IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
27 February 2017
Yaoqi Jia, Shruti Tople, Tarik Moataz, Deli Gong, Prateek Saxena, Zhenkai Liang
ePrint ReportFan Zhang, Ittay Eyal, Robert Escriva, Ari Juels, Robbert van Renesse
ePrint ReportTo address the risk of compromised SGX CPUs, we develop a statistics-based formal security framework, also relevant to other trusted-hardware-based approaches such as Intel's Proof of Elapsed Time (PoET). We show through economic analysis that REM achieves less waste than PoET and variant schemes.
We implement REM and, as an example application, swap it into the consensus layer of Bitcoin core. The result is the first full implementation of an SGX-based blockchain. We experiment with four example applications as useful workloads for our implementation of REM, and report a computational overhead of $5-15\%$.
Zhengbin Liu, Yongqiang Li, Mingsheng Wang
ePrint ReportNavid Nasr Esfahani, Ian Goldberg, D. R. Stinson
ePrint ReportYuval Ishai, Mor Weiss
ePrint ReportMotivated by their usefulness for sublinear-communication cryptography, we initiate the study of a natural zero-knowledge variant of PCPP (ZKPCPP), where the view of any verifier making a bounded number of queries can be efficiently simulated by making the same number of queries to the input oracle alone. This new notion provides a useful extension of the standard notion of zero-knowledge PCPs. We obtain two types of results.
1. Constructions. We obtain the first constructions of query-efficient ZKPCPPs via a general transformation which combines standard query-efficient PCPPs with protocols for secure multiparty computation. As a byproduct, our construction provides a conceptually simpler alternative to a previous construction of honest-verifier zero-knowledge PCPs due to Dwork et al. (Crypto '92).
2. Applications. We motivate the notion of ZKPCPPs by applying it towards sublinear-communication implementations of commit-and-prove functionalities. Concretely, we present the first sublinear-communication commit-and-prove protocols which make a black-box use of a collision-resistant hash function, and the first such multiparty protocols which offer information-theoretic security in the presence of an honest majority.
Goutam Paul, Souvik Ray
ePrint ReportRuiyu Zhu, Yan Huang
ePrint ReportMarc Stevens, Dan Shumow
ePrint ReportSo far there is a significant cost: to detect collision attacks against SHA-1 (respectively MD5) costs the equivalent of hashing the message 15 (respectively 224) times. In this paper we present a significant performance improvement for collision detection based on the new concept of unavoidable conditions. Unavoidable conditions are conditions that are necessary for all feasible attacks in a certain attack class. As such they can be used to quickly dismiss particular attack classes that may have been used in the construction of the message. To determine an unavoidable condition one must rule out any feasible variant attack where this condition might not be necessary, otherwise adversaries aware of counter-cryptanalysis could easily bypass this improved collision detection with a carefully chosen variant attack. We provide a formal model for unavoidable conditions for collision attacks on MD5-like compression functions.
Furthermore, based on a conjecture solidly supported by the current state of the art, we show how we can determine such unavoidable conditions for SHA-1. We have implemented the improved SHA-1 collision detection using such unavoidable conditions and which is about 16 times faster than without our unavoidable condition improvements. We have measured that overall our implemented SHA-1 with collision detection is only a factor 1.96 slower, on average, than SHA-1.
Ashwin Jha, Avradip Mandal, Mridul Nandi
ePrint ReportDaniel P. Martin, Ashley Montanaro, Elisabeth Oswald, Dan Shepherd
ePrint ReportWe show how to `rewrite' an existing algorithm for computing the rank of a key after a side channel attack, such that it results in an enumeration algorithm that produces batches of keys that can be tested using Grover's algorithm. This results in the first quantum key search that benefits from side channel information.
Martin Seysen
ePrint ReportNicholas Hilbert, Christian Storer, Dan Lin, Wei Jiang
ePrint Report26 February 2017
Chennai, India, 10 December - 13 December 2017
Event CalendarSubmission deadline: 15 July 2017
Notification: 1 September 2017
CSIRO, Data61, Sydney, NSW, Australia
Job PostingIn this position, you will undertake world-leading research activities in the domain of online privacy with a focus on data-driven impactful research with real-life applications. This includes the development of privacy preserving algorithms for data release, analytics query and data processing in multiple strategic and industry-driven projects and the development of fundamental theoretical frameworks for efficient private data-centric multi-party collaboration and data sharing platforms.
