IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
24 October 2023
Universitat Rovira i Virgili; Tarragona, Spain
Job Posting- secret sharing schemes and information theory,
- side-channels attacks,
- acceleration of cryptographic primitives.
The successful candidates will be employed on a full-time contract starting at the beginning of 2024. The contract is for 2 years. The application deadline is November 25, 2023.
More details at https://crises-deim.urv.cat/web/positions
Closing date for applications:
Contact: Oriol Farràs (oriol.farras@urv.cat)
More information: https://crises-deim.urv.cat/web/positions
University of Waterloo
Job PostingClosing date for applications:
Contact: Anwar Hasan
Monash University; Melbourne, Australia
Job Posting- Post-quantum cryptography (based on lattices and/or hash) and its applications e.g. to blockchain
- Privacy-enhancing technologies (e.g. zero-knowledge proofs) and their applications
- highly competitive tuition fee and stipend scholarships
- opportunities to collaborate with leading academic and industry experts in the related areas
- opportunities to participate in international grant-funded projects
- collaborative and friendly research environment
- an opportunity to live/study in one of the most liveable and safest cities in the world
Requirements. Strong mathematical and cryptography backgrounds are required. Some knowledge/experience in coding (for example, Python, C/C++, and/or SageMath) is a plus. Candidates must have completed (or be about to complete within the next 6 months) a significant research component either as part of their undergraduate (honours) degree or masters degree. They should have excellent English verbal and written communication skills.
How to apply. Please fill out the following form (also clickable from the advertisement title): https://docs.google.com/forms/d/e/1FAIpQLSetFZLvDNug5SzzE-iH97P9TGzFGkZB-ly_EBGOrAYe3zUYBw/viewform?usp=sf_link
Closing date for applications:
Contact: Ron Steinfeld
More information: https://docs.google.com/forms/d/e/1FAIpQLSetFZLvDNug5SzzE-iH97P9TGzFGkZB-ly_EBGOrAYe3zUYBw/viewform?usp=sf_link
New Jersey Institute of Technology, Newark, NJ, USA
Job Posting- Tenure-track positions in cybersecurity
- Tenure-track position in all areas of computer science
We aim to hire at the rank of Assistant Professor, but exceptional candidates at higher ranks will also be considered. Candidates with doctorates from top worldwide institutions are especially welcome to apply.
NJIT is a Carnegie R1 Doctoral University (Very High Research Activity), with $167M research expenditures in FY22. The Computer Science Department has 31 tenured/tenure track faculty, with eight NSF CAREER, one DARPA Young Investigator, and one DoE Early Career awardees. The Computer Science Department enrolls over 3,200 students at all levels across eleven programs of study and takes part, alongside the Departments of Informatics and Data Science, in the Ying Wu College of Computing (YWCC). YWCC comprises has an enrollment of more than 4,700 students in computing disciplines, and graduates over 1,000 computing professionals every year; as such, it is the largest producer of computing talent in the tri-state (NY, NJ, CT) area.
To formally apply for the position, please submit your application materials at https://academicjobsonline.org/ajo/jobs/25687. NJIT recognizes the importance of Diversity, Equity, and Inclusion (DEI) in academia and society at large. Candidates who have a track record in DEI are requested to also submit an optional Diversity Statement. Applications received by December 31, 2023 will receive full consideration. However, applications are reviewed until all the positions are filled. Contact address for inquiries: cs-faculty-search@njit.edu.
Closing date for applications:
Contact: Reza Curtmola
More information: https://academicjobsonline.org/ajo/jobs/25687
Monash University, Melbourne, Australia
Job PostingClosing date for applications:
Contact: Rafael Dowsley Email: rafael.dowsley@monash.edu
23 October 2023
Orestis Chardouvelis, Vipul Goyal, Aayush Jain, Jiahui Liu
ePrint Report* The entire protocol (including key generation and verification of deletion) uses merely classical communication between a classical leaser (client) and a quantum lessee (server).
* Assuming standard assumptions, our security definition ensures that every computationally bounded quantum adversary could only simultaneously provide a valid classical deletion certificate and yet distinguish ciphertexts with at most negligible probability.
Our security relies on the hardness of learning with errors assumption. Our scheme is the first scheme to be based on a standard assumption and satisfying the two properties mentioned above.
The main technical novelty in our work is the design of an FHE scheme that enables us to apply elegant analyses done in the context of classically verifiable proofs of quantumness from LWE (Brakerski et. al.(FOCS'18, JACM'21) and its parallel amplified version in Radian et. al.(AFT'21)) to the setting of secure leasing. This connection leads to a modular construction and arguably simpler proofs than previously known. An important technical component we prove along the way is an amplified quantum search-to-decision reduction: we design an extractor that uses a quantum distinguisher (who has an internal quantum state) for decisional LWE, to extract secrets with success probability amplified to almost one. This technique might be of independent interest.
