IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
01 December 2023
Yi Wang, Rongmao Chen, Xinyi Huang, Moti Yung
ePrint ReportHere, we reformulate the sender-AME, present the notion of $\ell$-sender-AME and formalize the properties of (strong) security and robustness. Robustness refers to guaranteed delivery of duplicate messages to the intended receiver, ensuring that decrypting normal ciphertexts in an anamorphic way or decrypting anamorphic ciphertexts with an incorrect duplicate secret key results in an explicit abort signal. We first present a simple construction for pseudo-random and robust public key encryption that shares the similar idea of public-key stegosystem by von Ahn and Hopper (EUROCRYPT 2004). Then, inspired by Chen et al.'s malicious algorithm-substitution attack (ASA) on key encapsulation mechanisms (KEM) (ASIACRYPT 2020), we give a generic construction for hybrid PKE with special KEM that encompasses well-known schemes, including ElGamal and Cramer-Shoup cryptosystems.
The constructions of $\ell$-sender-AME motivate us to explore the relations between AME, ASA on PKE, and public-key stegosystem. The results show that a strongly secure $\ell$-sender-AME is such a strong primitive that implies reformulated receiver-AME, public-key stegosystem, and generalized ASA on PKE. By expanding the scope of sender-anamorphic encryption and establishing its robustness, as well as exploring the connections among existing notions, we advance secure communication protocols under challenging conditions.
29 November 2023
Zurich, Switzerland, 25 May - 26 May 2024
Event CalendarSubmission deadline: 16 February 2024
Notification: 30 March 2024
Microsoft Research, Redmond, WA
Job PostingWe are looking for creative thinkers, doers, and problem solvers, who are unafraid to venture outside their comfort zone to find solutions to difficult and messy real-world problems. If you are unsure whether you have appropriate background and match this description, we highly recommend applying anyway!
Apply now at: https://jobs.careers.microsoft.com/global/en/job/1639824
Closing date for applications:
Contact: Kim Laine (kim.laine@microsoft.com)
University of St.Gallen, Switzerland
Job PostingOur research interests are centered around information security and applied cryptography, with the larger goal of safeguarding communications and providing strong privacy guarantees. We are active in several areas, a subset of which include:
- Verifiable computation
- Secure, private and distributed aggregation
- Secure multi-party computation
- Privacy-preserving biometric authentication
- Anonymous credentials
- Distributed and privacy-preserving authentication
The starting date for the position is flexible and come with a very competitive salary. The selection process runs until the suitable candidate has been found. The University of St.Gallen conducts excellent research with international implications. The city of St.Gallen is located one hour from Zurich and offers a high quality of life.
Please apply by 10th December 2023 through the job portal (via link).
Closing date for applications:
Contact:
Please apply through the job portal (via link).
Eriane Breu (Administrative matters)
Prof. Katerina Mitrokotsa (Research related questions)
More information: https://jobs.unisg.ch/offene-stellen/postdoc-fellow-in-cryptography-information-security-m-f-d-m-w-d/831c6e8a-e191-48ec-92d5-320b2822a9ab
ENS Lyon, France
Job PostingThe candidate will be joining the Number Theory team of ENS de Lyon. They will benefit from the resources of AGATHA CRYPTY (travelling, equipment, organizing events, hiring interns...).
The candidate should hold a PhD degree in Mathematics or Computer Science. They should have a strong record related to any of the following research topics: number theory, computational number theory, lattice-based cryptography, isogeny-based cryptography.
Closing date for applications:
Contact: Benjamin Wesolowski. Candidates should apply at: https://emploi.cnrs.fr/Offres/CDD/UMR5669-BENWES-002/Default.aspx?lang=EN
More information: https://emploi.cnrs.fr/Offres/CDD/UMR5669-BENWES-002/Default.aspx?lang=EN
ÉPITA, Paris, France
Job PostingTeaching. The expected profile is a teacher-researcher capable of teaching the fundamentals of Computer Science (in the core curriculum of an engineering cycle in computer science), as well as specialized subjects close to his/her research themes (in the engineering cycle majors, in apprenticeship training, in the school's international Master's degree and/or Bachelor's degree in cybersecurity). The teaching load is approximately that of a university lecturer.
