IACR News
If you have a news item you wish to distribute, they should be sent to the communications secretary. See also the events database for conference announcements.
Here you can see all recent updates to the IACR webpage. These updates are also available:
17 January 2024
Darius Mercadier, Viet Sang Nguyen, Matthieu Rivain, Aleksei Udovenko
This work introduces OBSCURE, a versatile framework for practical and cryptographically strong software obfuscation relying on a simple stateless secure element (to be embedded, for example, in a protected hardware chip or a token). Based on the foundational result by Goyal et al. from TCC 2010, our scheme enjoys provable security guarantees, and further focuses on practical aspects, such as efficient execution of the obfuscated programs, while maintaining simplicity of the secure element. In particular, we propose a new rectangular universalization technique, which is also of independent interest. We provide an implementation of OBSCURE taking as input a program source code written in a subset of the C programming language. This ensures usability and a broad range of applications of our framework. We benchmark the obfuscation on simple software programs as well as on cryptographic primitives, hence highlighting the possible use cases of the framework as an alternative to pure software-based white-box implementations.
Loïc Demange, Mélissa Rossi
Moumita Dutta, Chaya Ganesh, Neha Jawalkar
We then use our succinct-verifier CSP to construct a zero-knowledge argument for circuit satisfiability (under the discrete logarithm assumption in bilinear groups) in the updatable Structured Reference String (SRS) setting that achieves $O(\log n)$ proof size and $O(\log n)$ verification complexity. Our circuit zero-knowledge protocol has concretely better proof/prover/verifier complexity compared to the the state-of-the-art protocol in the updatable setting under the same assumption. Our techniques of achieving verifier-succinctness in the compression framework is of independent interest.
We then show a commitment scheme for committing to group elements using a structured commitment key. We construct protocols to open a committed homomorphism on a committed vector with verifier succinctness in the designated verifier setting. This has applications in making the verifier in compressed sigma protocols for bilinear group arithmetic circuits, succinct.
Beyza Bozdemir, Betül Aşkın Özdemir, Melek Önen
Lipeng He
Dev M. Mehta, Mohammad Hashemi, Domenic Forte, Shahin Tajik, Fatemeh Ganji
Seyedmohammad Nouraniboosjin, Fatemeh Ganji
Tianrun Yu, Chi Cheng, Zilong Yang, Yingchen Wang, Yanbin Pan, Jian Weng
Sanjay Deshpande, James Howe, Jakub Szefer, Dongze Yue
Fangqi Dong, Zihan Hao, Ethan Mook, Daniel Wichs
Wenwen Xia, Leizhang Wang, Geng Wang, Dawu Gu, Baocang Wang
Tolun Tosun, amir moradi, erkay savas
Marie Beth van Egmond, Vincent Dunning, Stefan van den Berg, Thomas Rooijakkers, Alex Sangers, Ton Poppe, Jan Veldsink
Pierrick Méaux, Qingju Wang
We perform a theoretic study of the EAI criterion and explore its relation to other algebraic criteria. We prove the upper bound of the EAI of an n-variable Boolean function and further show that the EAI can be lower bounded by the AI restricted to a subset, as defined by Carlet, Méaux and Rotella at FSE 2017. We also exhibit functions with EAI guaranteed to be lower than the AI, in particular we highlight a pathological case of functions with optimal algebraic immunity and EAI only n/4. As applications, we determine the EAI of filter functions of some existing stream ciphers and discuss how extreme algebraic attacks using EAI could apply to some ciphers.
Our generalized algebraic attack does not give a better complexity than Courtois and Meier's result on the existing stream ciphers. However, we see this work as a study to avoid weaknesses in the construction of future stream cipher designs.
Julien Maillard, Thomas Hiscock, Maxime Lecomte, Christophe Clavier
WenBin Hsieh
Mengce Zheng
Julius Hermelink, Kai-Chun Ning, Emanuele Strieder
Several side-channel attacks have previously been proposed, and one line of research have been attacks against the comparison step of the FO-transform. These attacks construct a decryption failure oracle using a side-channel. A recent work published at TCHES 2022 stresses the need for higher-order masked comparisons by presenting a horizontal attack and proposes a t-probing secure comparison operation. A subsequent work by D’Anvers, Van Beirendonck, and Verbauwhede improves upon the performance of several previous proposals.
In this work, we show that the latter masked comparison suffers from weakness similar to those identified in the former. We first propose an approximate template attack that requires only a very low number of traces for profiling and has an exceptionally high noise tolerance. We show that the profiling phase is not necessary and can be replaced by a vertical analysis of the distribution of certain points of interest without knowledge of the targeted values. Finally, we explain how a horizontal attack may construct a decryption failure oracle from a single trace.
We provide a leakage model of the targeted operations, which is based on the noisy Hamming weight model. Our evaluations are carried out on a physical device to stress the practicality of our attack. In addition, we simulate the attacks to determine the measurement noise levels that can be handled. We discuss the underlying causes for our attack, the difficulty of securing the Fujisaki-Okamoto transform in ML-KEM, and draw conclusion about the (in-)sufficiency of t-probing security in this context.
Helsinki Institute for Information Technology, Helsinki, Finland
- Artificial Intelligence
- Computational Health
- Cybersecurity
- Data Science
- Foundations of Computing
Closing date for applications:
Contact: For questions regarding these positions and the electronic recruiting system, please contact the HIIT coordinator at coordinator@hiit.fi.
For questions related to cryptography research, please contact Russell W. F. Lai (russell dot lai at aalto.fi).
More information: https://www.hiit.fi/hiit-postdoctoral-and-research-fellow-positions/
University of St.Gallen, Switzerland
Key Responsibilities:
- Development and implementation of concepts and research results, both individually and in collaboration with researchers and PhD students,
- Run of experiments and simulation of realistic conditions to test the performance of developed algorithms and protocols,
- Development, maintenance and organization of software, Support to BSc, MSc and PhD students, postdocs and researchers who use the lab,
- Responsibility for day routines in the lab, for example purchases, installations, bookings, inventory,
- Demonstrations and lab tours for external visitors,
- Maintaining and producing content for our group web page and social media platforms.
Your profile:
The successful applicant is expected to hold or to be about to receive a M.Sc. degree in Computer Science, Electrical Engineering, Applied Mathematics or similar fields, preferably with a focus in Security and Privacy for Computer Science Systems.
We are looking for a strongly motivated and self-driven person who is able to work and learn new things independently.
- Good command of English is required.
- You should have a good academic track record and well developed analytical and problem solving skills.
- Excellent programming skills and familiarity with cryptographic libraries.
- Previous experience in implementation projects with C++, Matlab/Simulink, Python is desired.
Closing date for applications:
Contact:
Eriane Breu (Administrative matters)
Prof. Katerina Mitrokotsa (Research related questions)
More information: https://jobs.unisg.ch/offene-stellen/cryptography-engineer-m-w-d/ef5bb893-f482-4475-aeb1-8de48047299a