IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
11 May 2019
University of Rennes, France
Job PostingThe position is for 1 year, renewable twice.
Requirements:
- PhD degree in computer sciences or mathematics
- good programming skill
- publications in top IACR conferences
Closing date for applications:
Contact: Patrick Derbez: patrick.derbez (at) irisa.fr
University of Surrey
Job PostingSalary: 32,236 to 95,462 GBP, depending on Qualifications, Experience and Role applied for.
The Department of Computer Science wishes to appoint up to SIX posts to support its ambitious strategic growth in student numbers, strengthening of its research directions and collaborations with industry. We are looking to attract talented individuals who will inspire, lead, and make a significance impact in research and on the student experience. There is an opportunity for posts to be aligned in new research areas to increase diverse research activity within the Department.
The Department has an international reputation for research and teaching. Research in the department is currently focused on two main areas - Nature Inspired Computing and Engineering (NICE), and Secure Systems, with expertise in security by design, cryptography, authentication, verification, distributed ledger technologies, trusted systems, IoT security, program analysis and cloud security. Surrey is recognised by NCSC as an ACE-CSR: Academic Centre of Excellence in Cyber Security Research.
The teaching posts offer an opportunity to contribute to teaching on undergraduate and postgraduate programmes. The Department is launching a new MSc in Data Science which includes a year in industry. The Department is also building a new 200 seater computer science teaching lab to support student growth and this offers exciting opportunities to innovate in teaching and pedagogical approaches to teaching.
The academic posts aim to strengthen the research of our existing research, especially at the interface between security and machine learning and in data science. We are also looking to diversify our research directions, for example in the areas of software engineering and programming language principles. There is an opportunity for posts to be aligned together to drive forward new research directions.
Closing date for applications: 9 June 2019
Contact: Dr Helen Treharne (h.treharne (at) surrey.ac.uk),
Head of Department
Professor Steve Schneider (s.schneider (at) surrey.ac.uk)
Director, Surrey Centre for Cyber Security
More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=024919
10 May 2019
Cas Cremers, Britta Hale, Konrad Kohbrok
ePrint ReportIn this work we highlight a previously unexplored difference between the pairwise and group-key based approaches. We show that without additional mechanisms, both ART and MLS Draft-04 offer significantly lower PCS guarantees than those offered by groups based on pairwise PCS channels. In particular, for MLS Draft-04, it seems that the protocol does not yet meet the informal PCS security guarantees described in the draft.
We explore the causes of this problem and lay out the design space to identify solutions. Optimizing security and minimizing overhead leads us to a promising solution based on (i) global updates and (ii) post-compromise secure signatures. While rotating signatures had been discussed before as options for both MLS and ART, our work indicates that combining specific update patterns for all groups with a post-compromise secure signature scheme, may be strictly necessary to achieve any reasonable PCS guarantee.
Muhammad ElSheikh, Ahmed Abdelkhalek, Amr M. Youssef
ePrint ReportDennis Hofheinz, Bogdan Ursu
ePrint ReportHere, we provide a generic construction of dual-mode NIZK systems for all of NP. The public parameters of our scheme can be set up in one of two indistinguishable ways. One way provides unconditional soundness, while the other provides unconditional zero-knowledge. Our scheme relies on subexponentially secure indistinguishability obfuscation and subexponentially secure one-way functions, but otherwise only on comparatively mild and generic computational assumptions. These generic assumptions can be instantiated under any one of the DDH, k-LIN, DCR, or QR assumptions.
As an application, we reduce the required assumptions necessary for several recent obfuscation-based constructions of multilinear maps. Combined with previous work, our scheme can be used to construct multilinear maps from obfuscation and a group in which the strong Diffie-Hellman assumption holds. We also believe that our work adds to the understanding of the construction of NIZK systems, as it provides a conceptually new way to achieve dual-mode properties.
