IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
18 September 2024
Weihao Wang, Shuai Han, Shengli Liu
ePrint ReportIn this paper, we propose Anamorphic Authentication Key Exchange (AM-AKE) to solve the problem. Similar to anamorphic encryption, AM-AKE contains a set of anamorphic algorithms besides the normal algorithms. With the help of the anamorphic algorithms in AM-AKE, the initiator and the responder are able to exchange not only a session key but also a double key. We define robustness and security notions for AM-AKE, and also prove some impossibility results on plain AM-AKE whose anamorphic key generation algorithm only outputs a key-pair. To bypass the impossibility results, we work on two sides.
-- On the one side, for plain AM-AKE, the securities have to be relaxed to resist only passive attacks from the dictator. Under this setting, we propose a generic construction of two-pass plain AM-AKE from a two-pass AKE with partially randomness-recoverable algorithms.
-- On the other side, we consider (non-plain) AM-AKE whose key generation algorithm also outputs an auxiliary trapdoor besides the key-pairs. We ask new properties from AKE: its key generation algorithm has secret extractability and other algorithms have separability. Based on such a two-pass AKE, we propose a generic construction of two-pass (non-plain) AM-AKE. The resulting AM-AKE enjoys not only robustness but also the strong security against any dictator knowing both users' secret keys and even the internal randomness of the AKE algorithms and implementing active attacks.
Finally, we present concrete AM-AKE schemes from the popular SIG+KEM paradigm and three-KEM paradigm for constructing AKE.
14 September 2024
Bangalore, India, 3 March - 6 March 2025
Event CalendarSubmission deadline: 15 October 2024
Notification: 15 November 2024
Wollongong, Australia, 14 July - 16 July 2025
Event CalendarSubmission deadline: 6 November 2024
Notification: 22 January 2025
West Bengal, India, 14 January - 16 January 2025
Event CalendarSubmission deadline: 20 September 2024
Notification: 1 October 2024
The chair of IT Security, Brandenburg University of Technology, Cottbus-Senftenberg
Job PostingOur chair performs research and teaching in the area of IT Security with a strong focus on Network Security and Online Privacy. More information about us can be found at https://www.b-tu.de/en/fg-it-sicherheit.
- Tasks:
- Active research in the area of intrusion detection systems (IDS) for critical infrastructures, secure cyber-physical systems, and artificial intelligence / machine learning for traffic analysis
- Implementation and evaluation of new algorithms and methods
- Cooperation and knowledge transfer with industrial partners
- Publication of scientific results
- Assistance with teaching
- Requirements:
- Master’s degree (or equivalent) and PhD degree (only for PostDocs) in Computer Science or related disciplines
- Strong interest in IT security and/or networking and distributed systems
- Knowledge of at least one programming language (C++, Java, etc.) and one scripting language (Perl, Python, etc.) or strong willingness to quickly learn new programming languages
- Linux/Unix skills
- Knowledge of data mining, machine learning, statistics and result visualization concepts is of advantage
- Excellent working knowledge of English; German is of advantage
- Excellent communication skills
- Applications containing the following documents:
- A detailed Curriculum Vitae
- Transcript of records from your Master studies
- An electronic version of your Master thesis, if possible should be sent in a single PDF file as soon as possible, but not later than 04.10.2024 at itsec-jobs.informatik@lists.b-tu.de. Applications sent to email addresses other than that will be automatically discarded
Closing date for applications:
Contact: Prof. Dr.-Ing. Andriy Panchenko,
Email: itsec-jobs.informatik@lists.b-tu.de
More information: https://www.informatik.tu-cottbus.de/~andriy/phd-ad-btu_en.pdf
Chalmers University of Technology, Department of Computer Science & Engineering, Gothenburg, Sweden
Job PostingThis position offers an exciting opportunity to delve into the rapidly evolving field of Transparency Protocols and to make impactful contributions towards new designs, security proofs, and the uptake of this technology. You will join the CryptoTeam under the supervision of Assistant Professor Elena Pagnin and your base will be Chalmers (Gothenburg, Sweden). Chalmers is a renown University in Technical subjects, and provides a dynamic, highly international work environment within a world-leading research group with expertise in various aspects of cryptography, security, formal methods, and their applications.
For more information visit the official ad https://www.chalmers.se/en/about-chalmers/work-with-us/vacancies/?rmpage=job&rmjob=13180&rmlang=UK . Note that only applications received via the Chalmers Vacancies portal will be considered. Application deadline: October 4, 2024.
