International Association
for Cryptologic Research

In modern as well as ancient ciphers of public key cryptography, substitution boxes find a permanent seat. Generation and cryptanalysis of 4-bit as well as 8-bit crypto S-boxes is of utmost importance in modern cryptography. In this paper, a detailed review of cryptographic properties of S-boxes has been illustrated. The generation of crypto S-boxes with 4-bit as well as 8-bit Boolean functions (BFs) and Polynomials over Galois field GF(p^q) has also been of keen interest of this paper. The detailed analysis and comparison of generated 4-bit and 8-bit S-boxes with 4-bit as well as 8-bit S-boxes of Data Encryption Standard (DES) and Advance Encryption Standard (AES) respectively, has incorporated with example. Detailed analysis of generated S-boxes claims a better result than DES and AES in view of security of crypto S-boxes.

We give a language-based security treatment of domain-specific languages and compilers for secure multi-party computation, a cryptographic paradigm that enables collaborative computation over encrypted data. Computations are specified in a core imperative language, as if they were intended to be executed by a trusted-third party, and formally verified against an information-flow policy modelling (an upper bound to) their leakage. This allows non-experts to assess the impact of performance-driven authorized disclosure of intermediate values.

Specifications are then compiled into multi-party protocols. We formalize protocol security using (distributed) probabilistic information-flow and prove that compilation is security-preserving: protocols do not leak more than allowed by the source policy. The proof exploits a natural but previously missing correspondence between simulation-based cryptographic proofs and (composable) probabilistic non-interference.

Finally, we extend our framework to justify leakage cancelling, a domain-specific optimization that allows to, first, write an efficiently computable specification that fails to meet the allowed leakage upper-bound, and then apply a probabilistic pre-processing that brings the overall leakage to within the acceptable range.

Machine learning is widely used to produce models for a range of applications and is increasingly offered as a service by major technology companies. However, the required massive data collection raises privacy concerns during both training and prediction stages.

In this paper, we design and implement a general framework for privacy-preserving machine learning and use it to obtain new solutions for training linear regression, logistic regression and neural network models. Our protocols are in a three-server model wherein data owners secret share their data among three servers who train and evaluate models on the joint data using three-party computation (3PC).

Our main contribution is a new and complete framework ($ABY^3$) for efficiently switching back and forth between arithmetic, binary, and Yao 3PC which is of independent interest. Many of the conversions are based on new techniques that are designed and optimized for the first time in this paper. We also propose new techniques for fixed-point multiplication of shared decimal values that extends beyond the three-party case, and customized protocols for evaluating piecewise polynomial functions. We design variants of each building block that is secure against malicious adversaries who deviates arbitrarily.

We implement our system in C++. Our protocols are up to four orders of magnitude faster than the best prior work, hence significantly reducing the gap between privacy-preserving and plaintext training.

Event date: 23 July to 27 July 2018

The Research Group at Nanyang Technological University (NTU), Singapore, led by Prof. Anupam Chattopadhyay is seeking skilled and motivated candidates for the position of Post-Doctoral Research Fellows to participate in multiple ongoing projects focusing on system/architecture/hardware security. The research team is currently funded by several large and strategic research grants in the aforementioned areas. Salaries are highly competitive and are decided according to the successful applicants’ accomplishments, experience and qualifications. Interested applicants are encouraged send their detailed CV, cover letter and two letters of references to Prof. Anupam Chattopadhyay (anupam at ntu.edu.sg).

We are soliciting candidates to have an introductory knowledge in cryptography and strong background in digital/system design, including relevant experience in managing large-scale programming projects in C/C++/VHDL/Verilog. Candidates with prior industrial experience and familiarity with state-of-the-art tools in these domains are preferred.

Review of applications starts immediately and will continue until positions are filled.

Closing date for applications: 31 December 2018

Contact: Asst. Prof. Anupam Chattopadhyay, Nanyang Technological University (Singapore), anupam at ntu.edu.sg

NuCypher is a data privacy layer for blockchain, decentralized applications, and other distributed systems. We\'re back by Y Combinator, Polychain Capital, and many other leading investors.

