International Association
for Cryptologic Research

This paper presents the first attribute-based signature (ABS) scheme in which the correspondence between signers and signatures is captured in an arithmetic model of computation. Specifically, we design a fully secure, i.e., adaptively unforgeable and perfectly signer-private ABS scheme for signing policies realizable by arithmetic branching programs (ABP), which are a quite expressive model of arithmetic computations. On a more positive note, the proposed scheme places no bound on the size and input length of the supported signing policy ABP’s, and at the same time, supports the use of an input attribute for an arbitrary number of times inside a signing policy ABP, i.e., the so called unbounded multi-use of attributes. The size of our public parameters is constant with respect to the sizes of the signing attribute vectors and signing policies available in the system. The construction is built in (asymmetric) bilinear groups of prime order, and its unforgeability is derived in the standard model under (asymmetric version of) the well-studied decisional linear (DLIN) assumption coupled with the existence of standard collision resistant hash functions. Due to the use of the arithmetic model as opposed to the boolean one, our ABS scheme not only excels significantly over the existing state-of-the-art constructions in terms of concrete efficiency, but also achieves improved applicability in various practical scenarios. Our principal technical contributions are (a) extending the techniques of Okamoto and Takashima [PKC 2011, PKC 2013], which were originally developed in the context of boolean span programs, to the arithmetic setting; and (b) innovating new ideas to allow unbounded multi-use of attributes inside ABP’s, which themselves are of unbounded size and input length.

Blockchain technology has immense potential. At the same time, it is not always possible to scale blockchains. State Channels solve the problem of scalability while increasing the blockchain's speed and efficiency. State Channels present a workaround to current blockchains' TPS (transaction per second) bottleneck. We used State Channels as a foundation and created Game Channels. We built it around the needs of the gambling market. We also developed Signidice PRNG as well as a dispute resolution mechanism. Signidice uses unique digital signatures and is also described below. The potential use of Game Channels technology is not only gambling; some types of online gaming may also be able to use it.

Nearly all secret sharing schemes studied so far are linear or multi-linear schemes. Although these schemes allow to implement any monotone access structure, the share complexity may be suboptimal -- the gap between the best known lower bounds and best known upper bounds is exponential for some access structures. There is growing evidence in the literature, that non-linear schemes can improve share complexity for some access structures - with the work of Beimel and Ishai (CCC 01') being among the first to demonstrate it. This motivates further study of non linear schemes.

We initiate a systematic study of polynomial secret sharing schemes, where shares are (multi-variate polynomials) of secret and randomness vectors over some finite field. Our main hope is that the nice algebraic structure of polynomials would help obtain better lower bounds than those known for the general setting, extending over the class of multi-linear schemes.

Some of the concrete new results we prove in this work are as follows.\\ \textbf{On share complexity of polynomial schemes.}\\ First we studied degree 1 in randomness (where the degree of secret is unlimited). We have shown that a large subclass of these schemes are equivalent to multi-linear schemes, in the sense that for any such scheme, there exists an equivalent multi-linear scheme with very similar share complexity. Also, we have shown that the class of schemes of polynomials of degree exactly 2 in r, without degree 1 in r monomials, is very weak, and can implement only trivial access structures where the minterms consist of single parties.\\ Another observation we make refers to the share complexity (per bit) of multi linear schemes (polynomial schemes of total degree 1). We observe that the scheme by Liu et. al obtaining share complexity $O(2^{0.994n})$ can be transformed into a multi-linear scheme with similar share complexity per bit, for sufficiently long secrets. It is interesting to check, whether similar ideas could be applied to the recent improvement of Beimel et al. with share complexity $O(2^{0.862n})$ for general schemes, transforming it into a . \textbf{On the randomness complexity of polynomial schemes.}\\ We prove that for every degree 2 polynomial secret sharing scheme, there exists an equivalent degree-2 scheme with identical share complexity with randomness complexity bounded by $O(2^{2^n})$. For general polynomial secret sharing schemes, randomness complexity can be bounded by $SC^{O(SC)^2}$, where $SC$ is the share complexity of the original scheme. So far, bounds on randomness complexity were known only for multi linear schemes, demonstrating that $RC \leq SC$ is always achievable. Our bounds are not nearly as practical, and may be viewed as a proof of concept. One nice application of low (say polynomial) randomness complexity is transforming polynomial schemes with polynomial (in $n$) algebraic formulas $C(s,r)$, into a degree-3 scheme with only polynomial blowup in share complexity (using standard randomizing polynomials constructions).

