IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
09 August 2018
Stanislaw Jarecki, Hugo Krawczyk, Jason Resch
ePrint ReportWe apply these schemes to build Oblivious Key Management Systems (KMS) as a much more secure alternative to traditional wrapping-based KMS. The new system hides keys and object identifiers from the KMS, offers unconditional security for key transport, enables forward security, provides key verifiability, reduces storage, and more. Further, we show how to provide all these features in a distributed threshold implementation that additionally protects the service against server compromise. Finally, we extend the scheme to a threshold Oblivious KMS with updatable encryption so that upon the periodic change of OPRF keys by the server, an efficient update procedure allows a client of the KMS service to non-interactively update all its encrypted data to be decryptable only by the new key. Our techniques improve on the efficiency and security of several recent works on updatable encryption from Crypto and Eurocrypt. We report on an implementation of the above schemes and their performance, showing their practicality and readiness for use in real-world systems. In particular, our pOPRF constructions achieve speeds of over an order of magnitude relative to previous pOPRF schemes.
Avradip Mandal, John C. Mitchell, Hart Montgomery, Arnab Roy
ePrint ReportItai Dinur, Nathan Keller, Ohad Klein
ePrint ReportLet $g$ be a generator of a multiplicative group $\mathbb{G}$. Given a random group element $g^{x}$ and an unknown integer $b \in [-M,M]$ for a small $M$, two parties $A$ and $B$ (that cannot communicate) successfully solve DDL if $A(g^{x}) - B(g^{x+b}) = b$. Otherwise, the parties err. In the DDL protocol of Boyle et al., $A$ and $B$ run in time $T$ and have error probability that is roughly linear in $M/T$. Since it has a significant impact on the HSS scheme's performance, a major open problem raised by Boyle et al. was to reduce the error probability as a function of $T$.
In this paper we devise a new DDL protocol that substantially reduces the error probability to $O(M \cdot T^{-2})$. Our new protocol improves the asymptotic evaluation time complexity of the HSS scheme by Boyle et al. on branching programs of size $S$ from $O(S^2)$ to $O(S^{3/2})$. We further show that our protocol is optimal up to a constant factor for all relevant cryptographic group families, unless one can solve the discrete logarithm problem in a \emph{short} interval of length $R$ in time $o(\sqrt{R})$.
Our DDL protocol is based on a new type of random walk that is composed of several iterations in which the expected step length gradually increases. We believe that this random walk is of independent interest and will find additional applications.
Atsushi Fujioka, Katsuyuki Takashima, Shintaro Terada, Kazuki Yoneyama
ePrint ReportThierry Simon, Lejla Batina, Joan Daemen, Vincent Grosso, Pedro Maat Costa Massolino, Kostas Papagiannopoulos, Francesco Regazzoni, Niels Samwel
ePrint ReportTakeshi Okamoto, Raylin Tso, Michitomo Yamaguchi, Eiji Okamoto
ePrint ReportShashank Agrawal, Payman Mohassel, Pratyay Mukherjee, Peter Rindal
ePrint ReportWe put forth the first formal treatment for distributed symmetric-key encryption, proposing new notions of correctness, privacy and authenticity in presence of malicious attackers. We provide strong and intuitive game-based definitions that are easy to understand and yield efficient constructions.
We propose a generic construction of threshold authenticated encryption based on any distributed pseudorandom function (DPRF). When instantiated with the two different DPRF constructions proposed by Naor, Pinkas and Reingold (Eurocrypt 1999) and our enhanced versions, we obtain several efficient constructions meeting different security definitions. We implement these variants and provide extensive performance comparisons. Our most efficient instantiation uses only symmetric-key primitives and achieves a throughput of upto 1 million encryptions/decryptions per seconds, or alternatively a sub-millisecond latency with upto 18 participating parties.
Kai Hu, Tingting Cui, Chao Gao, Meiqin Wang
ePrint ReportIn this paper, we first construct a novel key-dependent integral distinguisher on 5-round AES with $2^{96}$ chosen plaintexts, which is much better than the previous key-dependent integral distinguisher that requires the full codebook proposed at Crypto'16. Secondly, we show that both distinguishers are valid under either chosen-plaintext setting or chosen-ciphertext setting, which is different from the claims of previous cryptanalysis. However, under different settings, complexities of key-dependent integral distinguishers are very different while those of the key-dependent ID distinguishers are almost the same. We analyze the reasons for it.
