IACR News
If you have a news item you wish to distribute, they should be sent to the communications secretary. See also the events database for conference announcements.
Here you can see all recent updates to the IACR webpage. These updates are also available:
16 June 2023
University of St.Gallen, Switzerland
Our research interests are centered around information security and applied cryptography, with the larger goal of safeguarding communications and providing strong privacy guarantees. We are active in several areas, a subset of which include:
- Verifiable computation
- Secure, private and distributed aggregation
- Secure multi-party computation
- Privacy-preserving biometric authentication
- Anonymous credentials
- Distributed and privacy-preserving authentication
The starting date for the position is flexible and come with a very competitive salary. The selection process runs until the suitable candidate has been found. The University of St.Gallen conducts excellent research with international implications. The city of St.Gallen is located one hour from Zurich and offers a high quality of life.
Please apply by 30th June 2023 through the job portal (via link).
Closing date for applications:
Contact: https://jobs.unisg.ch/offene-stellen/postdoc-fellow-in-cryptography-information-security-m-f-d/25ddb9d0-5c47-41ac-8bde-5789dbaca5c4
More information: https://jobs.unisg.ch/offene-stellen/postdoc-fellow-in-cryptography-information-security-m-f-d/25ddb9d0-5c47-41ac-8bde-5789dbaca5c4
University of St.Gallen, Switzerland
The student is expected to work on topics that include security and privacy issues in authentication. More precisely, the student will be working on investigating efficient and privacy-preserving authentication that provides: i) provable security guarantees, and ii) rigorous privacy guarantees.
Key Responsibilities:
- Perform exciting and challenging research in the domain of information security and cryptography.
- Support and assist in teaching computer security and cryptography courses.
- The PhD student is expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics.
- Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial.
- Excellent programming skills.
- Excellent written and verbal communication skills in English
The starting date for the position is flexible and come with a very competitive salary. The selection process runs until the suitable candidate has been found.
Please apply by 30th June 2023 through the job portal (via link).
Closing date for applications:
Contact: https://jobs.unisg.ch/offene-stellen/funded-phd-student-in-applied-cryptography-privacy-preserving-authentication-m-w-d/2e2030aa-7e9a-497f-b4f9-c33c47ba06c7
More information: https://jobs.unisg.ch/offene-stellen/funded-phd-student-in-applied-cryptography-privacy-preserving-authentication-m-w-d/2e2030aa-7e9a-497f-b4f9-c33c47ba06c7
Norwegian University of Science and Technology (NTNU), Trondheim
We are calling for a PhD Candidate position (4 years) that wants to obtain a doctoral degree and contribute to ongoing research in cryptography engineering at our crypto-group.
Relevant research problems for this position are in the context of real-world quantum-safe algorithms:
- Creating tools and methods for analysing hardware/software cryptographic implementations, including machine-learning tools.
- Physical side-channel analysis and testing of embedded devices performing cryptographic functions.
- Techniques for realizing cryptographic hardware concerned with physical side-channels.
Responsibilities include:
- Conduct collaborative research within the problem area of real-world cryptography as described above
- Contribute to the cryptography engineering laboratory at the department
- Co-supervise master students relevant to this research activity
Your main supervisor will be Professor Stig Frode Mjølsnes and co-supervisor will be Associate Professor Tjerand Silde at the Department of Information Security and Communication Technology in Trondheim, Norway.
Please see the URL for the complete call text.
Closing date for applications:
Contact: Prof. Stig F. Mjølsnes (sfm@ntnu.no) Closing date: Sept. 15, 2023.
More information: https://www.jobbnorge.no/en/available-jobs/job/246480/phd-candidate-in-cryptography-engineering
Indian Institute of Technology Bhilai, Raipur, INDIA
Title of the project:
HideAndSeek: Searchable Encryption for Financial Databases
Essential qualifications: Bachelor’s degree in Computer Science/Information Technology/Electrical Engineering/Electronics and Communications Engineering from a recognized University or equivalent.
