IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
16 August 2017
Sanjit Chatterjee, Deepak Garg, Aniket Kate, Tobias Theobald
ePrint ReportSpecifically, we present a novel protocol that allows Alice to securely send a message to Bob, binding to any chain of social links, with the property that Bob can decrypt the message only after trust has been established on all links in the chain. This trust may be established either before or after Alice has sent the message, and it may be established in any order on the links. We prove the protocol's security relative to an ideal functionality, develop a prototypical implementation and evaluate the implementation's performance for a realistic environment obtained by harvesting data from an existing web of trust. We observe that our protocol is fast enough to be used in practice.
Ward Beullens, Bart Preneel
ePrint ReportJuan A. Garay, Aggelos Kiayias, Giorgos Panagiotakos
ePrint ReportIn this work we fill this gap by providing a formulation of the POW primitive that implies the security of the Bitcoin blockchain protocol in the standard model. Our primitive entails a number of properties that parallel an efficient non-interactive proof system: completeness and fast verification, security against malicious provers (termed ``hardness against tampering and chosen message attacks'') and security for honest provers (termed ``uniquely successful under chosen key and message attacks''). Interestingly, our formulation is incomparable with previous formulations of POWs that applied the primitive to contexts other than the blockchain. Our result paves the way for proving the security of blockchain protocols in the standard model assuming our primitive can be realized from computational assumptions.
15 August 2017
1 May 2018
Event CalendarSubmission deadline: 29 December 2017
14 August 2017
Steven D. Galbraith, Frederik Vercauteren
ePrint ReportSebastian Messmer, Jochen Rill, Dirk Achenbach, J\"orn M\"uller-Quade
ePrint Report13 August 2017
Gilad Asharov, T-H. Hubert Chan, Kartik Nayak, Rafael Pass, Ling Ren, Elaine Shi
ePrint ReportIn this work, we initiate the study of locality-friendly oblivious RAMs - Oblivious RAM compilers that preserve the locality of the accessed memory regions, while leaking only the lengths of contiguous memory regions accessed; we refer to such schemes as Range ORAMs. Our main results demonstrate the existence of a statistically-secure Range ORAM with only poly-logarithmic overhead (both in terms of the number of memory accesses, and in terms of locality). In our most optimized construction, the overhead is only a logarithmic factor greater than the best ORAM scheme (without locality).
To further improve the parameters, we also consider the weaker notion of a File ORAM: whereas a Range ORAM needs to support read/write access to arbitrary regions of the memory, a File ORAM only needs to support access to pre-defined non-overlapping regions (e.g., files being stored in memory). Assuming one-way functions, we present a computationally-secure File ORAM that, up to $\log \log n$ factors matches the best ORAM schemes (i.e., we essentially get "locality for free".)
As an intermediate result, we also develop a novel sorting algorithm which is also asymptotically optimal (up to $\log\log n$ factors) and enjoys good locality (can be implemented using $O(\log n)$ sequential accesses). This sorting algorithm can serve as a practical alternative to the previous sorting algorithms used in other oblivious RAM compilers and other applications, and might be of an independent interest.
To the best of our knowledge, before our work, the only works combining locality and obliviousness were for the special case of symmetric searchable encryption [Cash and Tessaro (EUROCRYPT'14), Asharov et al. (STOC'16)]. Searchable encryption can be viewed as a special case of a "read-only" File ORAM which leaks whether the same files are accessed again, and whether files contain the same keyword; this leakage, however, has been shown to be harmful in many applications, and is prevented by the definition of a File ORAM.
Jan Czajkowski, Leon Groot Bruinderink, Andreas H{\"u}lsing, Christian Schaffner, Dominique Unruh
ePrint Report12 August 2017
University of Surrey, UK
Job PostingResearch in the Secure Systems group falls into three main themes: trusted systems, privacy & authentication, and secure communications. We have particular strengths in applied cryptography, protocols, verification, and formal methods. We apply our research in the domains of automotive, rail, democracy, and future internet & 5G, and are keen to extend more broadly. The post-holder will enhance or complement current research strengths of the group.
