International Association
for Cryptologic Research

Elliptic curves based algorithms are nowadays widely spread among embedded systems. They indeed have the double advantage of providing efficient implementations with short certicates and of being relatively easy to secure against side-channel attacks. As a matter of fact, when an algorithm with constant execution flow is implemented together with randomization techniques, the obtained design usually thwarts classical side-channel attacks while keeping good performances. Recently, a new technique that makes randomization ineffective, has been successfully applied in the context of RSA implementations. This method, related to a so-called horizontal modus operandi, introduced by Walter in 2001, turns out to be very powerful since it only requires leakages on a single algorithm execution. In this paper, we combine such kind of techniques together with the collision correlation analysis, introduced at CHES 2010 by Moradi et al., to propose a new attack on elliptic curves atomic implementations (or unified formulas) with input randomization. We show how it may be applied against several state-of-the art implementations, including those of Chevallier-Mames et al., of Longa and of Giraud-Verneuil and also Bernstein and Lange for unied Edward's formulas. Finally, we provide simulation results for several sizes of elliptic curves on different hardware architectures. These results, which turn out to be the very rst horizontal attacks on elliptic curves, open new perspectives in securing such implementations. Indeed, this paper shows that two of the main existing countermeasures for elliptic curve implementations become irrelevant when going from vertical to horizontal analysis.

Many advanced lattice based cryptosystems require to sample lattice points from Gaussian distributions. One challenge for this task is that all current algorithms resort to floating-point arithmetic (FPA) at some point, which has numerous drawbacks in practice: it requires numerical stability analysis, extra storage for high-precision, lazy/backtracking techniques for efficiency, and may suffer from weak determinism which can completely break certain schemes.

In this paper, we give techniques to implement Gaussian sampling over general lattices without using FPA. To this end, we revisit the approach of Peikert, using perturbation sampling. Peikert's approach uses the Cholesky decomposition $\mathbb{\Sigma} = \mathbb{A} \mathbb{A}^t$ of the target covariance matrix $\mathbb{\Sigma}$, giving rise to a square matrix $\mathbb{A}$ with real (not integer) entries. Our idea, in a nutshell, is to replace this decomposition by an integral one. While there is in general no integer solution if we restrict $\mathbb{A}$ to being a square matrix, we show that such a decomposition can be efficiently found by allowing $\mathbb{A}$ to be wider (say $n \times 9n$). This can be viewed as an extension of Lagrange's four-square theorem to matrices. In addition, we adapt our integral decomposition algorithm to the ring setting: for power-of-2 cyclotomics, we can exploit the tower of rings structure for improved complexity and compactness.

Due to the public visible nature of blockchain, the seminal cryptocurrencies such as Bitcoin and Ethereum do not provide sufficient level of privacy, i.e., the addresses of sender and receiver and the transfer amount are all stored in plaintexts on blockchain. As the privacy concerns grow, several newly emerged cryptocurrencies such as Monero and ZCash provide strong privacy guarantees (including anonymity and confidentiality) by leveraging cryptographic technique.

Despite strong privacy is promising, it might be overkilled or even could be abused in some cases. In particular, anonymity seems contradict to accountability, which is a crucial property for scenarios requiring disputes resolving mechanism, e.g. e-commerce.

To address the above issues, we introduce accountability to blockchain-based confidential transaction system for the first time. We first formalize a general framework of confidential transaction system with accountability from digital signature, homomorphic public-key encryption and non-interactive zero-knowledge arguments, then present a surprisingly simple and efficient realization called PGC. To avoid using general-purpose zero-knowledge proofs (such as zk-SNARK and zk-STARK), we twist the ElGamal encryption as the underlying homomorphic PKE and develop ciphertext-refreshing approach. This not only enables us to prove transaction validity/correctness by using efficient Sigma protocols and zero-knowledge range proofs, but also makes PGC largely compatible with Bitcoin and Ethereum, which could be used as a drop-in to provide confidential enforcements with accountability.

