IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
08 May 2017
La Habana, Cuba, 17 September - 19 September 2017
07 May 2017
Singapore, Singapore, 23 April - 24 April 2018
Submission deadline: 15 December 2017
Notification: 12 February 2018
Oriahovitza, Bulgaria, 9 July - 16 July 2017
Submission deadline: 25 May 2017
Notification: 5 June 2017
Santa Barbara (CA), USA, 21 August 2017
Submission deadline: 21 May 2017
Notification: 7 July 2017
05 May 2017
Subhabrata Samajder, Palash Sarkar
Yi Deng, Xuyang Song, Jingyue Yu, Yu Chen
1. We develop an embedding technique and prove that the witness hiding property of the standalone Schnorr protocol based on a weaker version of one-more like discrete logarithm (DL) assumption asserting that, for an arbitrary constant $\ell$, it is infeasible for a PPT algorithm to solve $l$ DL instances with being restricted to query the DL oracle only once. Similar result holds for the Guillou-Quisquater protocol.
This improves over the positive result of Bellare and Palacio in that when applying their technique to the standalone setting, the underlying assumption is stronger and required to hold only for $\ell=2$.
2. Following the framework of Harnik and Naor, we introduce the notion of tailored instance compression to capture the essence of the known one-more like assumptions, which provides new insight into the hardness of one-more DL/RSA problems and allows us to reveal some strong consequences of breaking our weaker version of one-more like assumption,including zero knowledge protocols for the AND-DL and AND-RSA languages with extremely efficient communication and non-trivial hash combiner for hash functions based on DL problem.
These consequences can be viewed as positive evidences for the security of Schnorr and Guillou-Quisquater protocols.
3. We observe that the previously known impossibility results on the witness hiding of public-coin protocols for unique witness relation make certain restriction on the reduction. By introducing an input-distribution-switching technique, we bypass these known impossibility results and prove that, for any hard language $L$, if a distribution $(\mathbb{X}, \mathbb{W})$ over unique witness relation $R_{L}$ has an indistinguishable counterpart distribution over some multiple witnesses relation, then any witness indistinguishable protocols (including ZAPs and all known 3-round public-coin protocols, such as Blum protocol and GMW protocol) are indeed witness hiding for the distribution $(\mathbb{X}, \mathbb{W})$.
We also show a wide range of cryptographic problems with unique witnesses satisfy the ``if condition'' of this result, and thus admit constant-round public-coin witness hiding proof system.
This is the first positive result on the witness-hiding property of the classic protocols for non-trivial unique witness relations.
The University of Auckland, New Zealand
The successful appointee will have a PhD, demonstrated excellence in research, and a commitment to high quality research-informed teaching. The ideal candidate would have a research program that complements and builds on existing areas of strength within the department (http://www.cs.auckland.ac.nz).
The scope of the search is digital security, broadly defined. We will be particularly interested in candidates who have developed techniques for digital forensics, security testing, or software obfuscation; or who have demonstrated expertise in security or privacy for mobile devices, cyber-physical systems (esp. Internet of Things), machine-to-machine systems, and big data systems.
The appointee will be expected to teach at undergraduate and postgraduate levels in their specialist area, at introductory levels more widely, and to engage in research and publication both personally and through the supervision of research students. The appointee would also be expected to seek research funding, to engage with the profession, and to contribute to departmental service.
This is a full time, permanent position based on the University of Auckland\'s city campus.
Apply
Please apply online at www.opportunities.auckland.ac.nz job code: 18586.
Applications close Thursday 25 May 2017.
Closing date for applications: 25 May 2017
Contact: Robert Amor
More information: https://www.opportunities.auckland.ac.nz/psp/ps/EMPLOYEE/HRMS/c/HRS_HRAM.HRS_CE.GBL?Page=HRS_CE_JOB_DTL&Action=A&JobOpen
Cloudflare
At Cloudflare, we have our eyes set on an ambitious goal: to help build a better Internet. Today, Cloudflare runs one of the world’s largest distributed networks that powers more than 1.5 trillion pageviews each month across 5 million Internet properties. More than 10 percent of all global Internet requests flow through Cloudflare’s network. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code.
About the Department
We are looking for a seasoned cryptography engineer for a development role in the Technology group. This role focuses on the implementation of cutting-edge cryptographic protocols for use at web scale in CloudFlare’s systems.
Candidates will have extensive experience in implementing real-world cryptographic protocols such as TLS. Substantial contributions to cryptographic software such as OpenSSL are preferred. Experience in Go, C, and assembly are required. Cryptography Engineers are expected to be familiar with the nuances of implementing public-key cryptography (PKI), side-channel attacks, padding oracles, constant-time implementations, and have deep domain knowledge.
Requirements
B.S. or M.S. Computer Science or related field, or equivalent experience
Experience building security in a fast-paced, web-scale environment
Advance knowledge of networking protocols - TCP/IP, DNS, SMTP, BGP etc.
