IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
12 June 2024
Gil Segev, Liat Shapira
ePrint ReportBrent Waters, David J. Wu
ePrint ReportWe first give a direct construction of an adaptively-sound SNARG for NP assuming (sub-exponentially-secure) $i\mathcal{O}$ and an injective one-way function. Then, we show that it suffices to have an injective one-way function that has an inefficient sampler (i.e., sampling a challenge for the one-way function requires super-polynomial time). Because we rely on the existence of injective one-way functions only in the security proof and not in the actual construction, having an inefficient sampling procedure does not impact correctness. We then show that injective one-way functions with an inefficient sampler can be built generically from any vanilla one-way function. Our approach may be independently useful in other settings to replace injective one-way functions with standard one-way functions in applications of $i\mathcal{O}$.
Aruna Jayasena, Richard Bachmann, Prabhat Mishra
ePrint ReportAbtin Afshar, Jiaqi Cheng, Rishab Goyal
ePrint ReportIn this work, we design homomorphic signatures satisfying all above properties. We construct homomorphic signatures for polynomial-sized circuits from a variety of standard assumptions such as sub-exponential DDH, standard pairing-based assumptions, or learning with errors. We also discuss how our constructions can be easily extended to the multi-key setting.
Yuval Ishai, Mahimna Kelkar, Daniel Lee, Yiping Ma
ePrint ReportItai Dinur
ePrint ReportModeling $\pi$ as a uniformly chosen permutation, several previous works proved a tight information-theoretic indistinguishability bound for SXoP$[2,n]$ of about $q/2^{n}$, where $q$ is the number of queries. On the other hand, tight bounds are unknown for the generalized variant (denoted SXoP$[r,n]$) which XORs the outputs of $r>2$ domain-separated calls to a uniform permutation.
In this paper, we obtain two results. Our first result improves the known bounds for SXoP$[r,n]$ for all (constant) $r \geq 3$ (assuming $q \leq O(2^n/r)$ is not too large) in both the single-user and multi-user settings. In particular, for $q=3$, our bound is about $\sqrt{u}q_{\max}/2^{2.5n}$ (where $u$ is the number of users and $q_{\max}$ is the maximal number of queries per user), improving the best-known previous result by a factor of at least $2^n$.
For odd $r$, our bounds are tight for $q > 2^{n/2}$, as they match known attacks. For even $r$, we prove that our single-user bounds are tight by providing matching attacks.
Our second and main result is divided into two parts. First, we devise a family of constructions that output $n$ bits by efficiently combining outputs of 2 calls to a permutation on $\{0,1\}^n$, and achieve multi-user security of about $\sqrt{u} q_{\max}/2^{1.5n}$. Then, inspired by the CENC construction of Iwata [FSE'06], we further extend this family to output $2n$ bits by efficiently combining outputs of 3 calls to a permutation on $\{0,1\}^n$. The extended construction has similar multi-user security of $\sqrt{u} q_{\max}/2^{1.5n}$.
The new single-user ($u=1$) bounds of $q/2^{1.5n}$ for both families should be contrasted with the previously best-known bounds of $q/2^n$, obtained by the comparable constructions of SXoP$[2,n]$ and CENC.
All of our bounds are proved by Fourier analysis, extending the provable security toolkit in this domain in multiple ways.
Ritam Bhaumik, Bishwajit Chakraborty, Wonseok Choi, Avijit Dutta, Jérôme Govinden, Yaobin Shen
ePrint ReportAnjali C B
ePrint ReportHenri Devillez, Olivier Pereira, Thomas Peters
ePrint ReportWe propose a verifiable vote-by-mail system that can accommodate the constraints of many of the large ballots that are common in Europe. Verifiability and privacy hold unless multiple system components collude to cheat on top of the postal channel. These security notions are expressed and analyzed in the simplified UC security framework.
Our vote-by-mail system only makes limited requirements on the voters: voters can verify their vote by copying and comparing short strings and verifying the computation of a single hash on a short input, and they can vote normally if they want to ignore the verification steps completely. Our system also relies on common cryptographic components, all available in the ElectionGuard verifiable voting SDK for instance, which limits the risks of errors in the implementation of the cryptographic aspects of the system.
Dilip Kumar S. V., Siemen Dhooghe, Josep Balasch, Benedikt Gierlichs, Ingrid Verbauwhede
ePrint ReportSteven Galbraith
ePrint ReportThe two cases of main interest for discrete logarithm cryptography are random curves (flat volcanoes) and pairing-based crypto (tall volcanoes with crater of constant or polynomial size). In both cases we show a rigorous $\tO( q^{1/4})$ algorithm to compute an isogeny between any two curves in the isogeny class. We stress that this paper is motivated by pre-quantum elliptic curve cryptography using ordinary elliptic curves, which is not yet obsolete.
11 June 2024
Bidhannagar, India, 14 December - 17 December 2024
Event CalendarNewcastle University
Job PostingPrivacy-enhancing technologies (PETs), such as Secure Multi-party Computation (MPC) and Federated Learning (FL) allow parties to collaboratively analyze a collection of data partitions where each data partition is contributed by a different party (such as banks, or law enforcement agencies).
Two facts about most PETs exist: (i) often the output of PETs reveals some information about the parties’ private input sets (i.e., the computation result in FL or MPC), and (ii) various variants of PETs do not output the result to all parties, even in those PETs that do, not all of the parties are necessarily interested in it. Given these facts, a natural question arises: How can we incentivize parties that do not receive the result or do not express interest in it to participate in PETs?
This project aims to develop new PETs that incentivize participants to share their sensitive data by fairly rewarding them. Additionally, the project aims to ensure these PETs remain secure even when adversaries compromise some parties. The Secure and Resilient Systems research group (and possibly Edge AI Hub) will host the successful candidate at the Urban Science Building, Newcastle University.
Eligibility Criteria:
Further Information: For more information and instructions on how to apply take a look at this webpage:
https://shorturl.at/PGX3Z
Closing date for applications:
Contact: Dr Aydin Abadi
University of Bergen, Norway
Job PostingClosing date for applications:
Contact: Lilya Budaghyan
More information: https://www.jobbnorge.no/en/available-jobs/job/262978/associate-professor-in-cybersecurity
10 June 2024
Peiyao Sheng, Chenyuan Wu, Dahlia Malkhi, Michael K. Reiter, Chrysoula Stathakopoulou, Michael Wei, Maofan Yin
ePrint ReportYanxue Jia, Shi-Feng Sun, Hong-Sheng Zhou, Dawu Gu
ePrint ReportTo bridge the gap, we also design a new PSU protocol that can avoid the unnecessary leakage. Unlike the AHE-based PSU protocols, our new construction only relies on symmetric-key operations other than base OTs, thereby being much more scalable. The experimental results demonstrate that our protocol can obtain at least 873.74× speedup over the best-performing AHE-based scheme. Moreover, our performance is comparable to that of the state-of-the-art PSU protocol (Chen et al., USENIX Security 2023), which also suffers from the unnecessary leakage.