International Association
for Cryptologic Research

Financial applications have historically required strong security guarantees. These can be achieved in a digital world via cryptographic tools but have traditionally been employed to provide authenticity and privacy for data exchanged between clients and financial institutions over insecure networks (e.g. the Internet). However, the recent advent of cryptocurrencies and smart contract platforms, based on blockchains, allowed financial transactions to be carried out over a public ledger, instead of keeping such transactions exclusive to private institutions. This introduced a new challenge: Allowing any third party to verify the validity of financial operations by means of public records on a blockchain, while keeping sensitive data private. Advanced cryptographic techniques such as Zero Knowledge (ZK) proofs rose to prominence as a solution to this challenge, allowing for the owner of sensitive information (e.g. the identities of users involved in an operation) to provide unforgeable evidence that a certain operation has been correctly executed without revealing said sensitive data. Moreover, once the Fintech community discovered the power of such advanced techniques, it also became clear that performing arbitrary computation on private data by means of secure Multiparty Computation (MPC), and related techniques like Fully Homomorphic Encryption (FHE), would allow more powerful financial applications, also in traditional finance, involving sensitive data from multiple sources. In this survey, we present an overview of the main Privacy-Enhancing Technologies (PETs) available in the state of the art of current advanced cryptographic research and how they can be used to address challenges in both traditional and decentralized finance. In particular, we consider the following classes of applications: 1. Identity Management, KYC & AML; 2. Legal; 3. Digital Asset Custody; and 4. Markets & Settlement. We examine how ZK proofs, MPC and related PETs have been used to tackle challenges in each of these applications. Finally, we propose future applications of PETs as Fintech solutions to currently unsolved issues. While we present a broad overview, we focus mainly on those applications that require privacy preserving computation on data from multiple parties.

The current article provides a new deterministic hash function $\mathcal{H}$ to almost any elliptic curve $E$ over a finite field $\mathbb{F}_{\!q}$, having an $\mathbb{F}_{\!q}$-isogeny of degree $3$. Since $\mathcal{H}$ just has to compute a certain Lucas sequence element, its complexity always equals $O(\log(q))$ operations in $\mathbb{F}_{\!q}$ with a small constant hidden in $O$. In comparison, whenever $q \equiv 1 \ (\mathrm{mod} \ 3)$, almost all previous hash functions need to extract at least one square root in $\mathbb{F}_{\!q}$. Over the field $\mathbb{F}_{\!q}$ of $2$-adicity $\nu$ this amounts to $O(\log(q) + \nu^2)$ operations in $\mathbb{F}_{\!q}$ for the Tonelli--Shanks algorithm and $O(\log(q) + \nu^{3/2})$ ones for the recent Sarkar algorithm. A detailed analysis shows that $\mathcal{H}$ is several times faster than earlier state-of-the-art hash functions to the curve NIST P-224 (for which $\nu = 96$) from the American standard NIST SP 800-186.

Homomorphic encryption (HE) allows for computations on encrypted data without requiring decryption. HE is commonly applied to outsource computation on private data. Due to the additional risks caused by data outsourcing, the ability to recover from losses is essential, but doing so on data encrypted under an HE scheme introduces additional challenges for recovery and usability. This work introduces X-Cipher, which aims to make HE data resilient by ensuring it is private and fault-tolerant simultaneously at all stages during data-outsourcing. X-Cipher allows for data recovery without decryption, and maintains its ability to recover and keep data private when a cluster server has been compromised. X-Cipher allows for reduced ciphertext storage overhead by introducing novel encoding and leveraging previously introduced ciphertext packing. X-Cipher's capabilities were evaluated on synthetic dataset, and compared to prior work to demonstrate X-Cipher enables additional security capabilities while enabling privacy-preserving outsourced computations.

In this work, we will give new attacks on the pseudorandomness of algebraic pseudorandom number generators (PRGs) of polynomial stretch. Our algorithms apply to a broad class of PRGs and are in the case of general local PRGs faster than currently known attacks. At the same time, in contrast to most algebraic attacks, subexponential time and space bounds will be proven for our attacks without making any assumptions of the PRGs or assuming any further conjectures. Therefore, we yield in this text the first subexponential distinguishing attacks on PRGs from constant-degree polynomials and close current gaps in the subexponential cryptoanalysis of lightweight PRGs.

