IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
10 May 2018
Sankhanil Dey, Ranjan Ghosh
ePrint ReportJosé Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Hugo Pacheco, Vitor Pereira, Bernardo Portela
ePrint ReportSpecifications are then compiled into multi-party protocols. We formalize protocol security using (distributed) probabilistic information-flow and prove that compilation is security-preserving: protocols do not leak more than allowed by the source policy. The proof exploits a natural but previously missing correspondence between simulation-based cryptographic proofs and (composable) probabilistic non-interference.
Finally, we extend our framework to justify leakage cancelling, a domain-specific optimization that allows to, first, write an efficiently computable specification that fails to meet the allowed leakage upper-bound, and then apply a probabilistic pre-processing that brings the overall leakage to within the acceptable range.
06 May 2018
Payman Mohassel, Peter Rindal
ePrint ReportIn this paper, we design and implement a general framework for privacy-preserving machine learning and use it to obtain new solutions for training linear regression, logistic regression and neural network models. Our protocols are in a three-server model wherein data owners secret share their data among three servers who train and evaluate models on the joint data using three-party computation (3PC).
Our main contribution is a new and complete framework ($ABY^3$) for efficiently switching back and forth between arithmetic, binary, and Yao 3PC which is of independent interest. Many of the conversions are based on new techniques that are designed and optimized for the first time in this paper. We also propose new techniques for fixed-point multiplication of shared decimal values that extends beyond the three-party case, and customized protocols for evaluating piecewise polynomial functions. We design variants of each building block that is secure against malicious adversaries who deviates arbitrarily.
We implement our system in C++. Our protocols are up to four orders of magnitude faster than the best prior work, hence significantly reducing the gap between privacy-preserving and plaintext training.
Bonn, Germany, 23 July - 27 July 2018
Event CalendarNanyang Technological University
Job PostingWe are soliciting candidates to have an introductory knowledge in cryptography and strong background in digital/system design, including relevant experience in managing large-scale programming projects in C/C++/VHDL/Verilog. Candidates with prior industrial experience and familiarity with state-of-the-art tools in these domains are preferred.
Review of applications starts immediately and will continue until positions are filled.
Closing date for applications: 31 December 2018
Contact: Asst. Prof. Anupam Chattopadhyay, Nanyang Technological University (Singapore), anupam at ntu.edu.sg
NuCypher
Job PostingWe\'re looking for a scientist with expertise in fully homomorphic encryption (FHE) to assist with our research efforts on performance improvements and potential applications for smart contracts. Familiarity with related technologies like proxy re-encryption (PRE) and multi-party computation (MPC) is helpful.
Ideally, candidates have an understanding of the surrounding issues and problems and have an interest in identifying potential solutions. Due to the unproven and highly theoretical nature of these schemes, candidates should be willing to pivot research when practical solutions cannot be found. Qualified candidates are likely (but not required) to have a PhD or similarly extensive experience in cryptography.
Closing date for applications: 31 December 2018
Contact: Please email founders (at) nucypher.com with your CV and any previous research/publications you\'re able to share.
More information: http://www.nucypher.com/
04 May 2018
Simula@UiB, Bergen, Norway
Job PostingClosing date for applications: 15 June 2018
Contact: Professor Øyvind Ytrehus, Simula@UiB
Email: oyvindy (at) simula.no
More information: https://www.simula.no/about/job/call-phd-student-cryptography-simulauib
Norwegian University of Science and Technology (NTNU)
Job PostingPost-quantum primitives. Post-quantum public-key primitives are the main focus of the ongoing NIST standardization process that officially started on 30 November 2017. Initially 69 proposed schemes were proposed in three main categories: encryption schemes, key encapsulation mechanisms, and digital signatures. Those, and possibly new primitives, are the subject of the research for this position.
Post-quantum ecosystem. Current public key cryptosystems have a large associated ecosystem of auxiliary protocols and tools, such as proofs of knowledge, proofs of relations, verifiable decryption, and shuffles of ciphertexts. This ecosystem is sparse for most post-quantum schemes. Our group has already begun working on new tools, such as shuffles and verifiable decryption, mostly for lattice-based cryptosystem. We intend to continue this line of research, with a focus on lattice-based cryptography, but we will also work on code-based and multivariate cryptography.
Post-quantum key exchange. This project will focus on how to achieve efficient quantum-secure key exchange which can achieve some useful key exchange properties, such as: forward secrecy, key compromise impersonation, deniability, anonymity, contributiveness, and key control. Strong models of security, such as those accounting for ephemeral key leakage and side channels, and different settings, such as password-based key exchange and group key exchange, will also be investigated.
Closing date for applications: 1 June 2018
Contact: Professor Kristian Gjøsteen (kristian.gjosteen (at) ntnu.no), or Professor Colin Boyd (colin.boyd (at) ntnu.no), or Professor Danilo Gligoroski (danilo.gligoroski (at) ntnu.no)
More information: https://www.jobbnorge.no/en/available-jobs/job/152421/
03 May 2018
Ioana Boureanu, Anda Anda
ePrint ReportWe only sketch possible designs in the right directions, with the idea to pass on the message that these problems should be look at much more carefully.
