International Association
for Cryptologic Research

Secure communication is gained by combining encryption with authentication. In real-world applications encryption commonly takes the form of KEM-DEM hybrid encryption, which is combined with ideal authentication. The pivotal question is how weak the employed key encapsulation mechanism (KEM) is allowed to be to still yield universally composable (UC) secure communication when paired with symmetric encryption and ideal authentication. This question has so far been addressed for public-key encryption (PKE) only, showing that encryption does not need to be stronger than sender-binding CPA, which binds the CPA secure ciphertext non-malleably to the sender ID. For hybrid encryption, prior research unanimously reaches for CCA2 secure encryption which is unnecessarily strong. Answering this research question is vital to develop more efficient and feasible protocols for real-world secure communication and thus enable more communication to be conducted securely. In this paper we use ideas from the PKE setting to develop new answers for hybrid encryption. We develop a new and significantly weaker security notion—sender-binding CPA for KEMs—which is still strong enough for secure communication. By using game-based notions as building blocks, we attain secure communication in the form of ideal functionalities with proofs in the UC-framework. Secure communication is reached in both the classic as well as session context by adding authentication and one-time/replayable CCA secure symmetric encryption respectively. We furthermore provide an efficient post-quantum secure LWE-based construction in the standard model giving an indication of the real-world benefit resulting from our new security notion. Overall we manage to make significant progress on discovering the minimal security requirements for hybrid encryption components to facilitate secure communication.

In permissioned digital currencies such as Central Bank Digital Currencies (CBDCs), data disclosure is essential for gathering aggregated statistics about the transactions and activities of the users. These statistics are later used to set regulations. Differential privacy techniques have been proposed to preserve individuals’ privacy while still making aggregative statistical analysis possible. Recently, privacy-preserving payment systems fit for CBDCs have been proposed. While preserving the privacy of the sender and recipient, they also prevent any insightful learning from their data. Thus, they are ill-qualified to be incorporated with a system that mandates publishing statistical data. We show that differential privacy and privacy-preserving payments can coexist even if one of the participating parties (i.e., the user or the data analyst) is malicious. We propose a modular scheme that incorporates verifiable local differential privacy techniques into a privacy-preserving payment system. Thus, although the noise is added directly by the user (i.e., the data subject), we prevent her from manipulating her response and enforce the integrity of the noise generation via a novel protocol.

This article presents and explains methodologies that can be employed to recover information from encrypted files generated by ransomware based on cryptanalytic techniques. By using cryptanalysis and related knowledge as much as possible, the methodology's goal is to use static and dynamic analysis as little as possible. We present three case studies that illustrate different approaches that can be used to recover the encrypted data.

Since the proposal of Bitcoin in 2008, the world has seen accelerated growth in the field of blockchain and discovered its potential to immensely transform most industries, one of the first and most important being finance. The blockchain trilemma states that blockchains can have security, scalability, and decentralization, but never all three at the same time, in the same amount. At the moment, the most successful blockchains have a lack of scalability that researchers and developers try to alleviate by solutions like layer 2s. Most of these solutions rely on cryptographic primitives and technologies, like collision-free hash function or zero-knowledge proofs. In this paper we explore a few of the most popular solutions available now, their improvements to scalability, their drawbacks and security risks.

Back in the 90s when the notion of malware first appeared, it was clear that the behaviour and purpose of such software should be closely analysed, such that systems all over the world should be patched, secured and ready to prevent other malicious activities to be happening in the future. Thus, malware analysis was born. In recent years, the rise of malware of all types, for example trojan, ransowmare, adware, spyware and so on, implies that deeper understanding of operating systems, attention to the details and perseverance are just some of the traits any malware analyst should have in their bag. With Windows being the worldwide go-to operating system, Windows' executable files represent the perfect way in which malware can be disguised to later be loaded and produce damage. In this paper we highlight how ciphers like Vigen\`ere cipher or Caesar cipher can be extended to more complex classes, such that, when later broken, ways of decrypting malware payloads, that are disguised in Windows executable files, are found. Alongside the theoretical information present in this paper, based on a dataset provided by our team at Bitdefender, we describe our implementation on how the key to decryption of such payloads can be found, what techniques are present in our approach, how optimization can be done, what are the pitfalls of this implementation and, lastly, open a discussion on how to tackle these pitfalls.

