IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
30 December 2017
Zheng Li, Xiaoyang Dong, Xiaoyun Wang
ePrint ReportUsing the above quantum distinguishers, we introduce generic quantum key-recovery attacks by applying the combination of Simon's and Grover's algorithms recently proposed by Leander and May. We denote $n$ as the bit length of a branch. For $(d^2-d+2)$-round Type-1 GFS with $d$ branches, the time complexity is $2^{(\frac{1}{2}d^2-\frac{3}{2}d+2)\cdot \frac{n}{2}}$, which is better than the quantum brute force search (Grover search) by a factor $2^{(\frac{1}{4}d^2+\frac{1}{4}d)n}$. For $4d$-round Type-2 GFS with $2d$ branches, the time complexity is $2^{{\frac{d^2 n}{2}}}$, which is better than the quantum brute force search by a factor $2^{{\frac{3d^2 n}{2}}}$.
Elette Boyle, Niv Gilboa, Yuval Ishai, Huijia Lin, Stefano Tessaro
ePrint ReportWe initiate a systematic study of HSS, making the following contributions.
* A definitional framework. We present a general framework for defining HSS schemes that unifies and extends several previous notions from the literature, and cast known results within this framework.
* Limitations. We establish limitations on information-theoretic multi-input HSS with short output shares via a relation with communication complexity. We also show that additive HSS for non-trivial functions, even the AND of two input bits, implies non-interactive key exchange, and is therefore unlikely to be implied by public-key encryption or even oblivious transfer.
* Applications. We present two types of applications of HSS. First, we construct 2-round protocols for secure multiparty computation from a simple constant-size instance of HSS. As a corollary, we obtain 2-round protocols with attractive asymptotic efficiency features under the Decision Diffie Hellman (DDH) assumption. Second, we use HSS to obtain nearly optimal worst-case to average-case reductions in P. This in turn has applications to fine-grained average-case hardness and verifiable computation.
Min Liang, Li Yang
ePrint ReportThis article focuses on block encryption of quantum data. Based on pseudorandom functions, we construct a quantum block encryption (QBE) scheme, and prove it has indistinguishable encryption under chosen plaintext attack. Moreover, the combination of the QBE and quantum message authentication scheme has indistinguishable encryption under chosen ciphertext attack. In addition, QBE can achieve perfect security in a particular case. Comparing with quantum one-time pad (QOTP), QBE scheme can be the same secure as QOTP, and the secret key can be reused (no matter whether the eavesdropping exists or not). Thus, block encryption based on quantum mechanics can break the limitation of perfectly secure encryption, and can be used as the new cryptographic primitive instead of QOTP. In order to physically implement the QBE scheme, we only need to implement two kinds of single-qubit gates (Pauli $X$ gate and Hadamard gate), so it is within reach of current quantum technology.
Alessandro Cilardo, Andrea Primativo
ePrint ReportAritra Dhar, Der-Yeuan Yu, Srdjan Capkun
ePrint ReportIn this paper, we consider the presence of an untrusted host machine and aim to ensure the integrity of user input to a web server directly from a peripheral, such as a keyboard. We propose IntegriKey, an end-to-end integrity protection system that leverages a user-side trusted device (the IntegriKey device) and a small server-side software component to ensure the integrity of the user's input. Based on our solution, we also identify a new form of attack, the (user interface) UI input integrity manipulation attack, where a compromised host alters the UI to mislead the user into entering incorrect data. We provide a comprehensive analysis of these attacks and the corresponding solutions. IntegriKey allows the server to accept only authentic user input even when the attacker compromises both the host machines and the network. IntegriKey requires no additional software on the user's host and does not significantly affect the way the user interacts with the system. We implement IntegriKey in the context of remotely configuring Programmable Logic Controllers and our evaluation shows that it incurs minimal overhead in securing user input integrity.
26 December 2017
Shuang Qiu, Rui Zhang, Yongbin Zhou, Wei Cheng
ePrint Report25 December 2017
Santa Barbara, USA, 1 April - 1 July 2018
Event CalendarSubmission deadline: 31 March 2018
Notification: 30 June 2018
Halifax, Canada, 30 July - 3 August 2018
Event CalendarSubmission deadline: 1 March 2018
Notification: 1 April 2018
24 December 2017
DTU, Technical University of Denmark
Job PostingThrough the position the University seeks to strengthen the research within cyber security. The cyber security section at DTU has experts in cryptology, in particular the design and analysis of ciphers, hash functions and in side-channel analysis, and in the security of distributed and pervasive computing systems, in particular support for secure collaboration across administrative domains and in other low trust environments. The section wishes to broaden its research within all areas of cyber security.
Topics of particular interest include:
access control (both policies and mechanisms);
authentication and identity management systems;
blockchains and distributed ledger technologies
malware analysis, digital forensics, and ethical hacking;
privacy and privacy enhancing technologies;
security in pervasive computing systems (incl. cyber physical systems, IoT, mobile healthcare systems and wireless computing systems); and
trust management systems.
Interest and skills in pedagogical work and dissemination of mathematical sciences will play an important role.