In-depth knowledge of authentication protocols, applied cryptography, PKI and SSL/TLS
Proficiency in these languages - Go, C, and x86/amd64 assembly
Knowledge of the latest attack trends, tools and the threat landscape
Proven track record of independently driving security projects in a fast-paced environment
Excellent communication skills on both technical and non-technical issues
Bonus Points
Substantial contributions to cryptography software such as OpenSSL
Experience with high throughput/low latency real-time systems and/or content delivery networks
Closing date for applications: 1 October 2017
Contact: Ed Burns
ed (at) cloudflare.com
More information: https://boards.greenhouse.io/cloudflare/jobs/634967#.WQuUsVPyumk
04 May 2017
University of Auckland, New Zealand
The successful appointee will have a PhD, demonstrated excellence in research, and a commitment to high quality research-informed teaching. The ideal candidate would have a research program that complements and builds on existing areas of strength within the department (http://www.cs.auckland.ac.nz).
The scope of the search is digital security, broadly defined. We will be particularly interested in candidates who have developed techniques for digital forensics, security testing, or software obfuscation; or who have demonstrated expertise in security or privacy for mobile devices, cyber-physical systems (esp. Internet of Things), machine-to-machine systems, and big data systems.
Closing date for applications: 25 May 2017
Contact: Professor Robert Amor, Head of Department, trebor (at) cs.auckland.ac.nz
More information: https://www.opportunities.auckland.ac.nz
Institute of Information Security, University of Stuttgart, Germany
Ph.D. and Postdoc Positions
in the fields
- System and Web Security,
- Services and Cloud Computing Security,
- Cryptography, e.g., in the context of electronic voting, and
- Formal Methods in Security.
The positions are available immediately and paid according to the German public salary scale TVL-E13 or TVL-E14, depending on the candidate’s qualification. Appointment periods follow the German Wissenschaftszeitvertragsgesetz (WissZeitVg).
The Institute for Information Security offers a creative international environment for top-level international and creative research in Germany’s high-tech region.
The successful candidate should have a Master’s degree or a Ph.D. (or should be very close to completion thereof) in Computer Science, Mathematics, Information Security, or a related field. We value strong analytical skills. Knowledge in one of the mentioned fields is an asset. Since some teaching is done in German, knowledge of German is required for positions that involve teaching.
The deadline for applications is
May 28th, 2017.
However, late applications will be considered until the positions are filled.
Closing date for applications: 28 May 2017
Contact: Prof. Ralf Küsters
ralf.kuesters (at) sec.uni-stuttgart.de
https://sec.informatik.uni-stuttgart.de
More information: https://sec.informatik.uni-stuttgart.de/jobopenings
Rupeng Yang, Man Ho Au, Qiuliang Xu, Zuoxia Yu
In this paper, we solve these problems and present the decentralized blacklistable anonymous credential system with reputation, which inherits nearly all features of the BLACR system presented in Au et.al. (NDSS'12). However, in our new system, no trusted party is needed to register users. Moreover, blacklists from other service providers can be used safely in the new system assuming a minimal trust assumption holds. Besides, the new system is also partially resilient to the blacklist gaming attack. Technically, the main approach to solving these problems is a novel use of the blockchain technique, which serve as a public append-only ledger and are used to store credentials and blacklists. To simplify the construction, we also present a generic framework for constructing our new system. The general framework can be instantiated from three different types of cryptographic systems, including the RSA system, the classical DL system, and the pairing based system, and all these three types of instantiations can be supported simultaneously in the framework. To demonstrate the practicability of our system, we also give a proof of concept implementation for the instantiation under the RSA system. The experiment results indicate that when authenticating with blacklists of reasonable size, our implementation can fulfill practical efficiency demands, and when authenticating with empty blacklists, it is more efficient than that of Garman et al. (NDSS'14), which presents a decentralized anonymous credential system without considering revocation.
Silvan Streit, Fabrizio De Santis
Chen Xu, Jingwei Chen, Wenyuan Wu, Yong Feng
Zvika Brakerski, Shai Halevi, Antigoni Polychroniadou
Our construction takes after the multi-key FHE approach of Mukherjee-Wichs (EUROCRYPT '16) who constructed a 2-round semi-malicious protocol from LWE in the common random string (CRS) model. We show how to use a preliminary round of communication to replace the CRS, thus achieving 3-round semi-malicious security without setup. Adaptive commitments and zero-knowledge proofs are then used to compile the protocol into the fully malicious setting.
Benny Applebaum
This is a survey that appeared in a book of surveys in honor of Oded Goldreich's 60th birthday.
Matthias Hamann, Matthias Krause, Willi Meier, Bin Zhang
In this paper, existing TMD tradeoff attacks are revisited, and new insights on distinguishers and key recovery related to small-state stream ciphers are derived. A particular result is the transfer of a generic distinguishing attack suggested in 2007 by Englund, Hell, and Johansson to this new class of lightweight ciphers. Our analysis shows that the initial hope of achieving full security against TMD tradeoff attacks by continuously using the secret key has failed. In particular, we demonstrate that there are generic distinguishing attacks against Plantlet and Fruit with complexity significantly smaller than that of exhaustive key search. However, by studying the assumptions underlying the applicability of these attacks, we are able to come up with a new design idea for small-state stream ciphers which might allow to finally achieve full security against TMD tradeoff attacks.
Another contribution of this paper is the first key recovery attack against the most recent version of Fruit. We show that there are at least $2^{64}$ weak keys, each of which does not provide 80-bit security as promised by designers. This new attack against Fruit, together with previous attacks against Sprout, raises the question whether a more complicated key schedule than the basic one used in Plantlet is actually beneficial for the security of such ciphers.