Sauvik Bhattacharya, Oscar Garcia-Morchon, Thijs Laarhoven, Ronald Rietman, Markku-Juhani O. Saarinen, Ludo Tolhuizen, Zhenfei Zhang
ePrint ReportMCLEAN, United States, 6 May - 10 May 2019
Event CalendarSubmission deadline: 15 February 2018
Limassol, Cyprus, 8 April - 12 April 2019
Event CalendarSubmission deadline: 10 September 2018
Notification: 10 November 2018
Ruhr University Bochum
Job Posting• Side-channel analysis attacks
• Fault-injection attacks
• Countermeasures against physical attacks
• Physically unclonable functions
• Symmetric cryptography, design and analysis
• Low-power design
The group offers excellent working environment as a part of Horst Görtz Institut for IT Security (HGI hgi.rub.de/en/home/ ) including more than 200 scientists active in several different aspects of IT security and cryptography.
The candidate should have an M.Sc. degree in IT-security, electrical engineering, computer engineering, computer science, or applied mathematics with excellent grades. Being familiar with cryptography concepts and low-level programming is a must. Knowing a hardware design language, e.g., VHDL/verilog, is a plus.
In order to apply, please send your resume, transcripts, and a list of at least two professional references in a single pdf file to
emsec+apply (at) rub.de
Review of applications starts immediately until the position is filled.
Closing date for applications: 31 December 2018
Contact: Amir Moradi
www.emsec.rub.de/moradi
Promise Protocols
Job PostingPromise Protocols is one of the fastest growing FinTech companies in Silicon Valley. Promise delivers cash analytics and cash access to thousands of small businesses, that operate with volatile cash balances. We are a platform company whose aim is to automate the hardest parts of small business financial management. We are sometimes the last company many small business merchants come to when no one else will help their businesses stay alive.
Why work at Promise?
We are a high-energy, innovation-focused team of engineers and technologists who want to make running a small business less painful for owners all over the world. Promise’s environment is highly collaborative, and the ideal candidate will have an eye for detail and be a team player who enjoys working with others to find cutting-edge solutions to tricky problems. Come join us!
What we are looking for in the Senior Software Engineer?
Promise Protocols is looking for a passionate and experienced developer with cryptography experience to help develop, build and deploy a distributed, fault-tolerant P2P payments and exchange platform.
This role is ideal for cryptography scientists or software engineers with deep experience and familiarity with evolving and established cryptographic protocols and their implementation.
What you will be responsible doing?
1. Develop, build and deploy crypto protocols in distributed p2p systems
2. Work with core internal team and external open source community
3. Collaborate with teammates to produce protocol specifications
4. Collaborate and support other teams in developing crypto economic consensus protocol
5. Develop and maintain interfaces for platform API
6. Identify and recommend technologies to solve technical challenges
Closing date for applications:
Contact: Please send a request to jobs (at) promiseprotocols.com
More information: https://aquila-1.workable.com/jobs/772792
08 August 2018
Eurocrypt
The IACR is soliciting for affiliated events to be held in conjunction with Eurocrypt 2019 on Saturday, May 18, and/or Sunday, May 19. Each such event is expected to provide a forum for discussing a specific topic of the broad cryptographic world (theory, practice, implementation, standardizations, industry, etc.). The format of the event (e.g., workshop, tutorial, panel, etc.) is up to the organizers.
Information about proposing an affiliated event can be found at https://eurocrypt.iacr.org/2019/callforaffiliatedevents.html. Proposals are due September 2.
07 August 2018
Beijing, China, 14 April - 17 April 2019
PKCSubmission deadline: 12 October 2018
Notification: 21 December 2018
Nele Mentens, Edoardo Charbon, Francesco Regazzoni
ePrint Report05 August 2018
Cyber Security Researchers of Waikato (CROW), University of Waikato, New Zealand
Job PostingWe are seeking to appoint a full time fixed term Research Fellow to contribute to our research objectives associated with cybercrime, computer security and cloud computing. This position has responsibilities to achieve research objectives associated with the STRATUS industry partners.
A PhD in cyber security, cybercrime, computer science or a related field is essential as is having demonstrated research ability in cyber security and cybercrime. A requirement of this position is the ability to commercialise research prototypes into products/services and the demonstrated ability to publish in high quality academic journals, work collaboratively with others and undertake some teaching if required.
Preference will be given to candidates who have work experience with cybercrime, security, intelligence, or law enforcement agencies including work experience in the cybercrime, security digital forensics, machine learning, applied cryptography, etc.
Salary will be in the range of NZ$74,034 to $89,163 per year, depending on qualifications, skills and experience.
This position is fixed-term until October 2020, and will be opened until filled.
Enquiries of an academic nature should be directed to Associate Professor Ryan Ko – Director, NZ Institute for Security and Crime Science, email: ryan.ko AT waikato.ac.nz
Closing date for applications: 4 January 2019
Contact: Associate Professor Ryan Ko, ryan.ko AT waikato.ac.nz
More information: https://www.waikato.ac.nz/vacancies/current-vacancies