Applicants must have a PhD in a relevant subject or equivalent professional experience, and should have strong practical skills and experience. A track record of producing high quality outputs and attracting research funding is also required. The appointed candidate will be expected to play a leadership role and contribute to Departmental activities.
The Department of Computer Science embodies the ethos of “applying theory into practice” across its research and teaching activities. Surrey is recognised as an Academic Centre of Excellence in Cyber Security Research by NCSC. The University has made substantial investments in the Secure Systems group, and this post is part of our strategic drive to strengthen and integrate our core safety and security activities within the Secure Systems group.
This is a full-time and permanent position. Salary 48,327-68,814 GBP. The post is available from January 2018 though there is flexibility in the start date.
Closing date for applications: 9 September 2017
Contact: Professor Steve Schneider, Director of Surrey Centre for Cyber Security
University of Surrey
s.schneider (at) surrey.ac.uk
More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=061617
Intelligent Voice Ltd
Job PostingBuilding on existing research within the company we seek a talented cyber security expert to assist with the challenge of merging privacy-preserving cloud technology with our speech recognition software. Knowledge of searchable and fully homomorphic encryption protocols is desired.
Applicants should have already completed, or be close to completing, a PhD in computer science, mathematics, or a related discipline. Applicants should have an excellent research track record demonstrated by publications at major cryptography/security venues, and should have significant experience in the design and deployment of cryptographic protocols.
To apply please send your CV (with publication list), a 1-page cover letter, and the names of at least two people who can provide reference letters (e-mail).
See for more information:
https://www.slideshare.net/cholletge/ppsp-icassp17v10-72961572
Closing date for applications: 15 September 2017
Contact: Dr. Neil Glackin
More information: http://www.intelligentvoice.com
Angelo Massimo Perillo, Emiliano De Cristofaro
ePrint ReportIn this paper, we present a new cryptographic protocol, PAPEETE (Private, Authorized, fast PErsonal gEnomic TEsting) suitable for running different types of tests on users' genetic data (specifically, SNPs). The protocol, which builds on top of additively homomorphic encryption, provides privacy for both users and test facilities, and it guarantees that the test is authorized by an appropriate authority such as the FDA. Finally, we present a prototype implementation of PAPEETE, and an experimental evaluation that attests to the real-world practicality of our techniques.
Peter Rindal, Mike Rosulek
ePrint ReportIn this work, we introduce a new PSI protocol that is secure in the presence of malicious adversaries. Our protocol is based entirely on fast symmetric-key primitives and inherits important techniques from state-of-the-art protocols in the semi-honest setting. Our novel technique to strengthen the protocol for malicious adversaries is inspired by the dual execution technique of Mohassel \& Franklin (PKC 2006). Our protocol is optimized for the random-oracle model, but can also be realized (with a performance penalty) in the standard model.
We demonstrate our protocol's practicality with a prototype implementation. To securely compute the intersection of two sets of size $2^{20}$ requires only 13 seconds with our protocol, which is $\sim 12\times$ faster than the previous best malicious-secure protocol (Rindal \& Rosulek, Eurocrypt 2017), and only $3\times$ slower than the best semi-honest protocol (Kolesnikov et al., CCS 2016).
S.Sharmila Deva Selvi, Arinjita Paul, C. Pandu Rangan
ePrint Report10 August 2017
Nazarbayev University, Kazakhstan
Job PostingSuccessful candidates should hold a PhD in mathematics, statistics or in a related field and have excellent English-language communication skills and experience with Western higher education. Applicants for associate professor positions should have considerable experience in supervising students at the graduate level, possess strong teaching skills and experience, and a demonstrated rank-appropriate research accomplishment and service. Applicants for assistant professor level should demonstrate a potential for excellence in teaching, research, and service.
