IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
27 June 2020
Viet Ba Dang, Farnoud Farahmand, Michal Andrzejczak, Kamyar Mohajerani, Duc Tri Nguyen, Kris Gaj
ePrint ReportCatherine Meadows
ePrint ReportThis paper subsumes and replaces the paper ``Symbolic Security Criteria for Blockwise Adaptive Secure Modes of Encryption." (IACR eprint 2017/1152)
Mahabir Prasad Jhanwar, Sumanta Sarkar
ePrint ReportIn this article, we take a hybrid approach and propose PHyCT that guarantees fail-safe, privacy, and security. This system acts like a decentralized one, where identities of users remain anonymous to the central authority. However, if there is a case of infection, the infected user and the central authority can together only reveal the identities of the users who have come in close contact. This feature enables to handle the situation if there are too many non-compliant users who do not report after getting infection exposure notification. Users who have not come into close contact of any infected person remain anonymous.
Jean-François Biasse, Sriram Chelleppan, Sherzod Kariev, Noyem Khan, Lynette Menezes, Efe Seyitoglu, Charurut Somboonwit, Attila Yavuz
ePrint ReportChaya Ganesh, Claudio Orlandi, Daniel Tschudi, Aviv Zohar
ePrint ReportIn this work we study Virtual ASICs--a generalization of proof-of-stake. Virtual ASICs are essentially a virtualized version of proof-of-work. Miners can buy on-chain virtual mining machines which can be powered by virtual electricity. Similar to their physical counterparts, each powered virtual ASIC has a certain chance to win the right to create the next block. In the boundary case where virtual electricity is free, the protocol corresponds to proof-of-stake using an ASIC token which is separate from the currency itself (the amount of stake equals your virtual computing power). In the other boundary case where virtual computers are free, we get a proof-of-burn equivalent. That is, a consensus mechanism in which miners `burn' money to obtain lottery tickets for the right to create the next block. We provide the cryptographic machinery required to base a consensus protocol on Virtual ASICs, as well as to sell them in sealed-bid auctions on-chain. We ensure that as long as a majority of the miners in the system mine honestly, bids remain both private and binding, and that miners cannot censor the bids of their competitors. To achieve this, we introduce a novel all-or-nothing broadcast functionality in blockchains that is of independent interest.
Lydia Garms, Siaw-Lynn Ng, Elizabeth A. Quaglia, Giulia Traverso
ePrint ReportDario Catalano, Georg Fuchsbauer , Azam Soleimanian
ePrint ReportWe present DAPS schemes that are efficient, secure in the standard model under standard assumptions and support large address spaces. Our main construction builds on vector commitments (VC) and double-trapdoor chameleon hash functions (DTC). We also provide a DAPS realization from Groth-Sahai (GS) proofs that builds on a generic construction by Derler et al., which they instantiate in the ROM. The GS-based construction, while less efficient than our main one, shows that a general yet efficient instantiation of DAPS in the standard model is possible.
An interesting feature of our main construction is that it can be easily modified to guarantee security even in the most challenging setting where no trusted setup is provided. It seems to be the first construction achieving this in the standard model.
Michel Abdalla , Florian Bourse , Hugo Marival , David Pointcheval , Azam Soleimanian , Hendrik Waldner
ePrint ReportTakashi Yamakawa, Mark Zhandry
ePrint ReportSonia Belaïd, Jean-Sébastien Coron, Emmanuel Prouff, Matthieu Rivain, Abdul Rahman Taleb
ePrint ReportAshrujit Ghoshal, Joseph Jaeger, Stefano Tessaro
ePrint ReportWe show both positive and negative results. On the positive side, we provide tight memory-sensitive bounds for the security of GCM and its generalization, CAU (Bellare and Tackmann, CRYPTO '16). Our bounds apply to a restricted case of AE security which abstracts the deployment within protocols like TLS, and rely on a new memory-tight reduction to corresponding restricted notions of confidentiality and integrity. In particular, our reduction uses an amount of memory which linearly depends on that of the given adversary, as opposed to only imposing a constant memory overhead as in earlier works (Auerbach et al., CRYPTO '17).
On the negative side, we show that a large class of black-box reductions cannot generically lift confidentiality and integrity security to a joint definition of AE security in a memory-tight way.
Carsten Baum, Bernardo David, Rafael Dowsley, Jesper Buus Nielsen, Sabine Oechsner
ePrint ReportJung Hee Cheon, Wonhee Cho, Jeong Han Kim, Jiseung Kim
ePrint ReportRecently, Boneh et al. (TCC'18) introduced two types of new weak PRF candidates, called a basic Mod-2/Mod-3 and alternative Mod-2/Mod-3 weak PRF. They both use the mixture of linear computations defined on different small moduli to satisfy conceptual simplicity, low complexity (depth-2 ${\sf ACC^0}$) and MPC friendliness. In fact, the new candidates are conjectured to be exponentially secure against any adversary that allows exponentially many samples, and a basic Mod-2/Mod-3 weak PRF is the only candidate that satisfies all above features. However, none of direct attacks which focus on a basic and alternative Mod-2/Mod-3 weak PRFs uses their own structures.
In this paper, we investigate weak PRFs in three perspectives; attacks, fixes, and a new analysis to support the hardness conjecture of weak PRFs. We first propose direct attacks for an alternative Mod-2/Mod-3 weak PRF and a basic Mod-2/Mod-3 weak PRF when a circulant matrix is used as a secret key.