You will lead a team of talented researchers with various experience levels and unique world leading profiles in Online Privacy within a vibrant research environment. The team is one of the worlds’ leading research groups in Privacy Technologies and aims to achieve the exciting and challenging goals of enabling the use of data in our digital economy while preserving individuals privacy. Research to be undertaken targets the most prestigious international publication venues and aims to educate Australia’s best undergraduate and postgraduate students.
Before you apply please view the full position description and selection criteria here: (http://www.csiro.au/~/media/Positions/2016/Data61/27141_Senior_Research_Scientist_CSOF6_PD.doc)
Location: Sydney, NSW
Salary: AU $106K to AU $124K plus up to 15.4% superannuation
Tenure: Indefinite
Reference: 27141
How to apply:
To apply for this position you will be required to submit your resume and cover letter, as one document, highlighting your experience as relevant to the role requirements. If your application proceeds to the next stage you may be asked to provide additional information.
Closing date for applications: 19 March 2017
Contact: Mohamed Ali Kaafar, dali (dot) kaafar (at) data61.csiro.au , https://research.csiro.au/ng/about-us/people/dali-kaafar/
More information: https://jobs.csiro.au/job/Sydney-NSW-Senior-Research-Scientist-Privacy-Preserving-Technologies/370805400
Royal Holloway, University of London, UK
Job PostingThe Centre for Doctoral Training in Cyber Security at Royal Holloway is now recruiting for the 2017/18 cohort, with a number of fully-funded PhD studentships to be awarded to qualified and eligible candidates, to start their post-graduate studies in cyber security in October 2017.
The four-year CDT programme is a mix of training and research activities, leading to a PhD thesis in cyber security. Possible research topics include the design and analysis of cryptographic algorithms and protocols; the design of security services for embedded systems; business information systems, telecommunication networks and critical infrastructure security; detection and analysis of malware; geopolitics of security; and the study of economics, psychology, design theory and sociology in the context of cyber security.
The CDT studentships provide an unparalleled opportunity for outstanding candidates to undertake research and training in a discipline that is both intellectually demanding and of wide applicability.
The CDT in Cyber Security, established in 2013, has currently 37 PhD students divided into four cohorts, working on topics ranging from embedded security to cybercrime, from cryptography to geopolitics of security, from software security to cyber economics.
CDT studentships cover college fees plus an annual stipend of £20,296, for four years. We welcome applications from candidates with undergraduate and masters\' qualifications in a wide range of disciplines, including, but not limited to, mathematics, computer science, engineering, geography, economics and sociology. Funding is provided by the EPSRC, so full studentships are available to UK residents only. Closing date for receiving applications is 30 April 2017.
Please visit Royal Holloway\'s CDT in Cyber Security webpage (https://www.royalholloway.ac.uk/isg/cybersecuritycdt/home.aspx) to learn more about its PhD programme, funding eligibility, and how to apply.
Closing date for applications: 30 June 2017
Contact: Professor Carlos Cid
Director, CDT in Cyber Security at Royal Holloway, University of London
cybersecuritycdt (at) royalholloway.ac.uk
More information: https://www.royalholloway.ac.uk/isg/prospectivestudents/cdtstudentships/cdt-studentships-in-cyber-security.aspx
24 February 2017
Hong Kong, China, 29 May 2017
Event CalendarSubmission deadline: 10 March 2017
Notification: 10 April 2017
23 February 2017
Shay Gueron, Adam Langley, Yehuda Lindell
ePrint ReportChristian A. Gorke, Christian Janson, Frederik Armknecht, Carlos Cid
ePrint ReportWe address both problems and describe appropriate solutions. The first problem is tackled by providing a new type of "Proofs of Retrievability" scheme, enabling a client to check all files simultaneously in a compact way. The second problem is solved by defining a novel procedure called "Proofs of Recoverability", enabling a client to obtain an assurance whether a file is recoverable or irreparably damaged. Finally, we present a combination of both schemes allowing the client to check the recoverability of all her original files, thus ensuring cloud storage file recoverability.
Kristian Gjøsteen, Martin Strand
ePrint ReportThe voting scheme used in Norway is not quantum-safe and it has limited voter verifiability. In this case study, we consider how we can use fully homomorphic encryption to construct a quantum-safe voting scheme with better voter verifiability.
While fully homomorphic cryptosystems are not efficient enough for the the system we sketch to be implemented and run today, we expect future improvements in fully homomorphic encryption which may eventually make these techniques practical.