Generalized Feistel Schemes (GFS) are important components of symmetric ciphers, which have been extensively researched in classical setting. However, the security evaluations of GFS in quantum setting are rather scanty.

In this paper, we give more improved polynomial-time quantum distinguishers on Type-1 GFS in quantum chosen-plaintext attack (qCPA) setting and quantum chosen-ciphertext attack (qCCA) setting. In qCPA setting, we give new quantum polynomial-time distinguishers on $(3d-3)$-round Type-1 GFS with branches $d\geq3$, which gain $d-2$ more rounds than the previous distinguishers. Hence, we could get better key-recovery attacks, whose time complexities gain a factor of $2^{\frac{(d-2)n}{2}}$. In qCCA setting, we get $(3d-3)$-round quantum distinguishers on Type-1 GFS, which gain $d-1$ more rounds than the previous distinguishers.

In addition, we give some quantum attacks on CAST-256 block cipher. We find 12-round and 13-round polynomial-time quantum distinguishers in qCPA and qCCA settings, respectively, while the best previous one is only 7 rounds. Hence, we could derive quantum key-recovery attack on 19-round CAST-256. While the best previous quantum key-recovery attack is on 16 rounds. When comparing our quantum attacks with classical attacks, our result also reaches 16 rounds on CAST-256 with 128-bit key under a competitive complexity.

We present Libra, the first zero-knowledge proof system that has both optimal prover time and succinct proof size/verification time. In particular, if C is the size of the circuit being proved (i) the prover time is O(C) irrespective of the circuit type; (ii) the proof size and verification time are both O(d log C) for d-depth log-space uniform circuits (such as RAM programs). In addition Libra features an one-time trusted setup that depends only on the size of the input to the circuit and not on the circuit logic. Underlying Libra is a new linear-time algorithm for the prover of the interactive proof protocol by Goldwasser, Kalai and Rothblum (also known as GKR protocol), as well as an efficient approach to turn the GKR protocol to zero-knowledge using small masking polynomials. Not only does Libra have excellent asymptotics, but it is also efficient in practice. For example, our implementation shows that it takes 200 seconds to generate a proof for constructing a SHA2-based Merkle tree root on 256 leaves, outperforming all existing zero-knowledge proof systems. Proof size and verification time of Libra are also competitive.

For all vectorial boolean functions up to dimension 4, we present canonical representatives for all extended affine (EA) and CCZ equivalence classes. We also answer the following questions: How large are these classes? Which of these classes contain bijective functions? And how are these classes grouped into CCZ equivalence classes?

We put forth a new class of search problems, iterated search problems (ISP), and study their relation to the design of secure blockchain protocols. We prove that (i) any blockchain protocol implies a hard ISP problem, i.e., ISP hardness is necessary for secure blockchain protocols---but not sufficient by itself, and (ii) a suitably enhanced class of ISPs is sufficient to imply, via construction, a secure blockchain protocol in the common reference string (CRS) model. We then put forth a specific proposal for an enhanced ISP based on an underlying cryptographic hash function. The resulting blockchain protocol's security reduces to the ISP hardness of the hash-based scheme and to a randomness extraction property of the hash function. As a corollary, we obtain a blockchain protocol secure in the standard model under falsifiable assumptions; in contrast, all previous blockchain protocols were shown secure in the random oracle model.

The Faculty of Mathematics, Informatics and Mechanics at University of Warsaw (MIM UW) invites applications for positions of an assistant professor (“adiunkt” in Polish) in Computer Science, starting on 1st October 2019. The position is addressed to candidates working in computer systems, in particular operating systems, computer networks, web applications, security and cryptography

MIM UW is one of the strongest computer science faculties in Europe. It is known for talented students (e.g., two wins and 13 times in top ten at the ACM International Collegiate Programming Contest) and strong research teams, especially in theoretical aspects of computer science like algorithms, logic and automata, cryptography (e.g., 8 ERC grants in these fields, 4 of them running at the moment). For an overview of research areas represented in the Faculty, see http://www.mimuw.edu.pl/en/dziedziny-badan

Requirements:

- PhD degree in computer science or mathematics achieved during the last 10 years

- Strong publication record in international computer science journals or conferences

- Teaching experience

- Mobility record (participation in conferences, research visits, postdoc positions, etc.)