Closing date for applications: 1 February 2018
Contact: Professor Lars Ramkilde Knudsen, lrkn (at) dtu.dk
More information: http://www.dtu.dk/job/job?id=ad063634-bc8a-42e1-82f1-b6a93908941d
Singapore University of Technology and Design (SUTD)
Job PostingI am looking for postdocs / research fellows with expertise on cyber-physical system security, especially on the legacy CPS protection. The candidates should have track record of strong R&D capability, be able to perform deep system-level investigations of security mechanisms, be a good team player, and also have good written/oral communication skills. The position will provide an excellent opportunity to perform both basic and translational research in close collaboration with industry. Successful candidates will be offered internationally competitive remuneration, and enjoy high-quality living and low tax rates in Singapore.
Interested candidates please send your CV with a research statement to Prof. Jianying Zhou.
Email: jianying_zhou (at) sutd.edu.sg
Home: http://jianying.space/
Closing date for applications: 28 February 2018
Contact: Prof. Jianying Zhou
More information: http://jianying.space/
23 December 2017
Li Hongda, Pan Dongxue, Ni Peifang
ePrint ReportTaotao Li, Parhat Abla, Mingsheng Wang, Qianwen Wei
ePrint ReportKoichiro Akiyama, Yasuhiro Goto, Shinya Okumura, Tsuyoshi Takagi, Koji Nuida, Goichiro Hanaoka, Hideo Shimizu, Yasuhiko Ikematsu
ePrint ReportMridula Singh, Patrick Leu, Srdjan Capkun
ePrint Report22 December 2017
Cloudflare Inc. (San Francisco, USA and London, UK)
Job PostingAt Cloudflare, we have our eyes set on an ambitious goal: to help build a better Internet. Today, Cloudflare runs one of the world’s largest distributed networks that powers more than 1.5 trillion page views each month across 5 million Internet properties. More than 10 percent of all global Internet requests flow through Cloudflare’s network. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code.
Responsibilities
The Cryptography team is focused on solving difficult problems in security, performance, and privacy at scale using cryptographic tools. This involves systems engineering, open source software development, protocol design, the implementation of cryptographic primitives, contributions to cutting-edge research in collaboration with academia, participation in Internet standards organizations like the IETF, and more.
We are looking for systems engineers, programmers and researchers with a broad background and a specialization in cryptography to work on our team. Experience in Go, C and/or Lua is required, experience with x86/amd64 assembly is preferred.
Requirements
Currently in a M.S. or Ph.D. Computer Science or related field, or equivalent experience.
Advance knowledge of networking protocols - TCP/IP, DNS, BGP, QUIC etc.
In-depth knowledge of authentication protocols, applied cryptography, PKI and SSL/TLS
Proficiency in the following languages - Go, C and/or Lua
Proven track record of independently driving projects in a fast-paced environment
Excellent communication skills on both technical and non-technical issues
Bonus Points:
Substantial contributions to cryptography software such as OpenSSL or Go\'s crypto/tls
Experience with high throughput/low latency real-time systems and/or content delivery networks
Closing date for applications: 31 December 2018
More information: https://boards.greenhouse.io/cloudflare/jobs/608495#.Wjw-yBNSwws
Shunli Ma, Yi Deng, Debiao He, Jiang Zhang, Xiang Xie
ePrint ReportThang Hoang, Ceyhun D. Ozkaptan, Gabriel Hackebeil, Attila A. Yavuz
ePrint ReportWe propose new oblivious data structures called Oblivious Matrix Structure (OMAT) and Oblivious Tree Structure (OTREE), which allow tree-based ORAM to be integrated into database systems in a more efficient manner with diverse query functionalities supported. OMAT provides special ORAM packaging strategies for table structures, which not only offers a significantly better performance but also enables a broad range of query types that may not be practical in existing frameworks. OTREE allows oblivious conditional queries to be deployed on tree-indexed databases more efficient than existing techniques. We fully implemented our proposed techniques and evaluated their performance on a real cloud database with various metrics, compared with state-of-the-art counterparts.
Thang Hoang, Attila A. Yavuz, Jorge Guajardo
ePrint ReportIn this article, we introduce a new Dynamic Searchable Symmetric Encryption (DSSE) framework called Incidence Matrix (IM)-DSSE, which achieves a high level of privacy, efficient search/update, and low client storage with actual deployments on real cloud settings. We harness an incidence matrix along with two hash tables to create an encrypted index, on which both search and update operations can be performed effectively with minimal information leakage. This simple set of data structures surprisingly offers a high level of DSSE security while at the same time achieving practical performance. Specifically, IM-DSSE achieves forward privacy, backward privacy and size-obliviousness properties simultaneously. We also create several DSSE variants, each offering different trade-offs (e.g., security, computation) that are suitable for different cloud applications and infrastructures. Our framework was fully-implemented and its performance was rigorously evaluated on a real cloud system (Amazon EC2). Our experimental results confirm that IM-DSSE is highly practical even when deployed on mobile phones with a large outsourced dataset. Finally, we have released our IM-DSSE framework as an open-source library for a wide development and adaptation.