IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
28 November 2017
University of Birmingham, UK
One of the main goals of this project is to promote and facilitate the adoption of TEE as the main trust anchor for our security architectures. We will perform a thorough evaluation of the security features of different TEE implementations to determine their suitability as trust anchors. We will address the limitations of users interacting directly with TEEs through analysing use cases and developing secure interfaces using auxiliary devices and dedicated features. We will investigate opportunities to leverage strong hardware-based security mechanisms to improve both the strength and usability of authentication. We will also build an architecture for designing protocols and user experiences that leverage these hardware security primitives to enhance the security, manageability, and usability of user authentication over existing approaches. The analysis and applications of our research findings will be demonstrated and implemented on suitable platforms including secure hardware, smart devices and integration with authentication tokens.
In addition to holding a first degree in area of specialism and normally, a higher degree (PhD) relevant to research area or equivalent qualifications, applicants should have expertise in one or more of the following: cryptographic protocols; side-channel and fault attacks; implementation of cryptographic protocols using hardware features.
The Security and Privacy Group in the School of Computer Science is recognised by NCSC/EPSRC as an Academic Centre of Excellence in Cyber Security Research. The group is an expanding team of eleven academic staff researching all aspects of computing security and privacy.
Closing date for applications: 3 January 2018
Contact: Prof. Mark Ryan: m.d.ryan (at) cs.bham.ac.uk
Dr Flavio Garcia: F.Garcia (at) bham.ac.uk
Dr David Oswald: d.f.oswald (at) cs.bham.ac.uk
More information: http://www.jobs.ac.uk/job/BFY368/research-fellow-in-cyber-security-hardware
Thalia M. Laing, Douglas R. Stinson
David Derler, Sebastian Ramacher, Daniel Slamanig
In doing so, we choose a modular approach and firstly construct an accumulator (with one-way domain) that allows to efficiently prove knowledge of (a pre-image of) an accumulated value in zero-knowledge. We, thereby, take care that our construction can be instantiated solely from symmetric primitives and that our proofs are of sublinear size. Latter is non trivial to achieve in the symmetric setting due to the absence of algebraic structures which are typically used in other settings to make these efficiency gains. Regarding efficient instantiations of our proof system, we rely on recent results for constructing efficient non-interactive zero-knowledge proofs for general circuits. Based on this building block, we then show how to construct logarithmic size ring signatures solely from symmetric-key primitives. As constructing more advanced primitives only from symmetric key-primitives is a very recent field, we discuss some interesting open problems and future research directions. Finally, we want to stress that our work also indirectly impacts other fields: for the first time it raises the requirement for collision resistant hash functions with particularly low AND count.
Iddo Bentov, Yan Ji, Fan Zhang, Yunqi Li, Xueyuan Zhao, Lorenz Breidenbach, Philip Daian, Ari Juels
The task of committing the recent trades data to independent cryptocurrency systems presents an all-or-nothing fairness problem, that can be solved by means of SPV proofs or multiple SGX-enabled servers. Tesseract also mitigates denial-of-service attacks by running a consensus protocol among SGX-enabled servers.
Tesseract supports not only real-time cross-chain cryptocurrency trading, but also a secure method to tokenize assets pegged to various cryptocurrencies. For instance, Tesseract-tokenized bitcoins can circulate on the Ethereum blockchain for use in smart contracts.
We provide a reference implementation of Tesseract that supports Bitcoin, Ethereum, and similar cryptocurrencies.
27 November 2017
1 January 2019
Submission deadline: 22 March 2018
Suzdal, Russia, 28 May - 30 May 2018
Submission deadline: 19 February 2018
Notification: 2 April 2018
University of Surrey, UK
The post is part of the EPSRC-funded research project “TAPESTRY: Trust, Authentication and Privacy over a DeCentralised Social Registry”. Successful applicant will be working on the design and analysis of privacy-preserving cryptographic protocols under the supervision of Dr Mark Manulis and will benefit from the environment provided by the Surrey Centre for Cyber Security (SCCS, http://sccs.surrey.ac.uk/).
Applicants are expected to have core skills in the design and security analysis of privacy-oriented cryptographic protocols (e.g. zero-knowledge proofs, anonymous credentials, etc). Experience in implementation of cryptographic protocols is a plus. They should hold a PhD or be close to the completion of their PhD studies and be able to drive their own research direction.
Closing date for applications: 17 December 2017
Contact: Dr. Mark Manulis at m.manulis (at) surrey.ac.uk
More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=079116-R-R
Singapore University of Technology and Design
I am looking for highly motivated PhD students who are interested in conducting research in blockchain or network security.
I am also looking for postdocs interest in blockchain systems.