Tingfei Feng
ePrint ReportHenry Corrigan-Gibbs, David J. Wu
ePrint ReportHan-Ting Chen, Yi-Hua Chung, Vincent Hwang, Bo-Yin Yang
ePrint ReportMeng Hao, Weiran Liu, Liqiang Peng, Hongwei Li, Cong Zhang, Hanxiao Chen, Tianwei Zhang
ePrint ReportIn this work, we put forth efficient constructions for unbalanced circuit-PSI with sublinear communication complexity in the size of the larger set. The main insight is that we formalize unbalanced circuit-PSI as obliviously retrieving values corresponding to keys from a set of key-value pairs. To this end, we present a new functionality called Oblivious Key-Value Retrieval (OKVR) and design the OKVR protocol from a new notion called sparse Oblivious Key-Value Stores (sparse OKVS). We conduct extensive experiments and the results show that our constructions remarkably outperform the state-of-the-art circuit-PSI schemes (EUROCRYPT'19, PETs'22, CCS'22), i.e., $1.84 \sim 48.86 \times$ communication improvement and $1.50 \sim39.81 \times$ faster computation. Very recently, Son and Jeong (AsiaCCS'23) also present unbalanced circuit-PSI protocols, and our constructions outperform them by $1.18 \sim 15.99 \times$ and $1.22 \sim 10.44 \times$ in communication and computation overhead, respectively, depending on set sizes and network environments.
Michele Orrù, Stefano Tessaro, Greg Zaverucha, Chenzhi Zhu
ePrint ReportThis notion generalizes common approaches to designing blind signatures, which can be seen as the special case of proving "knowledge of a signing key", and extends the seminal work of Camenisch and Stadler ('97). We propose a provably secure construction of oblivious proofs, focusing on discrete-logarithm representation equipped with AND-composition.
We also give three applications of our framework. First, we give a publicly verifiable version of the classical Diffie-Hellman based Oblivious PRF. This yields new constructions of blind signatures and publicly verifiable anonymous tokens. Second, we show how to "upgrade" keyed-verification anonymous credentials (Chase et al., CCS'14) to also be concurrently secure blind signatures on the same set of attributes. Crucially, our upgrade maintains the performance and functionality of the credential in the keyed-verification setting, we only change issuance. We observe that the existing issuer proof that the credential is well-formed may be verified by anyone; creating it with our framework makes it a blind signature, adding public verifiability to the credential system. Finally, we provide a variation of the U-Prove credential system that is provably one-more unforgeable with concurrent issuance sessions. This constitutes a fix for the attack illustrated by Benhamouda et al. (EUROCRYPT'21).
Beyond these example applications, as our results are quite general, we expect they may enable modular design of new primitives with concurrent security, a goal that has historically been challenging to achieve.
Jelle Don, Serge Fehr, Yu-Hsuan Huang, Patrick Struck
ePrint ReportIn this work, we show the following negative results regarding the non-resignability property in general, and the BUFF transform in particular. In the plain model, we observe by means of a simple attack that any signature scheme for which the message has a high entropy given the signature does not satisfy the non-resignability property (while non-resignability is trivially not satisfied if the message can be efficiently computed from its signature). Given that the BUFF transform has high entropy in the message given the signature, it follows that the BUFF transform does not achieve non-resignability whenever the random oracle is instantiated with a hash function, no matter what hash function.
When considering the random oracle model (ROM), the matter becomes slightly more delicate since prior works did not rigorously define the non-resignability property in the ROM. For the natural extension of the definition to the ROM, we observe that our impossibility result still holds, despite there having been positive claims about the non-resignability of the BUFF transform in the ROM. Indeed, prior claims of the non-resignability of the BUFF transform rely on faulty argumentation.
On the positive side, we prove that a salted version of the BUFF transform satisfies a slightly weaker variant of non-resignability in the ROM, covering both classical and quantum attacks, if the entropy requirement in the (weakened) definition of non-resignability is statistical; for the computational variant, we show yet another negative result.
Yang Li, Wei Wang, Dawei Zhang, Xu Han
ePrint ReportSamuele Andreoli, Enrico Piccione, Lilya Budaghyan, Pantelimon Stănică, Svetla Nikova
ePrint ReportZuodong Wu, Dawei Zhang, Yong Li, Xu Han
ePrint ReportRei Ueno, Hiromichi Haneda, Naofumi Homma, Akiko Inoue, Kazuhiko Minematsu
ePrint ReportZhengjun Cao, Lihua Liu
ePrint ReportXiuhan Lin, Moeto Suzuki, Shiduo Zhang, Thomas Espitau, Yang Yu, Mehdi Tibouchi, Masayuki Abe
ePrint ReportIn this paper, we show that Peregrine is no exception, by demonstrating a practical key recovery attack against it. We observe that the support of Peregrine signatures is a hidden transformation of some public distribution and still leaks information about the signing key. By adapting the parallelepiped-learning technique of Nguyen and Regev (Eurocrypt 2006), we show that the signing key can be recovered from a relatively small number of signatures. The learning technique alone yields an approximate version of the key, from which we can recover the exact key using a decoding technique due to Thomas Prest (PKC 2023).
For the reference implementation (resp. the official specification version) of Peregrine-512, we fully recover the secret key with good probability in a few hours given around 25,000 (resp. 11 million) signature samples.
20 October 2023
Announcement
Our heartfelt sympathy and support go out to our members everywhere who are affected by that attack, and to all those who are suffering its ongoing consequences.
Approved by the IACR board of directors, October 18, 2023