International Association
for Cryptologic Research

We propose plausible post-quantum (PQ) oblivious pseudorandom functions (OPRFs) based on the Power Residue PRF (Damgård CRYPTO’88), a generalization of the Legendre PRF. For security parameter $\lambda$, we consider the PRF $\mathsf{Gold}_k(x)$ that maps an integer $x$ modulo a public prime $p = 2^\lambda\cdot g + 1$ to the element $(k + x)^g \bmod p$, where $g$ is public and $\log g \approx 2\lambda$.

At the core of our constructions are efficient novel methods for evaluating $\mathsf{Gold}$ within two-party computation ($\mathsf{2PC}\text{-}\mathsf{Gold}$), achieving different security requirements. Here, the server $\mathcal{P}_s$ holds the PRF key $k$ whereas the client $\mathcal{P}_c$ holds the PRF input $x$, and they jointly evaluate $\mathsf{Gold}$ in 2PC. $\mathsf{2PC}\text{-}\mathsf{Gold}$ uses standard Vector Oblivious Linear Evaluation (VOLE) correlations and is information-theoretic and constant-round in the (V)OLE-hybrid model. We show:

• For a semi-honest $\mathcal{P}_s$ and a malicious $\mathcal{P}_c$: a $\mathsf{2PC}\text{-}\mathsf{Gold}$ that just uses a single (V)OLE correlation, and has a communication complexity of $3$ field elements ($2$ field elements if we only require a uniformly sampled key) and a computational complexity of $\mathcal{O}(\lambda)$ field operations. We refer to this as half-malicious security.

• For malicious $\mathcal{P}_s$ and $\mathcal{P}_c$: a $\mathsf{2PC}\text{-}\mathsf{Gold}$ that just uses $\frac{\lambda}{4} + \mathcal{O}(1)$ VOLE correlations, and has a communication complexity of $\frac{\lambda}{4} + \mathcal{O}(1)$ field elements and a computational complexity of $\mathcal{O}(\lambda)$ field operations.

These constructions support additional features and extensions, e.g., batched evaluations with better amortized costs where $\mathcal{P}_c$ repeatedly evaluates the PRF under the same key.

Furthermore, we extend $\mathsf{2PC}\text{-}\mathsf{Gold}$ to Verifiable OPRFs and use the methodology from Beullens et al. (ePrint’24) to obtain strong OPRF security in the universally composable setting.

All the protocols are efficient in practice. We implemented $\mathsf{2PC}\text{-}\mathsf{Gold}$—with (PQ) VOLEs—and benchmarked them. For example, our half-malicious (resp. malicious) $n$-batched PQ OPRFs incur about $100$B (resp. $1.9$KB) of amortized communication for $\lambda = 128$ and large enough $n$.

One-more problems like One-More Discrete Logarithm (OMDL) and One-More Diffie--Hellman (OMDH) have found wide use in cryptography, due to their ability to naturally model security definitions for interactive primitives like blind signatures and oblivious PRF. Furthermore, a generalization of OMDH called Threshold OMDH (TOMDH) has proven useful for building threshold versions of interactive protocols. However, due to their complexity it is often unclear how hard such problems actually are, leading cryptographers to analyze them in idealized models like the Generic Group Model (GGM) and Algebraic Group Model (AGM). In this work we give a complete characterization of known group-based one-more problems in the AGM, using the $Q$-DL hierarchy of assumptions defined in the work of Bauer, Fuchsbauer and Loss (CRYPTO '20).

1. Regarding (T)OMDH, we show (T)OMDH is part of the $Q$-DL hierarchy in the AGM; in particular, $Q$-OMDH is equivalent to $Q$-DL. Along the way we find and repair a flaw in the original GGM hardness proof of TOMDH, thereby giving the first correct proof that TOMDH is hard in the GGM.

2. Regarding OMDL, we show the $Q$-OMDL problems constitute an infinite hierarchy of problems in the AGM incomparable to the $Q$-DL hierarchy; that is, $Q$-OMDL is separate from $Q'$-OMDL if $Q' \neq Q$, and also separate from $Q'$-DL unless $Q = Q' = 0$.

