IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
16 July 2023
TU Wien Informatics, Vienna, Austria
Job PostingYour profile:
- Master degree in computer science or equivalent (degree completion by employment start)
- Background in security/blockchain is a plus
- Excellent English, communication, and teamwork skills
- Conducting world-class research in the design and analysis of scaling protocols for blockchains
- Engaging in research collaborations
- Contributing to teaching blockchain technologies on Masters-level
- The Security and Privacy group is internationally renowned, regularly publishes in top security venues, and consists of an international, diverse team with expertise in cryptography, security, privacy, and game theory
- An international English-speaking environment (German not required)
- Personal/professional development, flexible hours
- Central workplace location (U1/U2/U4 Karlsplatz)
- Creative environment in a top-ranked city in livability
- A competitive salary
The application material should include:
- Motivation letter
- Bachelor/Master’s transcripts
- Publication list (if available)
- Curriculum vitae
- Contact information for two referees
Closing date for applications:
Contact: Interested candidates should send the application material to Matteo Maffei (matteo.maffei@tuwien.ac.at) and Georgia Avarikioti (georgia.avarikioti@tuwien.ac.at). Applications received by August 15th will receive full consideration, but applications will be accepted until the position is filled.
Mysten Labs
Job PostingMysten is looking for a Software Engineer who is interested in cryptographic protocols and their application to blockchain. This person would work with us to design, check and implement mission-critical algorithms on range of topics including; cryptographic primitives such as pairing-based cryptography, distributed cryptographic protocols such as signature aggregation and distributed key generation, and zero-knowledge building blocks such as vector commitments and accumulators. They would then put this cryptography into practice in order to realize the scalability required by the next generation of blockchain networks.
What You'll Have:
Closing date for applications:
Contact: Please navigate to our job posting if you wish to apply: https://jobs.ashbyhq.com/mystenlabs/a3d0da5b-b3cb-45db-9aa8-dc89ba0cee5e
More information: https://jobs.ashbyhq.com/mystenlabs/a3d0da5b-b3cb-45db-9aa8-dc89ba0cee5e
12 July 2023
University of Birmingham, UK
Job PostingThe University of Birmingham's School of Computer Science continues to thrive during a period of sustained growth. We are inviting applications for full professorial positions [1]. If you are a leader with a passion for computer science (and in particular Cyber Security), this is an extraordinary opportunity to shape the future of our academic community.
Areas of interest include (but are not limited to) systems security, artificial intelligence, network/web security, as well as formal methods and cryptography.
As part of the University of Birmingham, you will have access to state-of-the-art facilities, world-class research centres (in particular the Centre for Cyber Security and Privacy [2]), and a growing network of academic and industry collaborations. Our commitment to diversity and inclusion ensures an inclusive and welcoming environment for all.
The deadline for applications is 30 July 2023. Please note that we reserve the right to close this vacancy early once a sufficient number of applications have been received.
[1] https://www.jobs.ac.uk/job/DBD093/chair-in-computer-science-school-of-computing-science-4-positions-102099
[2] https://www.birmingham.ac.uk/research/centre-for-cyber-security-and-privacy/index.aspx
Closing date for applications:
Contact: For further information, please contact Aad van Moorsel, a.vanmoorsel@bham.ac.uk. For informal enquiries regarding the Centre for Cyber Security and Privacy, please contact David Oswald (d.f.oswald@bham.ac.uk) and Mark Ryan (m.d.ryan@bham.ac.uk).
More information: https://www.jobs.ac.uk/job/DBD093/chair-in-computer-science-school-of-computing-science-4-positions-102099
NXP Semiconductors Gratkorn/Austria, Hamburg/Germany, Delft & Eindoven Netherlands
Job Posting• Software security assessment of SoC/IC security architectures and security scope specifications
• Plan, track and execute process, specification as well as software implementation reviews
• Assessment of software security robustness and effectiveness of security mechanisms
• Work with engineering teams and security engineers to innovate solutions to security-related problems
• Manage the NXP’s software secure development lifecycle (SSDLC) applied on product developments to minimize security risks
• Work on continuous improvements to keep up with state-of-the-art security technologies
• Refine software security best practices to assure and efficient and effective application
• Provide consultation on specific areas of security expertise and on the application of the SSDLC
To ensure your successful performance in this role, the following is desired
• Finished a BSEE or MSEE preferred in Security Engineering or Software Engineering
• Have good understanding of embedded software design, programming, documentation, and testing
• Have experience in the design and development of secure software, focus on embedded systems or complete solutions
• Have experience in the security concept/design, thread analysis, risk/threat modelling and mitigation strategies
• Have professional knowledge of software languages (C, Java, Java Card, Python, Rust)
• Knowledge of security compliance and certification processes would be an advantage
• Be familiar with "state of the art" software tools, CI/CD, secure software engineering processes, IoT solutions and service (depending on area of expertise)
• Have excellent communication skills, are willing to listen and adapt
• Are a collaborator with strong soft skills, ideally experienced in multicultural and global working environment
Closing date for applications:
Contact:
Veronika von Hepperger
Senior Talent Acquisition Specialist
(veronika.vonhepperger@nxp.com)
Nillion
Job PostingClosing date for applications:
Contact: Roisin Kavanagh, Head of People and Talent.
More information: https://apply.workable.com/nillion/j/CD9D0CFCD3/
11 July 2023
Liliya Akhmetzyanova, Alexandra Babueva, Andrey Bozhko
ePrint ReportIn this paper we study whether Streebog, a Russian standardized hash function, can instantiate a random oracle from that point of view. We prove that Streebog is indifferentiable from a random oracle under an ideal cipher assumption for the underlying block cipher.