For an alternative Mod-2/Mod-3 weak PRF, we prove that the adversary's advantage is at least $2^{-0.105n}$, where $n$ is the size of input space of weak PRF. Similarly, we show that the advantage of our heuristic attack to the weak PRF with a circulant matrix key is larger than $2^{-0.21n}$, which is contrary to previous expectation that `a structured secret key' does not affect the security of a weak PRF. Thus, for optimistic parameter choice $n = 2\lambda$ for the security parameter $\lambda$, parameters should be increased to preserve $\lambda$-bit security when an adversary obtains exponentially many samples.
Next, we provide a simple method for repairing two weak PRFs affected by our attack while preserving the depth-2 ${\sf ACC^0}$ circuit complexity and parameters.
Moreover, we provide an observation and a new analysis to support the exponential hardness conjecture of a basic Mod-2/Mod-3 weak PRF when a secret key is uniformly sampled from $\{0,1\}^{m \times n}$.
George Teseleanu
ePrint ReportHaibo Zhou, Rui Zong, Xiaoyang Dong, Keting Jia, Willi Meier
ePrint ReportDaniel De Almeida Braga, Pierre-Alain Fouque, Mohamed Sabt
ePrint Report26 June 2020
Virtual Event, Anywhere on Earth, 18 November - 20 November 2020
Event CalendarSubmission deadline: 3 July 2020
Notification: 4 September 2020
Information Security Group, Royal Holloway, University of London, UK
Job PostingThe ISG is seeking to recruit a post-doctoral research assistant to work in the area of cryptography. The position is available now until 1 June 2022.
The PDRA will work alongside Prof. Martin Albrecht, Dr. Rachel Player and other cryptographic researchers at Royal Holloway on topics in lattice-based cryptography. This post is part of the EU H2020 PROMETHEUS project (https://www.h2020prometheus.eu) for building privacy preserving systems from advanced lattice primitives. Our research focus within this project is on cryptanalysis and implementations, but applicants with a strong background in other areas such as protocol/primitive design are also encouraged to apply.
See also this blog post (https://martinralbrecht.wordpress.com/2020/06/26/postdoc-at-royal-holloway-on-lattice-based-cryptography-3/) for more details.
Closing date for applications:
Contact: Martin Albrecht or Rachel Player
More information: https://jobs.royalholloway.ac.uk/Vacancy.aspx?ref=0620-149
University of North Texas; Denton, Texas, USA
Job PostingPosition Summary: CAAAM is seeking a Research Assistant Professor to collaborate with a team of faculty on cybersecurity issues related to AM. This is a non-tenure track terminal position with a primary association with CAAAM and secondary association with an appropriate academic department. The selected candidate is expected to focus on cybersecurity in the context of advanced manufacturing systems in general and additive manufacturing systems more specifically. A successful candidate will work closely with faculty in the Computer Science and Engineering department as well as other faculty and researchers in CAAAM. The candidate is expected to conduct research on securing advanced manufacturing systems and develop fundamental and innovative approaches to the design and validation of secure, trustworthy and resilient cyber systems for industrial automation. The candidate is also expected to develop educational material for training workforce to operate advanced manufacturing systems as well as mentor graduate students and post-doctoral researchers working in CAAAM.
Minimum qualifications include an earned doctorate in Computer Engineering, Computer Science or a related discipline with a research focus on cybersecurity in general but more specifically, cybersecurity related to cyber-physical systems, security in edge devices, hardware/systems security, security of IoT’s and Industrial IoT’s, design and validation of secure and resilient cyber-physical systems. The research background should be evident from high quality publications.
Closing date for applications:
Contact: Krishna Kavi (Krishna.Kavi@unt.edu), Mary Chandler (Mary.Chandler@unt.edu)
More information: http://jobs.untsystem.edu/postings/34619
Bank of Canada, Ottawa, Ontario, Canada
Job PostingReporting to the Director, Fintech Research team in the IT Services department, you use your expertise and intellect to solve unique and difficult problems. Working in a talented and diverse team you touch all phases of a research and development project towards meeting challenging policy goals.
You will have the opportunity to use your specialized skills, develop these further and contribute to other areas of the project:
- Devise technical solutions to difficult and unique problems either independently, with team members or with external vendors and experts as required
-Identify gaps and Investigate emerging technologies as required for their application for CBDC
- Liaise closely with, and consider impacts on, other aspects of the system, outside the immediate area of responsibility, in formulating technical designs
- Recommend solutions to specific problem to solution architect and project leadership with a holistic view of impacts (e.g. effectiveness of solution, costs, risks, evolution over time)
- Explain and justify design choices, especially when multiple options are available
- Explain technologies and solutions to other technical audiences and occasionally business stakeholders in the Bank
- Assist in the design and development of proof-of-technologies / proof-of-concepts
- Contribute to development of a working CBDC system
- Contribute to the documentation and body of knowledge of technical designs
- Give intellectual leadership to other members of the team involved in the same domain area
- Manage day-to-day relationship with external parties such as vendors to ensure efficient work practices and management of risks
- Manage and balance the workloads of multiple simultaneous projects
What you can expect from us
Salaries are based on qualifications and experience and typically range from $94,100 and $117,600 (job grade 18). The intent is to staff at job grade job grade 18. Based on business needs and the successful candidate’s experience, knowledge and competencies, the position may be staffed at JG 17 ($83,900 and $104,
Closing date for applications:
Contact: Apply Online using above link
More information: https://careers.bankofcanada.ca/job/Ottawa-%28Downtown%29-Research-and-Development-Technologist%2C-CBDC/540381817/