International Association
for Cryptologic Research

Cramer and Damg\aa{}rd were the first to propose a constant-rounds protocol for securely solving a linear system of unknown rank over a finite field in multiparty computation (MPC). For $m$ linear equations and $n$ unknowns, and for the case $m\leq n$, the computational complexity of their protocol is $O(n^5)$. Follow-up work (by Cramer, Kiltz, and Padr\'{o}) proposes another constant-rounds protocol for solving this problem, which has complexity $O(m^4+n^2 m)$. For certain applications, such asymptotic complexities might be prohibitive. In this work, we improve the asymptotic computational complexity of solving a linear system over a finite field, thereby sacrificing the constant-rounds property. We propose two protocols: (1) a protocol based on pivoting-free Gaussian elimination with computational complexity $O(n^3)$ and linear round complexity, and (2) a protocol based on block-recursive matrix decomposition, having $O(n^2)$ computational complexity (assuming ``cheap'' secure inner products as in Shamir's secret-sharing scheme) and $O(n^{1.585})$ (super-linear) round complexity.

We construct a concretely practical proof-of-space (PoS) with arbitrarily tight security based on stacked depth robust graphs and constant-degree expander graphs. A proof-of-space (PoS) is an interactive proof system where a prover demonstrates that it is persistently using space to store information. A PoS is arbitrarily tight if the honest prover uses exactly N space and for any $\epsilon > 0$ the construction can be tuned such that no adversary can pass verification using less than $1-\epsilon N$ space. Most notably, the degree of the graphs in our construction are independent of $\epsilon$, and the number of layers is only $O(\log(1/\epsilon))$. The proof size is $O(d/\epsilon)$. The degree $d$ depends on the depth robust graphs, which are only required to maintain $\Omega(N)$ depth in subgraphs on 80% of the nodes. Our tight PoS is also secure against parallel attacks.

Tight proofs of space are necessary for proof-of-replication (PoRep), which is a publicly verifiable proof that the prover is dedicating unique resources to storing one or more retrievable replicas of a file. Our main PoS construction can be used as a PoRep, but data extraction is as inefficient as replica generation. We present a second variant of our construction called ZigZag PoRep that has fast/parallelizable data extraction compared to replica generation and maintains the same space tightness while only increasing the number of levels by roughly a factor two.

Secure sketch produces public information of its input $w$ without revealing it, yet, allows the exact recovery of $w$ given another value $w'$ that is close to $w$. Therefore, it can be used to reliably reproduce any error-prone biometric data stored in a database, without jeopardizing the user privacy. In addition to this, secure sketch enables fuzzy extractor, by using a randomness extractor to convert the noisy reading $w'$ of its original value $w$ into the same uniform key $R$. Standard secure sketch should work on all type of available input sources. However, some sources have lower entropy compared to the error itself, formally called ``more error than entropy", a standard secure sketch cannot show its security promise perfectly to these kinds of sources. Besides, when same input is reused for multiple sketches generation, the complex error process of the input further results to security uncertainty, and offer no security guarantee. Fuller et al., (Asiacrypt 2016) defined the fuzzy min-entropy is necessary to show security for different kind of sources over different distributions.

This paper focuses on secure sketch. We propose a new technique to generate re-usable secure sketch. We show security to low entropy sources and enable error correction up to Shannon bound. Our security defined information theoretically with fuzzy min-entropy under distribution uncertain setting. In other words, our new technique offers security guarantee for all family of input distribution, as long as the sources possessing ``meaningful amount" of fuzzy min-entropy over some random distributions, parametrized by a chosen error correction code.

We present high-speed implementations of the post-quantum supersingular isogeny Diffie-Hellman key exchange (SIDH) and the supersingular isogeny key encapsulation (SIKE) protocols for 32-bit ARMv7-A processors with NEON support. The high performance of our implementations is mainly due to carefully optimized multiprecision and modular arithmetic that finely integrates both ARM and NEON instructions in order to reduce the number of pipeline stalls and memory accesses, and a new Montgomery reduction technique that combines the use of the UMAAL instruction with a variant of the hybrid-scanning approach. In addition, we present efficient implementations of SIDH and SIKE for 64-bit ARMv8-A processors, based on a high-speed Montgomery multiplication that leverages the power of 64-bit instructions. Our experimental results consolidate the practicality of supersingular isogeny-based protocols for many real-world applications. For example, a full key-exchange execution of SIDHp503 is performed in about 176 million cycles on an ARM Cortex-A15 from the ARMv7-A family (i.e., 88 milliseconds @2.0GHz). On an ARM Cortex-A72 from the ARMv8-A family, the same operation can be carried out in about 90 million cycles (i.e., 45 milliseconds @1.992GHz). All our software is protected against timing and cache attacks. The techniques for modular multiplication presented in this work have broad applications to other cryptographic schemes.