The position is for 4 years, with the possibility of extending for an indefinite period of time after a positive result of employee evaluation. The position comes with teaching load of 210 hrs/year.

Deadline for applications: 25th April 2019.

More details, including application procedure can be found under the following link:

https://www.mimuw.edu.pl/rozne/konkursy-pliki/2019/assistant-professor-comp-systems-2019-04-25.pdf

For more information about the procedure, requirements, conditions, etc. please contact a vice-director of Institute of Informatics, Lukasz Kowalik (kowalik (at) mimuw.edu.pl).

Closing date for applications: 25 April 2019

Contact: Lukasz Kowalik (kowalik (at) mimuw.edu.pl)

More information: https://www.mimuw.edu.pl/rozne/konkursy-pliki/2019/assistant-professor-comp-systems-2019-04-25.pdf

Full-time PhD EPSRC iCASE Studentship in collabration with UrbanChain

Project Description

Since the privatisation of the energy market in the UK, the inefficiency of its structures have resulted in unaffordable energy for micro consumers such as households and SMEs. Similar market structures distributed worldwide have also experienced the same issue. A few contributing factors leading to this issue are complicated switching process between suppliers, current high-cost technical infrastructure for administration and billing purposes and fixed rate supply system. With the use of blockchain as an infrastructure, there is a significant opportunity to disrupt the current energy market with automation and integration of services, provide savings in the energy provision process and reduce energy bills for end users. However, little scientific information is available regarding the costs associated with running a blockchain-based energy market and the best methods for scaling up such a platform.

eChain is a blockchain-based energy trading platform developed by UrbanChain, which uses hyperledger as a building block. The embedded features of the platform are real-time switching, automated billing and administration, P2P trading between energy generators and consumers, and demand side management.

Funding note

The candidate must be a UK/EU national as required by the funding agency.

Person Specification

Candidates must hold a minimum of an upper Second Class UK Honours degree or international equivalent in a relevant science or engineering discipline.

Skills and Qualifications

- A passion for blockchain technology, preferably concerning the energy sector

- Enthusiasm for working with cloud services and virtual machines

- Capable of producing highly original work and an enquiring mind with well-developed analytical and investigative skills

- A track record in software and/or electronic engineering, distributed ledger systems and/or system security

Closing date for applications: 15 April 2019

Contact: Candidates are encouraged to send their CV, a transcript with a list of courses and grades, and a description of their research interests to Dr Mustafa A. Mustafa as soon as possible for informal discussion about their suitability.

https://www.research.manchester.ac.uk/portal/mustafa.mustafa.html

More information: http://www.cs.manchester.ac.uk/study/postgraduate-research/projects/description/?projectid=20154

Event date: 1 October to 4 October 2019
Submission deadline: 31 May 2019
Notification: 5 July 2019

The IACR Fellows Program recognizes outstanding IACR members for technical and professional contributions to the field of cryptology. Today we are pleased to announce six members that have been elevated to the rank of Fellow for 2019:

• Jonathan Katz, for broad contributions, especially in public-key encryption and cryptographic protocols, and for dedication to service and education.
• Kaoru Kurosawa, for seminal contributions spanning anonymity, e-voting, and public-key cryptography, and for service to the Japanese and international communities.
• Daniele Micciancio, for pioneering work on lattice-based cryptography and the complexity of lattice problems, and for service to the IACR.
• Vincent Rijmen, for co-designing AES, contributions to the design and cryptanalysis of symmetric primitives, and service to the IACR.
• Amit Sahai, for fundamental contributions, including to secure computation, zero knowledge, and functional encryption, and for service to the IACR.
• Xiaoyun Wang, for essential contributions to the cryptanalysis and design of hash functions, and for service to the IACR.