Financial applications have historically required strong security guarantees. These can be achieved in a digital world via cryptographic tools but have traditionally been employed to provide authenticity and privacy for data exchanged between clients and financial institutions over insecure networks (e.g. the Internet). However, the recent advent of cryptocurrencies and smart contract platforms, based on blockchains, allowed financial transactions to be carried out over a public ledger, instead of keeping such transactions exclusive to private institutions. This introduced a new challenge: Allowing any third party to verify the validity of financial operations by means of public records on a blockchain, while keeping sensitive data private. Advanced cryptographic techniques such as Zero Knowledge (ZK) proofs rose to prominence as a solution to this challenge, allowing for the owner of sensitive information (e.g. the identities of users involved in an operation) to provide unforgeable evidence that a certain operation has been correctly executed without revealing said sensitive data. Moreover, once the Fintech community discovered the power of such advanced techniques, it also became clear that performing arbitrary computation on private data by means of secure Multiparty Computation (MPC), and related techniques like Fully Homomorphic Encryption (FHE), would allow more powerful financial applications, also in traditional finance, involving sensitive data from multiple sources. In this survey, we present an overview of the main Privacy-Enhancing Technologies (PETs) available in the state of the art of current advanced cryptographic research and how they can be used to address challenges in both traditional and decentralized finance. In particular, we consider the following classes of applications: 1. Identity Management, KYC & AML; 2. Legal; 3. Digital Asset Custody; and 4. Markets & Settlement. We examine how ZK proofs, MPC and related PETs have been used to tackle challenges in each of these applications. Finally, we propose future applications of PETs as Fintech solutions to currently unsolved issues. While we present a broad overview, we focus mainly on those applications that require privacy preserving computation on data from multiple parties.

The current article provides a new deterministic hash function $\mathcal{H}$ to almost any elliptic curve $E$ over a finite field $\mathbb{F}_{\!q}$, having an $\mathbb{F}_{\!q}$-isogeny of degree $3$. Since $\mathcal{H}$ just has to compute a certain Lucas sequence element, its complexity always equals $O(\log(q))$ operations in $\mathbb{F}_{\!q}$ with a small constant hidden in $O$. In comparison, whenever $q \equiv 1 \ (\mathrm{mod} \ 3)$, almost all previous hash functions need to extract at least one square root in $\mathbb{F}_{\!q}$. Over the field $\mathbb{F}_{\!q}$ of $2$-adicity $\nu$ this amounts to $O(\log(q) + \nu^2)$ operations in $\mathbb{F}_{\!q}$ for the Tonelli--Shanks algorithm and $O(\log(q) + \nu^{3/2})$ ones for the recent Sarkar algorithm. A detailed analysis shows that $\mathcal{H}$ is several times faster than earlier state-of-the-art hash functions to the curve NIST P-224 (for which $\nu = 96$) from the American standard NIST SP 800-186.

Homomorphic encryption (HE) allows for computations on encrypted data without requiring decryption. HE is commonly applied to outsource computation on private data. Due to the additional risks caused by data outsourcing, the ability to recover from losses is essential, but doing so on data encrypted under an HE scheme introduces additional challenges for recovery and usability. This work introduces X-Cipher, which aims to make HE data resilient by ensuring it is private and fault-tolerant simultaneously at all stages during data-outsourcing. X-Cipher allows for data recovery without decryption, and maintains its ability to recover and keep data private when a cluster server has been compromised. X-Cipher allows for reduced ciphertext storage overhead by introducing novel encoding and leveraging previously introduced ciphertext packing. X-Cipher's capabilities were evaluated on synthetic dataset, and compared to prior work to demonstrate X-Cipher enables additional security capabilities while enabling privacy-preserving outsourced computations.

