International Association
for Cryptologic Research

Quantum Readout of Physical Unclonable Functions (PUFs) is a recently introduced method for remote authentication of objects. We present an extension of the protocol to enable the authentication of data: a verifier can check if received classical data was sent by the PUF holder. We call this modification QR-d or, in the case of the optical-PUF implementation, QSA-d. We discuss how QSA-d can be operated in a parallel way. We also present a protocol for authenticating quantum states.

In recent years, side-channel timing attacks utilizing architectural behavior have been applied to cloud settings, presenting a realistic and serious cyber threat. Access-driven cache attacks allow the adversary to observe side-channel leakage (cache access pattern) of a critical cryptographic implementation to infer the secret key. However, what the attackers observe may deviate from the real cache footprint of the victim process, affecting the effectiveness of cache-based timing attacks using the observed leakage. Various countermeasures, including secure cache and architectures design, should also be evaluated accurately for their side-channel resilience. To address this need, this paper proposes a mathematical model for access-driven cache attacks, and derives explicit success rate formulas for those attacks. It is the first theoretical model that explicitly considers the misclassification errors for cache access and cache non-access by the victim cryptographic process. We implement several access-driven cache attacks and use our models to evaluate them. We demonstrate that the proposed statistical model predicts the success rate of cache-based timing attacks accurately. We also apply the model onto various cache defense architectures for evaluation.

We present simple, practical, and powerful new techniques for garbled circuits. These techniques result in significant concrete and asymptotic improvements over the state of the art, for several natural kinds of computations.

For arithmetic circuits over the integers, our construction results in garbled circuits with {\em free} addition, weighted threshold gates with cost independent of fan-in, and exponentiation by a fixed exponent with cost independent of the exponent. For boolean circuits, our construction gives an {\em exponential} improvement over the state of the art for threshold gates (including AND/OR gates) of high fan-in.

Our construction can be efficiently instantiated with practical symmetric-key primitives (e.g., AES), and is proven secure under similar assumptions to that of the Free-XOR garbling scheme (Kolesnikov \& Schneider, ICALP 2008). We give an extensive comparison between our scheme and state-of-the-art garbling schemes applied to boolean circuits.

Cryptographic systems are vulnerable to different kinds of fault injection attacks. System clock glitch is one of the most widely used fault injection methods used in different attacks. In this paper, we propose a method to detect glitches in system clock to fight against clock glitch based fault attacks. We implement the proposed scheme in Virtex-5 FPGA and inject clock glitches into FPGA, results show that the proposed scheme can be easily implemented in both ASICs and FPGAs with very small overhead. Detection results show that the proposed scheme can detect very high frequency clock glitches with very high detection rate.

Clock glitch based Differential Fault Analysis (DFA) attack is a serious threat to cryptographic devices. Previous error detection schemes for cryptographic devices target improving the circuit reliability and cannot resist such DFA attacks. In this paper, we propose a novel faulty clock detection method which can be easily implemented either in FPGAs or integrated circuits to detect the glitches in system clock. Results show that the proposed method can detect glitches efficiently while needs very few system resource. It is also highly reconfigurable to tolerant clock inherent jitters, and will not involve complex design work for different processing technologies.

In this paper, by employing the logical effort technique an efficient and high-speed VLSI implementation of the digit-serial Gaussian normal basis multiplier is presented. It is constructed by using AND, XOR and XOR tree components. To have a low-cost implementation with low number of transistors, the block of AND gates are implemented by using NAND gates based on the property of the XOR gates in the XOR tree. To optimally decrease the delay and increase the drive ability of the circuit the logical effort method as an efficient method for sizing the transistors is employed. By using this method and also a 4-input XOR gate structure, the circuit is designed for minimum delay. The digit-serial Gaussian normal basis multiplier is implemented over two binary finite fields GF(2163) and GF(2233) in 0.18μm CMOS technology for three different digit sizes. The results show that the proposed structures, compared to previous structures, have been improved in terms of delay and area parameters.

Event date: 2 April 2017
Submission deadline: 1 December 2016
Notification: 15 January 2017

The department of Computer & Electrical Engineering and Computer Science (CEECS) has opening for 2 Ph.D. students (fully funded and tuition waived).

Specific topics includes:

*Cryptographic Computations

*Post-quantum cryptography

*Fully Homomorphic Encryption

*Implementations on Software (Intel, AMD, ARM CPUs) using C/ASM and Hardware (FPGAs, ASIC) using VHDL/Verilog.

*Side-channel analysis and countermeasures

Please submit your CV, Transcripts and interest statement for consideration.

Closing date for applications: 15 November 2016

Contact: Dr. Reza Azarderakhsh, razarderakhsh*at-sign*fau.edu

The Department of Mathematics at Eastern Michigan University invites applications for two tenure track positions at the level of assistant professor beginning in August 2017. A Ph.D. in the mathematical sciences (or scheduled completion by August, 2017) is required. The positions are in (1) applied probability and (2) number theory/cryptology. To apply or for more information go to http://agency.governmentjobs.com/emichedu/default.cfm. Women and members of minority groups are encouraged to apply. EMU is an affirmative action/equal opportunity employer committed to faculty, staff and student diversity.

