IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
08 May 2019
Sean Murphy, Rachel Player
ePrint ReportFrancesco Berti, Olivier Pereira, François-Xavier Standaert
ePrint ReportCONCRETE improves on a recent line of works aiming at leveled implementations, which mix a strongly protected and energy demanding implementation of a single component, and other weakly protected and much cheaper components. Here, these components all implement a tweakable block cipher TBC.
CONCRETE requires the use of the strongly protected TBC only once while supporting the leakage of the full state of the weakly protected components -- it achieves CIML2 security in the so-called unbounded leakage model.
All previous works need to use the strongly protected implementation at least twice. As a result, for short messages whose encryption and decryption energy costs are dominated by the strongly protected component, we halve the cost of a leakage-resilient implementation. CONCRETE additionally provides security when unverified plaintexts are released, and confidentiality in the presence of simulatable leakages in encryption and decryption.
Chenglu Jin, Zheng Yang, Sridhar Adepu, Jianying Zhou
ePrint ReportA remarkable security feature of HMAKE is bounded historical tag leakage resilience, which means that (informally speaking) if a small portion of the secret tags is leaked to an adversary, it will not affect the security of one HMAKE protocol with an overwhelming probability. Our first HMAKE protocol can provide static bounded leakage resilience, meaning that the secret tags are leaked at the beginning of the security game. To enhance its security, our second HMAKE protocol makes use of our first protocol as a compiler to transform any passively secure two-message key exchange protocol to an actively secure HMAKE protocol with perfect forward secrecy, and therefore it can be secure even if the historical tags are compromised adaptively by an attacker.
In addition to the strong security properties we achieved, our protocols can potentially have great impacts in practice: they are efficient in computation, and they are compatible with legacy devices in cyber-physical systems.
Marshall Ball, Dana Dachman-Soled, Mukul Kulkarni, Tal Malkin
ePrint ReportWe show that non-malleable codes are impossible to construct for three different tampering classes: 1. Functions that change $d/2$ symbols, where $d$ is the distance of the code; 2. Functions where each input symbol affects only a single output symbol; 3. Functions where each of the $n$ output symbols is a function of $n-\log n$ input symbols.
We additionally rule out constructions of non-malleable codes for certain classes $\mathcal{F}$ via reductions to the assumption that a distributional problem is hard for $\mathcal{F}$, that make black-box use of the tampering functions in the proof. In particular, this yields concrete obstacles for the construction of efficient codes for $\mathsf{NC}$, even assuming average-case variants of $P\not\subseteq\mathsf{NC}$.
Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Lisa Kohl, Peter Scholl
ePrint ReportHaibo Zhou, Zheng Li, Xiaoyang Dong, Willi Meier
ePrint ReportSanjit Chatterjee, Shravan Kumar Parshuram Puria, Akash Shah
ePrint ReportMuhammed F. Esgin, Ron Steinfeld, Joseph K. Liu, Dongxi Liu
ePrint ReportMoreover, we introduce two speedup techniques for lattice-based ZKPs: a CRT-packing technique supporting ``inter-slot'' operations, and ``NTT-friendly'' tools that permit the use of fully-splitting rings. The former technique comes at almost no cost to the proof length, and the latter one barely increases it, which can be compensated for by tweaking the rejection sampling parameters while still having faster computation overall.
To illustrate the utility of our techniques, we show how to use them to build efficient relaxed proofs for important relations, namely proof of commitment to bits, one-out-of-many proof, range proof and set membership proof. Despite their relaxed nature, we further show how our proof systems can be used as building blocks for advanced cryptographic tools such as ring signatures.
Our ring signature achieves a dramatic improvement in length over all the existing proposals from lattices at the same security level. The computational evaluation also shows that our construction is highly likely to outperform all the relevant works in running times. Being efficient in both aspects, our ring signature is particularly suitable for both small-scale and large-scale applications such as cryptocurrencies and e-voting systems. No trusted setup is required for any of our proposals.
Gildas Avoine, Sébastien Canard, Loïc Ferreira
ePrint ReportSergiu Bursuc, Steve Kremer
ePrint ReportOur focus is on a particular level of abstraction, where network messages are represented by a term algebra, protocol execution by state transition systems (e.g. multiset rewrite rules) and where the properties of interest can be analyzed with automated verification tools. We propose models for: (1) the rules guiding the ledger execution, taking the coin functionality of public ledgers such as Bitcoin as an example; (2) the security properties expected from ledger-based zero-knowledge contingent payment protocols; (3) two different security protocols that aim at achieving these properties relying on different ledger infrastructures; (4) reductions that allow simpler term algebras for homomorphic cryptographic schemes.
Altogether, these models allow us to derive a first automated verification for ledger-based zero-knowledge contingent payment using the Tamarin prover. Furthermore, our models help in clarifying certain underlying assumptions, security and efficiency tradeoffs that should be taken into account when deploying protocols on the blockchain.
06 May 2019
University of Twente, Netherlands
Job PostingIn the Security & Privacy domain, we are particularly looking for someone in the areas of \"Big Data and Security\" (which considers both \"Big Data for Security\" and \"Security for Big Data\") and \"Security and the Internet of Things\" (broadly conceived).
For more information, please check the link provided below.