Blockchains have the potential to revolutionize markets and services, yet, currently exhibit high latencies and fail to handle loads comparable to those managed by traditional custodian financial systems. Layer-two protocols, built on top of (layer-one) blockchains, avoid disseminating every transaction to the whole network by sending transactions off-chain and instead utilize the blockchain only as a recourse for disputes. The promise of layer-two protocols is to complete transactions in sub-seconds, reduce fees, and allow blockchains to scale. With this Systematization of Knowledge, we are the first to structure the complete rich and multifaceted body of research on layer-two transactions. Categorizing the research into payment and state channels as well as commit-chains, we provide a comparison of the protocols and their properties. We contribute a systematization of the associated synchronization and routing protocols along with their privacy and security aspects. Contrary to common belief in the blockchain community, we show that layer-two can scale blockchains; that layer-two protocols are secure without full collateralization; that privacy of layer-two transaction is not granted by default; and that fees depend on the transmitted transaction value. The SoK clears the layer-two fog, highlights the potential of layer-two solutions and identifies their unsolved challenges and promising avenues of future work.

We present new secure protocols for approximate $k$-nearest neighbor search ($k$-NNS) over the Euclidean distance in the semi-honest model. Our implementation is able to handle massive datasets efficiently. On the algorithmic front, we show a new circuit for the approximate top-$k$ selection from $n$ numbers that is built from merely $O(n + \mathrm{poly}(k))$ comparators. Using this circuit as a subroutine, we design new approximate $k$-NNS algorithms and two corresponding secure protocols: 1) optimized linear scan; 2) clustering-based sublinear time algorithm.

Our secure protocols utilize a combination of additively-homomorphic encryption, garbled circuit and Oblivious RAM. Along the way, we introduce various optimizations to these primitives, which drastically improve concrete efficiency.

We evaluate the new protocols empirically and show that they are able to handle datasets that are significantly larger than in the prior work. For instance, running on two standard Azure instances within the same availability zone, for a dataset of 96 dimensional descriptors of 10000000 images, we can find 10 nearest neighbors with average accuracy 0.9 in under 10 seconds improving upon prior work by at least two orders of magnitude.

Profiling attacks, especially those based on machine learning proved as very successful techniques in recent years when considering side-channel analysis of block ciphers implementations. At the same time, the results for implementations public-key cryptosystems are very sparse. In this paper, we consider several machine learning techniques in order to mount a power analysis attack on EdDSA using the curve Curve25519 as implemented in WolfSSL. The results show all considered techniques to be viable and powerful options. The results with convolutional neural networks (CNNs) are especially impressive as we are able to break the implementation with only a single measurement in the attack phase while requiring less than 500 measurements in the training phase. Interestingly, that same convolutional neural network was recently shown to perform extremely well for attacking the AES cipher. Our results show that some common grounds can be established when using deep learning for profiling attacks on distinct cryptographic algorithms and their corresponding implementations.

In this paper we present the first fully post-quantum proof of a shuffle for RLWE encryption schemes. Shuffles are commonly used to construct mixing networks (mix-nets), a key element to ensure anonymity in many applications such as electronic voting systems. They should preserve anonymity even against an attack using quantum computers in order to guarantee long-term privacy. The proof presented in this paper is built over RLWE commitments which are perfectly binding and computationally hiding under the RLWE assumption, thus achieving security in a post-quantum scenario. Furthermore we provide a new definition for a secure mixing node (mix-node) and prove that our construction satisfies this definition.

Applications are open for a PhD studentship looking at Post-Quantum Cryptography.