Concretely, against PRGs $F : \mathbb{Z}_q^{n} \rightarrow \mathbb{Z}_q^{m}$ that are computed by polynomials of degree $d$ over a field $\mathbb{Z}_q$ and have a stretch of $m = n^{1+e}$ we give an attack with space and time complexities $n^{O(n^{1 - \frac{e}{d-1}})}$ and noticeable advantage $1 - {O(n^{1 - \frac{e}{d-1}}/{q})}$, if $q$ is large. If $F$ is of constant locality $d$ and $q$ is constant, we construct a second attack that has a space and time complexity of $n^{O(\log(n)^{\frac{1}{(q-1)d-1}} \cdot n^{1 - \frac{e}{(q-1)d-1}})}$ and noticeable advantage $1-O((\log(n)/n^e)^{\frac{1}{(q-1)d-1}})$.

One of the main security challenges white-box cryptography needs to address is side-channel security. To this end, designers aim to eliminate the dependence between variables and sensitive data. Classical countermeasures to do so are masking schemes. Nevertheless, most masking schemes are not designed to thwart the other main security threat : fault attacks. Thus, we aimed to build a masking scheme that could combine resistance to both of these types of attacks. In this paper, we present our new generic fault resistant masking scheme using BCH error-correcting codes, as well as the design choices behind it.

The Computer Science and Engineering Department at the University of North Texas (UNT) has multiple tenure track Assistant and Associate position openings. The department plans to contribute to the college priorities by hiring faculty who can strengthen or complement our existing strength areas of Cybersecurity, Algorithms and Computational Science, Artificial Intelligence/Machine Learning and Data Science, Bioinformatics, Computer Architectures, Computer Networking, Embedded Systems, Operating Systems, and Software Engineering.

Closing date for applications:

Contact: Please contact Drs. Stephanie Ludi (stephanie.ludi@unt.edu) or Kirill Morozov (kirill.morozov@unt.edu) for any inquiries.

More information: https://jobs.untsystem.edu/postings/68591

We are looking for passionate Post-docs to work on the ERC Advanced Grant project "PARQ: Lattices in a Parallel and Quantum World". The project aims at studying the best parallel and quantum algorithms for lattice problems, and proposing automated tools to select safe parameters for lattice-based cryptography. It is hosted by the Inria cryptography team Cascade, located at ENS in downtown Paris. (see https://crypto.di.ens.fr/web2py ) The ideal candidates should have a PhD degree from a leading university, and a proven record of lattice-related publications in top venues. We offer a competitive salary and a budget for conference travel and research visits. We have access to computer clusters. Positions can be filled from April 1st, 2023. If you're interested, please send by June 1st, 2023: • Your curriculum vitae • Your two best publications • Research statement • Reference letters if possible

Closing date for applications:

Contact: Phong Nguyen ( Phong.Nguyen at inria.fr )

More information: https://jobs.inria.fr/public/classic/en/offres/2022-05411

Event date: 9 June 2023
Submission deadline: 28 February 2023
Notification: 31 March 2023

Event date: 28 February to 2 March 2023

We are looking for multiple PhD students and PostDocs working on cryptographic primitives and protocols enabling privacy, accountability, and transparency in real-world application scenarios.

A solid background in provable security is required (for PhD students: successfully attended courses or a master’s thesis on the subject). Experiences with secure multi-party computation or UC-based security are a plus. For PostDocs, a track record in research on privacy-preserving protocols is expected, including publications at reputable conferences such as Crypto, Eurocrypt, ACM CCS, PETS, etc.

You will be a member of the KASTEL Security Research Labs (https://zentrum.kastel.kit.edu). Your research will be dealing with privacy-preserving cryptographic building blocks and protocols for important application scenarios and result in both theoretical security concepts (protocol designs, security models and proofs, etc.) and their efficient implementation. You will have the opportunity to regularly visit other reputable research institutions for IT security and cryptography such as the University of Luxembourg.

As the positions should be filled as soon as possible, your application will be evaluated promptly. If you are interested, please send an email including your CV and a list of publications (for PostDocs) to andy.rupp@partner.kit.edu.

Closing date for applications:

Contact: Andy Rupp (andy.rupp@partner.kit.edu, PI at KASTEL)

There is a vacancy for up to 2 positions as PhD Research Fellow in Informatics – Cryptology at the Department of Informatics, University of Bergen, Norway. Both positions are funded by the university and are for a fixed-term period of 4 years.

Potential work tasks include:

• Statistical and algebraic cryptanalysis of modern block and stream ciphers
• Cryptanalysis of lattice-based postquantum cryptography protocols
• Construction of cryptographically optimal functions and related objects

Other closely related topics may be considered.

