05 February 2025
Abhraneel Dutta, Emrah Karagoz, Edoardo Persichetti, Pakize Sanal
Jiacheng Gao, Yuan Zhang, Sheng Zhong
Our constructions require only most basic primitives in Shamir secret sharing scheme, and work for arbitrary field $\mathbb{F}$ of size larger than $n$. As shuffle is a frequent operation in algorithm design, we expect them to accelerate many other primitives in context of Shamir secret sharing MPC, such as sorting, oblivious data structure, etc.
Rishab Goyal, Saikumar Yadugiri
In this work, we revisit the problem of $\mathsf{MA}$-$\mathsf{FE}$, and show that existing implication from $\mathsf{MA}$-$\mathsf{FE}$ to obfuscation is not tight. We provide new methods to design $\mathsf{MA}$-$\mathsf{FE}$ for circuits from simple and minimal cryptographic assumptions. Our main contributions are summarized below
1. We design a $\mathsf{poly}(\lambda)$-authority $\mathsf{MA}$-$\mathsf{FE}$ for circuits in the bounded-collusion model. Under the existence of public-key encryption, we prove it to be statically simulation-secure. Further, if we assume sub-exponential security of public-key encryption, then we prove it to be adaptively simulation-secure in the Random Oracle Model. 2. We design a $O(1)$-authority $\mathsf{MA}$-$\mathsf{FE}$ for circuits in the bounded-collusion model. Under the existence of 2/3-party non-interactive key exchange, we prove it to be adaptively simulation-secure. 3. We provide a new generic bootstrapping compiler for $\mathsf{MA}$-$\mathsf{FE}$ for general circuits to design a simulation-secure $(n_1 + n_2)$-authority $\mathsf{MA}$-$\mathsf{FE}$ from any two $n_1$-authority and $n_2$-authority $\mathsf{MA}$-$\mathsf{FE}$.
Bootstrapping (T)FHE Ciphertexts via Automorphisms: Closing the Gap Between Binary and Gaussian Keys
Olivier Bernard, Marc Joye
Francesca Falzon, Tianxin Tang
PJC allows two parties, each holding a key-value database, to privately evaluate the inner product of the values whose keys lie in the intersection. While the functionality output is not typically considered in the security model of the MPC literature, it may pose real-world privacy risks, thus raising concerns about the potential deployment of protocols like PJC.
In this work, we analyze the risks associated with the PJC functionality output. We consider an adversary that is a participating party of PJC and describe four practical attacks that break the other party's input privacy, and which are able to recover both membership of keys in the intersection and their associated values. Our attacks consider the privacy threats associated with deployment and highlight the need to include the functionality output as part of the MPC security model.
Foteini Baldimtsi, Julia Kastner, Julian Loss, Omar Renawi
04 February 2025
Claude Carlet, Palash Sarkar
Yincen Chen, Qinggan Fu, Ning Zhao, Jiahao Zhao, Ling Song, Qianqian Yang
03 February 2025
Jianing Zhang, Haoyang Wang
By incorporating these techniques, we propose an Mixed-Integer Linear Programming (MILP)-based tool for finding full ID and IB attacks. To demonstrate the power of our methods, we applied it to several block ciphers, including SKINNY, SKINNYee, Midori, and Deoxys-BC. Our approach yields a series of optimal results in impossible cryptanalysis, achieving significant improvements in time and memory complexities. Notably, our IB attack on SKINNYee is the first 30-round attack.
Azade Rezaeezade, Trevor Yap, Dirmanto Jap, Shivam Bhasin, Stjepan Picek
In this paper, we introduce the Deep Learning-based Blind Side-channel Analysis (DL-BSCA) framework, which leverages deep neural networks to recover secret keys in blind SCA settings. In addition, we propose a novel labeling method, Multi-point Cluster-based (MC) labeling, accounting for dependencies between leakage variables by exploiting multiple sample points for each variable, improving the accuracy of trace labeling. We validate our approach across four datasets, including symmetric key algorithms (AES and Ascon) and a post-quantum cryptography algorithm, Kyber, with platforms ranging from high-leakage 8-bit AVR XMEGA to noisy 32-bit ARM STM32F4. Notably, previous methods failed to recover the key on the same datasets. Furthermore, we demonstrate the first successful blind SCA on a desynchronization countermeasure enabled by DL-BSCA and MC labeling. All experiments are validated with real-world SCA measurements, highlighting the practicality and effectiveness of our approach.