Congratulations to the new fellows! More information about the IACR Fellows Program can be found at https://iacr.org/fellows/.

The theoretical cryptography group at Ruhr University Bochum is looking for an outstanding and highly motivated PhD student (m/f/d) in the area of theoretical cryptography. The group offers an excellent working environment as a part of theHorst Görtz Institute for IT Security (HGI hgi.rub.de/en/home/ ) including more than 200 scientists active in all areas of IT security and cryptography. We are looking for candidates (m/f/d) with a Masters or equivalent degree with outstanding grades in computer science, mathematics or related fields.

We offer a three-year position with salary according to the remuneration group E 12/13 TV-L (39,83 Wochenstunden). The position is based in Bochum, Germany and will involve international travel to conduct and present research.

The load of teaching will be calculated according to §3 of Lehrverpflichtungsverordnung (state of North Rhine-Westphalia).

If you are interested, send your complete application documents in one single pdf file (max. 10 MB) with subject line *Application for PhD* directly to Nils Fleischhacker. ( nils.fleischhacker (at) rub.de )

Required documents are:

1. Letter of motivation
2. Curriculum vitae (including a list of publications if appropriate)
3. Master\'s certificate and transcript of records

At Ruhr-Universität Bochum, we wish to promote careers of women in areas in which they have been underrepresented, and we would therefore like to encourage female candidates to send us their applications. Applications by suitable candidates with severe disabilities and other applicants with equal legal status are likewise most welcome.

Closing date for applications: 14 April 2019

Contact: Nils Fleischhacker, nils.fleischhacker (at) rub.de

More information: https://goo.gl/FSxDbC

Isogeny-based cryptography offers one of the most promising approach for post-quantum cryptography and achieves forward secrecy in communications, a highly desirable feature currently available in TLS protocol suite. Protocols based on isogeny problems enjoy very small public keys compared to all other post-quantum candidates, a very useful feature since those keys are routinely transmitted as part of public key certificates. While all these properties make isogeny-based cryptography very appealing, it is also a relatively new field. As a result, it is less mature than other post-quantum candidates, and arguably not ready yet to meet the requirements of real-life security applications. In particular, there is very little work on hardware implementations of isogeny-based protocols.

The main goal of this studentship is to develop optimized, side-channel protected hardware implementations of isogeny-based protocols.

The student will be integrated within the University of Birmingham’s Centre for Cyber Security and Privacy and they will collaborate with more experienced researchers on this research program. They will be supervised by Dr. Sujoy Sinha Roy, Dr. Christophe Petit and Dr. Flavio Garcia. All three are members of Birmingham’s Academic Center of Excellence in Cyber security.

Person specification:

2:1 Honours undergraduate degree and/or postgraduate degree with Distinction (or an international equivalent) in Electrical and Electronics Engineering, Computer Science, Mathematical Engineering or closely related discipline. The ideal candidate for this position will be familiar with low-level programming, hardware architecture design and cryptography, but other candidates with a strong academic record will also be considered.

Funding Notes: The candidate must be a UK national as required by the funding agency.

Total stipend to student: £22,000 (year1), £22,500 (year2), £23,000 (year3), £11,750 (6 months of year4). The stipend is tax free. This is a research position with limited or no teaching requirements.

Application link: https://sits.bham.ac.uk/lpages/EPS003.htm

Closing date for applications: 15 May 2019

Contact: Candidates are encouraged to send their CV, a transcript with a list of courses and grades, and a description of their research interests to Sujoy Sinha Roy and Christophe Petit and Flavio Garcia as soon as possible for informal discussion about their suitability.

https://www.cs.bham.ac.uk/~sinharos/

https://www.cs.bham.ac.uk/~petitcz/

http://www.cs.bham.ac.uk/~garciaf/

As part of the first recruitment round to the new Institute of Advanced Studies in Cyber Security and Conflict (SoCyETAL) and to support the growth plan of the Kent Interdisciplinary Research Centre in Cyber Security (KirCCS), the University of Kent in the UK is seeking to appoint 2 new Lecturers (Assistant Professors) in Cyber Security.