The working environment for this position will be at the Selmer Center in Secure Communication. The Selmer Center is one of the top ICT research groups with main research in areas of sequence design, coding theory, cryptology, Boolean functions, information security, and quantum information theory.

The candidate should have the following qualifications:

• A master's degree or equivalent education in mathematics, computer science, or a related area
• Experience with general-purpose programming languages
• Knowledge of discrete mathematics, linear algebra and probability theory
• Knowledge of cryptographic schemes and protocols
• Proficiency in both written and oral English

We can offer:

• a good and professionally stimulating working environment
• salary as PhD research fellow (code 1017) in the state salary scale
• enrolment in the Norwegian Public Service Pension Fund
• good welfare benefits

Application deadline: March 1, 2023

To apply and for more information: https://www.jobbnorge.no/en/available-jobs/job/236961/phd-research-fellow-in-informatics-cryptology-up-to-2-positions

Closing date for applications:

Contact: Nikolay Kaleyski, Department of Informatics, University of Bergen, Norway (firstname.surname@uib.no)

More information: https://www.jobbnorge.no/en/available-jobs/job/236961/phd-research-fellow-in-informatics-cryptology-up-to-2-positions

The lightweight block ciphers ULC and LICID are introduced by Sliman et al. (2021) and Omrani et al. (2019) respectively. These ciphers are based on substitution permutation network structure. ULC is designed using the ULM method to increase efficiency, memory usage, and security. On the other hand, LICID is specifically designed for image data. In the ULC paper, the authors have given a full-round differential characteristic with a probability of $2^{-80}$. In the LICID paper, the authors have presented an 8-round differential characteristic with a probability of $2^{-112.66}$. In this paper, we present the 15-round ULC and the 14-round LICID differential characteristics of probabilities $2^{-45}$ and $2^{-40}$ respectively using the MILP model.

The interest shown by central banks in deploying Central Bank Digital Currency (CBDC) has spurred a blooming number of conceptually different proposals from central banks and academia. Yet, they share the common, transversal goal of providing citizens with an additional digital monetary instrument. Citizens, equipped with CBDC wallets, should have access to CBDC fund and defund operations that allow the distribution of CBDC from the central bank to citizens with the intermediation of commercial banks. Despite their key role in the CBDC deployment as acknowledged, e.g., by the European Central Bank, operations fund and defund have not been formally studied yet. In this state of affairs, this work strives to cryptographically define the problem of fund and defund of CBDC wallets as well as the security and privacy notions of interest. We consider a setting with three parties (citizen, commercial bank and central bank) and three ledgers: the CBDC ledger, the retail ledger (where citizens have their accounts with their commercial banks) and the wholesale ledger (where commercial banks have their accounts with the central bank). We follow a modular approach, initially defining the functionality of two types of ledgers: Basic Ledger (BL), which supports basic transactions, and Conditional Payment Ledger(CP), which additionally supports conditional transactions. We then use BL and CP to define the CBDC-Cash Environment (CCE) primitive, which captures the core functionality of operations fund and defund. We require that CCE satisfies balance security: either operation fund/defund is successful, or no honest party loses their funds. CCE also satisfies that fund/defund cannot be used to breach the privacy of the CBDC ledger. Finally, we provide two efficient and secure constructions for CCE to cover both CP and BL types of CBDC ledger. Our performance evaluation shows that our constructions impose small computation and communication overhead to the underlying ledgers. The modular design of CCE allows for the incorporation in our CCE constructions of any CBDC ledger proposal that can be proven a secure instance of CP or BL, enabling thereby a seamless method to provide CBDC fund and defund operations.

We introduce CorrGapCDH, the Gap Computational Diffie-Hellman problem in the multi-user setting with Corruptions. In the random oracle model, our assumption tightly implies the security of the authenticated key exchange protocols NAXOS in the eCK model and (a simplified version of) X3DH without ephemeral key reveal. We prove hardness of CorrGapCDH in the generic group model, with optimal bounds matching the one of the discrete logarithm problem.

We also introduce CorrCRGapCDH, a stronger Challenge-Response variant of our assumption. Unlike standard GapCDH, CorrCRGapCDH implies the security of the popular AKE protocol HMQV in the eCK model, tightly and without rewinding. Again, we prove hardness of CorrCRGapCDH in the generic group model, with (almost) optimal bounds.

Our new results allow implementations of NAXOS, X3DH, and HMQV without having to adapt the group sizes to account for the tightness loss of previous reductions. As a side result of independent interest, we also obtain modular and simple security proofs from standard GapCDH with tightness loss, improving previously known bounds.

