IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
29 July 2020
Ben Marshall, G. Richard Newell, Dan Page, Markku-Juhani O. Saarinen, Claire Wolf
ePrint Report27 July 2020
University of Birmingham
Job PostingClosing date for applications:
Contact: Mark Ryan
More information: https://bham.taleo.net/careersection/external/jobdetail.ftl?job=200001T9&tz=GMT%2B01%3A00&tzname=Europe%2FLondon
ETH Zurich OR Crypto Quantique, London
Job Posting
The Project Crypto Quantique’s role is to develop a novel Key Provisioning Architecture (KPA) for the generation, distribution, and certification of cryptographic keys used by lnternet of Things (IoT) devices and cloud services. The aim is to build a quantum-driven security platform by combining the KPA with cryptographic keys generated through quantum tunnelling behaviour in semiconductor devices. The Applied Cryptography Group’s main role in the project is to lead an investigation of how to transition Crypto Quantique’s KPA to use post-quantum cryptographic algorithms in the KPA protocols. They will also assist Crypto Quantique in conducting formal security analysis of the constituent protocols currently used in the KPA, and in developing and analysing new cryptographic protocols where necessary.
How to Apply? We look forward to receiving your online application with the following documents: CV; list of scientific publications; pointers to relevant software development projects, if applicable; contact details for 3 referees.
If you would like to apply for a role at Crypto Quantique, please use this link where the CQ team look forward to reviewing your CV: https://bit.ly/2Ot5OSc
If you would like to apply for the role with ETH Zurich please apply online at: https://bit.ly/3j88Vgs
Closing date for applications:
Contact: Kenny Paterson (kenny.paterson@inf.ethz.ch) or Christian Saade (csaade@cryptoquantique.com)
More information: https://jobs.ethz.ch/job/view/3159?mw_source=ethz_aem
26 July 2020
Hai Lin, Christopher Lynch
ePrint ReportOmri Shmueli
ePrint ReportOur main technical contribution is showing a general transformation that compiles any sigma protocol into a reusable MDV-NIZK protocol, using NIZK for NP. Our technique is classical but works for quantum protocols and allows the construction of a reusable MDV-NIZK for QMA.
Stelios Daveas, Kostis Karantias, Aggelos Kiayias, Dionysis Zindros
ePrint ReportBrett Hemenway Falk, Daniel Noble
ePrint ReportIn this work, we design and implement decentralized versions of lattice-based and elliptic-curve-based public-key cryptoystems using generic secure multiparty computation (MPC) protocols. These are standard cryptosystems, so we introduce no additional work for encrypting devices and no new assumptions beyond those of the generic MPC framework. Both cryptosystems are also additively homomorphic, which allows for secure additions directly on ciphertexts. By using generic MPC techniques, our multiparty decryption protocols compute secret-shares of the plaintext, whereas most special-purpose cryptosystems either do not support decryption or must reveal the decryptions in the clear. Our method allows complex functions to be securely evaluated after decryption, revealing only the results of the functions and not the plaintexts themselves.
To improve performance, we present a novel oblivious elliptic curve multiplication protocol and a new noise-masking technique which may be of independent interest. We implemented our protocols using the SCALE-MAMBA secure multiparty computation platform, which provides security against malicious adversaries and supports arbitrary numbers of participants.
Chenkai Weng, Kang Yang, Jonathan Katz, Xiao Wang
ePrint Report- The prover in our protocol has linear running time and, perhaps more importantly, memory usage linear in the memory needed to evaluate the circuit non-cryptographically. This allows our proof system to scale easily to very large circuits.
- For circuits of size C over an arbitrary finite field and a statistical security parameter $\rho$, the communication complexity of our protocol is roughly 3B + 1 elements per gate, where B = 1 for large fields and $B = \rho/\log C$ for small fields.
Using 5 threads and a 50 Mbps network, our ZK protocol $(\rho = 40,\kappa = 128)$ runs at a rate of $0.54 \mus$/gate for a boolean circuit with 10 billion gates, using only 400 MB of memory and communicating 9 bits/gate. This is roughly an order of magnitude faster than prior work.
Kang Yang, Chenkai Weng, Xiao Lan, Jiang Zhang, Xiao Wang
ePrint ReportIn this paper, we propose new COT protocols in the PCG paradigm that achieve unprecedented performance. With $50$ Mbps network bandwidth, our maliciously secure protocol can produce one COT correlation in $22$ nanoseconds. More specifically, our results are summarized as follows:
- We propose a semi-honest COT protocol with sublinear communication and linear computation. This protocol assumes primal-LPN and is built upon a recent VOLE protocol with semi-honest security by Schoppmann et al. (CCS 2019). We are able to apply various optimizations to reduce its communication cost by roughly $15\times$, not counting a one-time setup cost that diminishes as we generate more COTs.