Desirable: Preference will be given to candidates who have qualified GATE or CSIR-UGC NET and have working experience relevant to the project. Candidates with expertise in the following are strongly encouraged to apply:
1) Expertise in Python/C++/Java
2) Expertise in NoSQL and distributed databases such as MongoDB, Cassandra, Riak, etc.
3) Some familiarity with Cryptographic primitives
Closing date for applications:
Contact: 
Dr. Dhiman Saha, CSE, IIT Bhilai
Dr. Subhajit Siddhanta, CSE, IIT Bhilai
More information: https://iitbhilai.ac.in/index.php?pid=adv_feb23_01
15 June 2023
Patrick Hough, Caroline Sandsbråten, Tjerand Silde
In this work we present an efficient electronic voting scheme from lattice assumptions, ensuring the long-term security of encrypted ballots and voters' privacy. The scheme relies on the NTRU and RLWE assumptions. We begin by conducting an extensive analysis of the concrete hardness of the NTRU problem. Extending the ternary-NTRU analysis of Ducas and van Woerden (ASIACRYPT 2021), we determine the concrete fatigue point of NTRU to be $q=0.0058\cdot\sigma^2\cdot d^{\: 2.484}$ (above which parameters become overstretched) for modulus $q$, ring dimension $d$, and secrets drawn from a Gaussian of parameter $\sigma$. Moreover, we demonstrate that the nature of this relation enables a more fine-grained choice of secret key sizes, leading to more efficient parameters in practice.
Using the above analysis, our second and main contribution is to significantly improve the efficiency of the state-of-the-art lattice-based voting scheme by Aranha et al. (ACM CCS 2023). Replacing the BGV encryption scheme with NTRU we obtain a factor $\times 5.3$ reduction in ciphertext size and $\times 2.6$ more efficient system overall, making the scheme suitable for use in real-world elections.
As an additional contribution, we analyse the (partially) blind signature scheme by del Pino and Katsumata (CRYPTO 2022). We note that the NTRU security is much lower than claimed and propose new parameters. This results in only a minor efficiency loss, enabled by our NTRU analysis where previous parameter selection techniques would have been much more detrimental.
Abtin Afshar, Kai-Min Chung, Yao-Ching Hsieh, Yao-Ting Lin, Mohammad Mahmoody
In this work, we revisit time-lock puzzles in a quantum world by allowing the parties to use quantum computing and, in particular, access the random oracle in quantum superposition. An interesting setting is when the puzzle generator is efficient and classical, while the solver (who might be an entity developed in the future) is quantum powered and is supposed to need a long sequential time to succeed. We prove that in this setting there is no construction of time-lock puzzles solely from quantum (accessible) random oracles. In particular, for any $n$-query classical puzzle generator, our attack only asks $O(n)$ (also classical) queries to the random oracle, even though it does indeed run in quantum polynomial time if the honest puzzle solver needs quantum computing.
Assuming perfect completeness, we also show how to make the above attack run in exactly $n$ rounds while asking a total of $m\cdot n$ queries where $m$ is the query complexity of the puzzle solver. This is indeed tight in the round complexity, as we also prove that a classical puzzle scheme of Mahmoody et al. is also secure against quantum solvers who ask $n-1$ rounds of queries. In fact, even for the fully classical case, our attack quantitatively improves the total queries of the attack of Mahmoody et al. for the case of perfect completeness from $\Omega(mn \log n)$ to $mn$. Finally, assuming perfect completeness, we present an attack in the ``dual'' setting in which the puzzle generator is quantum while the solver is classical.