Closing date for applications: 1 January 2017

More information: http://agency.governmentjobs.com/emichedu/default.cfm

We welcome applications for a position as postdoctoral researcher in cryptography. The successful candidate will work with Sarah Meiklejohn, George Danezis and Jens Groth on zero-knowledge proofs and privacy enhancement of distributed ledgers. The post has a flexible starting date and an initial duration of 2 years. Candidates must have (or be about to receive) a PhD.

University College London is one of Europe\'s highest ranked universities and recognized by the EPSRC and GCHQ as an Academic Centre of Excellence in Cyber Security Research. The Department of Computer Science is ranked as the best in the UK and is located at UCL\'s main campus in the centre of London.

Closing date for applications: 6 November 2016

Contact: Applications must be made using UCL\'s online system. Questions about the position can be directed to Jens Groth - j.groth AT ucl.ac.uk

More information: http://www.cs.ucl.ac.uk/staff/J.Groth/openings.html

Event date: 3 November to 4 November 2016
Submission deadline: 4 October 2016
Notification: 6 October 2016

The Laboratory for Security and Cryptography (LASEC) at EPFL is hiring a post doctoral researcher. Applicants are encouraged to apply to job_lasec (at) epfl.ch by sending a detailed CV and a research plan.

We are specifically looking for a senior researcher to work on a project related to private authentication of people.

LASEC is active in research on cryptography and security. More specifically, our main interests span (but are not limited to) the following:

• Cryptographic analysis

• Design of cryptographic algorithms and protocols

• Lightweight cryptography

• Secure communication

• Postquantum cryptography

• Privacy preservation

• Payment

• Number theory and cryptography.

The selection of applicants will be made on a competitive basis.

Besides conducting top-quality research, postdocs are required to participate the the lab activities such as training students at all levels, running projects, fund raising, etc.

EPFL is a top-ranked research and teaching institution that attracts some of the best intellects in the world. EPFL offers excellent facilities, environment, and salaries. The EPFL campus is a multi cultural, idyllic spot overlooking Lake Geneva and facing the Alps.

Closing date for applications: 1 June 2017

Contact: Serge Vaudenay, job_lasec (at) epfl.ch

More information: http://lasec.epfl.ch

The Deutsche Telekom Chair of Mobile Business & Multilateral Security at Goethe University Frankfurt offers a position of a Scientific Assistant(m/f,E13 TV-G-U).

To strengthen our team we are looking for a committed,creative and flexible PhD candidate(male/female) with advanced professional knowledge in Information Technology and interest in the current development in business informatics.The environment of mobile systems and applications will give you valuable work experience in interdisciplinary and multinational projects with travel and project responsibility.Beside your project work and other activities at the chair, the preparation of your PhD thesis is in key.Our interdisciplinary environment with computer scientists and economists leads to synergies in our research and teaching,especially in IT Security, Identity Management and secure infrastructures in mobile environments.Our cooperation with our benefactor Deutsche Telekom provides extraordinary strategic and infrastructural opportunities.

Closing date for applications: 31 October 2016

Contact: Prof Dr. Kai Rannenberg

Theodor-W.-Adorno-Platz 460629

Frankfurt am Main, Germany

bewerbungen (at) m-chair.de

Tel. +49-69-798-34701

More information: https://m-chair.de/images/documents/career/Ausschreibung_wiss_Mat_Dekanatsstelle_2016.09.26_ENG.pdf

W1 Junior Professorship for Cryptographic Protocols

at the Department of Computer Science to be filled the earliest possible starting date for an initial period of three years. Depending on successful evaluation the appointment will be extended for another three years.

The successful candidate is expected to represent the field adequately in teaching and research. In particular, the candidate should have an independent research and teaching track record in one or more of the following areas:

- Provably secure cryptographic protocols

- Efficient provably secure multi-party computation(in terms of rounds/time)

- Cryptography in the context of digitalisation/Industry 4.0, especially cryptographic protocols for smart homes/smart living, energy and automation technology (e.g. based on RFID, hardware tokens, physical unclonable functions (PUFs))

- Efficient implementation of cryptographic algorithms on dedicated hardware (e.g. based on coding assumptions)

- Post-quantum secure cryptographic algorithms

We expect the successful applicant to become involved in interdisciplinary collaboration at Friedrich-Alexander-Universität Erlangen-Nürnberg and collaboration with Technische Hochschule Nürnberg Georg Simon Ohm as part of the Nuremberg Campus of Technology.

Prerequisites for the position are a university degree in computer science (or a related area), university level teaching experience, and a doctoral degree.