- We strengthen our COT protocol to malicious security with no loss of efficiency. Among all optimizations, our new protocol features a new checking technique that ensures correctness and consistency essentially for free. In particular, our maliciously secure protocol is only $1-3$ nanoseconds slower for each COT.
- We implemented our protocols, and the code will be publicly available at EMP-toolkit. We observe at least $9\times$ improvement in running time compared to the state-of-the-art protocol by Boyle et al. (CCS 2019) in both semi-honest and malicious settings under any network faster than $50$ Mbps.
With this new record of efficiency for generating COT correlations, we anticipate new protocol designs and optimizations will flourish on top of our protocol.
Nicolas Aragon, Jean-Christophe Deneuville, Philippe Gaborit
ePrint ReportSoumyadyuti Ghosh, Urbi Chatterjee, Durba Chatterjee, Rumia Masburah, Debdeep Mukhopadhyay, Soumyajit Dey
ePrint ReportHyoseung Kim, Youngkyung Lee, Michel Abdalla, Jong Hwan Park
ePrint ReportDeng Tang, Bimal Mandal, Subhamoy Maitra
ePrint ReportXavier Bonnetain
ePrint ReportBasker Palaniswamy
ePrint ReportSøren Eller Thomsen, Bas Spitters
ePrint ReportWe present the first machine checked proof that guarantees both safety and liveness for a consensus algorithm. We verify a Proof of Stake (PoS) Nakamoto-style blockchain (NSB) protocol, using the foundational proof assistant Coq. In particular, we consider a PoS NSB in a synchronous network with a static set of corrupted parties. We define execution semantics for this setting and prove chain growth, chain quality, and common prefix which together implies both safety and liveness.
Ivan Damgård, Claudio Orlandi, Mark Simkin
ePrint ReportIn this work, we present the first generic compilers for constructing two-party protocols with covert security and public verifiability from protocols with passive security. We present two separate compilers, which are both fully blackbox in the underlying protocols they use. Both of them only incur a constant multiplicative factor in terms of bandwidth overhead and a constant additive factor in terms of round complexity on top of the passively secure protocols they use.
The first compiler applies to all two-party protocols that have no private inputs. This class of protocols covers the important class of preprocessing protocols that are used to setup correlated randomness among parties. We use our compiler to obtain the first secret-sharing based two-party protocol with covert security and public verifiability. Notably, the produced protocol achieves public verifiability essentially for free when compared with the best known previous solutions based on secret-sharing that did not provide public verifiability
Our second compiler constructs protocols with covert security and public verifiability for arbitrary functionalities from passively secure protocols. It uses our first compiler to perform a setup phase, which is independent of the parties' inputs as well as the protocol they would like to execute.
Finally, we show how to extend our techniques to obtain multiparty computation protocols with covert security and public verifiability against arbitrary constant fractions of corruptions.
22 July 2020
Yilei Chen, Alex Lombardi, Fermi Ma, Willy Quach
ePrint ReportIn this work, we abandon this methodology and ask whether Fiat-Shamir truly requires a cryptographic hash function. Perhaps surprisingly, we show that in two of its most common applications --- building signature schemes as well as (general-purpose) non-interactive zero-knowledge arguments --- there are sound Fiat-Shamir instantiations using extremely simple and non-cryptographic hash functions such as sum-mod-p or bit decomposition. In some cases, we make idealized assumptions about the interactive protocol (i.e., we invoke the generic group model), while in others, we argue soundness in the plain model. At a high level, the security of each resulting non-interactive protocol derives from hard problems already implicit in the original interactive protocol.
On the other hand, we also identify important cases in which a cryptographic hash function is provably necessary to instantiate Fiat-Shamir. We hope that this work leads to an improved understanding of the precise role of the hash function in the Fiat-Shamir transformation.
Jacques Patarin , Gilles Macario-Rat , Maxime Bros , Eliane Koussa
ePrint ReportIn a first part, we describe the attacks against multivariate public key signature and use them to compute the minimal parameters that an ultra-short signature scheme would have. In a second part, we give an explicit example of such an ultra-short signature scheme using HFE-like algorithms. In the end, we give parameters for several level of security: 80, 90, 100 bits and the classic 128, 192, and 256 bits; for each of them, we propose different choices of finite fields.