We then ask whether one can extend our classical-query attack to the fully quantum setting, in which both the puzzle generator and the solver could be quantum. We show a barrier for proving such results unconditionally. In particular, we show that if the folklore simulation conjecture, first formally stated by Aaronson and Ambainis [arXiv'2009] is false, then there is indeed a time-lock puzzle in the quantum random oracle model that cannot be broken by classical adversaries. This result improves the previous barrier of Austrin et. al [Crypto'22] about key agreements (that can have interactions in both directions) to time-lock puzzles (that only include unidirectional communication).
Sree Vivek S, S. Sharmila Deva Selvi, Ramarathnam Venkatesan, C. Pandu Rangan
Jonathan Bootle, Alessandro Chiesa, Katerina Sotiraki
A recent line of works seeks to address this limitation, by constructing quantum-safe succinct arguments that exploit lattice-based commitments. The eventual goal is smaller proof sizes than those achieved via the Merkle-tree paradigm. Alas, known constructions lack succinct verification. In this paper, we construct the first interactive argument system for NP with succinct verification that, departing from the Merkle-tree paradigm, exploits the homomorphic properties of lattice-based commitments. For an arithmetic circuit with N gates, our construction achieves verification time polylog(N) based on the hardness of the Ring Short-Integer-Solution (RSIS) problem.
The core technique in our construction is a delegation protocol built from commitment schemes based on leveled bilinear modules, a new notion that we deem of independent interest. We show that leveled bilinear modules can be realized from pre-quantum and from post-quantum cryptographic assumptions.
Roberto Avanzi, Subhadeep Banik, Orr Dunkelman, Maria Eichlseder, Shibam Ghosh, Marcel Nageler, Francesco Regazzoni
The resulting cipher offers competitive latency and area in HW implementations.
Some of our results may be of independent interest. This includes new MILP models of certain classes of diffusion matrices, the comparative analysis of a full reflection cipher against an iterative half-cipher, and our boomerang attack framework.
Claude Carlet, Enrico Piccione
Alessandro Gecchele
14 June 2023
Nicolas Aragon, Victor Dyseryn, Philippe Gaborit
Kaartik Bhushan, Venkata Koppula, Manoj Prabhakaran
Christoph Dobraunig, Bart Mennink
Ben Nassi, Etay Iluz, Or Cohen, Ofek Vayner, Dudi Nassi, Boris Zadov, Yuval Elovici
Marco Cianfriglia, Elia Onofri, Marco Pedicini
Koji Nuida
Jitendra Bhandari, Likhitha Mankali, Mohammed Nabeel, Ozgur Sinanoglu, Ramesh Karri, Johann Knechtel
Satrajit Ghosh, Mark Simkin
In this work, we construct protocols with a quasilinear dependency on $t$ from simple assumptions like additively homomorphic encryption and oblivious transfer. All existing approaches, including ours, rely on protocols for computing a single bit, which indicates whether the intersection is larger than $n-t$ without actually computing it. Our key technical contribution, which may be of independent interest, takes any such protocol with secret shared outputs and communication complexity $\mathcal{O}(\lambda \ell \cdot\mathrm{poly}(t))$, where $\lambda$ is the security parameter, and transforms it into a protocol with communication complexity $\mathcal{O}(\lambda^2 \ell t \cdot\mathrm{polylog}(t))$.
Nils Fleischhacker, Kasper Green Larsen, Maciej Obremski, Mark Simkin
We present new constructions of IBLTs that are simultaneously more space efficient and require less randomness. For storing $n$ elements with a failure probability of at most $\delta$, our data structure only requires $\mathcal{O}(n + \log(1/\delta)\log\log(1/\delta))$ space and $\mathcal{O}(\log(\log(n)/\delta))$-wise independent hash functions.
As a key technical ingredient we show that hashing $n$ keys with any $k$-wise independent hash function $h:U \to [Cn]$ for some sufficiently large constant $C$ guarantees with probability $1 - 2^{-\Omega(k)}$ that at least $n/2$ keys will have a unique hash value. Proving this is highly non-trivial as $k$ approaches $n$. We believe that the techniques used to prove this statement may be of independent interest.
