IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
22 February 2023
Dan Boneh, Jiaxin Guan, Mark Zhandry
ePrint ReportFabio Banfi, Konstantin Gegier, Martin Hirt, Ueli Maurer
ePrint ReportIn this work, we identify two definitional limitations of Persiano et al.'s original model. First, they require anamorphic keys and key-pairs to be generated together, so a first modification we propose is to decouple the two processes. We allow for the extension of a regular PKE scheme to an anamorphic one to be possible on the fly, even after the public key of the regular scheme is already in use. Second, in their model the receiver cannot distinguish whether or not a ciphertext contains a covert message, so we propose a natural robustness notion which states that when anamorphically decrypting a regularly encrypted message, the receiver explicitly sees that no covert message is contained. This also eliminates certain attacks possible for the original definition.
Regarding new constructions, we first propose a generic anamorphic extension that achieves robustness for any PKE scheme, but requires synchronization of sender and receiver. We then define a natural property of a PKE scheme, selective randomness recoverability, which allows for a robust anamorphic extension even for unsynchronized parties. We show that the well-established schemes of ElGamal and Cramer-Shoup satisfy this condition. Finally, we propose a generic transformation of any non-robust anamorphic extension into a robust one, and apply it to a synchronized anamorphic extension for RSA-OAEP.
21 February 2023
Paul Rösler, Daniel Slamanig, Christoph Striecks
ePrint ReportIn this work, we aim to gain better efficiency without sacrificing security. For this, we observe that applications like messaging only need a restricted variant of HIBE for strong security. This variant, that we call Unique-Path Identity Based Encryption (UPIBE), restricts HIBE by requiring that each secret key can delegate at most one subordinate secret key. However, in contrast to fixed secret key delegation in Forward-Secure Public Key Encryption, the delegation in UPIBE, as in HIBE, is uniquely determined by variable identity strings from an exponentially large space. We investigate this mild but surprisingly effective restriction and show that it offers substantial complexity and performance advantages.
More concretely, we generically build bounded-depth UPIBE from only bounded-collusion IBE in the standard model; and we generically build adaptive unbounded-depth UPIBE from only selective bounded-depth HIBE in the random oracle model. These results significantly extend the range of underlying assumptions and efficient instantiations. We conclude with a rigorous performance evaluation of our UPIBE design. Beyond solving challenging open problems by reducing complexity and improving efficiency of KU-KEM and strongly secure messaging protocols, we offer a new definitional perspective on the bounded-collusion setting.
Qian Guo, Thomas Johansson, Vu Nguyen
ePrint ReportManuel Barbosa, Gilles Barthe, Christian Doczkal, Jelle Don, Serge Fehr, Benjamin Grégoire, Yu-Hsuan Huang, Andreas Hülsing, Yi Lee, Xiaodi Wu
ePrint ReportJulien Devevey, Pouria Fallahpour, Alain Passelègue, Damien Stehlé
ePrint ReportIn this work, we emphasize that combining random oracles with loop iterations induces numerous technicalities for analyzing correctness, run-time, and security of the resulting schemes, both in the bounded and unbounded case. As a first contribution, we put light on errors in all existing analyses. We then provide two detailed analyses in the QROM for the bounded case, adapted from Kiltz et al. [EUROCRYPT'18] and Grilo et al. [ASIACRYPT'21]. In the process, we prove the underlying $\Sigma$-protocol to achieve a stronger zero-knowledge property than usually considered for $\Sigma$-protocols with aborts, which enables a corrected analysis. A further contribution is a detailed analysis in the case of unbounded aborts, the latter inducing several additional subtleties.
Céline Chevalier, Paul Hermouet, Quoc-Huy Vu
ePrint ReportAndre Esser, Rahul Girme, Arindam Mukherjee, Santanu Sarkar
ePrint ReportHowever, these combinatorial attacks suffer enormous memory requirements, which render them inefficient in realistic attack scenarios and, hence, make their general consideration when assessing security questionable. Therefore, more memory-efficient substitutes for these algorithms are needed. In this work, we provide new combinatorial algorithms for recovering small max norm LWE secrets using only a polynomial amount of memory. We provide analyses of our algorithms for secret key distributions of current NTRU, Kyber and Dilithium variants, showing that our new approach outperforms previous memory-efficient algorithms. For instance, considering uniformly random ternary secrets of length $n$ we improve the best known time complexity for polynomial memory algorithms from $2^{1.063n}$ down-to $2^{0.926n}$. We obtain even larger gains for LWE secrets in $\{-m,\ldots,m\}^n$ with $m=2,3$ as found in Kyber and Dilithium. For example, for uniformly random keys in $\{-2,\ldots,2\}^n$ as is the case for Dilithium we improve the previously best time from $2^{1.742n}$ down-to $2^{1.282n}$.
