IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
18 January 2018
Microsoft Research Cambridge UK
Experience Required:
Mandatory:
• Expert understanding of state-of-the-art machine learning and artificial intelligence
• Hands-on experience in building machine learning systems
• Interested in working in a multi-disciplinary team
• Interested in deep research with high real-world impact
• PhD or close to completion
Ideal:
• Experience in cloud services
• Experience in security and privacy
• Strong publication record or alternative relevant innovation experience
Closing date for applications: 31 March 2018
More information: https://www.microsoft.com/en-us/research/opportunity/researcher-security-privacy-ml/
The University of Luxembourg
The University of Luxembourg is a multilingual, international research university.
The University of Luxembourg is looking within its Faculty of Science, Technology and Communication for a:
Postdoc in Cryptography (M/F)
- Ref: F1-50011530
- Fixed-term contract 2.5 years, full-time (40 hrs/week)
- Employee status
The post-doc will be a member of the Computer Science and Communications Research Unit (CSC) research unit within the Faculty of Science, Technology and Communication at the University of Luxembourg. Possible topics of interests are FHE, multilinear maps, public-key cryptanalysis., and side-channel attacks and countermeasures.
Profile
PhD in cryptography, with publications in major cryptographic conferences
We offer
- Personal work space at the University
- Highly competitive salary
- Dynamic and multicultural environment
Candidates should submit the following documents:
- Motivation letter indicating your research interests.
- Curriculum vitae (including your contact address, work experience, publications).
- A short description of your PhD’s work (max 1 page).
- Contact information for 3 referees.
Please send your application online in until March 15th, 2018. Applications will be considered on receipt therefore applying before the deadline is encouraged.
Link: http://emea3.mrted.ly/1pelf
Closing date for applications: 15 March 2018
Contact: For further information please contact: Jean-Sebastien Coron
jean-sebastien.coron (at) uni.lu
More information: http://emea3.mrted.ly/1pelf
Continental Automotive Singapore Pte Ltd
• Define security tests for backend, Smartphone & Connectivity
• Develop countermeasures for detected vulnerabilities
• Develop tools to demonstrate the efficiency of the security mechanisms
• Develop and refine the Security and Privacy concept for connected services between vehicle and backend services
• Implementation of novel Security & Privacy mechanism
Requirements:
• University degree in computer science, electrical engineering or mathematics with a deep focus on security, privacy, cryptology, or similar
• Indepth Experiences with projects related to cloud security, smartphone security and backend security
• Knowledge of Security Risk Analysis methods (e.g. STRIDE)
• Knowledge of Security Source Code Analysis methods
• Knowledge of Quantum cryptography is preferred
• An application with several years of experience in the field of Automotive Security and Privacy is preferred
• Good & open communication
• Mobility to collaborate creatively in international teams
Closing date for applications:
More information: http://www.continental-jobs.com/index.php?ac=jobad&id=596247
Alexander Chepurnoy, Vasily Kharin, Dmitry Meshkov
Daniele Micciancio, Michael Walter
Daniel Dinu, Ilya Kizhvatov
This work is a case study of Thread, an emerging network and transport level stack designed to facilitate secure communication between heterogeneous IoT devices. We perform the first side-channel vulnerability analysis of the Thread networking stack. We leverage various network mechanisms to trigger manipulations of the security material or to get access to the network credentials. We choose the most feasible attack vector to build a complete attack that combines network specific mechanisms and Differential Electromagnetic Analysis. When successfully applied on a Thread network, the attack gives full network access to the adversary. We evaluate the feasibility of our attack in a TI CC2538 setup running OpenThread, a certified open-source implementation of the stack.
The full attack does not succeed in our setting. The root cause for this failure is not any particular security feature of the protocol or the implementation, but a side-effect of a feature not related to security. We summarize the problems that we find in the protocol with respect to side-channel analysis, and suggest a range of countermeasures to prevent our attack and the other attack vectors we identified during the vulnerability analysis.
In general, we demonstrate that elaborate security mechanisms of Thread make a side-channel attack not trivial to mount. Similar to a modern software exploit, it requires chaining multiple vulnerabilities. Nevertheless, such attacks are feasible. Being perhaps too expensive for settings like smart homes, they pose a relatively higher threat to the commercial setting. We believe our experience provides a useful lesson to designers of IoT protocols and devices.