Closing date for applications:
Contact: Elena Pagnin
More information: https://www.chalmers.se/en/about-chalmers/work-with-us/vacancies/?rmpage=job&rmjob=13180&rmlang=UK
Chinese Academy of Sciences, Academy of Mathematics and Systems Science
Job PostingClosing date for applications:
Contact: Dr. Zhifang Zhang, email: zfz@amss.ac.cn; Dr. Yanbin Pan, email: panyanbin@amss.ac.cn; Dr. Xiutao Feng, email: fengxt@amss.ac.cn
More information: https://www.mathjobs.org/jobs/list/23139
Hebrew University of Jerusalem
Job PostingClosing date for applications:
Contact: Ilan Komargodski (ilank at cs dot huji dot ac dot il)
University of Amsterdam, Netherlands
Job PostingYou will conduct research in the “Challenges in Cyber Security” project, one of the few projects receiving funding in the prestigious NWO Gravitation program. In cooperation with researchers from TU Eindhoven, Radboud University Nijmegen, VU Amsterdam, and CWI, you will work on the grand challenges of cybersecurity in areas such as cryptography, software security, or physical security. Besides cutting-edge research, you will also contribute to education – for example, in the top-rated Security and Network Engineering MSc program – and other activities, including acquisition and management of funded research projects, supervision of PhD students, and supervision of BSc/MSc graduation projects.
Closing date for applications:
Contact: Christian Schaffner
More information: https://vacatures.uva.nl/UvA/job/Assistant-Professor-in-Cyber-Security/802718502/
Suvadeep Hajra, Debdeep Mukhopadhyay
ePrint ReportSeveral recent works have employed deep learning (DL) methods to conduct SCA on long raw traces, thereby reducing dependence on feature selection steps. However, these methods often perform poorly against various jitter-based countermeasures. While some of these methods have shown high robustness to jitter-based countermeasures on relatively shorter traces, we demonstrate in this work that their performance deteriorates as trace lengths increase. Based on these observations, we develop a hierarchical DL model for SCA on long traces that is robust against various countermeasures. The proposed model, HierNet, extracts information from long traces using a two-level information assimilation process. At the base level, a DL model with shift-invariance is employed to extract information from smaller trace segments. Subsequently, a top-level DL model integrates the outputs of the base model to generate the final output. The proposed model has been experimentally evaluated against various combinations of masking, random delay, and clock jitter countermeasures using traces with lengths exceeding $200K$ features. The results have been compared with three existing SCA benchmark models. They demonstrate HierNet's superiority in several scenarios, such as on long traces, against clock jitter countermeasures, and low training data scenarios. In particular, while other models fail to reach the guessing entropy $1$ using as many as $5K$ traces, HierNet achieves the same with fewer than or close to $10$ traces.
Chengru Zhang, Xiao Yang, David Oswald, Mark Ryan, Philipp Jovanovic
ePrint ReportTo make Eva efficient, we construct an IVC based on folding schemes that incorporate lookup arguments, resulting in a linear-time prover whose proofs can be compressed to a constant size. We further improve the performance of Eva through various optimizations, including tailored circuit design and GPU acceleration. The evaluation of our implementation shows that Eva is practical: for a $1$-minute HD ($1280 \times 720$) video encoded in H.264 at $30$ frames per second, Eva generates a proof in about $2.5$ hours on consumer-grade hardware at a speed of $5.5$ μs per pixel, surpassing previous cryptographic image authentication schemes that support arbitrary editing operations by more than an order of magnitude.
Pascal Reisert, Marc Rivinius, Toomas Krips, Sebastian Hasler, Ralf Küsters
ePrint ReportAlessandro Chiesa, Marcel Dall'Agnol, Ziyi Guan, Nicholas Spooner, Eylon Yogev
ePrint ReportIn this paper we study Kilian's protocol, an influential public-coin interactive protocol that, while not a sigma protocol, shares striking similarities with sigma protocols. The first example of a succinct argument, Kilian's protocol is proved secure via rewinding, the same idea used to prove sigma protocols secure. In this paper we show how, similar to Schnorr's protocol, a precise understanding of the security of Kilian's protocol remains elusive. We contribute new insights via upper bounds and lower bounds. - Upper bounds. We establish the tightest known bounds on the security of Kilian's protocol in the standard model, via strict-time reductions and via expected-time reductions. Prior analyses are strict-time reductions that incur large overheads or assume restrictive properties of the PCP underlying Kilian's protocol. - Lower bounds. We prove that significantly improving on the bounds that we establish for Kilian's protocol would imply improving the security analysis of Schnorr's protocol beyond the current state-of-the-art (an open problem). This partly explains the difficulties in obtaining tight bounds for Kilian's protocol.
