IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
26 March 2024
Harishma Boyapally, Durba Chatterjee, Kuheli Pratihar, Sayandeep Saha, Debdeep Mukhopadhyay, Shivam Bhasin
ePrint ReportOrhun Kara
ePrint ReportBen Fisch, Arthur Lazzaretti, Zeyu Liu, Charalampos Papamanthou
ePrint ReportAll known constructions of single server client-preprocessing PIR rely on one of the following two paradigms: (1) a linear-bandwidth offline phase where the client downloads the whole database from the server, or (2) a sublinear-bandwidth offline phase where however the server has to compute a large-depth ($O_\lambda (N)$) circuit under FHE in order to execute the preprocessing phase.
In this paper, we construct a single server client-preprocessing PIR scheme which achieves both sublinear offline bandwidth (the client does not have to download the whole database offline) and a low-depth (i.e. $O_\lambda(1)$), highly parallelizable preprocessing circuit. We estimate that on a single thread, our scheme's preprocessing time should be more than 350x times faster than in prior single server client-preprocessing PIR constructions. Moreover, with parallelization, the latency reduction would be even more drastic. In addition, this construction also allows for updates in $O_\lambda (1)$ time, something not achieved before in this model.
Røros, Noorwegen, 12 May - 15 May 2025
PKCSubmission deadline: 16 October 2024
Notification: 5 February 2025
Madrid, Spain, 4 May - 8 May 2025
EurocryptShonan, Japan, 30 July - 2 August 2024
Event CalendarNXP Semiconductors Gratkorn/Austria, Hamburg/Germany, Eindhoven/Netherlands & Toulouse/France
Job Posting
Become part of a highly talented and dynamic international development team that develops state-of-the art secure cryptographic libraries which are protected against physical and logical attacks, which have applications across all different NXP domains and business lines (payment, identification, mobile, IoT, Automotive, Edge Processing, etc.).
When you join NXP you have the opportunity to broaden your technical knowledge in all of these areas.
Responsibilities
- You will develop crypto algorithms (incl. Post Quantum Crypto) based on specifications, being involved from the coding/programming, test, code review, release stages.
- You will align with our innovation team, architectural team, hardware teams and support teams to develop the algorithms which contribute to a complete security subsystem in all of NXP's business lines.
Your Profile
- Bachelor + 3-5 years of relevant experience Or You are a graduate with a Master or PhD Degree in Computer Science, Electronics Engineering, Mathematics, Information Technology, Cryptography
- You have a passion for technology, you bring ideas to the table and you are proud of your results.
We offer
- We offer you the opportunity to learn and build on your technical knowledge and experience in some of the following areas: algorithm development including post quantum cryptography (DES, AES, RSA, ECC, SHA and many more)
- embedded software development in C and Assembly
- work with ARM Cortex M and RISC V platforms
- Work on hardware and software countermeasures against side channel (SCA) and fault attacks, (FA).
Ready to create a smarter world? Join the future of Innovation. Join NXP. Apply online!
https://nxp.wd3.myworkdayjobs.com/fr-FR/careers/job/Gratkorn/Embedded-Crypto-Software-Developer--m-f-d-_R-10052127
Closing date for applications:
Contact: Veronika von Hepperger (veronika.vonhepperger@nxp.com)
More information: https://nxp.wd3.myworkdayjobs.com/fr-FR/careers/job/Gratkorn/Embedded-Crypto-Software-Developer--m-f-d-_R-10052127
Luxembourg Institute of Science and Technology
Job PostingClosing date for applications:
Contact: SCHWARTZ Cathy
More information: https://bit.ly/3xa6NAy
RWTH Aachen, Department of Computer Science, Germany
Job PostingAt the Chair of Quantum Information Systems at RWTH Aachen, Germany, we have several phd and postdoc positions available in the area of quantum formal verification, quantum programs, quantum crypto, connected to the ERC project "Certified Quantum Security".
Supervisor would be Dominique Unruh.
In particular, there are the following topics, but we accept phd and postdoc applications for other topics if they fit into the general direction of our group.
- PhD position “Verification of Quantum Key Distribution”
- PhD position “Functional quantum programs in F*”
- PhD position “Certified quantum compilation”
All positions are fully funded (German salary class TV-L E13).
Application deadline is April 15, 2024. See the webpage for application instructions.