Mohamed ElGhamrawy, Melissa Azouaoui, Olivier Bronchain, Joost Renes, Tobias Schneider, Markus Schönauer, Okan Seker, Christine van Vredendaal
ePrint ReportShah Fahd, Mehreen Afzal, Waseem Iqbal, Dawood Shah, Ijaz Khalid
ePrint ReportMuhammad Haris Mughees, Ling Ren
ePrint ReportAlexander R. Block, Albert Garreta, Jonathan Katz, Justin Thaler, Pratyush Ranjan Tiwari, Michal Zajac
ePrint ReportWe obtain our first result by analyzing the round-by-round (RBR) soundness and RBR knowledge soundness of FRI. For the second result, we prove that if a $\delta$-correlated protocol is RBR (knowledge) sound under the assumption that adversaries always send low-degree polynomials, then it is RBR (knowledge) sound in general. Equipped with this tool, we prove our third result by formally showing that "Plonk-like" protocols are RBR (knowledge) sound under the assumption that adversaries always send low-degree polynomials. We then outline analogous arguments for the remainder of the aforementioned protocols.
To the best of our knowledge, ours is the first formal analysis of the Fiat-Shamir security of FRI and widely deployed protocols that invoke it.
Christian Badertscher, Mahdi Sedaghat, Hendrik Waldner
ePrint ReportIn this work, we present such a solution. We show how to enforce complex policies while offering strong privacy and anonymity guarantees by enhancing the notion of policy-compliant signatures (PCS) introduced by Badertscher, Matt and Waldner (TCC'21). In more detail, we first define the notion of unlinkable PCS (ul-PCS) and show how this cryptographic primitive can be generically integrated with a wide range of systems including UTxO-based ledgers, privacy-preserving protocols like Monero or Zcash, and central-bank digital currencies. We give a generic construction for ul-PCS for any policy, and optimized constructions tailored for special policy classes, such as role-based policies and separable policies.
To bridge the gap between theory and practice, we provide prototype implementations for all our schemes. We give the first benchmarks for policy-compliant signatures in general, and demonstrate their feasibility for reasonably sized attribute sets for the special cases.
Nadim Kobeissi
ePrint ReportDuckyZip is the first provably honest URL shortening service which cannot selectively provide different "long URLs" to different parties undetected. DuckyZip uses a combination of Verifiable Random Function (VRF) constructions and a smart contract in order to provide a URL shortening service with strong security guarantees: despite the transparency of the smart contract log, observers cannot feasibly create a mapping of all short URLs to long URLs that is faster than classical enumeration.
Ben Nassi, Ofek Vayner, Etay Iluz, Dudi Nassi, Or Hai Cohen, Jan Jancar, Daniel Genkin, Eran Tromer, Boris Zadov, Yuval Elovici
ePrint ReportMarkulf Kohlweiss, Mahak Pancholi, Akira Takahashi
ePrint ReportThe factoring of SIM-EXT into KS + WUR + TLZK is becoming a cornerstone of the analysis of non-malleable SNARK systems. We show how to prove WUR and TLZK for PIOP compiled SNARKs under mild falsifiable assumptions on the polynomial commitment scheme. This means that the analysis of knowledge soundness from PIOP properties that inherently relies on non-falsifiable or idealized assumption such as the algebraic group model (AGM) or generic group model (GGM) need not be repeated.
While the proof of WUR requires only mild assumptions on the PIOP, TLZK is a different matter. As perfectly hiding polynomial commitments sometimes come at a substantial performance premium, SNARK designers prefer to employ deterministic commitments with some leakage. This results in the need for a stronger zero-knowledge property for the PIOP.
The modularity of our approach implies that any analysis improvements, e.g. in terms of tightness, credibility of the knowledge assumption and model of the KS analysis, or the precision of capturing real-world optimizations for TLZK also benefits the SIM-EXT guarantees.
Jieyi Long
ePrint ReportZhengjun Cao, Lihua Liu
ePrint ReportErnesto Dominguez Fiallo, Pablo Freyre Arrozarena, Luis Ramiro Piñeiro
ePrint ReportSofía Celi, Alex Davidson, Hamed Haddadi, Gonçalo Pestana, Joe Rowell
ePrint ReportGal Arnon, Alessandro Chiesa, Eylon Yogev
ePrint ReportOur main technical contribution is a high-soundness small-query proximity test for the Reed-Solomon code. We construct an IOP of proximity for Reed-Solomon codes, over a field $\mathbb{F}$ with evaluation domain $L$ and degree $d$, with perfect completeness, soundness error (roughly) $\max\{1-\delta , O(\rho^{1/4})\}$ for $\delta$-far functions, round complexity $O(\log \log d)$, proof length $O(|L|/\rho)$ over $\mathbb{F}$, and query complexity $O(\log \log d)$; here $\rho = (d+1)/|L|$ is the code rate. En route, we obtain a new high-soundness proximity test for bivariate Reed-Muller codes.
The IOP for NP is then obtained via a high-soundness reduction from NP to Reed-Solomon proximity testing with rate $\rho = 1/poly(n)$ and distance $\delta = 1-1/poly(n)$ (and applying our proximity test). Our constructions are direct and efficient, and hold the potential for practical realizations that would improve the state-of-the-art in real-world applications of IOPs.