This is an exciting opportunity to join the University of Birmingham’s Centre for Cyber Security and Privacy on the exciting projects "User-controlled hardware security anchors: evaluation and designs" and "SIPP - Secure IoT Processor Platform with Remote Attestation".

The position has scope for a variety of research activities, spanning trusted execution, hardware and embedded security, binary analysis, protocol design/analysis, and formal modelling. We are hence looking for a candidate with a PhD (or equivalent industry experience) in at least one of these areas.

The post-doc will be based at the Birmingham Centre for Cyber Security and Privacy, which was originally founded in 2005 as the Security and Privacy group and is now recognised as a Centre by the university since 2018. The Centre is a core part of the School of Computer Science, which was ranked 3rd in the UK-wide REF2021 for computer science research. Three out of the four REF2021 impact case studies came from the security group; all four were awarded the maximum grade of 4*. The centre currently has 12 permanent academics as well as approximately 20 postdocs/PhD students. We are recognised by the UK NCSC in partnership with EPSRC as an Academic Centre of Excellence in Cyber Security Research. We are part of the Research Institute in Secure Hardware and Embedded Systems funded by NCSC and EPSRC.

Full time starting salary is normally in the range £32,348 to £42,155, with potential progression once in post to £44,737 (Grade 7). The position comes with budget for travel and equipment.

Fixed term contract up to July 2024. We will encourage and support the successful candidate to apply for follow-up funding after the end of the fixed term.

Apply until 19th February 2023 using the following link: https://tinyurl.com/uobpostdoc

Closing date for applications:

Contact: Informal enquiries can be sent to Mark Ryan (m.d.ryan@bham.ac.uk) and David Oswald (d.f.oswald@bham.ac.uk). Full applications must be submitted via the above link, we cannot accept applications via email.

More information: https://edzz.fa.em3.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_6001/requisitions/preview/1170/?lastSelectedFacet=TITLES&selectedTitlesFacet=RES

As a research engineer in the Cyber Security chair you will establish and work in a state-of-the-art IoT (Internet of Things) lab with smart devices ranging from Raspberry Pi's, sensors, smart microphones, toy cars, RFID tags, RFID readers, smart phones, biometric sensors and you will work with world-leading researchers to implement, test, and showcase secure and privacy-preserving protocols and algorithms. Many projects are done in collaboration with other academic and industrial partners. More specifically, the job includes:

• Development and implementation of concepts and research results, both individually and in collaboration with researchers and PhD students,
• Run of experiments and simulation of realistic conditions to test the performance of developed algorithms and protocols,
• Development, maintenance and organization of software,
• Support to BSc, MSc and PhD students, postdocs and researchers who use the lab,
• Responsibility for day routines in the lab, for example purchases, installations, bookings, inventory,
• Demonstrations and lab tours for external visitors,
• Producing media content for our group web page and social media platforms.

The successful applicant is expected to hold or to be about to receive a M.Sc. degree in Computer Science, Electrical Engineering, Applied Mathematics or similar fields, preferably with a focus in Security and Privacy for Computer Science Systems.

• We are looking for a strongly motivated and self-driven person who is able to work and learn new things independently.
• Good command of English is required.
• You should have a good academic track record and well developed analytical and problem solving skills.
• Excellent programming skills and familiarity with cryptographic libraries.
• Previous experience in implementation projects with C++, Matlab/Simulink, Python is desired.

Closing date for applications:

Contact:
Eriane Breu, eriane.breu@unisg.ch (Administrative matters)
Prof. Katerina Mitrokotsa, katerina.mitrokotsa@unisg.ch (Research related questions)

More information: https://jobs.unisg.ch/offene-stellen/cryptography-engineer-m-w-d/61aac880-209c-41c9-b2dd-fb4fb4074ebe

The Digital Currency Research team at Visa Research is looking for outstanding research interns as part of our growing team in Palo Alto, California.

Our team is building the next generation of financial systems that rely on digital currencies, including decentralized cryptocurrencies like Bitcoin and Ethereum and semi-decentralized digital currencies like stablecoins, central bank digital currencies (CBDCs), and tokenized commercial bank deposits. Compared to traditional financial systems, these networks have significantly stronger resilience against cyberattacks, achieved by minimizing trust in various system components.