FAU is a family-friendly employer and is also responsive to the needs of dual career couples. In its pursuit of academic excellence, FAU is committed to equality of opportunity and to a proactive and inclusive approach, which supports and encourages all under-represented groups, promotes an inclusive culture and values diversity.

Please submit your complete application documents (CV, list of publications, list of lectures and courses taught, copies of certificates and degrees, list of third-party funding) online at https://berufungen.fau.de/ by 6.11.2016, addressed to the Dean of the Faculty of Engineering.

Closing date for applications: 6 November 2016

Contact:

Dean of the Faculty of Engineering

tf-dekanat (at) fau.de

Prof. Dr. Dominique Schröder

dominique.schroeder (at) fau.de

Event date: 7 August to 10 August 2017
Submission deadline: 27 January 2017
Notification: 7 April 2017

Event date: 29 May 2017

In this work we present a unified proof for the Strong and Weak Regularity Lemma, based on the cryptographic technique called \emph{low-complexity approximations}. In short, both problems reduce to a task of finding constructively an approximation for a certain target function under a class of distinguishers (test functions), where distinguishers are combinations of simple rectangle-indicators. In our case these approximations can be computed in a naive way, which results in a very simple proof achieving optimal constants. At an abstract level, our proof can be seen a refinement and simplification of the analytic proof given by Lovasz and Szegedy.

Interestingly, with our proof we obtain quantitative improvements on the partition size by a factor equal to the graph density (in the tower heigh for strong regularity and in the exponent for weak regularity). In particular, we achieve best possible bounds for constant densities.

Subspace trail cryptanalysis is a very recent new cryptanalysis technique, and includes differential, truncated differential, impossible differential, and integral attacks as special cases.

In this paper, we consider PRINCE, a widely analyzed block cipher proposed in 2012. After the identification of a 2.5 rounds subspace trail of PRINCE, we present several (truncated differential) attacks up to 6 rounds of PRINCE. This includes a very practical attack with the lowest data complexity of only 8 plaintexts for 4 rounds, which co-won the final round of the PRINCE challenge in the 4-round chosen-plaintext category. The attacks have been verified using a C implementation. Of independent interest, we consider a variant of PRINCE in which ShiftRows and MixLayer operations are exchanged in position. In particular, our result shows that the position of ShiftRows and MixLayer operations influences the security of PRINCE. The same analysis applies to follow-up designs inspired by PRINCE.

Supersingular isogeny Diffie-Hellman (SIDH) is an attractive candidate for post-quantum key exchange, in large part due to its relatively small public key sizes. A recent paper by Azarderakhsh, Jao, Kalach, Koziel and Leonardi showed that the public keys defined in Jao and De Feo's original SIDH scheme can be further compressed by around a factor of two, but reported that the performance penalty in utilizing this compression blew the overall SIDH runtime out by more than an order of magnitude. Given that the runtime of SIDH key exchange is currently its main drawback in relation to its lattice- and code-based post-quantum alternatives, an order of magnitude performance penalty for a factor of two improvement in bandwidth presents a trade-off that is unlikely to favor public-key compression in many scenarios.

In this paper, we propose a range of new algorithms and techniques that accelerate SIDH public key-compression by more than an order of magnitude, making it roughly as fast as a round of standalone SIDH key exchange, while further reducing the size of the compressed public keys by approximately 13%. These improvements enable the practical use of compression, achieving public keys of only 330 bytes for the concrete parameters used to target 128 bits of quantum security and further strengthens SIDH as a promising post-quantum primitive.

Functional encryption (FE) has emerged as an outstanding concept. By now, we know that beyond the immediate application to computation over encrypted data, variants with {\em succinct ciphertexts} are so powerful that they yield the full might of indistinguishability obfuscation (IO). Understanding how, and under which assumptions, such succinct schemes be constructed has become a grand challenge of current research in cryptography. Whereas the first schemes were based themselves on IO, recent progress has produced constructions based on {\em constant-degree graded encodings}. Still, our comprehension of such graded encodings remains limited, as known instantiations have exhibited different vulnerabilities.

Our main result is that, assuming LWE, {\em black-box constructions} of {\em sufficiently succinct} FE schemes from constant-degree graded encodings can be transformed to rely on a much better-understood object --- {\em bilinear groups}. In particular, under an {\em \"{u}ber assumption} on bilinear groups, the construction implies IO in the plain model. The result demonstrates that the exact level of ciphertext succinctness has a major impact on FE schemes based on constant-degree encodings. In particular, we draw a fine line between known FE constructions from constant-degree graded encodings, which just fall short of the required succinctness, and the holy grail of basing IO on better-understood assumptions.

In the heart of our result, are new techniques for removing ideal graded encoding oracles from FE constructions. Complementing the result, for weaker ideal models, namely the generic group model and the random oracle model, we show a transformation from {\em collusion-resistant} FE in either of the two models directly to FE (and IO) in the plain model, without assuming bilinear groups.