The University of Kent is one of only 17 Academic Centres of Excellence in Cyber Security Research (ACEs-CSR) in the UK, recognised by UK government. SoCyETAL will grow interdisciplinary research in areas such as international conflict, cyber influence and behaviour, cybercrime, cyber law, and financial technology, just to name a few. In addition to research, SoCyETAL will offer a number of interdisciplinary MSc programmes.

Applications are invited from candidates in any research area that can complement or enhance the existing research strengths of the KirCCS and the Cyber Security research group at the School of Computing, especially in the socio-technical security theme. Successful candidates will be made members of both KirCCS and SoCyETAL. SoCyETAL will have a dedicated physical space allowing researchers from different schools and disciplines to work together, and there will be dedicated PhD studentships for members of SoCyETAL.

We are particularly interested in candidates who have worked with researchers in social science disciplines including but not limited to Psychology, Law, Sociology, Business, and Economics. Candidates with research experience in Artificial Intelligence are welcome, especially if that research goes beyond pure technical issues into topics such as human behaviour, ethics, law, transparency, trust, fairness, and policy.

For more details and to apply for the posts, please visit the further information URL.

Closing date for applications: 10 April 2019

Contact: For informal queries, please contact Prof Shujun Li (S.J.Li (at) kent.ac.uk, http://www.hooklee.com/) and Prof Richard Jones (R.E.Jones (at) kent.ac.uk, https://www.cs.kent.ac.uk/people/staff/rej/).

More information: https://jobs.kent.ac.uk/STM1002

Multiple Postdoc Positions available in areas ranging from Malware and Attack Analysis, to Security Analysis of Machine Learning, 3D Object Model Analysis, and Image processing for Circuit Board analysis, at Nanyang Technological University

NTU and HP have announced the creation of a new HP-NTU Digital Manufacturing Corporate Lab located at NTU, representing an $84 million push towards industry transformation in the areas of digital manufacturing and 3D printing technologies.

Within this collaboration, we have several exciting research projects within HP Security Lab, based in Bristol, UK:

1. Malware and Attack Analysis

2. Security Analysis of Machine Learning

3. 3D Object Model Analysis

4. Image processing for Circuit Board analysis

There are multiple Postdoc positions available in each of the areas. The postdoc will work in the HP-NTU Digital Manufacturing Corporate Lab at Nanyang Technological University in Singapore. The position involves conducting basic research, developing tools, working as part of a large research team, traveling, and giving presentations. The working language is English.

Apart from specific requirement to the topic, general requirements for a candidate are:

- A PhD in Computer Science/Mathematics or related areas is required.

- Some of the positions (not all) will require a strong background in cybersecurity.

- Strong programming and algorithmic skills.

- An established research record.

Candidates must be experienced in one or more of the following areas:

- Malware and attack analysis

- Software testing and verification

- Machine Learning (Random Forests, Ensemble Learning, Deep Learning, Reinforcement Learning and other algorithms)

- 3D Object Modelling (matching, recognition, classification, analysis and computer graphics)

- 2D Image Analysis and pattern recognition

The term is currently one to three years starting immediately. The salary is 5.5k to 10k SGD per month with up to 3 month performance bonus. (Singapore Tax is around 5%)

Closing date for applications: 31 July 2019

Contact: Prof. Yang Liu at yangliu AT ntu.edu.sg

More information: http://www.ntu.edu.sg/home/yangliu

Physical Analysis and Cryptographic Engineering (PACE) lab and Symmetric and Lightweight Cryptography Lab (SYLLAB) from Nanyang Technological University (NTU), Singapore, are seeking a skilled and motivated PhD candidate to explore the potential of machine learning in the field of side-channel attacks and cryptanalysis in general. Candidates are expected to have a strong background in either cryptography or side-channel attacks or machine learning.