We\'re looking for a scientist with expertise in fully homomorphic encryption (FHE) to assist with our research efforts on performance improvements and potential applications for smart contracts. Familiarity with related technologies like proxy re-encryption (PRE) and multi-party computation (MPC) is helpful.

Ideally, candidates have an understanding of the surrounding issues and problems and have an interest in identifying potential solutions. Due to the unproven and highly theoretical nature of these schemes, candidates should be willing to pivot research when practical solutions cannot be found. Qualified candidates are likely (but not required) to have a PhD or similarly extensive experience in cryptography.

Closing date for applications: 31 December 2018

Contact: Please email founders (at) nucypher.com with your CV and any previous research/publications you\'re able to share.

More information: http://www.nucypher.com/

Simula@UiB (simula-uib.com) has a three-year PhD position available in the field of cryptography. The position is associated with the project “qsIoT: Quantum safe cryptography for the Internet of Things”, awarded by the Research Council of Norway.

Closing date for applications: 15 June 2018

Contact: Professor Øyvind Ytrehus, Simula@UiB

Email: oyvindy (at) simula.no

More information: https://www.simula.no/about/job/call-phd-student-cryptography-simulauib

Each researcher will work on a separate project in one of the following three related areas. It is expected that all researchers will collaborate and meet together regularly as a team. The project is a collaboration between members of the NTNU Applied Cryptology Laboratory.

• Post-quantum primitives. Post-quantum public-key primitives are the main focus of the ongoing NIST standardization process that officially started on 30 November 2017. Initially 69 proposed schemes were proposed in three main categories: encryption schemes, key encapsulation mechanisms, and digital signatures. Those, and possibly new primitives, are the subject of the research for this position.

• Post-quantum ecosystem. Current public key cryptosystems have a large associated ecosystem of auxiliary protocols and tools, such as proofs of knowledge, proofs of relations, verifiable decryption, and shuffles of ciphertexts. This ecosystem is sparse for most post-quantum schemes. Our group has already begun working on new tools, such as shuffles and verifiable decryption, mostly for lattice-based cryptosystem. We intend to continue this line of research, with a focus on lattice-based cryptography, but we will also work on code-based and multivariate cryptography.

• Post-quantum key exchange. This project will focus on how to achieve efficient quantum-secure key exchange which can achieve some useful key exchange properties, such as: forward secrecy, key compromise impersonation, deniability, anonymity, contributiveness, and key control. Strong models of security, such as those accounting for ephemeral key leakage and side channels, and different settings, such as password-based key exchange and group key exchange, will also be investigated.

  Closing date for applications: 1 June 2018

  Contact: Professor Kristian Gjøsteen (kristian.gjosteen (at) ntnu.no), or Professor Colin Boyd (colin.boyd (at) ntnu.no), or Professor Danilo Gligoroski (danilo.gligoroski (at) ntnu.no)

  More information: https://www.jobbnorge.no/en/available-jobs/job/152421/

Relay attacks on contactless e-payments were demonstrated in 2015. Since, countermeasures have been proposed and Mastercard has recently adopted a variant of these in their specifications. These relay-counteractions are based on the payment-terminal checking that the card is close-by. To this end, several other EMV-adaptations have emerged, with the aim to impede dishonest cards cheating on their proximity-proofs. However, we argue that both the former and the latter measures are ineffective.

We only sketch possible designs in the right directions, with the idea to pass on the message that these problems should be look at much more carefully.

We shortly debate what should and should not be the case w.r.t. confirmation of EMV contactless payments.

We also discuss alternative views onto making contactless payments secure against relay-attacks via proximity-checking.

SYmmetric and Lightweight cryptography Lab (SYLLAB) at Nanyang Technological University (NTU), Singapore, is seeking highly motivated candidates for 1 research fellow position (from fresh post-docs to senior research fellows) in the areas of symmetric key cryptography and machine learning. The research team is supported by a Temasek Laboratories funding from Singapore. Salaries are competitive and are determined according to the successful applicants accomplishments, experience and qualifications. Interested applicants should send their detailed CVs, cover letter and references to Prof. Thomas Peyrin (thomas.peyrin (at) ntu.edu.sg).