Our fastest algorithm incorporates various different algorithmic techniques, but at its heart lies a nested collision search procedure inspired by the Nested-Rho technique from Dinur, Dunkelman, Keller and Shamir (Crypto 2016). Additionally, we heavily exploit the representation technique originally introduced in the subset sum context to make our nested approach efficient.
Vittorio Zaccaria
ePrint ReportMunawar Hasan, Donghoon Chang
ePrint ReportBaptiste Lambin, Gregor Leander, Patrick Neumann
ePrint ReportWe then apply our findings to the notion of alignment, pointing out that the previous definition allows for primitives that are both aligned and unaligned simultaneously. As a second result, we present experimental data that shows that alignment might only have limited impact. For this, we compare aligned and unaligned versions of the cipher PRESENT.
Corentin Jeudy, Adeline Roux-Langlois, Olivier Sanders
ePrint ReportCharlotte Hoffmann, Pavel Hubáček, Chethan Kamath, Krzysztof Pietrzak
ePrint ReportOur approach is based on a cryptographic primitive called Proof of Exponentiation (PoE) which, for a group $\mathbb{G}$, certifies that a tuple $(x,y,T)\in\mathbb{G}^2\times\mathbb{N}$ satisfies $x^{2^T}=y$ (Pietrzak, ITCS 2019 and Wesolowski, J. Cryptol. 2020). In particular, we show how to adapt Pietrzak's PoE at a moderate additional cost to make it a cryptographically-sound certificate of non-primality.
Keegan Ryan, Nadia Heninger
ePrint ReportCryptoExperts, Paris, France
Job PostingThe community is divided on how to assess the security of cryptographic implementations. From practitioners’ perspective, they need to be confronted with concrete side-channel attacks directly on embedded devices. Conversely, theorists consider that such an empirical approach is not portable and does not yield concrete security levels (e.g., not all attacks can be tested). Therefore, they instead investigate security proofs based on abstract leakage models, although the latter are often too far removed from reality to yield practical security.
The combination of both worlds with a toolbox to generate and verify cryptographic implementations with practical security is the topic of an ERC starting project that is hosted by CryptoExperts. As a member of this project, the candidate will work on the design of new compilers to turn any high-level algorithm into an efficient implementation proven secure for identified concrete devices.
Starting date: around September 2023 (flexible)
Duration: 3 years
Closing date for applications:
Contact: Sonia Belaïd
More information: https://www.cryptoexperts.com/sbelaid/2023_offre-these-erc.pdf
Newcastle University, School of Computing, Newcastle Upon Tyne, United Kingdom
Job PostingWe are seeking an outstanding, highly motivated and enthusiastic PhD student to conduct research related to quantum cyber security. Rapid development of quantum computers poses serious risks to data and communication security. Quantum and post-quantum cryptography technologies provide means to tackle these challenges. In this adventurous experimental PhD project, we will be working on a hybrid solution combining the two technologies.
The successful applicant will be experimentally developing quantum light sources in atomically thin graphene-like materials (Nobel Prize 2010) suitable for quantum communication applications. The PhD student will also be developing hybrid post-quantum secure cryptography protocols based on the experimental outcomes.
The project will involve nanofabrication, optical and electron transport measurements, scanning probe microscopy, instrumentation development and collaborations with academia and industry.
The student will be part of the School of Mathematics, Statistics and Physics with its world-class measurement facilities and cleanrooms, and the Secure and Resilient Systems Research Group part of the accredited centre of excellence in cyber security research, one of only 19 accredited centres of excellence in the UK.
Eligibility Criteria: You must have, or expect to gain, a minimum 2:1 Honours degree or international equivalent in Physics or Materials Science. Solid knowledge of quantum physics and familiarity with Cryptography and Cyber Security are required.
Closing date for applications:
Contact:
Dr Aleksey Kozikov (aleksey.kozikov@newcastle.ac.uk)
Dr Essam Ghadafi (Essam.Ghadafi@newcastle.ac.uk)PhD studentship in Applied Cryptography: Post-Quantum Secure Confidentiality-Preserving Security Ass
Newcastle University, School of Computing, Newcastle Upon Tyne, United Kingdom
Job PostingInterested in cryptographically assuring the security of computer systems in a post-quantum age?