Research supervision

If successful, you will conduct your research under the supervision of the Chair of Cyber Security Professor Delaram Kahrobaei: https://sites.google.com/a/nyu.edu/delaram-kahrobaei/ at University of York; and Director of York Interdisciplinary Centre for Cyber Security www.cs.york.ac.uk/security

Award funding

If successful, you will be supported for three years. Funding includes:

- £14,777 (2018/19 rate) per year stipend

- Home/EU tuition fees

- RTSG (training/consumables/travel) provision

Funding requirements

To be considered for this funding you must:

- meet the entrance requirements for a PhD in Computer Science

- be eligible to pay home/EU fees

We will look favourably on applicants that can demonstrate knowledge of cryptography, algebra, quantum computation, and who have strong programming and mathematical skills.

Apply for this studentship

1. Apply to study

- You must apply online for a full-time PhD in Computer Science.

- You must quote the project title Post-Quantum Cryptography in your application.

- There is no need to write a full formal research proposal (2,000-3,000 words) in your application to study as this studentship is for a specific project.

2. Provide a personal statement. As part of your application please provide a personal statement of 500-1,000 words with your initial thoughts on the research topic.

Deadlines

Applications are accepted all year round.

The start date for the studentship is flexible.

Project enquiries

Professor Delaram Kahrobaei, Chair of Cyber Security (delaram.kahrobaei (at) york.ac.uk):

https://sites.google.com/a/nyu.edu/delaram-kahrobaei/

Application enquiries

cs-pg-admissions (at) york.ac.uk

+44 (0)1904 325404

Closing date for applications: 24 July 2019

Contact: Professor Delaram Kahrobaei, Chair of Cyber Security

https://sites.google.com/a/nyu.edu/delaram-kahrobaei/

Director of York Interdisciplinary Centre for Cyber Security www.cs.york.ac.uk/security

More information: https://www.findaphd.com/phds/project/post-quantum-cryptography/?p104181

The aim of the thesis is to explore how to modify a low power processor architecture in order to include a security dedicated non-volatile operator inside its execution flow. In addition, computation paradigm using this new types of operators will be investigated in order to provide automatic compilation, normally off computation possibilities and a new concept of near sensor cryptography.

In particular, problematic sub-operations (non-linear operations leading to side channel leakage for example) of cryptographic algorithm will be implemented using the new operator in order to evaluate either its security and the energy consumption of the resulting change in the computation paradigm.

Closing date for applications: 10 May 2019

Contact: Cédric Marchand

More information: http://inl.cnrs.fr/files/Th%C3%A8ses20192020/INL04_EDEEA_Navarro_Marchand_2019.pdf

The Strategic Centre for Research in Privacy-Preserving Technologies & Systems (SCRIPTS) of Nanyang Technological University in Singapore is the one-stop centre for knowledge, technologies, and solutions for privacy-preserving problems. We seek highly motivated researchers to fill several R&D positions ranging from fresh postdoc research fellows to senior research scientists. The successful applicant is expected to have strong system and privacy research experiences and software development skills in the areas including but not limited to Fully Homomorphic Encryption (FHE), Multi-Party Computation (MPC), Searchable Encryptions (SE), and Differential Privacy (DP). The applicant is also expected to have proven record of top publications (IACR conferences, S&P, CCS, Usenix, NDSS, etc).

We offer a globally competitive salary package and low income tax, plus an excellent research environment in Singapore. The initial contract will be for 2 years, and renewable subject to the performance. Interested candidates are to send their CV, and 2 reference letters to Dr. Le Su. Review of application will start immediately until the positions are filled.

Closing date for applications: 7 October 2019

Contact: Dr. Le Su, le.su (at) ntu.edu.sg

The Strategic Centre for Research in Privacy-Preserving Technologies & Systems (SCRIPTS) of Nanyang Technological University in Singapore is the one-stop centre for knowledge, technologies, and solutions for privacy-preserving problems. We seek highly motivated researchers to fill several R&D positions ranging from fresh postdoc research fellows to senior research scientists. The successful applicant is expected to have strong system and privacy research experiences and software development skills in the areas including but not limited to Fully Homomorphic Encryption (FHE), Multi-Party Computation (MPC), Searchable Encryptions (SE), and Differential Privacy (DP). The applicant is also expected to have proven record of top publications (IACR conferences, S&P, CCS, Usenix, NDSS, etc).