Wenquan Bi, Xiaoyang Dong, Zheng Li, Rui Zong, Xiaoyun Wang
Miran Kim, Yongsoo Song, Shuang Wang, Yuhou Xia, Xiaoqian Jiang
The goal of this study is to provide a practical support to the mainstream learning models (e.g., logistic regression). We innovated on: (1) a novel homomorphic encryption scheme optimized for real numbers computation, (2) the least squares approximation of the logistic function for accuracy and eciency (i.e., reduce computation cost), and (3) new packing and parallelization techniques. Using real-world datasets, we evaluated the performance of our model and demonstrated its feasibility in speed and memory consumption. For example, it took about 116 minutes to obtain the training model from homomorphically encrypted Edinburgh dataset. In addition, it gives fairly accurate predictions on the testing dataset. We present the rst homomorphically encrypted logistic regression outsourcing model based on the critical observation that the precision loss of classication models is suciently small so that the decision plan stays still.
Chiraag Juvekar, Vinod Vaikuntanathan, Anantha Chandrakasan
To this end, we design Gazelle, a scalable and low-latency system for secure neural network inference, using an intricate combination of homomorphic encryption and traditional two-party computation techniques (such as garbled circuits). Gazelle makes three contributions. First, we design the Gazelle homomorphic encryption library which provides fast algorithms for basic homomorphic operations such as SIMD (single instruction multiple data) addition, SIMD multiplication and ciphertext permutation. Second, we implement the Gazelle homomorphic linear algebra kernels which map neural network layers to optimized homomorphic matrix-vector multiplication and convolution routines. Third, we design optimized encryption switching protocols which seamlessly convert between homomorphic and garbled circuit encodings to enable implementation of complete neural network inference.
We evaluate our protocols on benchmark neural networks trained on the MNIST and CIFAR-10 datasets and show that Gazelle outperforms the best existing systems such as MiniONN (ACM CCS 2017) by 20x and Chameleon (Crypto Eprint 2017/1164) by 30x in online runtime. Similarly when compared with fully homomorphic approaches like CryptoNets (ICML 2016) we demonstrate *three orders of magnitude* faster online run-time.
Ashrujit Ghoshal, Sikhar Patranabis, Debdeep Mukhopadhyay
Christoph Dobraunig, Maria Eichlseder, Thomas Korak, Stefan Mangard, Florian Mendel, Robert Primas
As a consequence, most countermeasures against fault attacks focus on the ability of faults to change intermediate values and usually try to detect such a change (detection-based), or to destroy the exploitable information if a fault happens (infective countermeasures). Such countermeasures implicitly assume that the release of ``fault-free'' ciphertexts in the presence of a fault-inducing attacker does not reveal any exploitable information. In this work, we challenge this assumption and show attacks that exploit the fact that intermediate values leading to such ``fault-free'' ciphertexts show a non-uniform distribution, while they should be uniformly distributed. The presented attacks are entirely practical and are demonstrated to work for software implementations of AES and for a hardware co-processor. These practical attacks rely on faults induced by means of clock glitches and hence, are achieved using only low-cost equipment. We target two countermeasures as example, simple time redundancy with comparison and an infective countermeasure presented at CHES 2014. However, our attacks can be applied to a wider range of countermeasures and are not restricted to these two countermeasures.
Craig Gentry, Adam O'Neill, Leonid Reyzin
Marc Beunardeau, Aisling Connolly, Houda Ferradi, Rémi Géraud, David Naccache, Damien Vergnaud
Combined with precomputation techniques (which would not yield as interesting results for the original Schnorr algorithm), we can amortise the cost of exponentiation over several signatures: these signatures share the same nonce. Sharing a nonce is a deadly blow to Schnorr signatures, but is not a security concern for our variant.
Our Scheme is provably secure, asymptotically-faster than Schnorr when combined with efficient precomputation techniques, and experimentally $2$ to $6$ times faster than Schnorr for the same number of signatures when using 1\,MB of static storage.
Gregory Maxwell, Andrew Poelstra, Yannick Seurin, Pieter Wuille
Hao Chen, Kyoohyung Han
In this work, we apply a family of "lowest digit removal" polynomials to improve homomorphic digit extraction algorithm which is crucial part in bootstrapping for both FV and BGV schemes. If the secret key has 1-norm $h=l_1(s)$ and the plaintext modulus is $t = p^r$, we achieved bootstrapping depth $\log h + \log( \log_p(ht))$ in FV scheme. In case of the BGV scheme, we bring down the depth from $\log h + 2 \log t$ to $\log h + \log t$.
We implemented bootstrapping for FV in the SEAL library. Besides the regular mode, we introduce another "slim mode'", which restrict the plaintexts to batched vectors in $\mathbb{Z}_{p^r}$. The slim mode has similar throughput as the regular mode, while each individual run is much faster and uses much smaller memory. For example, bootstrapping takes $6.75$ seconds for 7 bit plaintext space with 64 slots and $1381$ seconds for $GF(257^{128})$ plaintext space with 128 slots. We also implemented our improved digit extraction procedure for the BGV scheme in HElib.