IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
30 August 2016
Tomer Ashur, Yunwen Liu
ePrint ReportChun Guo, Dongdai Lin, and Meicheng Liu
ePrint ReportThis work revisits the following question: in the ideal cipher model, can a cascade of several ideal $(\kappa,n)$-blockciphers realize $2^{2\kappa}$ independent $n$-bit random permutations, i.e. an ideal $(2\kappa,n)$-blockcipher? The motivation goes back to Shannon's theory on product secrecy systems, and similar question was considered by Even and Goldreich (CRYPTO '83) in different settings. Towards giving an answer, this work analyzes cascading independent ideal $(\kappa,n)$-blockciphers with two alternated independent keys in the indifferentiability framework of Maurer et al. (TCC 2004), and proves that for such alternating-key cascade, four stages is necessary and sufficient to achieve indifferentiability from an ideal $(2\kappa,n)$-blockcipher. This shows cascade capable of achieving key-length extension in the settings where keys are _not necessarily secret_.
Tim Ruffing, Pedro Moreno-Sanchez, Aniket Kate
ePrint ReportOn the application side, we find DiceMix to be an ideal privacy-enhancing primitive for crypto-currencies such as Bitcoin. The public verifiability of their pseudonymous transactions through publicly available ledgers (or blockchains) makes these systems highly vulnerable to a variety of linkability and deanonymization attacks. DiceMix can allow pseudonymous users to make their transactions unlinkable to each other in a manner fully compatible with the existing systems. We demonstrate the efficiency of DiceMix with a proof-of-concept implementation. In our evaluation, DiceMix requires less than 8 seconds to mix 50 messages (160 bits, i.e., Bitcoin addresses), while the best protocol in the literate requires almost 3 minutes in a very similar setting. As a representative example, we use apply DiceMix to define a protocol for creating unlinkable Bitcoin transactions.
Finally, we discover a generic attack on P2P mixing protocols that exploits the implicit unfairness of a protocol with a dishonest majority to break anonymity. Our attack uses the attackers real-world ability to omit some communication from a honest peer to deanonymize her input message. We also discuss how this attack is resolved in our application to crypto-currencies by employing uncorrelated input messages by across different protocol runs.
Rachid El Bansarkhani, Ali El Kaafarani
ePrint ReportUniversity of Bristol
Job Posting- side-channel attacks, with particular emphasis on practical aspects (e.g., acquisition and signal processing),
- use, low-level (e.g., processor architecture) understanding and reverse engineering of (e.g., ARM-based) embedded systems,
- the design and implementation of compilers (e.g., LLVM),
- hardware (e.g., FPGA) and software implementation of cryptography,
- use of HPC, experience in developing large scale (research focused) software.
Although a nominal closing date is listed below, this is a rolling advert: we will select applicants until all vacancies are filled.
Closing date for applications: 31 December 2016
Contact: Prof. Elisabeth Oswald, Elisabeth.Oswald (at) bristol.ac.uk
More information: http://www.bris.ac.uk/jobs/find/list.html?keywords=cryptography
University of Luxembourg
Job PostingResearch Associate in Information Assurance (M/F)
Ref: R-STR-5004-00-B
Fixed Term Contract 24 months (CDD), full-time (40 hrs/week), extendable to 36 months
Number of positions: 1
The research will be conducted within the VoteVerif project (Verification of Voter-Verifiable Voting Protocols), in collaboration with Polish Academy of Sciences, Warsaw, Poland. The project aims to develop novel concepts, methodologies, and tools for specification, analysis, and assessment of information security properties. The focus is on voting procedures and protocols, and in particular on their essential features like confidentiality, coercion-resistance, and voter-verifiability. The approach of the project is holistic, in the sense that we plan to develop theoretical concepts (such as strategy- based metrics of information security) not for their own sake, but in order to apply them to an important domain of social life, and come up with guidance on the conduct of elections and novel designs for secure, usable voting systems. To this end, we are going to develop algorithmic tools that help to analyze the level of security and usability. Note also that, while we focus on voting procedures in the project, the concepts and tools being developed can be also applied to other domains where information security is important.
Closing date for applications: 7 October 2016
Contact: Prof Dr Peter Y A Ryan, peter.ryan (at) uni.lu;
or Prof Dr Wojtek Jamroga: w.jamroga (at) ipipan.waw.pl
More information: http://emea3.mrted.ly/15g3f
University of Luxembourg
Job PostingClosing date for applications: 31 October 2016
Contact: Prof Dr Peter Y A Ryan, peter.ryan (at) uni.lu; or
Prof Dr Wojtek Jamroga w.jamroga (at) ipipan.waw.pl
More information: http://emea3.mrted.ly/15g2h
29 August 2016
Singapore, Singapore, 21 February - 22 February 2017
Event CalendarSubmission deadline: 1 October 2016
Notification: 1 December 2016
University of Surrey
Job PostingThe position offers the platform for the research fellow to work within a group and develop skills to become an independent researcher. The successful candidate will be expected to work closely with Dr Treharne and Professor Schneider in the development or evaluation of security and safety systems (including IoT based Systems of Systems, distributed ledger technologies, transport systems, cloud architectures and data privacy systems). There is the opportunity for the successful candidate to contribute to setting the research direction within this.