Research. We are recruiting to consolidate our teams and research areas in the following areas:
- Software and architecture security:
- Detection of security attacks (learning);
- Malware and reverse engineering;
- Cryptography;
- Systems:
- Operating systems and kernels;
- Cloud computing and virtualization;
- Embedded system.
The teacher-researcher's profile will fit into one of these three fields: mathematical computer science, fundamental computer science or applied computer science, a geeky and versatile profile being very welcome.
The "research" component is expected to account for around 45% of time, including participation in national and international research activities (review of articles, etc.). Research will be carried out within a local team and with external collaborators as appropriate. A dynamic approach to setting up and participating in collaborative projects and/or industrial contracts will be highly appreciated
Closing date for applications:
Contact: thierry.geraud@epita.fr
More information: https://www.lre.epita.fr/
Bosch Research, Renningen, Germany
Job PostingThus, we are looking for a highly motivated PhD candidate with a strong background and/or interest in applied cryptography. The successful candidate will:
- become a part of the team and advance research on MPC
- develop novel approaches to improve the practical efficiency of actively secure MPC protocols
- design efficient MPC protocols for diverse use-cases
- integrate the results into our Cabyne Stack open source MPC platform
- publish and present the results in top-tier journals and at conferences
- Education: Hold an M.Sc. degree (or equivalent) with excellent grades in IT security, computer science, mathematics, or a related field
- Experience and Knowledge: Strong background in (applied) cryptography with a particular focus on cryptographic protocols/MPC, including security models and basic security proof techniques. Good software development/programming skills and the motivation to integrate scientific results into Carbyne Stack.
- Personality and Working Practice: Self-motivated and enthusiastic, independent, reliable, creative, and able to work in an international team with diverse background
- Language: Fluent English language skills
Closing date for applications:
Contact: Informal inquiries can be made to Christoph Bösch (christoph.boesch (at) de.bosch.com). Formal applications must be submitted through: https://smrtr.io/hmG3C
University of St.Gallen, Switzerland
Job PostingThe student is expected to work on topics that include security and privacy issues in authentication. More precisely, the student will be working on investigating efficient and privacy-preserving authentication that provides: i) provable security guarantees, and ii) rigorous privacy guarantees.
Key Responsibilities:
- Perform exciting and challenging research in the domain of information security and cryptography.
- Support and assist in teaching computer security and cryptography courses.
- The PhD student is expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics.
- Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial.
- Excellent programming skills.
- Excellent written and verbal communication skills in English
The starting date for the position is flexible and come with a very competitive salary. The selection process runs until the suitable candidate has been found.
Please apply by 10th December 2023 through the job portal (via link).
Closing date for applications:
Contact:
Please apply through the job portal (via link).
Eriane Breu (Administrative matters)
Prof. Katerina Mitrokotsa (Research related questions)
28 November 2023
Suvradip Chakraborty, Lorenzo Magliocco, Bernardo Magri, Daniele Venturi
ePrint ReportWe achieve this result by sanitizing the PAKE protocol from oblivious transfer (OT) due to Canetti et al. (PKC'12) via cryptographic reverse firewalls in the UC framework (Chakraborty et al., EUROCRYPT'22). This requires new techniques, which help us uncover new cryptographic primitives with sanitation-friendly properties along the way (such as OT, dual-mode cryptosystems, and signature schemes).
As an additional contribution, we delve deeper in the backbone of communication required in the subversion-resilient UC framework, extending it to the unauthenticated setting, in line with the work of Barak et al. (CRYPTO'05).