Closing date for applications: 25 May 2019
More information: https://www.utwente.nl/en/organization/careers/!/121825/assistantassociatefull-professors-in-computer-science
Lund University, Sweden - Nanyang Technological University (NTU), Singapore
Job PostingSalaries are competitive and are determined according to the successful applicants accomplishments, experience and qualifications. Interested applicants should send their detailed CVs, cover letter and references to Prof. Thomas Johansson (thomas.johansson (at) eit.lth.se) and Prof. Thomas Peyrin (thomas.peyrin (at) ntu.edu.sg).
Review of applications starts immediately and will continue until positions are filled.
Closing date for applications: 15 October 2019
Contact: thomas.johansson (at) eit.lth.se and thomas.peyrin (at) ntu.edu.sg
Nanyang Technological University (NTU), Singapore
Job Posting1. Differential privacy with applications to deep learning, federated learning, or machine learning in general,
2. Local differential privacy,
3. Adversarial machine learning and security in AI systems,
4. Blockchains,
5. Other areas in AI security/privacy or IoT security/privacy.
Interested candidates can contact Jun Zhao via email at JunZhao (at) ntu.edu.sg?JunZhao (at) alumni.cmu.edu?via WeChat by scanning the QR code at http://www.ntu.edu.sg/home/JunZhao/wechat.png
via Skype at live:junzhaocmu, or by calling Singapore phone number +65 8648 3534 (the first two numbers 65 represent the area code of Singapore). Thanks.
Jun Zhao’s homepage: http://ntu.edu.sg/home/JunZhao/
Biography: Jun Zhao received a PhD degree in Electrical and Computer Engineering from Carnegie Mellon University (CMU) in the USA (advisors: Virgil Gligor, Osman Yagan), affiliating with CMU CyLab Security & Privacy Institute. He is currently an Assistant Professor at Nanyang Technological University (NTU) in Singapore. His research interests include blockchains, security, and privacy with applications to deep learning, the Internet of Things, and social networks.
Closing date for applications: 1 November 2019
Contact: Interested candidates can contact Jun Zhao via email at JunZhao (at) ntu.edu.sg?JunZhao (at) alumni.cmu.edu?via WeChat by scanning the QR code at http://www.ntu.edu.sg/home/JunZhao/wechat.png
via Skype at live:junzhaocmu, or by calling Singapore phone number +65 8648 3534 (the first two numbers 65 represent the area code of Singapore). Thanks.
More information: http://www.ntu.edu.sg/home/JunZhao/HirePostdoc.htm
University of Warwick
Job PostingThe research topic falls under the general theme of security and cryptography. We are very flexible with the specific topic. Our previous research has been largely driven by tackling real-world security problems. Some of our research outputs have been adopted by the industry at a large scale and have had a significant societal impact. We expect the student to pursue a research topic that really matters in the real world and that matches their interest and background.
The Computer Science Department at Warwick is a leading department in the UK. In the 2014 Research Evaluation Framework (REF) which all UK universities participated in, Warwick computer science was ranked the 1st in terms of research output, 2nd in terms of impact and 2nd overall. It is also highly regarded for its research culture, informal environment, excellent students, and beautiful campus.
Ideally, candidates should have an excellent degree in computer science, engineering or related disciplines, solid mathematical background, excellent programming skills and a desire to tackle real-world problems.
For informal inquiries about this studentship, please contact Professor Feng Hao, feng.hao (at) warwick.ac.uk, enclosing a CV and a short description of your relevant background and interests within the research subject. Formal application of this PhD scholarship needs to be made online at the Warwick CS department website: https://warwick.ac.uk/fac/sci/dcs/admissions/postgraduateresearch/
Closing date for applications: 31 May 2019
Contact: feng.hao (at) warwick.ac.uk
More information: https://www.jobs.ac.uk/job/BRS537/phd-studentship-in-security
Fetch.AI
Job PostingWe are a dynamic, fast-growing international team of experts and forward-thinking technology enthusiasts working on the convergence of blockchain, AI and multi-agent systems. We are building technology for both today and tomorrow - a collective super-intelligence on top of decentralized economic internet built with a highly scalable next-generation distributed ledger technology. Combined with machine learning, this delivers the predictions and infrastructure to power the future economy.
Do you like challenges and want to work on cutting edge state-of-the-art technology that will define how we will interact? Come and join us.
Job description
The role involves the design and implementation of cryptography techniques to build, maintain and enrich the functionalities of Fetch’s decentralised smart-ledger technology. Interested candidates will be provided with multiple opportunities to work at the intersection of Artificial Intelligence/Machine Learning and cryptography/security.
We are working at the cutting edge of cryptography, artificial intelligence, distributed computation and economics, and are therefore looking for people with a desire to create novel solutions for complex problems.
Responsibilities
You will be responsible for the timely delivery of varied projects within the Cryptography Team and wider Fetch.AI Teams
Skills and experience
A good mathematical background is essential
Software engineering skills in Python or C/C++, Linux, Git
A BSc/MSc in Cyber Security/Computer Science/Mathematics or a related field with previous exposure to programming with cryptography
Demonstrable skills in one or more of the following: systems security/protocol design/distributed computing
Proven track record of independently and successfully driving projects
Closing date for applications: 30 May 2019
Contact: David Wood
david.wood (at) fetch.ai
More information: https://careers.fetch.ai/jobs/cryptography-engineer/
05 May 2019
Santa Barbara, USA, 18 August 2019
Event CalendarSubmission deadline: 1 June 2019
Notification: 1 July 2019
04 May 2019
Bucharest, Romania, 14 November - 15 November 2019
Event CalendarSubmission deadline: 17 September 2019
Notification: 23 October 2019