Interested applicants are encouraged to send their detailed CV and cover letter to Shivam Bhasin (sbhasin at ntu.edu.sg) and Prof. Thomas Peyrin (thomas.peyrin at ntu.edu.sg).

Deadline: end of April 2019 (but preferably before the 4th of April 2019)

Closing date for applications: 1 May 2019

At Purdue University, we are looking for one or more outstanding post-doctoral researchers (or an extended visitor) working on topics at the intersection of applied cryptography, multi-party computation (MPC), and secure distributed systems. The researchers will have the exciting opportunity of working closely with our young and energetic team consisting of Jeremiah Blocki, Christina Garman, Aniket Kate, Hemanta K. Maji, and their Ph.D. students as they design and implement high-performance MPC and other distributed cryptographic libraries. There will be considerable freedom in actively shaping the research agenda and taking leadership roles within the project. This research position shall provide an ideal exposure to foundational research in cryptography as well as experience in implementing end-to-end cryptographic solutions that are real-world deployable.

The application must include a curriculum vitae, a short research statement, and names of (at least) two contacts who can provide a reference about the applicant and their work. The candidate should be able to demonstrate substantial expertise in cryptography/distributed systems illustrated in the form of publications at top crypto/security/systems venues. For full consideration, applications are expected by April 05, 2019. However, we shall accept applications until all the positions are filled. Applications may be submitted by email to crypto-postdoc (at) purdue.edu.

Closing date for applications: 5 April 2019

Contact:
Contact Email: crypto-postdoc (at) purdue.edu

Purdue Faculty Team

• Jeremiah Blocki
• Christina Garman
• Aniket Kate
• Hemanta K. Maji

Event date: 21 October to 23 October 2019
Submission deadline: 24 May 2019
Notification: 23 July 2019

The Information Security Research Group at UCL’s Computer Science Department invites applications for a post as Post-Doctoral Research Fellow in Privacy-Preserving Machine Learning.

We seek candidates with expertise and experience in both machine learning and information security. We expect the Post-Doctoral Research Fellow to lead cutting-edge research in this area, and more specifically, produce and present academic publications in top-tier conferences/journals, liaise with academic and industrial partners, and work with other researchers in the field.

UCL is one of the top-rated research institutions in the world, and currently the top recipient of Horizon 2020 funding in Europe. As of 2018, 30 Nobel Laureates and 3 Fields Medalists were UCL affiliates. UCL’s Computer Science Department is recognized as an Academic Centre of Excellence in Cyber Security Research by the National Cyber Security Centre. In the 2014 Research Excellence Framework (REF) evaluation, UCL was ranked first in the UK for Computer Science: 61% of its research submission are rated as world-leading and 96% as internationally excellent. For more information about our group, please visit http://sec.cs.ucl.ac.uk.

This post is funded for 24 months in the first instance.

Closing date for applications: 30 May 2019

Contact: Emiliano De Cristofaro, Head of Information Security Research, jobs (at) emilianodc.com

More information: http://bit.ly/ucl-privacyml-postdoc

The HKUST Computer Science and Engineering department invites applications for PhD students, Post-doctoral fellows, and short-term visiting interns in the topic of theory and applications of cryptography. Applicants should have a background/interest in the topics of: zero-knowledge arguments, secure multi-party computation, searchable encryption, oblivious algorithms, or homomorphic encryption.

PhD applicants should have a bachelor/master degree in computer science or engineering, information security, mathematics, or a relevant area. Excellent analytical and mathematical skills are necessary, as well as good organization skills and the ability to work independently. A strong background in coding and software engineering is a great plus for successful applicants.

Short-term internship positions are available for undergraduate and postgraduate students with an interest in the above topics.

HKUST offers competitive stipends and a creative environment that is ideal for excellent research. Our CSE department was ranked 14th in the world in 2018 by QS World University Rankings and our graduates consistently staff world-class institutions.

Interested applicants please send your CV and a short research statement to Prof. Dimitrios Papadopoulos.

Closing date for applications: 30 April 2019

Contact: dipapado (at) cse.ust.hk