Confidentiality-preserving security assurance establishes the capacity to certify and prove in security properties of complex system, while keeping details of the system confidential. While the field has advanced in recent years with new digital signature schemes and solution proposals that bind security assurance to underlying hardware attestation, all existing solutions have in common that they can be broken by adversaries with access to a scalable quantum computer. Experts, however, predict that such computing capacity will become available within the next decade. Hence, it will be crucial to establish post-quantum secure confidentiality preserving security assurance.
How can we establish new digital signature schemes that are post-quantum secure and that can realize confidentiality preserving security assurance? What zero-knowledge proof of knowledge techniques will serve us in this environment? How can we prove the security of these schemes with respect to hard mathematical problems secure in face of quantum adversaries?
Applicants should have a strong background in computer science and experience with cryptography. High motivation for independent theoretical/computational work is essential.
Newcastle University Centre of Research Excellence in Cyber Security and Resilience is a cross-faculty environment with 135 members, recognized as a national Academic Centre of Excellence in Cyber Security Research (ACE-CSR). The topic Post-Quantum Secure Confidentiality-Preserving Security Assurance is hosted in the Secure and Resilient Systems Group.
Eligibility Criteria You must have, or expect to gain, a minimum 2:1 Honours degree or international equivalent in a subject relevant to the proposed PhD project (cyber security & resilience, advanced computer science, cryptography). A strong mathematical background is desirable.
Closing date for applications:
Contact:
Prof Thomas Gross (Thomas.gross@newcastle.ac.uk)
Dr Essam Ghadafi (Essam.Ghadafi@newcastle.ac.uk)More information: https://www.findaphd.com/phds/project/phd-studentship-in-applied-cryptography-post-quantum-secure-confidentiality-preserving-security-assurance/?p155500
Newcastle University, School of Computing, Newcastle Upon Tyne, United Kingdom
Job PostingWe are seeking a highly motivated PhD student to conduct research related to the design of novel provably secure lightweight (hardware-based) cryptographic solutions for authentication and authorization to secure zero-trust networks. The aim is to strengthen security in zero-trust networks by giving devices and users fine-grained control over their resources via designing efficient modular solutions.
You will be part of the Secure and Resilient Systems Research Group part of the accredited centre of excellence in cyber security research, one of only 19 accredited centres of excellence in the UK. You will be working with researchers from both the School of Computing and the School of Engineering.
The supervisory team has strong track records and expertise in cryptography, hardware security, cyber security, and electronic systems design.
You must have, or expect to gain, a minimum 2:1 Honours degree or international equivalent in Computer Science or related subject. Familiarity with and interest in cryptography and cyber security is required.
Closing date for applications:
Contact: Dr Essam Ghadafi (Essam.Ghadafi@newcastle.ac.uk)
KETS Quantum Security
Job PostingClosing date for applications:
Contact: careers@kets-quantum.com
More information: https://ketsquantum.livevacancies.co.uk/#/job/details/29?target=frame
Taiga Hiroka, Fuyuki Kitagawa, Tomoyuki Morimae, Ryo Nishimaki, Tapas Pal, Takashi Yamakawa
ePrint ReportIn this work, we define certified everlasting secure versions of FE, compute-and-compare obfuscation, predicate encryption (PE), secret-key encryption (SKE), public-key encryption (PKE), receiver non-committing encryption (RNCE), and garbled circuits. We also present the following constructions:
- Adaptively certified everlasting secure collusion-resistant public-key FE for all polynomial-size circuits from indistinguishability obfuscation and one-way functions.
- Adaptively certified everlasting secure bounded collusion-resistant public-key FE for $\mathsf{NC}^1$ circuits from standard PKE.
- Certified everlasting secure compute-and-compare obfuscation from standard fully homomorphic encryption and standard compute-and-compare obfuscation
- Adaptively (resp., selectively) certified everlasting secure PE from standard adaptively (resp., selectively) secure attribute-based encryption and certified everlasting secure compute-and-compare obfuscation. - Certified everlasting secure SKE and PKE from standard SKE and PKE, respectively.
- Certified everlasting secure RNCE from standard PKE.
- Certified everlasting secure garbled circuits from standard SKE.