Candidates are expected to have a strong backgroung in symmetric-key cryptography and/or machine learning, with good experience in programming with C/C++ and/or Python.

Review of applications starts immediately and will continue until positions are filled.

Closing date for applications: 31 December 2018

Contact: Assoc. Prof. Thomas Peyrin, Nanyang Technological University (Singapore), thomas.peyrin (at) ntu.edu.sg

DarkMatter is currently looking for several Security Researchers to join his Lab in the sunny city of Abu Dhabi (45min from Dubai).

If you are looking for a real technical challenge within a top of the notch Lab, using the most recent technologies, a true work life balance, a tax free salary and the beach all year round, feel free to go on our website to apply for these open postions below:

- Hardware Security Researcher

- Embedded Security Researcher

- Malware Researcher

- Software Security Researcher

- Cryptanalyst

Apply here : https://careers.darkmatter.ae/jobs/search

Have a nice day !

Closing date for applications: 1 October 2018

Contact: Mehdi Messaoudi

Talent Acquisition Specialist at DarkMatter

mehdi.messaoudi (at) darkmatter.ae

More information: https://careers.darkmatter.ae/jobs/search

Direct Anonymous Attestation (DAA) is an anonymous digi- tal signature that aims to provide both signer authentication and privacy. DAA was designed for the attestation service of the Trusted Platform Module (TPM). In this application, a DAA signer role is divided into two parts: the principal signer which is a TPM, and an assistant signer which is a standard computing platform in which the TPM is embedded, called the Host. A design feature of a DAA solution is to make the TPM workload as low as possible. This paper presents a lattice-based DAA (L-DAA) scheme to meet this requirement. Security of this scheme is proved in the Universally Composable (UC) security model under the hard assumptions of the Ring Inhomogeneous Short Integer Solution (Ring-ISIS) and Ring Learning With Errors (Ring-LWE) problems. Our L-DAA scheme includes two building blocks, one is a modication of the Boyen lattice based signature scheme and another is a modication of the Baum et al. lattice based commitment scheme. These two building blocks may be of independent interest.

The term Nakamoto consensus is generally used to refer to Bitcoin's novel consensus mechanism, by which agreement on its underlying transaction ledger is reached. It is argued that this agreement protocol represents the core innovation behind Bitcoin, because it promises to facilitate the decentralization of trusted third parties. Specifically, Nakamoto consensus seeks to enable mutually distrusting entities with weak pseudonymous identities to reach eventual agreement while the set of participants may change over time. When the Bitcoin white paper was published in late 2008, it lacked a formal analysis of the protocol and the guarantees it claimed to provide. It would take the scientific community several years before first steps towards such a formalization of the Bitcoin protocol and Nakamoto consensus were presented. However, since then the number of works addressing this topic has grown substantially, providing many new and valuable insights. Herein, we present a coherent picture of advancements towards the formalization of Nakamoto consensus, as well as a contextualization in respect to previous research on the agreement problem and fault tolerant distributed computing. Thereby, we outline how Bitcoin's consensus mechanism sets itself apart from previous approaches and where it can provide new impulses and directions to the scientific community. Understanding the core properties and characteristics of Nakamoto consensus is of key importance, not only for assessing the security and reliability of various blockchain systems that are based on the fundamentals of this scheme, but also for designing future systems that aim to fulfill comparable goals.

Event date: 29 July to 2 August 2018

We study the properties of an algorithm for solving the elliptic curve discrete logarithm problem presented by A.~Yu.~Nesterenko at the CTCrypt 2015 session. We show that for practically important instances of the problem its average complexity is not less than that of Pollard's rho-method.