You can find more information at https://pszal.github.io/open_positions
Closing date for applications: 1 April 2018
Contact: Pawel Szalachowski
pawel (at) sutd.edu.sg
More information: https://pszal.github.io/open_positions
University of South Florida, Tampa, Florida
USF is an R1 university and among the leading institutions in Florida. We are looking for motivated, talented, and hardworking applicants who have background and are interested in working on different aspects of Cryptographic Engineering with emphasis on:
- Cryptographic hardware systems
- Side-channel attacks, particularly fault and power analysis attacks
The required expertise includes:
- Masters (or Bachelors with outstanding background) in Computer Engineering or Electrical Engineering
- Solid background in digital design, VLSI, computer arithmetic, and ASIC/FPGA implementations
- Solid HDL expertise
- Outstanding English (if English tests are taken) to be eligible for department funding
- Motivation to work beyond the expectations from an average Ph.D. student and publish in top tier venues
Please closely observe the admission requirement details here before emailing:
http://www.usf.edu/engineering/cse/graduate/phd-program.aspx
Please send me your updated CV (including list of publications, language test marks, and references), transcripts for B.Sc. (and/or M.Sc.), and a statement of interest at mehran2 (at) usf.edu as soon as possible.
NOTE: At this time, I consider only the applicants who have already taken TOEFL/IELTS and GRE exams with excellent marks (application deadline: Jan. 15th, 2018). The successful candidate will be asked to apply formally very soon to the USF CSE department, so all the material has to be ready.
Mehran Mozaffari-Kermani
Assistant Professor, CSE @ USF
College of Engineering
University of South Florida
Tampa, FL 33620
Website: http://www.csee.usf.edu/~mehran2/
Closing date for applications: 1 February 2018
Contact: Mehran Mozaffari-Kermani
Catherine Meadows
Thorsten Kranz, Gregor Leander, Ko Stoffelen, Friedrich Wiemer
In this work we combine those, so far largely independent line of works. As a result, we achieve implementations of known, locally optimized, and new MDS matrices that significantly outperform all implementations from the literature. Interestingly, almost all previous locally optimized constructions behave very similar with respect to the globally optimized implementation.
As a side effect, our work reveals the so far best implementation of the AES MixColumns operation with respect to the number of XOR operations needed.
Vladimir Kolesnikov, Mike Rosulek, Ni Trieu
We present SWiM, a simple and fast protocol for WPM that is heavily based on oblivious transfer (OT) extension. As such, the protocol requires only a small constant number of public-key operations and otherwise uses only very fast symmetric-key primitives. SWiM is secure against semi-honest adversaries. We implemented a prototype of our protocol to demonstrate its practicality. We can perform WPM on a DNA text (4-character alphabet) of length $10^5$ and pattern of length $10^3$ in just over 2 seconds, which is over two orders of magnitude faster than the state-of-the-art scheme of Baron et al. (SCN 2012).
Jintai Ding, Ray Perlner, Albrecht Petzoldt, Daniel Smith-Tone
Léo Perrin, Angela Promitzer, Sebastian Ramacher, Christian Rechberger
First, we investigate optimizations of the linear layer of LowMC independently of any implementation optimizations. By decomposing the round key computations based on the keys' effect on the S-box layer and general optimizations, we reduce runtime costs by up to 40 % and furthermore reduce the size of the LowMC matrices by around 55 % compared to the original Picnic implementation (CCS'17).
Second, we propose a Feistel structure using smaller matrices completely replacing the remaining large matrix multiplication in LowMC's linear layer. With this approach we achieve an operation count logarithmic in the blocksize, but more importantly improve over Picnic's constant-time matrix multiplication by 60 % while retaining a constant-time algorithm. Furthermore, this technique also enables us to reduce the memory requirements for the LowMC matrices by 50 %.
Serge Vaudenay, Damian Vizár
Yupeng Zhang, Daniel Genkin, Jonathan Katz, Dimitrios Papadopoulos, Charalampos Papamanthou
Yupeng Zhang, Daniel Genkin, Jonathan Katz, Dimitrios Papadopoulos, Charalampos Papamanthou
In order to evaluate the performance and expressiveness of our scheme, we tested it on SQL queries based on the TPC-H benchmark on a database with $6 \times 10^6$ rows and $13$ columns. The server overhead in our scheme (which is typically the main bottleneck) is up to $120\times$ lower than previous approaches based on succinct arguments of knowledge (SNARKs), and moreover we avoid the need for query-dependent pre-processing which is required by optimized SNARK-based schemes. In our construction, the server/client time and the communication cost are comparable to, and sometimes smaller than, those of existing customized solutions which only support specific queries.
Wei Cheng, Chao Zheng, Yuchen Cao, Yongbin Zhou, Hailong Zhang, Sylvain Guilley, Laurent Sauvage
Gustavo H. M. Zanon, Marcos A. Simplicio Jr., Geovandro C. C. F. Pereira, Javad Doliskani, Paulo S. L. M. Barreto
Sebastian Angel, Hao Chen, Kim Laine, Srinath Setty
The second technique is a new data encoding called a probabilistic batch code (PBC). We use PBCs to build a multi-query PIR scheme that allows the server to amortize the computational cost of processing a batch of requests. The protocol achieves a 6.7X speedup over processing queries one at a time, and is significantly more efficient than related encodings. We apply our techniques to the Pung unobservable communication system which relies on a custom multi-query CPIR protocol for its privacy guarantees. Replacing Pungs protocol with our schemes, we find that we can simultaneously reduce network costs by 33X and increase throughput by 2X.