Closing date for applications:
Contact: Dominique Unruh, email: job.igxkb0@rwth.unruh.de
More information: https://qis.rwth-aachen.de/positions/
23 March 2024
University of Edinburgh and ZK Lab
Job PostingClosing date for applications:
Contact: Markulf Kohlweiss (markulf.kohlweiss@ed.ac.uk), Jan Bobolz (jan.bobolz@ed.ac.uk)
More information: https://zk-lab.org
Tallinn University of Technology
Job PostingClosing date for applications:
Contact: Levent Aksoy (levent.aksoy@taltech.ee)
More information: https://candidate.recrur.com/public/jobad/en/b98a4a29-7
PQShield Ltd, Research and Development
Job Posting
What you’ll be doing:
The primary responsibility of this position will be to advance the state of post-quantum secure messaging such as Signal and Message Layer Security (MLS). While the main focus is to conduct groundbreaking research, we encourage and support translating academic research into tangible contributions, such as proposals to the Internet Engineering Task Force (IETF) for standardisation.
Qualifications: While you will mostly collaborate with a group, it is preferred that you have some of the following backgrounds to ensure a smooth start into the project:
In addition to cryptographic expertise, we seek candidates with:
Closing date for applications:
Contact: Please apply to the job through the PQShield's Careers page or through the link below:
PQShield Career page: https://pqshield.com/careers/apply/?gh_jid=4309579101
More information: https://pqshield.com/careers/apply/?gh_jid=4309579101
FAU Erlangen-Nuremberg, Germany
Job PostingNecessary qualifications: Applicants should have an excellent academic record and hold an MSc or an equivalent university degree in computer science or related disciplines, and have the goal to finish a PhD degree within three years.
Supplementary description: The positions will commence on October 1, 2024. FAU aims to increase the number of women in scientific positions. Female candidates are therefore particularly encouraged to apply. In case of equal qualifications, candidates with disabilities will take precedence. Please submit your complete application documents by April 10, 2024 to cybercrime-applications@fau.de. Please mention in your application at least one research area from the above list which you are specifically interested in. Interviews will commence between 13. and 17.05.2024 in Erlangen.
Founded in 1743 and situated at the heart of the Nuremberg Metropolitan Region, FAU is a strong research university with an international perspective and one of the largest universities in Germany. FAUs outstanding research and teaching is reflected in top positions in both national and international rankings, as well as the high amount of DFG funding which its researchers are able to secure.
Closing date for applications:
Contact: Paul Rösler (paul.roesler@fau.de)
22 March 2024
Charlotte Hoffmann, Krzysztof Pietrzak
ePrint ReportA recent application of VDFs by Arun, Bonneau and Clark (Asiacrypt'22) are short-lived proofs and signatures, which are proofs and signatures which are only sound for some time $t$, but after that can be forged by anyone. For this they rely on "watermarkable VDFs", where the proof embeds a prover chosen watermark. To achieve stronger notions of proofs/signatures with reusable forgeability, they rely on "zero-knowledge VDFs", where instead of the output $y$, one just proves knowledge of this output. The existing proposals for watermarkable and zero-knowledge VDFs all build on Wesolowski's PoE, for the watermarkable VDFs there's currently no security proof.
In this work we give the first constructions that transform any PoEs in hidden order groups into watermarkable VDFs and into zkVDFs, solving an open question by Arun et al.. Unlike our watermarkable VDF, the zkVDF (required for reusable forgeability) is not very practical as the number of group elements in the proof is a security parameter. To address this, we introduce the notion of zero-knowledge proofs of sequential work (zkPoSW), a notion that relaxes zkVDFs by not requiring that the output is unique. We show that zkPoSW are sufficient to construct proofs or signatures with reusable forgeability, and construct efficient zkPoSW from any PoE, ultimately achieving short lived proofs and signatures that improve upon Arun et al's construction in several dimensions (faster forging times, weaker assumptions).
A key idea underlying our constructions is to not directly construct a (watermarked or zk) proof for $y=x^{2^T}$, but instead give a (watermarked or zk) proof for the more basic statement that $x',y'$ satisfy $x'=x^r,y'=y^r$ for some $r$, together with a normal PoE for $y'=(x')^{2^T}$.
Wilbert W
ePrint ReportHanwen Feng, Zhenliang Lu, Tiancheng Mai, Qiang Tang
ePrint ReportHowever, those constructions of $\mathsf{MVBA}$ heavily rely on ``heavyweight'' cryptographic tools, such as non-interactive threshold signatures. The computational cost of algebraic operations, the susceptibility to quantum attacks, and the necessity of a trusted setup associated with threshold signatures present significant remaining challenges. There is a growing interest in information-theoretic or hash-based constructions (historically called signature-free constructions). Unfortunately, the state-of-the-art hash-based $\mathsf{MVBA}$ (Duan et al., CCS'23) incurs a large $O(\ell n^2 + \lambda n^3)$-bits communication, which in turn makes the hash-based $\mathsf{MVBA}$ inferior performance-wise comparing with the ``classical'' ones. Indeed, this was clearly demonstrated in our experimental evaluations.