Fixed point arithmetic (FPA) is essential to enable practical Privacy-Preserving Machine Learning. When multiplying two fixed-point numbers, truncation is required to ensure that the product maintains correct precision. While multiple truncation schemes based on Secure Multiparty Computation (MPC) have been proposed, which of the different schemes offers the best trade-off between accuracy and efficiency on common PPML datasets and models has remained underexplored.

In this work, we study several different stochastic and exact truncation approaches found in the MPC literature that require different slack sizes, i.e., additional bits required by each secret share to ensure correctness. We provide novel, improved construction for each truncation approach in the semi-honest 3-PC and malicious 4-PC settings, which reduce communication and round complexity up to three times. Moreover, we propose a truncation scheme that does not introduce any communication overhead in the online phase and exactly matches the accuracy of plaintext floating-point PyTorch inference of VGG-16 on the ImageNet dataset with over 80% accuracy using shares with a bitlength of only 32. This is the first time that high PPML accuracy is demonstrated on ImageNet.

Gadget-based samplers have proven to be a key component of several cryptographic primitives, in particular in the area of privacy-preserving mechanisms. Most constructions today follow the approach introduced by Micciancio and Peikert (MP) yielding preimages whose dimension linearly grows with that of the gadget. To improve performance, some papers have proposed to truncate the gadget but at the cost of an important feature of the MP sampler, namely the ability to invert arbitrary syndromes. Technically speaking, they replace the worst-case MP sampler by an average-case sampler that can only be used in specific contexts. Far from being a mere theoretical restriction, it prevents the main applications of gadget-based samplers from using truncated variants and thus from benefiting from the associated performance gains. In this paper, we solve this problem by describing a worst-case sampler that still works with truncated gadgets. Its main strength is that it retains the main characteristics of the MP sampler while providing flexibility in the choice of the truncation parameter. As a consequence, it can be used as a plug-in replacement for all applications relying on the MP sampler so far, leading to performance improvements up to 30% as illustrated by several examples in this paper. Our sampler is supported by a thorough security analysis that addresses the hurdles met by previous works and its practicality is demonstrated by a concrete implementation.

Postal voting is a frequently used alternative to on-site voting. Traditionally, its security relies on organizational measures, and voters have to trust many entities. In the recent years, several schemes have been proposed to add verifiability properties to postal voting, while preserving vote privacy. Postal voting comes with specific constraints. We conduct a systematic analysis of this setting and we identify a list of generic attacks, highlighting that some attacks seem unavoidable. This study is applied to existing systems of the literature. We then propose Vote&Check, a postal voting protocol which provides a high level of security, with a reduced number of authorities. Furthermore, it requires only basic cryptographic primitives, namely hash functions and signatures. The security properties are proven in a symbolic model, with the help of the ProVerif tool.

We present a novel protocol for two-party ECDSA that achieves two rounds (a single back-and-forth communication) at the cost of a single oblivious linear function evaluation (OLE). In comparison, the previous work of [DKLs18] (S&P 2018) achieves two rounds at the cost of three OLEs, while [BHL24] (Manuscript 2024) requires expensive zero-knowledge proofs on top of the OLE. We demonstrate this by proving that in the generic group model, any adversary capable of generating forgeries for our protocol can be transformed into an adversary that finds preimages for the ECDSA message digest function (e.g., the SHA family). Interestingly, our analysis is closely related to, and has ramifications for, the `presignatures' mode of operation—[CGGMP20] (CCS 2020), [GroSho22] (EUROCRYPT 2022).

Motivated by applications to embedded cryptocurrency wallets, where a single server maintains distinct, shared public keys with separate clients (i.e., a star-shaped topology), and with the goal of minimizing communication, we instantiate our protocol using Paillier encryption and suitable zero-knowledge proofs. To reduce computational overhead, we thoroughly optimize all components of our protocol under sound cryptographic assumptions, specifically small-exponent variants of RSA-style assumptions.