In this paper, we propose a novel cryptanalytic technique called correlated sequence attack on block ciphers. Our attack exploits the properties of given key dependent sequences of length $t$ to obtain other keyed sequences of same length with $\sigma$ ($0\le \sigma < t$) computations of the non-linear function. We call these sequences $(\sigma,t)$-correlated sequences, and utilize them in a meet-in-the-middle attack for $2t$ rounds. We apply this technique on Simon-32/64 and Simeck-32/64 block ciphers, construct $(1, 8)$-correlated sequences and present the first 25-round attack on both ciphers. Next, we analyze the 8-th element of these sequences by considering the key scheduling algorithms and differential properties, and show that the attack can be improved by two rounds with the same complexities as of the 25-round attack. Overall, our technique is used to attack up to 27 rounds of both Simon-32/64 and Simeck-32/64 with a time complexity less than that of average exhaustive search and data complexity of 3.

Our attack extends the number of previously attacked rounds by 4 and has a success probability 1. This reduces the security margin of both these ciphers to 16%. Up to our knowledge, this is currently the best attack on Simon-32/64 and Simeck-32/64.

Indian Statistical Institute invites applications from duly qualified Indian nationals, including Persons of Indian Origins (PIOs) and Overseas Citizens of India (OCIs), for full-time permanent faculty positions at the level of Assistant Professors and Associate Professors, to be placed at the R. C. Bose Centre for Cryptology and Security of the Institute, in Kolkata.

This is a rolling advertisement, and there is no last date. Interested applicants are encouraged to apply for the positions throughout the year. The recruitment committee(s) will meet regularly to consider the applications and arrange for seminars and/or interviews as the need arises.

For eligibility criteria, kindly visit the link below in \"More information\"

Interested candidates may send a copy of their current Curriculum Vitæ that clearly mentions the marks/grades/dissertations/honors at all academic levels (Grade 10, Grade 12, Bachelors, Masters, PhD), as applicable, and includes a complete list of peer-reviewed journal and conference publications in cryptology and security, to be considered for the positions.

The Curriculum Vitæ, as mentioned, should be sent to “Head, R. C. Bose Centre for Cryptology and Security, Indian Statistical Institute” at rcbose (at) isical.ac.in as a consolidated PDF file.

Closing date for applications: 31 December 2019

Contact: Head, R. C. Bose Centre for Cryptology and Security, Indian Statistical Institute

rcbose (at) isical.ac.in

More information: https://www.isical.ac.in/JobApplicationFiles/ASSOCIATE%20PROFESSOR%20and%20ASSISTANT%20PROFESSOR%20for%20R%20C%20Bose%20

The IT Security Group of Paderborn University, Germany, is offering a postdoctoral researcher position.

The group has a strongly research-oriented focus and sufficient funds at disposal to buy necessary equipment, enable the attendance of scientific conferences, etc. The competitive salary is based on state tariff TV-L E13/14, 100% position, according to the current tariff in the German state North-Rhine Westphalia.

Applicants are expected to have a strong background and good publication record in modern cryptography, preferably in \"provable security\", a strong interest in theoretical foundations of real-world cryptography, and a strong motivation and ability to perform excellent research. The successful applicant is expected to actively contribute to the research agenda of an ERC-funded project on theoretically-sound real-world cryptography.

Knowledge of the German language is not mandatory. The language spoken within the group and large parts of the institute is English. All students and many people in the city speak good English, and the MSc study courses at the Institute of Computer Science are taught in English.

The position is initially offered for one year, with the option of an extension to two or more years. The starting date is November 1st or later. There is no closing date for applications, the position remains open until filled.

Applications should consist of a single pdf document, containing:

- Cover letter with a brief introduction of the applicant and a short personal statement on the applicant\'s interest in this particular position

- CV and a list of publications

- Optional: one or two letter(s) of recommendation

- Optional: further supporting material

Incomplete applications or obvious mass applications that do not specifically address the offered position can not be considered.