We offer a globally competitive salary package and low income tax, plus an excellent research environment in Singapore. The initial contract will be for 2 years, and renewable subject to the performance. Interested candidates are to send their CV, and 2 reference letters to Dr. Le Su. Review of application will start immediately until the positions are filled.

Closing date for applications: 7 October 2019

Contact: Dr. Le Su, le.su (at) ntu.edu.sg

Job description:

The professorship will be dedicated to the combination of artificial intelligence and IT security. We seek a broad range of applicants with experience and focus in at least one of the following domains:

AI methods that improve the security of IT systems

IT security methods for AI-based systems.

KIT has research competence in various fields of IT security and artificial intelligence. In particular, the candidate is planned to be affiliated with the Competence Center for Applied Security Technology (KASTEL) as well as IT security research at KIT within the framework of the Helmholtz Association. In addition, it is expected that the candidate strengthens a strategic focus of secure and dependable systems at the Faculty of Informatics.

The new professor is expected to teach courses in the core curriculum of the department of Informatics, in both mandatory and elective areas. During the first three years, the teaching can be performed in English language.

The candidate is expected to actively shape research at KIT, to advance the personal development of her/himself and independently supervise doctoral researchers as well as graduate and undergraduate students. The new professor shall successfully combine collaborative work attitude with strong communication skills.

The initial appointment is for six years as a temporary civil servant or as an employee. An interim evaluation is carried out in the third year of service. If the final tenure evaluation is positive, the successful candidate will be promoted to a tenured full professorship (W3) in accordance with §15 (2) KITG.

Starting date:as soon as possible

Closing date for applications: 8 April 2019

Contact: Prof. Dr. Bernhard Beckert, email: bernhard.beckert (at) kit.edu

More information: https://www.pse.kit.edu/karriere/567.php

Requirements:

- PhD degree in Computer Science

- Good track record in top conferences

- With system background (e.g., Linux)

- Experience in blockchain (e.g., Ethereum, Hyperledger)

Closing date for applications: 1 July 2019

Contact: Send your CV to ericlo (at) cse.cuhk.edu.hk using the email subject \"Post-doc applicant: [Your Name]\" (e.g., \"Post-doc applicant: Harry Porter\").

The Cryptanalysis Taskforce research group at Nanyang Technological University in Singapore, led by Prof. Jian Guo, is seeking for candidates to fill one (senior) research fellow position (from fresh postdoc to senior researchers). The team focuses its research on symmetric-key cryptography, including but not limited to provable security, cryptanalysis, and design. It has done significant amount of work on cryptanalysis of SHA-3, Sboxes, security evaluation of AES, etc. Candidates are expected to dedicate their time on research, and have track-record of publications in IACR conferences/workshops.

NTU Singapore offers globally competitive salary package with extremely low income tax and an excellent environment for research. The contract will be initially for 2 years, and has the possibility to be extended subject to the availability of funding. The position will be open until filled, interested candidates are to send their CV and the contact information of 2 referees to Prof. Jian Guo.

Closing date for applications: 31 July 2019

Contact: Jian Guo, Assistant Professor, guojian (at) ntu.edu.sg

More information: http://catf.crypto.sg

The Katz School of Science and Health at Yeshiva University invites applications for tenure-track faculty in Artificial Intelligence, Machine Learning and Computer Science for its graduate programs. Given the multidisciplinary mission of the School, there will be opportunities to collaborate on research and initiatives with other fields and schools; for example, Biotech, Mathematics, Economics, CyberSecurity, Data and Privacy Law (at Cardozo School of Law), and YU’s Innovation Lab. This is an opportunity to take advantage of the University’s deep connections to Israel’s startup nation and groundbreaking work in Artificial Intelligence, Machine Learning, Computer Science, Biotech and Cybersecurity.

This is a tenure eligible position depending on experience and qualifications. We offer an excellent compensation package, and a broad range of employee benefits, including immediate participation in the University’s retirement plan. Compensation commensurate with experience. Relocation assistance may be provided.

