28 March 2020
Qianhong Wan, Longjiang Qu, Chao Li
Yongge Wang
Reza Azarderakhsh, David Jao, Brian Koziel, Jason T. LeGrow, Vladimir Soukharev, Oleg Taraskin
Sankhanil Dey, Amlan Chakrabarti, Ranjan Ghosh
Sankhanil Dey, Amlan Chakrabarti, Ranjan Ghosh
Sankhanil Dey, Amlan Chakrabarti, Ranjan Ghosh
George Teseleanu
Martin Hirt, Marta Mularczyk
However, these efficient protocols only offer active security, which implies that at most $t<n/3$ (perfect security), respectively $t<n/2$ (statistical or computational security) parties may be corrupted. Higher corruption thresholds (i.e., $t\geq n/2$) can only be achieved with degraded security (unfair abort), where one single corrupted party can prevent honest parties from learning their outputs.
The aforementioned upper bounds ($t<n/3$ and $t<n/2$) have been circumvented by considering mixed adversaries (Fitzi et al., Crypto' 98), i.e., adversaries that corrupt, at the same time, some parties actively, some parties passively, and some parties in the fail-stop manner. It is possible, for example, to achieve perfect security even if $2/3$ of the parties are faulty (three quarters of which may abort in the middle of the protocol, and a quarter may even arbitrarily misbehave). This setting is much better suited to many applications, where the crash of a party is more likely than a coordinated active attack.
Surprisingly, since the presentation of the feasibility result for the mixed setting, no progress has been made in terms of efficiency: the state-of-the-art protocol still requires a communication of $\Omega(n^6)$ field elements per multiplication.
In this paper, we present a perfectly-secure MPC protocol for the mixed setting with essentially the same efficiency as the best MPC protocols for the active-only setting. For the first time, this allows to tolerate faulty majorities, while still providing optimal efficiency. As a special case, this also results in the first fully-secure MPC protocol secure against any number of crashing parties, with optimal (i.e., linear in $n$) communication. We provide simulation-based proofs of our construction.
27 March 2020
University of Warwick
This is a fully-funded Ph.D. position for a UK/EU/International student (tuition fees plus stipend) to pursue a Ph.D. research degree in the Department of Computer Science, University of Warwick. Note that for international students, the overseas tuition gap will be covered as well.
The project is in the area of security and cryptography, in particular, investigating next-generation cryptocurrency that is more scalable, privacy-preserving, and usable than what we have today.
An ideal candidate should have excellent undergraduate and master degrees (equivalent to at least a UK 2.1) in Computer Science or relevant disciplines such as Mathematics and Engineering; a solid mathematical background as well as strong programming skills; experience in security research.
The closing date for application is 30 April 2020.
Interested candidates are encouraged to apply as early as possible. First, express your interest by sending your CV to Prof Feng Hao (feng.hao@warwick.ac.uk). If your background is found suitable, you will be directed to make a formal application. All formal applications will need to be made online through https://warwick.ac.uk/study/postgraduate/apply/research/.
Further information about the research environment: The Department of Computer Science, University of Warwick is one of the leading CS departments in the UK. In the latest 2014 REF (Research Excellence Framework) assessment participated by all UK universities, Warwick Computer Science is ranked the 1st for research output, 2nd for research impact, and 2nd overall among 89 CS departments in the UK. The University of Warwick is consistently ranked among the top 10 universities in the UK. It is also known for its beautiful campus, friendly social environment, vivid student lives, and easy transport links to all major cities in the UK including London.
Closing date for applications:
Contact: Professor Feng Hao
More information: https://warwick.ac.uk/fac/sci/dcs/research/doctoralstudies/fundingadvice/researchstudentships/?newsItem=8a17841b70e3f5d8
Nanyang Technological University / Temasek Labs @ NTU
Closing date for applications:
Contact: Thomas Peyrin (thomas.peyrin@ntu.edu.sg)
University of Luxembourg
Closing date for applications:
Contact: Thomas Engel (thomas.engel@uni.lu), Andy Rupp (andy.rupp@uni.lu)
26 March 2020
Benjamin Terner
Rajitha Ranasinghe, Pabasara Athukorala
Robert A. Threlfall
By using quartic reciprocity properties there is less information leakage than with quadratic reciprocity based schemes and consequently this encryption scheme appears to be completely non-malleable as defined by M. Fischlin (2005) and strongly plaintext aware and secret-key aware as well as defined by M. Barbosa and P. Farshim (2009). Assuming that our one-way trapdoor function is computationally hard to invert, then this encryption scheme is provably secure against adaptive chosen ciphertext attacks ($IND-CCA2$).
Decryption is fast, requiring just one modular multiplication and one Jacobi symbol evaluation. The encryption step is polynomial time, but slow, and there is a great deal of message expansion. The encryption step is amenable to parallelization, both across bits, as well as at the level of encrypting a single bit. The computational cost to break an encrypted bit can be optionally adjusted down on a per bit basis.
With no additional keys, multiple senders can individually join secret information to each encrypted bit without changing the parity of the encrypted bit. (Recovering this secret information is harder than recovering the private key.) Each sender can separately and publicly reveal their secret information without revealing the plaintext bit. The senders of the encrypted message bit can also individually authenticate they are senders without the use of a message authentication code and without revealing the plaintext bit.
Joseph Bonneau, Izaak Meckler, Vanishree Rao, Evan Shapiro
Youssef El Housni, Aurore Guillevic
Murilo Coutinho, T. C. Souza Neto
Siang Meng Sim
Steve Thakur
Hongda Li, Peifang Ni, Dongxue Pan
In this paper, we focus on zero-knowledge protocols for NP with low round complexity under the augmented black-box simulation technique, in which the simulator has access to the verifier's secret information, and obtain positive results on 3-round zero-knowledge proofs and 2-round zero-knowledge arguments and proofs. More precisely, our contributions are five-fold: (i) we propose the notion of generalized claw-free function and the notion of trapdoor generalized claw-free function, and then we show a construction of trapdoor generalized claw-free function under the discrete logarithm assumption and the knowledge of exponent assumption, (ii) we propose the notion of completely extractable bit-commitment and give a construction of it from trapdoor generalized claw-free functions, (iii) we present a 3-round zero-knowledge proof for NP based on the completely extractable bit-commitment schemes and Yao's garbling circuit technique, (iv) we show a 2-round zero-knowledge argument for NP based on indistinguishable obfuscator, (v) we transform the basic 2-round honest verifier zero-knowledge proof protocol for quadratic non-residue into a 2-round zero-knowledge proof protocol.