and weaknesses of each app, and provide a summary of their overall security posture. Additionally, this paper will discuss other considerations such as user base, data collection and usage policies, and other features which may impact the security of the apps. The results of this analysis will provide insights for individuals and organizations looking to choose a secure instant messaging app for their communication needs. In this paper we reviewed the main encryption standards and we compared the features, traffic analysis, protocols, performance and recent security breaches for WhatsApp, Signal and Telegram. The paper includes packet sniffing using Wireshark and Fiddler.

The purpose of this article is to present,illustrate and to put in evidence a new side- channel attack on RSA cryptosystem based on the generation of prime numbers. The vulnerability of the cryptosystem is spotted during the execution of the key generation step.The probability of success of the attack is around 10-15% in the case of realistic parameters

Public-key quantum money is a cryptographic proposal for using highly entangled quantum states as currency that is publicly verifiable yet resistant to counterfeiting due to the laws of physics. Despite significant interest, constructing provably-secure public-key quantum money schemes based on standard cryptographic assumptions has remained an elusive goal. Even proposing plausibly-secure candidate schemes has been a challenge.

These difficulties call for a deeper and systematic study of the structure of public-key quantum money schemes and the assumptions they can be based on. Motivated by this, we present the first black-box separation of quantum money and cryptographic primitives. Specifically, we show that collision-resistant hash functions cannot be used as a black-box to construct public-key quantum money schemes where the banknote verification makes classical queries to the hash function. Our result involves a novel combination of state synthesis techniques from quantum complexity theory and simulation techniques, including Zhandry's compressed oracle technique.

The use of data as a product and service has given momentum to the extensive uptake of complex machine learning algorithms that focus on performing prediction with popular tree-based methods such as decision trees classifiers. With increasing adoption over a wide array of sensitive applications, a significant need to protect the confidentiality of the classifier model and user data is identified. The existing literature safeguards them using interactive solutions based on expensive cryptographic approaches, where an encrypted classifier model interacts with the encrypted queries and forwards the encrypted classification to the user. Adding to that, the state-of-art protocols for protecting the privacy of the model do not contain model-extraction attacks.

We design an efficient virtual black-box obfuscator for binary decision trees and use the random oracle paradigm to analyze the security of our construction. To thwart model-extraction attacks, we restrict to evasive decision trees, as black-box access to the classifier does not allow a PPT adversary to extract the model. While doing so, we present an encoder for hiding parameters in an interval-membership function. Our exclusive goal behind designing the obfuscator is that, not only will the solution increase the class of functions that has cryptographically secure obfuscators, but also address the open problem of non-interactive prediction in privacy-preserving classification using computationally inexpensive cryptographic hash functions.

We propose a novel methodology to obtain $B$lind signatures that is fundamentally based on the idea of hiding part of the underlying plain signatures under a $Z$ero-knowledge argument of knowledge of the whole signature (hence the shorthand, $BZ$). Our proposal is necessarily non-black-box and stated in the random oracle model. We illustrate the technique by describing two instantiations: a classical setting based on the traditional discrete logarithm assumption, and a post-quantum setting based on the commutative supersingular isogeny Diffie-Hellman (CSIDH) assumption.

Event date: 23 April 2023
Submission deadline: 28 February 2023
Notification: 21 March 2023

Event date: 19 June to 22 June 2023
Submission deadline: 17 March 2023
Notification: 19 April 2023