Besides simple transfers of currency, Bitcoin also enables various forms of smart contracts, i.e. protocols where users interact within pre-agreed rules, which determine (possibly depending on the actual interaction) how currency is eventually distributed. This paper provides a gentle introduction to Bitcoin smart contracts, which we specify by abstracting from the underlying Bitcoin machinery. To this purpose we exploit BitML, a recent DSL for smart contracts executable on Bitcoin.

We are currently seeking to recruit 1 PhD student to work on the project Cryptographic privacy-preserving protocols for location based services.

Most apps, services, devices and even websites now require access to the user\'s location. But location information is very sensitive, and must be protected from data breaches and malicious tracking. How can we preserve the user\'s privacy without disrupting location based services? Location privacy is a growing research area in the field of privacy-enhancing technologies, with applications relating to personal privacy, autonomous vehicles and the Internet of Things (IoT). This project investigates the design and development of privacy-preserving protocols for location based services, including cryptographic protocols and data structures.

The PhD position is fully funded for 4 years, including a monthly stipend and a travel budget to present at international conferences. The successful candidate will also have the opportunity to work with the Principal Investigator extensive network of international research collaborations.

Candidates should have a background/strong interest in security and privacy, as well as a good grasp of mathematics. Previous experience in cryptography is an asset, but is not required.

Interested candidates should apply by email to Dr. Paolo Palmieri (p.palmieri (at) cs.ucc.ie), CC’ing the Department of Computer Science (csmanager (at) cs.ucc.ie), on or before the 20th of May 2018. Early applications are encouraged.

Applicants should include: 1) a covering letter (1 page) explaining their interest in the project topic, and mentioning any previous experience in security/privacy/cryptography; 2) a Curriculum Vitae.

Academic transcripts and references will be required after shortlisting.

Closing date for applications: 20 May 2018

Contact: Dr. Paolo Palmieri (p.palmieri (at) cs.ucc.ie)

A fully-funded (22,000 GBP plus fees) PhD position in Cyber Security to work on a research project focusing on modelling and verification of distributed ledger technologies with respect to threat models and security analysis. The successful candidate will be working under supervision of Professor Steve Schneider(Principal Supervisor, http://www.surrey.ac.uk/cs/people/Steve_Schneider) and Dr David Williams (Co-Supervisor).

Closing date for applications: 31 May 2018

Contact: Professor Steve Schneider: s.schneider (at) surrey.ac.uk

More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=029018

Research Fellow in Voting on Ledger Technologies

Closing date for applications: 29 May 2018

Contact: Professor Steve Schneider

Director, Surrey Centre for Cyber Security

University of Surrey, Guildford, GU2 7XH

s.schneider (at) surrey.ac.uk

+44 1483 689637

More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=034017-R-R

Indistinguishability Obfuscation ($iO$) is a hopeful tool which obfuscates a program with the least leakage, and produces various applications including functional encryption. Recently, a state-of-the-art obfuscator implementation underlying the branching program matrix, HHSS, has been suggested by Halevi et. al. in ACM-CCS'17.

In this work, we describe the first attack algorithm which can be applied to HHSS obfuscation depending on the dimension of the branching program matrix. When two matrix branching programs and an obfuscated program using HHSS obfuscation are given, we can distinguish which branching program was used to make an obfuscated program.

Our attack uses a left kernel of the product of branching program matrices. If we obtain a short vector in the left kernel, we manipulate the result of the zerotesting procedure because HHSS obfuscation removes a special setting called `scalar bundling' in the initialization step for its efficiency. More precisely, the zerotesting procedure exposes the left kernel of the product of branching program matrices, so we can use the property employing a lattice reduction algorithm on the left kernel. Indeed, we find a short vector what we want using a lattice reduction algorithm. As a result, we can find a vector what we want in the complexity $2^{O(\frac{d}{B-\epsilon})}$, where $d$ is the dimension of the branching program matrices and a gap parameter $B$ and a real value $\epsilon$ are given. For example, we can find a short vector applying the LLL algorithm for the current parameter proposed by HHSS implementation with $d=100$. It takes less than a second with the precomputation of the evaluation of the obfuscated program.