To make hash-based $\mathsf{MVBA}$ actually realize its full potential, in this paper, we introduce an $\mathsf{MVBA}$ with adaptive security, and $\widetilde{O}(\ell n + \lambda n^2)$ communication, exclusively leveraging conventional hash functions. Our new $\mathsf{MVBA}$ achieves nearly optimal communication, devoid of heavy operations, surpassing both threshold signature-based schemes and the hash-based scheme in many practical settings, as demonstrated in our experiments. For example, in scenarios with a network size of $n = 201$ and an input size of $1.75$ MB, our $\mathsf{MVBA}$ exhibits a latency that is 81\% lower than that of the existing hash-based $\mathsf{MVBA}$ and 47\% lower than the threshold signature-based $\mathsf{MVBA}$. Our new construction also achieves optimal parameters in other metrics such as $O(1)$ rounds and $O(n^2)$ message complexity, except with a sub-optimal resilience, tolerating up to $20\%$ Byzantine corruptions (instead of $33\%$). Given its practical performance advantages, our new hash-based $\mathsf{MVBA}$ naturally leads to better asynchronous distributed protocols, by simply plugging it into existing frameworks.
Weiqiong Cao, Hua Chen, Hongsong Shi, Haoyuan Li, Jian Wang, Jingyi Feng
ePrint ReportIn this paper, assuming random word faults, we find some distinctive differential properties within the boolean functions in SHA2. Leveraging these findings, we propose a new differential fault attack methodology that can be effectively utilized to recover the final message block and its corresponding initial vector in SHA2, forge HMAC-SHA2 messages, extract the key of SHACAL-2, and extend our analysis to similar algorithm like SM3. We validate the effectiveness of these attacks through rigorous simulations and theoretical deductions, revealing that they indeed pose substantial threats to the security of SHA2. In our simulation-based experiments, our approach necessitates guessing $T$ bits within a register, with $T$ being no more than $5$ at most, and having a approximate $95\%$ (for SHA512) probability of guessing just $1$ bit. Moreover, upon implementing a consecutive series of 15 fault injections, the success probability for recovering one register (excluding the guessed bits) approaches $100\%$. Ultimately, approximately 928 faulty outputs based on random word faults are required to carry out the attack successfully.
Zheyuan He, Zihao Li, Sen Yang
ePrint ReportAs the first review of LLM's application on blockchain security, our study aims to comprehensively analyze existing research and elucidate how LLMs contribute to enhancing the security of blockchain systems. Through a thorough examination of scholarly works, we delve into the integration of LLMs into various aspects of blockchain security. We explore the mechanisms through which LLMs can bolster blockchain security, including their applications in smart contract auditing, identity verification, anomaly detection, vulnerable repair, and so on. Furthermore, we critically assess the challenges and limitations associated with leveraging LLMs for blockchain security, considering factors such as scalability, privacy concerns, and adversarial attacks. Our review sheds light on the opportunities and potential risks inherent in this convergence, providing valuable insights for researchers, practitioners, and policymakers alike.
Zhangshuang Guan, Yulin Zhao, Zhiguo Wan, Jinsong Han
ePrint ReportIn this work, we introduce OPSA, a multi-round one-pass secure aggregation framework based on TEE to achieve efficient communication, streamlined computation and verifiable aggregation all at once. OPSA employs a new strategy of revealing shared keys in TEE and instantiates two types of masking schemes. Furthermore, a result verification module is designed to be compatible with any type of SA protocol instantiated under the OPSA framework with weaker security assumptions. Compared with the state-of-the-art schemes, OPSA achieves a 2$\sim$10$\times$ speedup in multi-round aggregation while also supporting result verification simultaneously. OPSA is more friendly to scenarios with high network latency and large-scale model aggregation.
Matthew Gregoire, Rachel Thomas, Saba Eskandarian
ePrint ReportWe present the CheckOut system, which allows users to coordinate large anonymity sets of shoppers to hide the identity and purchasing habits of each particular user in the crowd. CheckOut scales up and systematizes past efforts to subvert loyalty surveillance, which have been primarily ad-hoc and manual affairs where customers physically swap loyalty cards to mask their real identities. CheckOut allows increased scale while ensuring that the necessary computing infrastructure does not itself become a new centralized point of privacy failure.
Of particular importance to our scheme is a protocol for loyalty programs that offer reward points, where we demonstrate how CheckOut can assist users in paying each other back for loyalty points accrued while using each others' loyalty accounts. We present two different mechanisms to facilitate redistributing rewards points, offering trade-offs in functionality, performance, and security.