Yibiao Lu, Bingsheng Zhang, Kui Ren
ePrint ReportCéline Chevalier, Paul Hermouet, Quoc-Huy Vu
ePrint ReportJiaqi Liu, Fang-wei Fu
ePrint ReportAbel C. H. Chen
ePrint ReportGilles Macario-Rat, Jacques Patarin, Benoit Cogliati, Jean-Charles Faugère, Pierre-Alain Fouque, Louis Gouin, Robin Larrieu, Brice Minaud
ePrint ReportIn this note, we explain the attack in the specific case of VOX, we detail the complexity, and show that as Furue and Ikematsu indicated, the attack can be completely avoided by adding one more constraint on the parameter selection. Finally, we show that this constraint does not increase the sizes of the public keys or signature.
27 November 2023
Aleksei Udovenko
ePrint ReportNils Fleischhacker, Gottfried Herold, Mark Simkin, Zhenfei Zhang
ePrint ReportIn this work, we consider multi-signatures in the synchronized setting, where the signing algorithm takes an additional time parameter as input and it is only required that signatures for the same time step are aggregatable. The synchronized setting is simpler than the general multi-signature setting, but is sufficient for most blockchain related applications, as signers are naturally synchronized by the length of the chain.
We present Chipmunk, a concretely efficient lattice-based multi-signature scheme in the synchronized setting that allows for signing an a-priori bounded number of messages. Chipmunk allows for non-interactive aggregation of signatures and is secure against rogue-key attacks. The construction is plausibly secure against quantum adversaries as our security relies on the assumed hardness of the short integer solution problem.
We significantly improve upon the previously best known construction in this setting by Fleischhacker, Simkin, and Zhang (CCS 2022). Our aggregate signature size is $5.6 \times$ smaller and for $112$ bits of security our construction allows for compressing 8192 individual signatures into a multi-signature of size around $136$ KB. We provide a full implementation of Chipmunk and provide extensive benchmarks studying our construction's efficiency.
Carmit Hazay, Muthuramakrishnan Venkitasubramaniam, Mor Weiss
ePrint ReportIn this work, we extend the MPC-in-the-Head paradigm to game-based cryptographic primitives supporting homomorphic computations (e.g., fully-homomorphic encryption, functional encryption, randomized encodings, homomorphic secret sharing, and more). Specifically, we present a simple yet generic compiler from these primitives to ZKPs which use the underlying primitive as a black box. We also generalize our paradigm to capture commit-and-prove protocols, and use it to devise tight black-box compilers from Interactive (Oracle) Proofs to ZKPs, assuming One-Way Functions (OWFs).
We use our paradigm to obtain several new ZKP constructions:
1. The first ZKPs for NP relations $\mathcal{R}$ computable in (polynomial-time uniform) $NC^1$, whose round complexity is bounded by a fixed constant (independent of the depth of $\mathcal{R}$'s verification circuit), with communication approaching witness length (specifically, $n\cdot poly\left(\kappa\right)$, where $n$ is the witness length, and $\kappa$ is a security parameter), assuming DCR. Alternatively, if we allow the round complexity to scale with the depth of the verification circuit, our ZKPs can make black-box use of OWFs.
2. Constant-round ZKPs for NP relations computable in bounded polynomial space, with $O\left(n\right)+o\left(m\right)\cdot poly\left(\kappa\right)$ communication assuming OWFs, where $m$ is the instance length. This gives a black-box alternative to a recent non-black-box construction of Nassar and Rothblum (CRYPTO`22).
3. ZKPs for NP relations computable by a logspace-uniform family of depth-$d\left(m\right)$ circuits, with $n\cdot poly\left(\kappa,d\left(m\right)\right)$ communication assuming OWFs. This gives a black-box alternative to a result of Goldwasser, Kalai and Rothblum (JACM).
Romain Gay, Bogdan Ursu
ePrint ReportJulien Jainsky, David Naccache, Bassem Ouni, Ofer Yifrach-Stav
ePrint ReportWe combine several existing technologies to achieve the stated goal. The building-blocks used are inherent physical randomness generated during the packaging process, artificial vision, short digital signatures and QR-codes.