Please submit applications by e-mail to Tibor Jager (e-mail address below). If you need further information or have any questions, then please feel free to contact Tibor.

Closing date for applications: 31 December 2018

Contact: Tibor Jager, tibor.jager (at) upb.de

Singapore University of Technology and Design (SUTD) is a young university which was established in collaboration with MIT. iTrust is a Cyber Security Research Center with about 15 inter-disciplinary faculty members from SUTD.

I am looking for promising PhD students who are interested in working in the area of cyber security. The position is fully funded up to 4 years with very competitive scholarship. Candidates should have an excellent background (with Bachelor or Master degree and CGPA>80%) in mathematics or computer science/engineering and the ability to work on inter-disciplinary research projects. Acquaintance with cryptography and network/system security concepts as well as some programming skills will be considered as strong assets.

For the Jan 2019 intake, the application deadline is 30th September 2018. More information of the PhD program is available at https://istd.sutd.edu.sg/phd/phd-overview/.

Interested candidates please send your CV to Prof. Jianying Zhou.

Closing date for applications: 30 September 2018

Contact: Prof. Jianying Zhou

jianying_zhou (at) sutd.edu.sg

More information: http://jianying.space/

Event date: 13 November to 15 November 2018
Submission deadline: 3 September 2018
Notification: 8 October 2018

Event date: 17 September to 21 September 2018

Here’s something to ponder. Each of three people possess an integer modulo seven. They must determine the sum of their integers modulo seven without use of a trusted third party, and ensuring that the Bayesian posterior for all participants is precisely the prior conditioned on the new information only.

We’re guessing you know that one. If you enjoy privacy preserving computation and recognize the potential, you might want to join a team of top tier engineers, data scientists, mathematicians and cryptographers working on the ROAR platform. You will collaborate across engineering and business units to help build a next-generation prediction platform used by the bank, the bank’s clients, and eventually - we hope - the entire world.

You will:

• Design, implement and improve techniques for privacy preserving Machine Learning using whatever techniques are most appropriate (cryptographic, statistical and a combination of the two).

• Design, implement and improve partial structure preserving data obfuscation methodologies

• Design and analyze hypothetical statistical attacks, real and hypothetical

• Design and build into our contest framework new primitives, and combinations of the same, to expand the possibilities for crowd-sourcing data, predictions and models.

• Work with leading experts in secure multiparty computation.

• Collaborate with researchers and students as part of the JP Morgan/ ROAR partnership with MIT, which involves Sloan CIDL and MIT CSAIL.

• Adapt privacy methods to real-time data streams.

Closing date for applications: 25 July 2019

Contact: send CV to marc.gammon (at) jpmchase.com

Successful applicants should be well established in at least one specialisation of computer security and should bring new expertise to the department. Possible areas of expertise are:

- Security Engineering

- Security of Cyber-Physical Systems

- Securing Long Term & Long Lived Systems

- Computer Architecture Security

- Language-based Security

A successful applicant should demonstrate experience in the application and execution of third party funding projects, such as DFG Projects. Candidates must be ready and willing to participate in collaborative applications of interdisciplinary research projects, and to actively integrate into existing projects. Paderborn University offers several possibilities for crossdisciplinary research, such as the CRC 901 “On-the-fly Computing”, as well as institutions such as the Software Innovation Campus Project (SICP), the Paderborn Center for Parallel Computing (PC²) and the Heinz-Nixdorf Institute (HNI). Another vital criterion is the willingness to work with other professors in the department.

Please see the referenced .pdf document for further information.

Closing date for applications: 30 September 2018

Contact: Prof. Dr. Holger Karl (eim-i-prodekan@uni[at]uni-paderborn.de) and Prof. Dr.-Ing. Tibor Jager (tibor.jager[at]upb.de).

More information: https://www.uni-paderborn.de/fileadmin/zv/4-4/stellenangebote/Kennziffer3427Englisch.pdf

The PhD candidate will be based in the Department of Informatics and the Cyber Security group at Kings College London. They will explore cryptocurrencies (and the blockchain) from a system security and applied cryptography perspective.

Some topics explored in the past by this research group include smart contract security, so-called layer 2 protocols, undermining the incentive structure of nakamoto-style consensus, etc.