Athish Pranav Dharmalingam, Sai Venkata Krishnan, KC Sivaramakrishnan, N.S. Narayanaswamy
01 February 2025
Sarah Arpin, Ross Bowden, James Clements, Wissam Ghantous, Jason T. LeGrow, Krystal Maughan
On the topic of cycles, we provide: a count for the number of non-backtracking cycles in the $L$-isogeny graph using traces of Brandt matrices; an efficiently computable estimate based on this approach; and a third ideal-theoretic count for a certain subclass of $L$-isogeny cycles. We provide code to compute each of these three counts.
On the topic of graph cuts, we compare several algorithms to compute graph cuts which minimise a measure called the edge expansion, outlining a cryptographic motivation for doing so. Our results show that a greedy neighbour algorithm out-performs standard spectral algorithms for computing optimal graph cuts. We provide code and study explicit examples.
Furthermore, we describe several directions of active and future research.
Phillip Gajland, Vincent Hwang, Jonas Janneck
As a case study, we present a hybrid authenticated key encapsulation mechanism (AKEM) that provides statistical deniability, while maintaining authenticity and confidentiality through a combination of pre-quantum and post-quantum assumptions. To this end, we introduce two combiners at different levels of abstraction. First, at the highest level, we propose a black-box construction that combines two AKEMs, showing that deniability is preserved only when both constituent schemes are deniable. Second, we present Shadowfax, a non-black-box combiner that integrates a pre-quantum NIKE, a post-quantum KEM, and a post-quantum ring signature. We demonstrate that Shadowfax ensures deniability in both dishonest and honest receiver settings. When instantiated, we rely on statistical security for the former, and on a pre- or post-quantum assumption in the latter. Finally, we provide an optimised, yet portable, implementation of a specific instantiation of Shadowfax yielding ciphertexts of 1781 bytes and public keys of 1449 bytes. Our implementation achieves competitive performance: encapsulation takes 1.9 million cycles and decapsulation takes 800000 cycles on an Apple M1 Pro.
Sarah Arpin, Jun Bo Lau, Ray Perlner, Angela Robinson, Jean-Pierre Tillich, Valentin Vasseur
This work establishes three, successively more detailed probabilistic models of the DFR for iterative decoders for QC-MPDC codes: the simplified model, the refined model for perfect keys, and the refined model for all keys. The models are built upon a Markov model introduced by Sendrier and Vasseur that closely predicts decoding behavior in the waterfall region but does not capture the error floor behavior. The simplified model introduces a modification which captures the dominant contributor to error floor behavior which is convergence to near codewords introduced by Vasseur in his PhD thesis. The refined models give more accurate predictions taking into account certain structural features of specific keys.
Our models are based on the step-by-step decoder, which is highly simplified and experimentally displays worse decoding performance than parallel decoders used in practice. Despite the use of the simplified decoder, we obtain an accurate prediction of the DFR in the error floor and demonstrate that the error floor behavior is dominated by convergence to a near codeword during a failed decoding instance. Furthermore, we have run this model for a simplified version of the QC-MDPC code-based cryptosystem BIKE to better ascertain whether the DFR is low enough to achieve IND-CCA2 security. Our model for a modified version of BIKE 1 gives a DFR which is below $2^{-129.5}$, using a block length $r = 13477$ instead of the BIKE 1 parameter $r = 12323$.
