IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
22 May 2019
Sayandeep Saha, Dirmanto Jap, Debapriya Basu Roy, Avik Chakraborti, Shivam Bhasin, Debdeep Mukhopadhyay
ePrint ReportPartha Sarathi Roy, Kirill Morozov, Kazuhide Fukushima, Shinsaku Kiyomoto
ePrint ReportJohn Kelsey, Dana Dachman-Soled, Sweta Mishra, Meltem Sonmez Turan
ePrint ReportJonathan Protzenko, Benjamin Beurdouche, Denis Merigoux, Karthikeyan Bhargavan
ePrint ReportWe present a new toolchain that compiles Low*, a low-level subset of the F* programming language, into WebAssembly. Unlike other WebAssembly compilers like Emscripten, our compilation pipeline is focused on compactness and auditability: we formalize the full translation rules in the paper and implement it in a few thousand lines of OCaml. Using this toolchain, we present two case studies. First, we build WHACL*, a WebAssembly version of the existing, verified HACL* cryptographic library. Then, we present LibSignal*, a brand new, verified implementation of the Signal protocol in WebAssembly, that can be readily used by messaging applications like WhatsApp, Skype, and Signal.
James Shook, Scott Simon, Peter Mell
ePrint ReportMarkku-Juhani O. Saarinen
ePrint ReportThe brief original abstract: We show that a simple ``black box'' chosen-key attack against GOST can recover secret S-boxes with approximately $2^{32}$ encryptions.
Mostafizar Rahman, Dhiman Saha, Goutam Paul
ePrint ReportNikolay Shenets
ePrint ReportSurprisingly, we have found a mistake in the Shannon's result. Namely, Shannon stated that an endomorphic cipher, in which the keyspace $\mathcal{K}$ has the same cardinality as message space, is perfect if and only if two conditions are satisfied. The first suggests that for any pair plaintext - ciphertext there exists only one key that translates this plaintext into this ciphertext. The second argues that the key distribution must be uniform. We show, that these two conditions are not really enough. We prove in three different ways that the plaintexts must also be equally probable. Moreover, we study the general endomorphic cipher and get the same result. It follows, that in practice perfect endomorphic ciphers do not exist.
Patrick Derbez, Pierre-Alain Fouque, Baptiste Lambin, Victor Mollimard
ePrint ReportIn this paper, we complete the literature by building optimal even-odd permutations for 28, 30, 32, 36 blocks which to the best of our knowledge were unknown until now. The main idea behind our constructions and impossibility proof is a new characterization of the total diffusion of a permutation after a given number of rounds. In fact, we propose an efficient algorithm based on this new characterization which constructs all optimal even-odd permutations for the 28, 30, 32, 36 blocks cases and proves a better lower bound for the 34, 38, 40 and 42 blocks cases. In particular, we improve the 32 blocks case by exhibiting optimal even-odd permutations with diffusion round of 9. The existence of such a permutation was an open problem for almost 10 years and the best known permutation in the literature had a diffusion round of 10. Moreover, our characterization can be implemented very efficiently and allows us to easily re-find all optimal even-odd permutations for up to 26 blocks with a basic exhaustive search.
Joan Daemen, Christoph Dobraunig, Maria Eichlseder, Hannes Gross, Florian Mendel, Robert Primas
ePrint ReportHwajeong soe, Amir Jalali, Reza Azarderakhsh
ePrint ReportFatemeh Ganji, Shahin Tajik, Pascal Stauss, Jean-Pierre Seifert, Domenic Forte, Mark Tehranipoor
ePrint ReportPercy Deift, Stephen D. Miller, Thomas Trogdon
ePrint ReportCarsten Baum, Ariel Nof
ePrint ReportBased on specific properties of our protocol we then show how it can be used to construct an efficient Zero-Knowledge Argument of Knowledge for instances of the Short Integer Solution (SIS) problem. We present different protocols that are tailored to specific uses of SIS and show how our solution compares in terms of argument size to existing work. We moreover implemented our Zero-Knowledge argument for SIS and show that using our protocols it is possible to run a complete interactive proof, even for general SIS instances which result in a circuit with $>10^6$ gates, in less than 0.5 seconds. To the best of our knowledge, our construction outperforms all known approaches for the SIS problem with post-quantum security either in terms of computation or communication complexity.