Finally, we implement our protocol and provide benchmarks. At the 128-bit security level, the signing phase requires approximately 50ms of computation time on a standard linux machine, and 2KB of bandwidth.

Side-Channel Analysis (SCA) exploits physical vulnerabilities in systems to reveal secret keys. With the rise of Internet-of-Things, evaluating SCA attacks has become crucial. Profiling attacks, enhanced by Deep Learning-based Side-Channel Analysis (DLSCA), have shown significant improvements over classical techniques. Recent works demonstrate that ensemble methods outperform single neural networks. However, almost every existing ensemble selection method in SCA only picks the top few best-performing neural networks for the ensemble, which we coined as Greedily-Selected Method (GSM), which may not be optimal. This work proposes Evolutionary Avenger Initiative (EAI), a genetic algorithm-driven ensemble selection algorithm, to create effective ensembles for DLSCA. We investigate two fitness functions and evaluate EAI across four datasets, including \AES and \ascon implementations. We show that EAI outperforms GSM, recovering secrets with the least number of traces. Notably, EAI successfully recovers secret keys for \ascon datasets where GSM fails, demonstrating its effectiveness.

Advancements in deep learning (DL) not only revolutionized many aspects in our lives, but also introduced privacy concerns, because it processed vast amounts of information that was closely related to our daily life. Fully Homomorphic Encryption (FHE) is one of the promising solutions to this privacy issue, as it allows computations to be carried out directly on the encrypted data. However, FHE requires high computational cost, which is a huge barrier to its widespread adoption. Many prior works proposed techniques to enhance the speed performance of FHE in the past decade, but they often impose significant memory requirements, which may be up to hundreds of gigabytes. Recently, focus has shifted from purely improving speed performance to managing FHE’s memory consumption as a critical challenge. Rovida and Leporati introduced a technique to minimize rotation key memory by retaining only essential keys, yet this technique is limited to cases with symmetric numerical patterns (e.g., -2 -1 0 1 2), constraining its broader utility. In this paper, a new technique, Adaptive Rotation Key (ARK), is proposed that minimizes rotation key memory consumption by exhaustively analyzing numerical patterns to produce a minimal subset of shared rotation keys. ARK also provides a dual-configuration option, enabling users to prioritize memory efficiency or computational speed. In memory-prioritized mode, ARK reduces rotation key memory consumption by 41.17% with a 12.57% increase in execution time. For speed-prioritized mode, it achieves a 24.62% rotation key memory reduction with only a 0.21% impact on execution time. This flexibility positions ARK as an effective solution for optimizing FHE across varied use cases, marking a significant advancement in optimization strategies for FHE-based privacy-preserving systems.

The newly formed research group on Foundations of Cryptography at University of Vienna is looking for a PhD candidate interested in theoretical aspects of cryptography. In particular, the candidate will work with Karen Klein-Azari (https://foc.ethz.ch/people/karenklein.html) on topics related to provable security of cryptographic schemes.

The position is fully funded for 4 years with a starting date on 1st of March 2025 (the precise date is negotiable). If you are interested, please find more information on the website of University of Vienna, following the link above.
Application Deadline: 24.12.2024

Closing date for applications:

Contact: Karen Klein-Azari PhD (karen.azari@cs.univie.ac.at)

More information: https://jobs.univie.ac.at/job/University-assistant-predoctoral/1148095101/

Event date: 29 June to 4 July 2025
Submission deadline: 30 January 2025
Notification: 15 February 2025

Telecom Paris is looking for an Associate/Assistant Professor in cybersecurity.

Within the Computer Science and Networks (INFRES) department, the Cryptography and Cybersecurity (C2) team aims to develop skills in various areas of cybersecurity, including (i) security mechanisms for future wireless networks (6G, IIoT, ITS-G5, etc.), (ii) solutions tailored to the security of virtualized architectures and cloud infrastructures, and (iii) advanced detection mechanisms and effective automatic responses to cyberattacks.