In this work, we will give new attacks on the pseudorandomness of algebraic pseudorandom number generators (PRGs) of polynomial stretch. Our algorithms apply to a broad class of PRGs and are in the case of general local PRGs faster than currently known attacks. At the same time, in contrast to most algebraic attacks, subexponential time and space bounds will be proven for our attacks without making any assumptions of the PRGs or assuming any further conjectures. Therefore, we yield in this text the first subexponential distinguishing attacks on PRGs from constant-degree polynomials and close current gaps in the subexponential cryptoanalysis of lightweight PRGs.

Concretely, against PRGs $F : \mathbb{Z}_q^{n} \rightarrow \mathbb{Z}_q^{m}$ that are computed by polynomials of degree $d$ over a field $\mathbb{Z}_q$ and have a stretch of $m = n^{1+e}$ we give an attack with space and time complexities $n^{O(n^{1 - \frac{e}{d-1}})}$ and noticeable advantage $1 - {O(n^{1 - \frac{e}{d-1}}/{q})}$, if $q$ is large. If $F$ is of constant locality $d$ and $q$ is constant, we construct a second attack that has a space and time complexity of $n^{O(\log(n)^{\frac{1}{(q-1)d-1}} \cdot n^{1 - \frac{e}{(q-1)d-1}})}$ and noticeable advantage $1-O((\log(n)/n^e)^{\frac{1}{(q-1)d-1}})$.

One of the main security challenges white-box cryptography needs to address is side-channel security. To this end, designers aim to eliminate the dependence between variables and sensitive data. Classical countermeasures to do so are masking schemes. Nevertheless, most masking schemes are not designed to thwart the other main security threat : fault attacks. Thus, we aimed to build a masking scheme that could combine resistance to both of these types of attacks. In this paper, we present our new generic fault resistant masking scheme using BCH error-correcting codes, as well as the design choices behind it.

The Computer Science and Engineering Department at the University of North Texas (UNT) has multiple tenure track Assistant and Associate position openings. The department plans to contribute to the college priorities by hiring faculty who can strengthen or complement our existing strength areas of Cybersecurity, Algorithms and Computational Science, Artificial Intelligence/Machine Learning and Data Science, Bioinformatics, Computer Architectures, Computer Networking, Embedded Systems, Operating Systems, and Software Engineering.

Closing date for applications:

Contact: Please contact Drs. Stephanie Ludi (stephanie.ludi@unt.edu) or Kirill Morozov (kirill.morozov@unt.edu) for any inquiries.

More information: https://jobs.untsystem.edu/postings/68591

We are looking for passionate Post-docs to work on the ERC Advanced Grant project "PARQ: Lattices in a Parallel and Quantum World". The project aims at studying the best parallel and quantum algorithms for lattice problems, and proposing automated tools to select safe parameters for lattice-based cryptography. It is hosted by the Inria cryptography team Cascade, located at ENS in downtown Paris. (see https://crypto.di.ens.fr/web2py ) The ideal candidates should have a PhD degree from a leading university, and a proven record of lattice-related publications in top venues. We offer a competitive salary and a budget for conference travel and research visits. We have access to computer clusters. Positions can be filled from April 1st, 2023. If you're interested, please send by June 1st, 2023: • Your curriculum vitae • Your two best publications • Research statement • Reference letters if possible

Closing date for applications:

Contact: Phong Nguyen ( Phong.Nguyen at inria.fr )

More information: https://jobs.inria.fr/public/classic/en/offres/2022-05411

Event date: 9 June 2023
Submission deadline: 28 February 2023
Notification: 31 March 2023

Event date: 28 February to 2 March 2023

We are looking for multiple PhD students and PostDocs working on cryptographic primitives and protocols enabling privacy, accountability, and transparency in real-world application scenarios.