Position responsibilities include: teaching undergraduate and graduate level of courses (2-2 teaching load), supervision of graduate students, curricular and program development, ongoing engagement in professional and research activities, general program guidance and leadership, and other activities related to the intellectual and cultural environment of the university.
Nazarbayev University offers an attractive benefits package, including:
- competitive compensation;
- free housing based on family size and rank;
- relocation allowance;
- no-cost medical insurance, with global coverage;
- educational allowance for children;
- air tickets to home country, twice per year
Applicants should send a detailed CV, teaching and research statements, and list of publications to sst (at) nu.edu.kz. Review of applications will begin immediately but full consideration will be given to applications submitted no later than September 15, 2017. Successful appointments are expected to begin on January 1st, 2018.
Closing date for applications: 15 September 2017
More information: http://sst.nu.edu.kz
09 August 2017
University of Wollongong, Australia
Job Posting
This position is expected to provide development, teaching and research within the Institute of Cybersecurity and Cryptology in the school.
For further information about this position, please contact the Head of School and Director of Institute of Cybersecurity and Cryptology, Professor Willy Susilo on + 61 2 4221 5535.
Closing date for applications: 9 September 2017
Contact: Professor Willy Susilo
More information: https://jobs.uow.edu.au/careersection/ext/jobdetail.ftl?job=170477&tz=GMT%2B10%3A00
TU Darmstadt
Job Posting- Secure cryptographic implementations
- Leakage/tamper resilient cryptography
- Distributed cryptography
- Blockchains and cryptocurrencies
The application should include a curriculum vitae, a short research statement, and names of 1 person (2 in case of PostDocs) that can provide reference about the applicant and her/his work. In case of PostDoc applications, the candidate shall be able to show solid expertise in cryptography/IT Security illustrated in form of publications at major crypto/security venues such as CRYPTO, EUROCRYPT, ASIACRYPT, TCC, PKC, CHES, FC, ACM CCS, IEEE S&P, USENIX Security, NDSS etc.
The positions are available immediately and paid according to the German public salary scale TVL-E13 or TVL-E14, depending on the candidate’s qualification. TU Darmstadt offers excellent working environment in the heart of the Rhein-Main area, and is one of the leading institutes for research on IT security with more than 200 researchers working on all aspects of cybersecurity.
Review of applications starts immediately until the positions are filled.
Closing date for applications: 5 October 2017
Contact: Prof. Sebastian Faust
Contact: sebastian.faust (at) gmail.com
University of Lübeck, Germany
Job Posting- Side channel attacks and mitigations
- System security for IoT, mobile and Cloud systems
- Trusted computing and trusted execution environments
- Applied cryptography
- Secure microarchitectures
As ideal candidate, you are highly motivated, independent and able to perform creative and deep research. You have a degree in computer science, electronics or applied mathematics with strong interest in systems security, algorithms and machine learning. Prior experience in low-level programming, code analysis, cryptography and/or signal processing are an asset. Positions remain open until filled.
The brand-new Institute for IT Security at University of Luebeck offers excellent research conditions, close to the most gorgeous beaches of the Baltic sea. We offer a competitive salary and an international cutting-edge research team in an attractive working environment.
Please provide a resume, transcripts, a motivational statement and contact information of at least two references.
Closing date for applications: 28 August 2017
Contact: Thomas Eisenbarth thomas.eisenbarth (at) uni-luebeck.de
More information: https://www.its.uni-luebeck.de/en/jobs.html
08 August 2017
Xavier Bonnetain
ePrint ReportArjun Chopra
ePrint ReportWe propose GLYPH, a new instantiation of GLP, parametrised for 128 bits of security under the very conservative assumptions proposed in [2], which gives a strong assurance that it will be secure against forgery even if there are further developments in lattice cryptanalysis. Parameters to obtain this strong security level in an efficient manner were not possible within the original formulation of GLP, as they are not compatible with a signature compression algorithm, and to address this we also propose a new form of the compression algorithm which works efficiently with wider ranges of parameters.