Regarding teaching, Telecom Paris has very great needs in cybersecurity, whether to give courses or to manage teaching units. The Associate/Assistant professor recruited will strengthen the school's ability to coordinate, design and implement courses on the security of IT networks and systems, for example in the cloud, radio communications and vehicular networks. It is also expected that the recruited she/he will be able to take part in the general computer science courses taught in the first year.

Closing date for applications:

Contact: Sébastien Canard

More information: https://institutminestelecom.recruitee.com/l/en/o/assistantassociate-professor-in-cybersecurity

Koç University College of Engineering invites applications for full-time faculty positions in Computer Science and Engineering starting in Fall 2025. We seek outstanding candidates with significant contributions in all computer science and engineering research areas.

The ideal candidate will have a visionary research agenda, an exceptional research and publication track record, and a strong commitment to academic excellence and innovation. The successful candidate will demonstrate dedication to undergraduate and graduate education and foster an inclusive learning environment.

Koç University is a private, non-profit institution in Istanbul, Türkiye, where English is the medium of instruction. It hosts the highest number of European Research Council (ERC) Grant recipients in Türkiye and continues to secure the largest research funding from Horizon 2020. The university provides a vibrant interdisciplinary research environment, including the Koç University School of Medicine, Hospital, Translational Medicine Research Center (KUTTAM), and Koç University Is Bank Artificial Intelligence Research Center (KUIS AI). Koç University is home to Türkiye’s largest GPU cluster, providing advanced infrastructure for leading-edge AI research.

The Department of Computer Science and Engineering at Koç University has world-renowned faculty with extensive awards and projects on both national and international levels. Our faculty is a national leader in AI research and is equally strong in high-performance computing (HPC), security, and networks, with a unique emphasis on interdisciplinary work that bridges AI and medicine. For more information about the department and its faculty, please visit cs.ku.edu.tr.

Koç University offers a competitive salary and benefits package, including housing support, private insurance, K-12 education support, and research startup funding.

Application Deadline: Evaluation of applications will begin on January, 20th and continue until all open positions are filled. All applications will be treated confidentially. Apply online via the link: https://academicjobsonline.org/ajo/jobs/29250

Closing date for applications:

Contact: engineering@ku.edu.tr

More information: https://academicjobsonline.org/ajo/jobs/29250

The Center for Security and Privacy at the School of Computer Science of the University of Birmingham has an open PhD position in post-quantum cryptography. The supervision will be shared by Rishiraj Bhattacharyya and Christophe Petit. We invite applications from candidates with interests in Cryptography and Computer Algebra. The ideal candidate will have a strong background in Mathematics, Computer Science, Physics or a related area.

The primary research theme for the call is in the foundations and cryptanalysis of post-quantum cryptosystems. The exact projects could be tailored to match the candidate's background and interests.

The review of applications will start immediately and the call remains open until 28 February 2025. For more information, contact Rishiraj Bhattacharyya (r.bhattacharyya@bham.ac.uk) and Christophe Petit (c.petit.1@bham.ac.uk).

Closing date for applications:

Contact: Rishiraj Bhattacharyya (r.bhattacharyya@bham.ac.uk) and Christophe Petit (c.petit.1@bham.ac.uk)

Event date: 23 May 2025
Submission deadline: 31 January 2025
Notification: 28 February 2025

Event date: 25 June 2025
Submission deadline: 7 March 2025

Event date: 18 April 2025
Submission deadline: 31 December 2024
Notification: 31 January 2025

Xiamen University Malaysia is now seeking highly motivated, committed and qualified individuals for academic teaching positions in computer science and cyber security.

Candidates in computer science and cyber security are welcome to apply. The ideal candidate is expected to be able to support general computing subjects, as well as cyber security specialization subjects. Applicants must possess their first (Bachelor's) degree in computing and PhD in a related discipline.