Sayani Sinha, Sikhar Patranabis, Debdeep Mukhopadhyay
Our proposed DPRF construction immediately enables efficient yet quantum-safe instantiations of several practical applications, including key distribution centers, distributed coin tossing, long-term encryption of information, etc. We showcase a particular application of $\mathsf{PQDPRF}$ in realizing an efficient yet quantum-safe version of distributed symmetric-key encryption ($\mathsf{DiSE}$ -- originally proposed by Agrawal et al. in CCS 2018), which we call $\mathsf{PQ-DiSE}$. For semi-honest adversarial corruptions across a wide variety of corruption thresholds, $\mathsf{PQ-DiSE}$ substantially outperforms existing instantiations of $\mathsf{DiSE}$ based on discrete-log hard groups and generic PRFs (e.g. AES). We illustrate the practical efficiency of our $\mathsf{PQDPRF}$ via prototype implementation of $\mathsf{PQ-DiSE}$.
Alex B. Grilo, Ramis Movassagh
Craig Costello, Gaurish Korpal
31 January 2025
Technology Innovation Institute (TII), Abu Dhabi, UAE
We are looking for a permanent researcher to join the Cryptographic Protocols team within the Cryptography Research Center (CRC) at TII. The main task of the team is to conduct applied academic research and assist in product development, spanning topics such as: TLS, QUIC, Tor, Key Exchange, secure channels, cryptographic primitives and their implementation, privacy enhancing technologies, MLS and Secure Messaging, WebRTC, and formal methods. The nature of our work spans both theory and practice, covering aspects such as provable security, security models, efficient designs, implementation aspects, and attacks.
Applicants should have completed (or be close to completing) their PhD in a related area and preferably also have postdoctoral research experience. Preference will be given to applicants with publications in top-tier venues such as CRYPTO, EUROCRYPT, ASIACRYPT, ACM CCS, IEEE S&P, and USENIX.
Required Skills:
- Fluency in English (verbal and written) and an ability to communicate research effectively.
- Good problem-solving skills and an ability to conduct research independently.
- Good interpersonal and collaborative skills.
- Solid knowledge in cryptography with a focus on one or more of the following: Key Exchange, Secure Messaging, Postquantum cryptography, Provable Security, Cryptography Engineering, and Cryptographic Protocols more generally.
Valuable Skills:
- Strong background in Mathematics and/or Computer Science.
- Programming, Software Engineering, experience in implementing cryptographic primitives and attacks on real-world cryptosystems, reverse engineering of closed-source protocols.
- Experience in analyzing protocol standards and specifications.
- Experience in Formal Methods and related tools.
What we offer:
- Vibrant working environment, flexible working conditions, and travel funding.
- Industry-competitive tax-free salary.
- Family-wide health insurance and children’s education allowance.
Closing date for applications:
Contact: Jean Paul Degabriele
More information: https://www.tii.ae/cryptography
School of Cryptology, University of Chinese Academy of Sciences
We are inviting talented and highly motivated applicants to submit applications for a PhD studentship at School of Cryptology, University of Chinese Academy of Sciences, Beijing, China. The positions are fully funded and have a 3 to 5-year duration, with a negotiable start date.
We explore topics including, but not limited to:
Applicant skills/background:
Closing date for applications:
Contact: Siwei Sun (siweisun.isaac at gmail.com)
University of St.Gallen, Switzerland
The student is expected to work on topics that include security and privacy issues in authentication. More precisely, the student will be working on investigating efficient and privacy-preserving authentication that provides: i) provable security guarantees, and ii) rigorous privacy guarantees.
Key Responsibilities:
- Perform exciting and challenging research in the domain of information security and cryptography.
- Support and assist in teaching computer security and cryptography courses.
- The PhD student is expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics.
- Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial.
- Excellent programming skills.
- Excellent written and verbal communication skills in English
Please apply by 15th February 2025 through the job link. Applications will be evaluated continuously.
Closing date for applications:
Contact:
Eriane Breu (Administrative matters)
Prof. Katerina Mitrokotsa (Research related questions)
More information: https://jobs.unisg.ch/offene-stellen/funded-phd-student-in-applied-cryptography-privacy-preserving-authentication-m-f-d/36538ff2-210a-4dbd-bd48-575e4b7447cf