A solid background in provable security is required (for PhD students: successfully attended courses or a master’s thesis on the subject). Experiences with secure multi-party computation or UC-based security are a plus. For PostDocs, a track record in research on privacy-preserving protocols is expected, including publications at reputable conferences such as Crypto, Eurocrypt, ACM CCS, PETS, etc.

You will be a member of the KASTEL Security Research Labs (https://zentrum.kastel.kit.edu). Your research will be dealing with privacy-preserving cryptographic building blocks and protocols for important application scenarios and result in both theoretical security concepts (protocol designs, security models and proofs, etc.) and their efficient implementation. You will have the opportunity to regularly visit other reputable research institutions for IT security and cryptography such as the University of Luxembourg.

As the positions should be filled as soon as possible, your application will be evaluated promptly. If you are interested, please send an email including your CV and a list of publications (for PostDocs) to andy.rupp@partner.kit.edu.

Closing date for applications:

Contact: Andy Rupp (andy.rupp@partner.kit.edu, PI at KASTEL)

There is a vacancy for up to 2 positions as PhD Research Fellow in Informatics – Cryptology at the Department of Informatics, University of Bergen, Norway. Both positions are funded by the university and are for a fixed-term period of 4 years.

Potential work tasks include:

• Statistical and algebraic cryptanalysis of modern block and stream ciphers
• Cryptanalysis of lattice-based postquantum cryptography protocols
• Construction of cryptographically optimal functions and related objects

Other closely related topics may be considered.

The working environment for this position will be at the Selmer Center in Secure Communication. The Selmer Center is one of the top ICT research groups with main research in areas of sequence design, coding theory, cryptology, Boolean functions, information security, and quantum information theory.

The candidate should have the following qualifications:

• A master's degree or equivalent education in mathematics, computer science, or a related area
• Experience with general-purpose programming languages
• Knowledge of discrete mathematics, linear algebra and probability theory
• Knowledge of cryptographic schemes and protocols
• Proficiency in both written and oral English

We can offer:

• a good and professionally stimulating working environment
• salary as PhD research fellow (code 1017) in the state salary scale
• enrolment in the Norwegian Public Service Pension Fund
• good welfare benefits

Application deadline: March 1, 2023

To apply and for more information: https://www.jobbnorge.no/en/available-jobs/job/236961/phd-research-fellow-in-informatics-cryptology-up-to-2-positions

Closing date for applications:

Contact: Nikolay Kaleyski, Department of Informatics, University of Bergen, Norway (firstname.surname@uib.no)

More information: https://www.jobbnorge.no/en/available-jobs/job/236961/phd-research-fellow-in-informatics-cryptology-up-to-2-positions

The lightweight block ciphers ULC and LICID are introduced by Sliman et al. (2021) and Omrani et al. (2019) respectively. These ciphers are based on substitution permutation network structure. ULC is designed using the ULM method to increase efficiency, memory usage, and security. On the other hand, LICID is specifically designed for image data. In the ULC paper, the authors have given a full-round differential characteristic with a probability of $2^{-80}$. In the LICID paper, the authors have presented an 8-round differential characteristic with a probability of $2^{-112.66}$. In this paper, we present the 15-round ULC and the 14-round LICID differential characteristics of probabilities $2^{-45}$ and $2^{-40}$ respectively using the MILP model.