Closing date for applications: 11 September 2019

More information: https://apptrkr.com/1418527

The Katz School of Science and Health at Yeshiva University seeks a dynamic leader to serve as academic and administrative head of its graduate initiatives in Artificial Intelligence and Machine Learning. This is a tenure eligible position depending on experience and qualifications.

Given the multidisciplinary mission of the Katz School, there will be opportunities to collaborate on research and initiatives with colleagues from other fields and schools; for example, Biotech, Mathematics, Economics, CyberSecurity, Data and Privacy Law (at Cardozo School of Law), and YU’s Innovation Lab. In particular, this is an opportunity for an entrepreneurial leader to take advantage of the University’s extensive connections to Israel’s startup community and groundbreaking work in Artificial Intelligence, Machine Learning, Computer Science, Biotech and Cybersecurity.

We offer an excellent compensation package, and a broad range of employee benefits, including immediate participation in the University’s retirement plan. Compensation commensurate with experience. Relocation assistance may be provided.

Closing date for applications: 11 September 2019

More information: https://apptrkr.com/1418515

Applications are invited for a PhD studentship in lattice-based cryptography, with a start date of October 2019. The work will be based within the Department of Electrical & Electronic Engineering at Imperial College London.

This position is funded by HM Government and is available only to UK citizens unfortunately. The studentship will last for 3.5 years and include tuition fees as a Home student and an attractive stipend of £24,000/year, plus a generous allowance for travel and subsistence.

Closing date for applications: 1 May 2019

Contact: Cong Ling (c.ling (at) imperial.ac.uk)

More information: https://www.jobs.ac.uk/job/BQT906/phd-studentship-in-post-quantum-cryptography

Consider sources that supply sensitive data to an aggregator. Standard encryption only hides the data from eavesdroppers, but using specialized encryption one can hope to hide the data (to the extent possible) from the aggregator itself. For flexibility and security, we envision schemes that allow sources to supply encrypted data, such that at any point a dynamically chosen subset of sources can allow an agreed-upon joint function of their data to be computed by the aggregator. A primitive called multi-input functional encryption (MIFE), due to Goldwasser et al. (EUROCRYPT 2014), comes close, but has two main limitations: – it requires trust in a third party, who is able to decrypt all the data, and – it requires function arity to be fixed at setup time and to be equal to the number of parties.

To drop these limitations, we introduce a new notion of ad hoc MIFE. In our setting, each source generates its own public key and issues individual, function-specific secret keys to an aggregator. For successful decryption, an aggregator must obtain a separate key from each source whose ciphertext is being computed upon. The aggregator could obtain multiple such secret keys from a user corresponding to functions of varying arity. For this primitive, we obtain the following results: – We show that standard MIFE for general functions can be bootstrapped to ad hoc MIFE for free, i.e. without making any additional assumption. – We provide a direct construction of ad hoc MIFE for the inner product functionality based on the Learning with Errors (LWE) assumption. This yields the first construction of this natural primitive based on a standard assumption.

At a technical level, our results are obtained by combining standard MIFE schemes and two-round secure multiparty computation (MPC) protocols in novel ways highlighting an interesting interplay between MIFE and two-round MPC in the construction of non interactive primitives.

As fault based cryptanalysis is becoming more and more of a practical threat, it is imperative to make efforts to devise suitable countermeasures. In this regard, the so-called ``infective countermeasures'' have garnered particular attention from the community due to their ability in inhibiting differential fault attacks without explicitly detecting the fault. We observe that despite being adopted over a decade ago, a systematic study is missing from the literature. Moreover, there seems to be a lack of proper security analysis of the schemes proposed, as quite a few of them have been broken promptly. Our first contribution comes in the form of a generalization of infective schemes which aids us with a better insight into the vulnerabilities, scopes for cost reduction and possible improvements. This way, we are able to propose lightweight alternatives of two existing schemes, propose new design based on already established standards, refute a security claim made by a scheme proposed in CHES'14 and re-instantiate another scheme which is deemed broken by proposing a simple patch.

Event date: 22 March to 26 March 2020
Submission deadline: 23 November 2019
Notification: 23 January 2020