We shortly debate what should and should not be the case w.r.t. confirmation of EMV contactless payments.
We also discuss alternative views onto making contactless payments secure against relay-attacks via proximity-checking.
02 May 2018
Nanyang Technological University, Singapore
Job PostingCandidates are expected to have a strong backgroung in symmetric-key cryptography and/or machine learning, with good experience in programming with C/C++ and/or Python.
Review of applications starts immediately and will continue until positions are filled.
Closing date for applications: 31 December 2018
Contact: Assoc. Prof. Thomas Peyrin, Nanyang Technological University (Singapore), thomas.peyrin (at) ntu.edu.sg
DarkMatter - Abu Dhabi
Job PostingIf you are looking for a real technical challenge within a top of the notch Lab, using the most recent technologies, a true work life balance, a tax free salary and the beach all year round, feel free to go on our website to apply for these open postions below:
- Hardware Security Researcher
- Embedded Security Researcher
- Malware Researcher
- Software Security Researcher
- Cryptanalyst
Apply here : https://careers.darkmatter.ae/jobs/search
Have a nice day !
Closing date for applications: 1 October 2018
Contact: Mehdi Messaoudi
Talent Acquisition Specialist at DarkMatter
mehdi.messaoudi (at) darkmatter.ae
More information: https://careers.darkmatter.ae/jobs/search
Nada EL Kassem, Liqun Chen, Rachid El Bansarkhani, Ali El Kaafarani, Jan Camenisch, Patrick Hough
ePrint ReportNicholas Stifter, Aljosha Judmayer, Philipp Schindler, Alexei Zamyatin, Edgar Weippl
ePrint ReportBertinoro, Italy, 29 July - 2 August 2018
SchoolSergey Grebnev
ePrint ReportMassimo Bartoletti, Tiziana Cimoli, Roberto Zunino
ePrint Report01 May 2018
University College Cork, Ireland
Job PostingMost apps, services, devices and even websites now require access to the user\'s location. But location information is very sensitive, and must be protected from data breaches and malicious tracking. How can we preserve the user\'s privacy without disrupting location based services? Location privacy is a growing research area in the field of privacy-enhancing technologies, with applications relating to personal privacy, autonomous vehicles and the Internet of Things (IoT). This project investigates the design and development of privacy-preserving protocols for location based services, including cryptographic protocols and data structures.
The PhD position is fully funded for 4 years, including a monthly stipend and a travel budget to present at international conferences. The successful candidate will also have the opportunity to work with the Principal Investigator extensive network of international research collaborations.
Candidates should have a background/strong interest in security and privacy, as well as a good grasp of mathematics. Previous experience in cryptography is an asset, but is not required.
Interested candidates should apply by email to Dr. Paolo Palmieri (p.palmieri (at) cs.ucc.ie), CC’ing the Department of Computer Science (csmanager (at) cs.ucc.ie), on or before the 20th of May 2018. Early applications are encouraged.
Applicants should include: 1) a covering letter (1 page) explaining their interest in the project topic, and mentioning any previous experience in security/privacy/cryptography; 2) a Curriculum Vitae.
Academic transcripts and references will be required after shortlisting.
Closing date for applications: 20 May 2018
Contact: Dr. Paolo Palmieri (p.palmieri (at) cs.ucc.ie)
Surrey Centre for Cyber Security, University of Surrey, UK
Job PostingClosing date for applications: 31 May 2018
Contact: Professor Steve Schneider: s.schneider (at) surrey.ac.uk
More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=029018
University of Surrey, UK
Job PostingClosing date for applications: 29 May 2018
Contact: Professor Steve Schneider
Director, Surrey Centre for Cyber Security
University of Surrey, Guildford, GU2 7XH
s.schneider (at) surrey.ac.uk
+44 1483 689637
More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=034017-R-R
Jung Hee Cheon, Minki Hhan, Jiseung Kim, Changmin Lee
ePrint ReportIn this work, we describe the first attack algorithm which can be applied to HHSS obfuscation depending on the dimension of the branching program matrix. When two matrix branching programs and an obfuscated program using HHSS obfuscation are given, we can distinguish which branching program was used to make an obfuscated program.
Our attack uses a left kernel of the product of branching program matrices. If we obtain a short vector in the left kernel, we manipulate the result of the zerotesting procedure because HHSS obfuscation removes a special setting called `scalar bundling' in the initialization step for its efficiency. More precisely, the zerotesting procedure exposes the left kernel of the product of branching program matrices, so we can use the property employing a lattice reduction algorithm on the left kernel. Indeed, we find a short vector what we want using a lattice reduction algorithm. As a result, we can find a vector what we want in the complexity $2^{O(\frac{d}{B-\epsilon})}$, where $d$ is the dimension of the branching program matrices and a gap parameter $B$ and a real value $\epsilon$ are given. For example, we can find a short vector applying the LLL algorithm for the current parameter proposed by HHSS implementation with $d=100$. It takes less than a second with the precomputation of the evaluation of the obfuscated program.