IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
15 November 2024
Ojaswi Acharya, Weiqi Feng, Roman Langrehr, Adam O'Neill
ePrint ReportOn the theoretical side, we use AC-IPFRE to show that function- hiding inner-product functional encryption (FH-IPFE), introduced by Bishop et al. (ASIACRYPT 2015), is equivalent to IPFRE. To show this, we in particular generically construct AC-IPFRE from IPFRE for the “non-zero inner-product” (NZIP) access policy. This result uses an effective version of Lagrange’s Four Square Theorem. One consequence of this result is that lower bounds by Ünal (EUROCRYPT 2020) suggest that, as for FH-IPFE, bilinear pairings will be needed to build IPFRE.
On the practical side, we build an outsourced approximate nearest- neighbor (ANN) search protocol and mitigate its leakage via AC-IPFRE. For this, we construct a practical AC-IPFRE scheme in the generic bilinear group model for a specific access policy for ANN search. To this end, we show that techniques of Wee (TCC 2020) implicitly give the most practical FH-IPFE scheme to date. We implement the resulting outsourced ANN search protocol and report on its performance.
Of independent interest, we show AC-IPFRE for NZIP implies attribute-hiding small-universe AC-IPFRE for arbitrary access policies. Previous work on access control for FE did not achieve attribute hiding. Overall, our results demonstrate that AC-IPFRE is of both theoretical and practical interest and set the stage for future work in the area.
Upasana Mandal, Rupali Kalundia, Nimish Mishra, Shubhi Shukla, Sarani Bhattacharya, Debdeep Mukhopadhyay
ePrint ReportIn this work, we contend this folklore. We develop a theoretical model of interleaved attacks using lightweight statistical tools like Gaussian Mixture Models and Dip Test for Unimodality and prove they are detectable for the correct choices of HPCs. Furthermore, we also show possible defence strategy against a stronger threat model than considered in literature: where the attacker interleaves multiple attacks instead of a single attack. Empirically, to instantiate our detector, in contrast to prior detection strategies, we choose LLMs for a number of reasons: (1) LLMs can easily contextualize data from a larger set of HPCs than generic machine learning techniques, and (2) with simple prompts, LLMs can quickly switch between different statistical analysis methods. To this end, we develop an LLM-based methodology to detect probabilistically interleaved attacks. Our experiments establish that our improved methodology is able to achieve 100% speculative attacks like Spectre v1/v2/v3, Meltdown, and Spectre v2 (with improved gadgets that even evade recent protections like Enhanced IBRS, IBPB conditional, and so on). This makes our methodology suitable for detecting speculative attacks in a non-profiled setting: where attack signatures might not be known in advance. All in all, we achieve a 100% attack detection rate, even with very low interleave frequencies (i.e. $10^{-6}$). Our detection principle and its instantiation through LLMs shows how probabilistically interleaving attack code in benign execution is not a perfect strategy, and more research is still needed into developing and countering better attack evasion strategies.
Noel Elias
ePrint ReportTom Gur, Jack O'Connor, Nicholas Spooner
ePrint ReportAli Raya, Vikas Kumar, Aditi Kar Gangopadhyay, Sugata Gangopadhyay
ePrint ReportShiping Cai, Mingjie Chen, Christophe Petit
ePrint ReportJingwei Chen, Linhan Yang, Chen Yang, Shuai Wang, Rui Li, Weijie Miao, Wenyuan Wu, Li Yang, Kang Wu, Lizhong Dai
ePrint ReportSönke Jendral, Elena Dubrova
ePrint ReportLing Sun
ePrint Report13 November 2024
Common Prefix
Job PostingClosing date for applications:
Contact: Dimitris Lamprinos (careers@commonprefix.com)
More information: https://commonprefix.com
Rovira i Virgili University, Tarragona, Spain
Job PostingWe seek to hire a full-time postdoctoral researcher in the area of security and privacy.
The University offers:- A 2.5-year contract at an exciting international environment.
- Generous travel funds.
- Possibility to co-supervise PhD students.
The successful candidate is expected to contribute to the PROVTOPIA project, which focuses on counteracting disinformation via Secure and Private Provenance Verification of Media Content. The candidate will work under the umbrella of the Crises research group (https://crises-deim.urv.cat/) and the direction of Dr. Rolando Trujillo. Candidates with experience in applied cryptography, threat modelling or formal verification are encouraged to apply.
Include in your application the following documents:- Curriculum Vitae
- Research statement
- Contact information for 3 referees
Deadline for applications is 15 January 2025 . Early applications are highly encouraged, though, as they will be processed upon reception.
Closing date for applications:
Contact: Dr. Rolando Trujillo (rolando.trujillo@urv.cat)
More information: https://rolandotr.bitbucket.io/open-positions.html
Aalto University, Finland
Job PostingClosing date for applications:
Contact: For additional information about the position, please contact Professor Riku Jäntti at riku.jantti at aalto.fi. For questions related to the recruitment process, HR Partner Hanna Koli at hanna.koli at aalto.fi.
More information: https://www.aalto.fi/en/open-positions/professor-computer-engineering
11 November 2024
Kasra Abbaszadeh, Jonathan Katz
ePrint ReportWe formally define this notion and build several candidate constructions from standard cryptographic assumptions. In particular, we propose a primary construction from classical NIZK for NP and one-way functions, albeit with two limitations: (i) deletion certificates are only privately verifiable, and (ii) both prover and verifier are required to be quantum algorithms. We resolve these hurdles in two extensions that assume the quantum hardness of the learning with errors problem. The first one achieves publicly verifiable certificates, and the second one requires merely classical communication between classical provers and quantum verifiers.
Chuhan Lu, Nikhil Pappu
ePrint ReportVadim Lyubashevsky, Gregor Seiler, Patrick Steuer
ePrint ReportZhikun Wang, Ling Ren
ePrint ReportFrom a technical standpoint, we present a novel organization of hints where each PIR query consumes a hint, and entries in the consumed hint are relocated to other hints. We then present a new data structure to track the hint relocations and use small-domain pseudorandom permutations to make the hint storage sublinear while maintaining efficient lookups in the hints.
Lorenz Panny, Christophe Petit, Miha Stopar
ePrint ReportHadas Zeilberger
ePrint ReportJens Ernstberger, Chengru Zhang, Luca Ciprian, Philipp Jovanovic, Sebastian Steinhorst
ePrint ReportCarl Kwan, Quang Dao, Justin Thaler
ePrint ReportWe present an approach to formally verify Lasso-style lookup arguments against the semantics of instruction set architectures. We demonstrate our approach by formalizing and verifying all Jolt 32-bit instructions corresponding to the RISC-V base instruction set (RV32I) using the ACL2 theorem proving system. Our formal ACL2 model has undergone extensive validation against the Rust implementation of Jolt. Due to ACL2's bit-blasting, rewriting, and developer-friendly features, our formalization is highly automated.
Through formalization, we also discovered optimizations to the Jolt codebase, leading to improved efficiency without impacting correctness or soundness. In particular, we removed one unnecessary lookup each for four instructions, and reduced the sizes of three subtables by 87.5\%.