The candidate is expected to have at least a bachelors degree in computer science, mathematics, or related field. They should have an interest in applied cryptography, information security and privacy enhancing technologies. Prior knowledge on the blockchain is not necessary, but desirable.

Funding is available (including a stipend) for a 4-year PhD at UK/EU rates. Start date will be agreed between candidate and Patrick McCorry.

Closing date for applications:

Contact: Patrick McCorry, Assistant Professor (Lecturer) at Kings College London.

Please e-mail stonecoldpat (at) gmail.com for further enquiries.

School of Information Technology Management of Ryerson University invites applications for two postdoctoral positions in Cybersecurity for an initial appointment of one year, renewable for two more years based on performance. Preferred areas of research interest would be secure cryptographic implementation, IoT security, blockchain technology, and post-quantum cryptography.

Candidates are required to have a Ph.D. in Computer Science, ECE or a related area, by the time of appointment and an outstanding research record. Solid background in cryptography, network security, distributed systems, protocols and algorithms, is highly desirable.

Responsibilities include conducting fundamental research in informations system security, publishing in leading conferences and journals, and participation in proposal development. The incumbent is expected to take part in the activities of the Cybersecurity Research Lab at the Ryerson University.

Required application materials include: a curriculum vita; a three-page research statement; and copies of three recent publications. Review of applications will start immediately and continue until both positions are filled. Priority will be given to those candidates who submit their application materials by September 1st, 2018.

For further information, you may contact Dr. Atefeh Mashatan at amashatan @ ryerson.ca

Closing date for applications: 1 January 2019

Singapore University of Technology and Design (SUTD) is a young university which was established in collaboration with MIT. iTrust is a Cyber Security Research Center with about 15 inter-disciplinary faculty members from SUTD. It has the world\'s best facilities in cyber-physical systems (CPS) including testbeds for Secure Water Treatment (SWaT), Water Distribution (WADI), Electric Power and Intelligent Control (EPIC), and IoT. (See more info at https://itrust.sutd.edu.sg/research/testbeds/.)

I am looking for PhD interns with interest in cyber-physical system security (IoT, water, power grid, transportation, and autonomous vehicle etc.). The attachment will be at least 3 months. Allowance will be provided for local expenses.

Interested candidates please send your CV with a research statement to Prof. Jianying Zhou.

Closing date for applications: 30 September 2018

Contact: Prof. Jianying Zhou

Email: jianying_Zhou (at) sutd.edu.sg

More information: http://jianying.space/

Order-revealing encryption (ORE) is a popular primitive for outsourcing encrypted databases, as it allows for efficiently performing range queries over encrypted data. Unfortunately, a series of works, starting with Naveed et al. (CCS 2015), have shown that when the adversary has a good estimate of the distribution of the data, ORE provides little protection. In this work, we consider the case that the database entries are drawn identically and independently from a distribution of known shape, but for which the mean and variance are not (and thus the attacks of Naveed et al. do not apply). We define a new notion of security for ORE, called parameter-hiding ORE, which maintains the secrecy of these parameters. We give a construction of ORE satisfying our new definition from bilinear maps.

The US federal court system is exploring ways to improve the accountability of electronic surveillance, an opaque process often involving cases sealed from public view and tech companies subject to gag orders against informing surveilled users. One judge has proposed publicly releasing some metadata about each case on a paper cover sheet as a way to balance the competing goals of (1) secrecy, so the target of an investigation does not discover and sabotage it, and (2) accountability, to assure the public that surveillance powers are not misused or abused.

Inspired by the courts' accountability challenge, we illustrate how accountability and secrecy are simultaneously achievable when modern cryptography is brought to bear. Our system improves configurability while preserving secrecy, offering new tradeoffs potentially more palatable to the risk-averse court system. Judges, law enforcement, and companies publish commitments to surveillance actions, argue in zero-knowledge that their behavior is consistent, and compute aggregate surveillance statistics by multi-party computation (MPC). We demonstrate that these primitives perform efficiently at the scale of the federal judiciary. To do so, we implement a hierarchical form of MPC that mirrors the hierarchy of the court system. We also develop statements in succinct zero-knowledge (SNARKs) whose specificity can be tuned to calibrate the amount of information released. All told, our proposal not only offers the court system a flexible range of options for enhancing accountability in the face of necessary secrecy, but also yields a general framework for accountability in a broader class of "secret information processes."