Peizhao Zhou, Xiaojie Guo, Pinzhi Chen, Tong Li, Siyi Lv, Zheli Liu
ePrint ReportIn this paper, we propose $Shortcut$, a framework that can work with MCASs to enable efficient queries on dynamic databases that support data insertion, deletion, and update. The core idea of $Shortcut$ is to materialize previous query results and directly update them via our query result update (QRU) protocol to obtain current query results. We customize several efficient QRU protocols for common SQL operators, including Order-by-Limit, Group-by-Aggregate, Distinct, Join, Select, and Global Aggregate. These protocols are composable to implement a wide range of query functions. In particular, we propose two constant-round protocols to support data insertion and deletion. These protocols can serve as important building blocks of other protocols and are of independent interest. They address the problem of securely inserting/deleting a row into/from an ordered table while keeping the order. Our experiments show that $Shortcut$ outperforms naive MCASs for minor updates arriving in time, which captures the need of many realistic applications (e.g., insurance services, account data management). For example, for a single query after an insertion, $Shortcut$ achieves up to $186.8 \times$ improvement over those naive MCASs without our QRU protocols on a dynamic database with $2^{16} \sim 2^{20}$ rows, which is common in real-life applications.
Masayuki Fukumitsu, Shingo Hasegawa
ePrint ReportWe examine the existing lattice-based signature schemes from the viewpoint of $\rm{MU^{c\&l}}$ security, and find that the security of the Lyubashevsky's signature, which is proven to have the ordinary single-user security only, can be extended to the multi-user security even if we take the adaptive corruptions and the key leakages into account.
Our security proof in the multi-user setting makes use of the feature of the SIS problem so that a SIS instance is set to the public parameter and a reduction algorithm can set a public key with a secret key in order to answer a corruption query. We also show that the entropy of the secret key is kept under the bounded leakage with a high probability and then the leakage resilience of signature holds.
Fuchun Lin, Chaoping Xing, Yizhou Yao
ePrint ReportOur results are obtained by introducing the powerful sum-check techniques from the mature line of works on interactive proofs into the context of VOLE-based ZK for the first time. Reminiscent of the non-interactive line-point zero-knowledge proof system (ITC'21), we introduce an interactive line-point zero-knowledge (ILPZK) proof system, which closely connects with VOLE-based ZK protocols. In addition, our works also enrich the studies of ZK based on interactive proofs, with new interesting features (e.g., having information-theoretic UC-security, naturally supporting any field) achieved.
Aner Ben-Efraim, Lior Breitman, Jonathan Bronshtein, Olga Nissenbaum, Eran Omri
ePrint ReportDongjin Park, Eunsang Lee, Joon-Woo Lee
ePrint ReportTruong Son Nguyen, Tancrède Lepoint, Ni Trieu
ePrint ReportCarmit Hazay, David Heath, Vladimir Kolesnikov, Muthuramakrishnan Venkitasubramaniam, Yibin Yang
ePrint ReportThis paper studies ZKP (of knowledge) protocols over disjunctive statements based on Vector OLE. Denoting by $\lambda$ the statistical security parameter and let $\rho \overset{\Delta}{=} \max\{\log |\mathbb{F}|, \lambda\}$, the previous state-of-the-art protocol $\mathsf{Robin}$ (Yang et al. CCS'23) required $(n_{\mathit{in}}+3n_\times)\log \left|\mathbb{F}\right| + \mathcal{O}(\rho B)$ bits of communication with $ \mathcal{O}(1)$ rounds, and $\mathsf{Mac'n'Cheese}$ (Baum et al. CRYPTO'21) required $(n_{\mathit{in}}+n_\times)\log \left|\mathbb{F}\right| + 2n_\times\rho + \mathcal{O}(\rho \log B)$ bits of communication with $\mathcal{O}(\log B)$ rounds, both in the VOLE-hybrid model.
Our novel protocol $\mathsf{LogRobin}\texttt{++}$ achieves the same functionality at the cost of $(n_{\mathit{in}}+n_\times)\log \left|\mathbb{F}\right| + \mathcal{O}(\rho \log B)$ bits of communication with $\mathcal{O}(1)$ rounds in the VOLE-hybrid model. Crucially, $\mathsf{LogRobin}\texttt{++}$ takes advantage of two new techniques -- (1) an $\mathcal{O}(\log B)$-overhead approach to prove in ZK that an IT-MAC commitment vector contains a zero; and (2) the realization of VOLE-based ZK over a disjunctive statement, where $\mathcal{P}$ commits only to $\boldsymbol{w}$ and multiplication outputs of $\mathcal{C}_{\mathit{id}}(\boldsymbol{w})$ (as opposed to prior work where $\mathcal{P}$ commits to $\boldsymbol{w}$ and all three wires that are associated with each multiplication gate).
We implemented $\mathsf{LogRobin}\texttt{++}$ over Boolean (i.e., $\mathbb{F}_2$) and arithmetic (i.e., $\mathbb{F}_{2^{61}-1}$) fields. In our experiments, including the cost of generating VOLE correlations, $\mathsf{LogRobin}\texttt{++}$ achieved up to $170 \times$ optimization over $\mathsf{Robin}$ in communication, resulting in up to $7\times$ (resp. $3\times$) wall-clock time improvements in a WAN-like (resp. LAN-like) setting.