Past intern projects have included:

• Blockchain scalability, e.g., sharding (RapidChain) and light clients (FlyClient)
• Layer 2 scalability solutions, e.g., hub-based payment channels (UPC) and offline payments (OPS)
• Blockchain privacy, e.g., private smart contract transactions (Zether)
• Privacy-preserving auditability of large payment graphs (SPA)
• Privacy-preserving fraud detection using federated learning and multi-party computation

Basic Qualification

• Pursuing a Ph.D. in Computer Science or Computer Engineering, graduating December 2023 or later

Preferred Qualifications

• Research experience in one or more research areas related to blockchain, cryptography, and/or systems security
• Strong track record in research publications and impact in the research community
• Strong ability to collaborate
• Good team player and excellent interpersonal skills
• Good analytical and problem-solving skills

Closing date for applications:

Contact:

• Mahdi Zamani mzamani@visa.com
• Panos Chatzigiannis pchatzig@visa.com

More information: https://jobs.smartrecruiters.com/ni/Visa/3f9f072f-3f93-43c4-af03-ed492d9daf4b-phd-intern

We are looking for Research Scientist Interns to join the Statistics & Privacy team to advance cutting-edge applied research, focusing on Privacy Enhancing Technologies. Research Scientist Interns partner with our full-time Research Scientists to drive forward the research, prototypes and methodologies.

Challenges and intern projects include incorporating approaches such as multi-party computation, homomorphic encryption, trusted execution environments, differential privacy, and federated learning to develop privacy-focused solutions while maintaining performance at massive scale, including cryptographic protocols, algorithms & tooling for machine learning or analytics. Research projects may include developing new or improving existing privacy-preserving solutions for areas such as: private record linkage, privacy-preserving ML and analytics.

For more details and to apply: https://www.metacareers.com/jobs/881989909611952/

Closing date for applications:

Contact: Gaven Watson

More information: https://www.metacareers.com/jobs/881989909611952/

Akbarpour and Li (2020) formalized credibility as an auction desideratum where the auctioneer cannot benefit by implementing undetectable deviations from the promised auction and showed that, in the plain model, the ascending price auction with reserves is the only credible, strategyproof, revenue-optimal auction. Ferreira and Weinberg (2020) proposed the Deferred Revelation Auction (DRA) as a communication efficient auction that avoids the uniqueness results from (2020) assuming the existence of cryptographic commitments and as long as bidder valuations are MHR. They also showed DRA is not credible in settings where bidder valuations are $\alpha$-strongly regular unless $\alpha$ > 1. In this paper, we ask if blockchains allow us to design a larger class of credible auctions. We answer this question positively, by showing that DRA is credible even for $\alpha$-strongly regular distributions for all $\alpha$ > 0 if implemented over a secure and censorship-resistant blockchain. We argue ledgers provide two properties that limit deviations from a self-interested auctioneer. First, the existence of smart contracts allows one to extend the concept of credibility to settings where the auctioneer does not have a reputation — one of the main limitations for the definition of credibility from Akbarpour and Li (2020). Second, blockchains allow us to implement mechanisms over a public broadcast channel, removing the adaptive undetectable deviations driving the negative results of Ferreira and Weinberg (2020).

In a single secret leader election protocol (SSLE), one of the system participants is chosen and, unless it decides to reveal itself, no other participant can identify it. SSLE has a great potential in protecting blockchain consensus protocols against denial of service (DoS) attacks. However, all existing solutions either make strong synchrony assumptions or have expiring registration, meaning that they require elected processes to re-register themselves before they can be re-elected again. This, in turn, prohibits the use of these SSLE protocols to elect leaders in partially-synchronous consensus protocols as there may be long periods of network instability when no new blocks are decided and, thus, no new registrations (or re-registrations) are possible. In this paper, we propose Homomorphic Sortition -- the first asynchronous SSLE protocol with non-expiring registration, making it the first solution compatible with partially-synchronous leader-based consensus protocols.

Homomorphic Sortition relies on Threshold Fully Homomorphic Encryption (ThFHE) and is tailored to proof-of-stake (PoS) blockchains, with several important optimizations with respect to prior proposals. In particular, unlike most existing SSLE protocols, it works with arbitrary stake distributions and does not require a user with multiple coins to be registered multiple times. Our protocol is highly parallelizable and can be run completely off-chain after setup.

Some blockchains require a sequence of rounds to have non-repeating leaders. We define a generalization of SSLE, called Secret Leader Permutation (SLP) in which the application can choose how many non-repeating leaders should be output in a sequence of rounds and we show how Homomorphic Sortition also solves this problem.