John Matthew Macnaghten, James Luke Menzies, Mark Munro
ePrint ReportChengdong Tao
ePrint ReportIris Anshel, Derek Atkins, Dorian Goldfeld, Paul E Gunnells
ePrint ReportBehzad Abdolmaleki, Karim Baghery, Helger Lipmaa, Janno Siim, Michal Zajac
ePrint ReportA Practical Approach to the Secure Computation of the Moore-Penrose Pseudoinverse over the Rationals
Niek J. Bouman, Niels de Vreede
ePrint ReportPrevious work by Cramer, Kiltz and Padr\'o (\textsl{CRYPTO 2007}) proposes a constant-rounds protocol for computing the Moore--Penrose pseudoinverse over a finite field. The asymptotic complexity (counted as the number of secure multiplications) of their solution is $O(m^4 + n^2 m)$, where $m$ and $n$, $m\leq n$, are the dimensions of the linear system.
To reduce the number of secure multiplications, we sacrifice the constant-rounds property and propose a protocol for computing the Moore--Penrose pseudoinverse over the rational numbers in a linear number of rounds, requiring only $O(m^2n)$ secure multiplications.
To obtain the common denominator of the pseudoinverse, required for constructing an integer-representation of the pseudoinverse, we generalize a result by Ben-Israel for computing the squared volume of a matrix. Also, we show how to precondition a symmetric matrix to achieve generic rank profile while preserving symmetry and being able to remove the preconditioner after it has served its purpose. These results may be of independent interest.
Rui Qiao, Qinglong Wang*, Zongtao Duan, Na Fan
ePrint ReportAlessandro Budroni, Andrea Tenti
ePrint ReportClément Massart, François-Xavier Standaert
ePrint ReportJung Hee Cheon, Jinhyuck Jeong, Dohyeong Ki, Jiseung Kim, Joohee Lee, Seok Won Lee
ePrint ReportJung Hee Cheon, Duhyeong Kim, Jai Hyun Park
ePrint ReportThe performance of our modified mean-shift clustering algorithm based on the approximate HE scheme HEAAN is quite remarkable in terms of speed and accuracy. It takes about $30$ minutes with $99\%$ accuracy over several public datasets with hundreds of data, but even for two hundred thousands of data it takes only $82$ minutes with SIMD operations in HEAAN. Our results outperform the previously best known result over $400$ times.
Alessio Caminata, Elisa Gorla
ePrint ReportAllison Bishop, Lucas Kowalczyk, Tal Malkin, Valerio Pastro, Mariana Raykova, Kevin Shi
ePrint ReportAlexander Dax, Robert Künnemann, Sven Tangermann, Michael Backes
ePrint ReportThis work proposes a formal model for the secure use of authenticated deterministic encryption in PKCS11, including concrete API changes to allow for secure policies to be implemented. Owing to the authenticated encryption mechanism, the policy we propose provides more functionality than any policy proposed so far and can be implemented without access to a random number generator. Our results cover modes of operation that rely on unique initialisation vectors (IVs), like GCM or CCM, but also modes that generate synthetic IVs. We furthermore provide a proof for the deduction soundness of our modelling of deterministic encryption in Böhl et.al.'s composable deduction soundness framework.
Xiaolu Hou, Jakub Breier, Dirmanto Jap, Lei Ma, Shivam Bhasin, Yang Liu
ePrint ReportIn this paper, we experimentally evaluate DNNs implemented in embedded device by using laser fault injection, a physical attack technique that is mostly used in security and reliability communities to test robustness of various systems. We show practical results on four activation functions, ReLu, softmax, sigmoid, and tanh. Our results point out the misclassification possibilities for DNNs achieved by injecting faults into the hidden layers of the network. We evaluate DNNs by using several different attack strategies to show which are the most efficient in terms of misclassification success rates. Protection techniques against these attacks are also presented. Outcomes of this work should be taken into account when deploying devices running DNNs in environments where malicious attacker could tamper with the environmental parameters that would bring the device into unstable conditions, resulting into faults.