Applicants with specific teaching and research interests in one or more of the following areas from each group are encouraged to apply:

Cybersecurity

• Network Traffic Monitoring and Analysis
• Malware Analysis
• Cryptanalysis
• Biometrics
• Blockchain Technology
• Cyber Security Laws and Regulations

Computing

• Programming (C, C++, Java)
• Discrete Math
• Data Structure
• Design and Analysis of Algorithms
• Computer Networks and Communication
• Operating Systems
• Big Data Analytics

HOW TO APPLY
Applicants are invited to submit a digital application to recruit_academic@xmu.edu.my and iftekhar.salam@xmu.edu.my. All applications must include the following attachments:

1. Your detailed and current CV with publication (*Asterisk to indicate corresponding author, include Indexing & Quartile);
2. Cover letter;
3. List of courses from the above that the candidate can support;
4. Evidence of academic qualifications (Bachelor, Master & PhD Certificate; Bachelor, Master & PhD Transcripts and Professional Certificates);
5. 3-5 Full-Text publications (if applicable);
6. Teaching evaluation (if applicable);
7. Two academic references (at least one of them is the applicant’s current/most recent employer).

The positions will remain open until filled, but priority will be given to applications received by 13 December 2024.

Closing date for applications:

Contact: Iftekhar Salam

We are inviting applications for a PhD studentship in the cryptography lab at King’s College London. Specifically, we are looking for an applicant to work with us in the area of lattice-based cryptography. We are particularly interested in the study of and constructions from new lattice-based assumptions and privacy-preserving technologies based on lattices.

The PhD could cover studying the underlying hard mathematical problems, cryptanalysis, constructions or applications of lattice-techniques. This can cover post-quantum aspects of lattice-based cryptography and/or advanced functionalities.

The applicant would work with Martin Albrecht, Ngoc Khanh Nguyen and/or Eamonn Postlethwaite. We encourage applicants to reach out to Martin to discuss the position informally before applying.

Fine print. This is a fully-funded positions covering both fees and maintenance. The latter is at the UKRI rate. Funded by UKRI Frontier Research. We seek applicants with a strong background in mathematics and/or computer science. We will consider applications on a rolling basis.

Closing date for applications:

Contact: Martin Albrecht (martin.albrecht@kcl.ac.uk)

More information: https://martinralbrecht.wordpress.com/2024/11/29/phd-position-in-lattice-based-cryptography/

The post-quantum cryptography research group at the Department of Software Systems and Cybersecurity, Faculty of Information Technology, Monash University, Australia, has 3 fully funded Ph.D. student scholarship openings for research projects funded by Australian Research Council - Discovery Projects 2025, including in particular the following areas:

• Developing tools and techniques for FHE-based private cloud computation applications.
• Theory and applications of zk-SNARKS in FHE-based cloud computation.
• Secure and Efficient Implementations of zk-SNARK and FHE schemes and their applications.

Students will have the opportunity to work in an excellent research environment and collaborate with experts in cryptography and with Cryptolab industry partners.

Monash University is among the leading universities in Australia and is located in Melbourne, ranked as Australia's most liveable city and among the most liveable cities in the world.

Applicants should have (or be expected to complete in the next 12 months) a Masters or Honours equivalent qualification with a research thesis, with excellent grades in mathematics, theoretical computer science, cryptography, engineering or closely related areas. They should have excellent English verbal and written communication skills. Programming experience and skills, especially in Sagemath, Python, Magma, and/or C/C++, are also highly desirable.

To apply: please send a copy of your CV and all your transcripts (bachelor and/or master) by 1st Feb 2025 to

Closing date for applications:

Contact: Amin Sakzad (amin.sakzad@monash.edu)

Ethereum Foundation launches a big initiative aimed to boost the third-party cryptanalysis of the Poseidon hash function. It provides bounties for breaking reduced-round versions, awards for research papers describing theoretical attacks, and grants for detailed investigation of certain gaps in the existing analysis. The total fund is $500 000.

Closing date for applications:

Contact: Ethereum Foundation Poseidon Group

More information: https://www.poseidon-initiative.info/