The interest shown by central banks in deploying Central Bank Digital Currency (CBDC) has spurred a blooming number of conceptually different proposals from central banks and academia. Yet, they share the common, transversal goal of providing citizens with an additional digital monetary instrument. Citizens, equipped with CBDC wallets, should have access to CBDC fund and defund operations that allow the distribution of CBDC from the central bank to citizens with the intermediation of commercial banks. Despite their key role in the CBDC deployment as acknowledged, e.g., by the European Central Bank, operations fund and defund have not been formally studied yet. In this state of affairs, this work strives to cryptographically define the problem of fund and defund of CBDC wallets as well as the security and privacy notions of interest. We consider a setting with three parties (citizen, commercial bank and central bank) and three ledgers: the CBDC ledger, the retail ledger (where citizens have their accounts with their commercial banks) and the wholesale ledger (where commercial banks have their accounts with the central bank). We follow a modular approach, initially defining the functionality of two types of ledgers: Basic Ledger (BL), which supports basic transactions, and Conditional Payment Ledger(CP), which additionally supports conditional transactions. We then use BL and CP to define the CBDC-Cash Environment (CCE) primitive, which captures the core functionality of operations fund and defund. We require that CCE satisfies balance security: either operation fund/defund is successful, or no honest party loses their funds. CCE also satisfies that fund/defund cannot be used to breach the privacy of the CBDC ledger. Finally, we provide two efficient and secure constructions for CCE to cover both CP and BL types of CBDC ledger. Our performance evaluation shows that our constructions impose small computation and communication overhead to the underlying ledgers. The modular design of CCE allows for the incorporation in our CCE constructions of any CBDC ledger proposal that can be proven a secure instance of CP or BL, enabling thereby a seamless method to provide CBDC fund and defund operations.

We introduce CorrGapCDH, the Gap Computational Diffie-Hellman problem in the multi-user setting with Corruptions. In the random oracle model, our assumption tightly implies the security of the authenticated key exchange protocols NAXOS in the eCK model and (a simplified version of) X3DH without ephemeral key reveal. We prove hardness of CorrGapCDH in the generic group model, with optimal bounds matching the one of the discrete logarithm problem.

We also introduce CorrCRGapCDH, a stronger Challenge-Response variant of our assumption. Unlike standard GapCDH, CorrCRGapCDH implies the security of the popular AKE protocol HMQV in the eCK model, tightly and without rewinding. Again, we prove hardness of CorrCRGapCDH in the generic group model, with (almost) optimal bounds.

Our new results allow implementations of NAXOS, X3DH, and HMQV without having to adapt the group sizes to account for the tightness loss of previous reductions. As a side result of independent interest, we also obtain modular and simple security proofs from standard GapCDH with tightness loss, improving previously known bounds.

This is an exciting opportunity to join the University of Birmingham’s Centre for Cyber Security and Privacy on the exciting projects "User-controlled hardware security anchors: evaluation and designs" and "SIPP - Secure IoT Processor Platform with Remote Attestation".

The position has scope for a variety of research activities, spanning trusted execution, hardware and embedded security, binary analysis, protocol design/analysis, and formal modelling. We are hence looking for a candidate with a PhD (or equivalent industry experience) in at least one of these areas.

The post-doc will be based at the Birmingham Centre for Cyber Security and Privacy, which was originally founded in 2005 as the Security and Privacy group and is now recognised as a Centre by the university since 2018. The Centre is a core part of the School of Computer Science, which was ranked 3rd in the UK-wide REF2021 for computer science research. Three out of the four REF2021 impact case studies came from the security group; all four were awarded the maximum grade of 4*. The centre currently has 12 permanent academics as well as approximately 20 postdocs/PhD students. We are recognised by the UK NCSC in partnership with EPSRC as an Academic Centre of Excellence in Cyber Security Research. We are part of the Research Institute in Secure Hardware and Embedded Systems funded by NCSC and EPSRC.

Full time starting salary is normally in the range £32,348 to £42,155, with potential progression once in post to £44,737 (Grade 7). The position comes with budget for travel and equipment.

Fixed term contract up to July 2024. We will encourage and support the successful candidate to apply for follow-up funding after the end of the fixed term.

Apply until 19th February 2023 using the following link: https://tinyurl.com/uobpostdoc

Closing date for applications:

Contact: Informal enquiries can be sent to Mark Ryan (m.d.ryan@bham.ac.uk) and David Oswald (d.f.oswald@bham.ac.uk). Full applications must be submitted via the above link, we cannot accept applications via email.

More information: https://edzz.fa.em3.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_6001/requisitions/preview/1170/?lastSelectedFacet=TITLES&selectedTitlesFacet=RES