21 May 2019
Department of CS and the School of Law at Universität Erlangen-Nürnberg
Job Posting10 PhD positions (salary level 13 TV-L) in Computer Science (full time)
within the Research Training Group 2475 \"Cybercrime and Forensic Computing\" funded by the German Research Foundation (DFG) commencing on October 1, 2019.
The Research Training Group aims to systematically analyse research questions arising from the interaction between computer science and criminal law. The principal investigators of this project offer expertise in the following areas:
o Computer security, digital forensic science
o Theoretical computer science (logic, semantics, automata)
o Pattern recognition, image processing, image forensics
o Cryptography
o Hardware-software-co-design
Applicants should have an excellent academic record, hold an MSc or an equivalent university degree in computer science or related disciplines, and have the goal to finish a PhD degree within three years.
Founded in 1743 and situated at the heart of the Nuremberg Metropolitan Region, FAU is a strong research university with an international perspective and one of the largest universities in Germany. FAU’s outstanding research and teaching is reflected in top positions in both national and international rankings, as well as the high amount of DFG funding which its researchers are able to secure.
FAU aims to increase the number of women in scientific positions. Female candidates are therefore particularly encouraged to apply. In case of equal qualifications, candidates with disabilities will take precedence.
Please mention in your application at least two research areas from the above list which you are specifically interested in. Interviews will commence between 3.7.2019 and 12.7.2019 in Erlangen. Further inquiries can be directed to Felix Freiling (felix.freiling (at) fau.de) regarding positions in computer science and Hans Kudlich (hans.kudlich (at) fau.de) regarding positions in law.
Closing date for applications: 12 June 2019
Contact: Felix Freiling (felix.freiling (at) fau.de) regarding positions in computer science and Hans Kudlich (hans.kudlich (at) fau.de) regarding positions in law.
More information: https://cybercrime.fau.de
Horst Görtz Institute for IT Security, Ruhr-Universität Bochum, Germany
Job PostingClosing date for applications: 2 June 2019
Contact: Contact: Dr. Patrick Schulte
RUHR-UNIVERSITÄT BOCHUM
Exzellenzcluster CASA / Horst Görtz Institute for IT Security
General Manager
ID 2 / 142
Universitätsstr. 150
44780 Bochum, Germany
Tel: +49-(0)234-32-27722
Email: patrick.schulte (at) rub.de
More information: https://twitter.com/HGI_Bochum/status/1087703387343331329 https://twitter.com/HGI_B /1087703387343331329
Department of Computing, The Hong Kong Polytechnic University
Job Posting- lattice-based cryptography;
- privacy-preserving cryptographic primitives (including zero-knowledge proofs, anonymous credentials, ring signatures);
- blockchain & cryptocurrency.
Candidates for research fellow/associate should have completed (or close to completing) a PhD in computer science, mathematics, or a related discipline. Research assistant are expected to have an honours degree or an equivalent qualification. Post-secondary students will be considered for the position of research/project administrative assistant.
Applicants should have solid experience in any of the following areas:
- Public key cryptography and provable security;
- post-quantum cryptography;
- Software engineering.
Post-doc applicants should have a good track record (e.g. publications in IACR conferences / workshops)
All positions has a flexible starting date. The initial appointment will be for 12 months, with a strong possibility for further appointment.
Review of applications will start immediately until the positions are filled.
Closing date for applications: 30 September 2019
Contact: Man Ho Au
More information: http://www4.comp.polyu.edu.hk/~csallen
Kaoru Kurosawa
ePrint ReportIn this paper, we show an efficient decoding algorithm for this $b$ error correcting $\ell$ server PIR scheme. It runs in time $O(\ell^3)$.
Robert Nguyen, Adrien Facon, Sylvain Guilley, Guillaume Gautier, Safwan El Assad
ePrint Report20 May 2019
Pedro Branco, Manuel Goulão, Paulo Mateus
ePrint ReportAchieving adaptive security for UC-Commitment schemes is non-trivial and, usually, comes at the price of efficiency. Phase-adaptive security stands between adaptive and static security, and may be of independent interest. In this model, adversaries can corrupt at the beginning or between the commitment and opening phases of the protocol, but not during their execution. This new model is motivated by the fact that, in practice, it is more likely that parties are corrupted between phases of the protocol (where a relatively long period may elapse) than during their execution.