The fellowship allows for flexibility in the profile of applicants:
· Practically-minded applicants who have good programming skills, experience in working in embedded systems, trusted execution environments and platforms, networking protocols and security, cloud security architectures and privacy schemes;
· Applicants with a background in formal verification techniques and security/safety analysis.
Experience in both is preferred but in-depth knowledge of only one is expected. Additionally, an enthusiasm to learn about the other area will be required. We are looking for applicants that demonstrate strong research and analytical skills, have strong communication skills and enthusiasm for developing their own research ideas.
Applicants should have a PhD in a relevant subject or be close to finishing or equivalent professional experience.
The post is available for 36 months, with some flexibility in the start date.
Salary range: £32600 to £34576
Closing date: 13 September, 2016
Interview Date: 26 September, 2016.
Closing date for applications: 13 September 2016
Contact: Dr Helen Treharne (h.treharne (at) surrey.ac.uk) and Professor Steve Schneider (s.schneider (at) surrey.ac.uk)
More information: https://jobs.surrey.ac.uk/Vacancy.aspx?ref=032116-R
University College London (UCL)
Job PostingEnabling Progress in Genomic Research via Privacy-Preserving Data Sharing
University College London (UCL)
Closing date for applications: 30 October 2016
Contact: Dr Emiliano De Cristofaro (google me)
More information: https://www.prism.ucl.ac.uk/#!/?project=196
University of Bergen, Norway
Job PostingAbout the Department: The Department has 6 research groups, Algorithms, Bioinformatics, Optimization, Programming Theory, Reliable Communication and Visualization. The Department is ranked first in Norway with respect to the quality of its research by the Research Council of Norway. For more information visit our Web pages: http://www.uib.no/en/ii
About the project/work tasks:
Develop new methods of algebraic cryptanalysis and apply them to modern cryptographic primitives. Analyse how malicious software can affect the authentication in various applications. Improve the security and efficiency of cloud technologies by designing ciphers with special properties.
Closing date for application: 1 October 2016,
Closing date for applications: 1 October 2016
Contact: Professor Tor Helleseth, Tor.Helleseth (at) uib.no (Department of Informatics), (+47) 55 58 41 60 or Professor Igor Semaev, Igor.Semaev (at) uib.no (Department of Informatics), (+47) 55 58 42 79.
More information: https://www.jobbnorge.no/ledige-stillinger/stilling/128402/stipendiat-i-kryptografi
28 August 2016
Maryam Rajabzadeh Asaar, Mahmoud Salmasizadeh, Willy Susilo
ePrint ReportDuggirala Meher Krishna, Duggirala Ravi
ePrint ReportMark Bun, Yi-Hsiu Chen, Salil Vadhan
ePrint ReportOur main result shows that, assuming the existence of sub-exponentially secure one-way functions and 2-message witness indistinguishable proofs (zaps) for NP, that there is in fact a computational task in the client-server model that can be efficiently performed with CDP, but is infeasible to perform with information-theoretic differential privacy.
26 August 2016
FSE
For more information, see the call for papers or submission server.
Second round deadline: September 1, 2016
Third round deadline: November 23, 2016
TCC
Eindhoven, Netherlands, 19 June - 23 June 2017
Event CalendarUtrecht, Netherlands, 26 June - 28 June 2017
Event CalendarEindhoven, Netherlands, 22 June - 23 June 2017
Event CalendarShashank Agrawal, Manoj Prabhakaran, Ching-Hua Yu
ePrint ReportOur main result is a characterization of VGB security, in all these cases, in terms of an indistinguishability-preserving notion of security, called $\Gamma^*-s-\textsf{IND}-\textsf{PRE}$ security, formulated using an extension of the recently proposed Cryptographic Agents framework (Agrawal et al., 2015). We further show that this definition is equivalent to an indistinguishability based security definition that is restricted to 'concentrated' distributions (wherein the outcome of any computation on encrypted data is essentially known ahead of the computation).
A result of Bitansky et al. (2014), who showed that VGB obfuscation is equivalent to strong indistinguishability obfuscation (SIO), is obtained by specializing our result to obfuscation. Our proof, while sharing various elements from the proof of Bitansky et al., is simpler and significantly more general, as it uses $\Gamma^*-s-\textsf{IND}-\textsf{PRE}$ security as an intermediate notion. Our characterization also shows that the semantic security for graded encoding schemes (Pass et al. 2014), is in fact an instance of this same definition.
We also present a composition theorem for rtestfamily-sINDPRE security. We can then recover the result of Bitansky et al. (2014) regarding the existence of VGB obfuscation for all NC1 circuits, simply by instantiating this composition theorem with a reduction from obfuscation of NC1 circuits to graded encoding schemas (Barak et al., 2014) and the assumption that there exists an $\Gamma^*-s-\textsf{IND}-\textsf{PRE}$ secure scheme for the graded encoding schema (Pass et al. 2014).