Whenever you communicate with someone electronically there are intermediaries that process and carry your communication, helping it reliably get to the intended destination, or storing it until the recipient goes online to collect it. We hope that these intermediaries behave properly, but sometimes they get hacked, or the people running them act maliciously, and your communications can then be tampered with and eavesdropped, with potentially severe consequences. End-to-end encryption is designed to protect against such threats and has been available for decades, but it’s still rarely used because it interferes with modern ways of working. For example, if the company that provides your email service can’t read it, you can’t search it without downloading it all; with collaboration applications, like Google Docs or chat applications, current end-to-end encryption approaches won‘t even work. Even if data is encrypted end-to-end, analysis of the meta-data can still violate privacy, for example disclosing who is working with whom. Anonymous communication systems like Tor can help protect meta-data but the delay that the most secure systems (e.g. Loopix) introduce would prevent standard collaboration technologies from working properly. This project will develop techniques to build collaboration applications that are end-to-end secure, and protect privacy. We will quantify how secure and effective they are, working with investigative journalists who need high levels of security in their collaboration applications.

Funding is available for a 4-year PhD studentship working on this project, providing a standard stipend and fees (at UK/EU rate). The project will be supervised by Dr Steven Murdoch and will start in October 2018 (unless agreed otherwise).

Closing date for applications: 12 August 2018

Contact: Steven Murdoch, s.murdoch (at) ucl.ac.uk

More information: http://www.cs.ucl.ac.uk/prospective_students/phd_programme/funded_scholarships/#c31028

Skills & Requirements

Education– Minimum of a MS in computer science or mathematics. PhD in CS or mathematics desired but optional.

Required Technical Expertise

Significant fundamental or applied research focus in cryptography, and in particular, secure computation.

Demonstrated capability to take theoretical constructions and turn them into working implementations, and then optimize them toward practical use.

A pragmatic understanding of building practical, performant systems that incorporate such advanced cryptosystems into a smoothly integrated whole that meets the needs of our clients.

Required General Skills– Must work well with customers, including building rapport, identifying needs, and communicating with strong written, verbal, and presentation skills. Must be highly motivated and able to self-manage to deadlines and quality goals expected by those customers.

We’re looking for people who can invent, learn, think, and inspire. We reward creativity and thrive on collaboration. If you are interested, please submit your cover letter and resume to us.

More About Galois

At Galois, we maintain a unique organizational structure tailored to the needs of the innovative projects we deliver. Our organizational structure is collaborative, one-level flat, and based on principles of well-defined accountabilities and authorities, transparency, and stewardship. We aspire to provide employees with something that matters to them beyond just a paycheck — whether it be opportunities to learn, career growth, a sense of community, or whatever else brings them value as a person.

We believe in individual freedom in the roles we choose, and in the projects we pursue — our research focus areas are the intersection of staff interests and corporate strategy. We choose practices that best suit the project, team, and leaders, with company-wide standards kept to a minimum to ensure we are making the right choices for the situation rather than just business-as-usual choices.

Closing date for applications: 30 September 2018

Contact: Please apply online via:

https://galois-inc.hiringthing.com/job/76985/cryptography-and-secure-computation-researcher-portland

More information: https://galois-inc.hiringthing.com/job/76985/cryptography-and-secure-computation-researcher-portland

The Digital Security Department at EURECOM is seeking applications for a postdoctoral research position in the field of Big Data privacy. The position is available immediately and is for one year. The contract is renewable (at least for one more year) based on availability of funding and mutual interest. Applicants should hold a doctoral degree in applied cryptography or in a related area and have an adequate experience demonstrated through a strong publication record Some background in machine learning is appreciated. The working language in the group is English. The position will be funded by an EU-H2020 project.

Applications should be sent via email to melek[dot]onen[at]eurecom[dot]fr and should include a CV, a list of publications (with the top 3 ones highlighted), a short research proposal, and contact information for one or two persons who are willing to give references.

Closing date for applications: 1 January 2019

Contact: Melek Önen

Address: EURECOM,

Campus SophiaTech

450 Route des Chappes, Sophia-Antipolis France

Email: melek[dot]onen[at]eurecom[dot]fr

More information: http://www.eurecom.fr/~onen/EURECOM_PostDoc_privacy_onen.pdf