International Association
for Cryptologic Research

We are looking for an Expert in Cryptography and/or Privacy-Preserving Computations with the right skillset to complement our team with practical deep tech and coding expertise.
Join us putting cutting-edge privacy-preserving technologies and federated computations into production.

As a domain Expert in Cryptography, you will help us build never-seen-before deep tech products for our high-profile customers. You contribute to the Apheris products, including protocol and architecture and author detailed technical concepts around cryptography. You identify and resolve performance bottlenecks and perform and participate in code reviews. Together with our CTO and other senior engineers you will help us hit product milestones by writing high quality, well tested code.

Closing date for applications:

Contact: Robin Röhm, career@apheris.com

More information: https://apheris-jobs.personio.de/job/242412

The Max Planck Institute (MPI) for Security and Privacy (https://www.mpi-sp.org/) is looking to hire Postdocs in cryptography and computer security. The topic of the position depends on common interests, including (but not limited to):

Public-key, lattice-based, and advanced cryptographic primitives.

Cryptocurrencies, blockchains, and concurrent systems.

Post-quantum cryptography and quantum computing.

In order to be considered for the position, the candidate must:

Have completed (or be close to completing) a PhD in computer science, mathematics, or related fields.

Show a record of excellent publications in leading venues for security (S&P, CCS, Usenix Sec, NDSS) cryptography (CRYPTO, EUROCRYPT, ASIACRYPT) or general theory of computer science (STOC, FOCS, ICALP).

The MPI for Security and Privacy is co-located with the Ruhr University of Bochum (Germany) and offers a vibrant atmosphere for research that spans across all aspects of computer security. The knowledge of German is not required for a successful career at MPI. To apply for the position, send an email to Giulio Malavolta (address below) including the following documents:

A curriculum vitae (including list of publications).

The names of 2/3 referees for recommendation letters.

If you have any questions, don’t hesitate to get in touch.

Closing date for applications:

Contact: Giulio Malavolta (giulio.malavolta@hotmail.it)

The University of St. Gallen in Switzerland and the chair of Cyber Security invites applications from PhD holders in the area of cryptography and information security. The researcher will join a group of researchers focusing in applied and theoretical cryptography, network and information security and privacy-preservation led by Prof. Katerina Mitrokotsa. We are affiliated to the Department of Computer Science (DCS) and the Institute of Computer Science. More precisely, the student shall be working on investigating efficient authentication and verifiable delegation of computation mechanisms that provide: i) provable security guarantees, and ii) rigorous privacy guarantees. The overall aim of the PhD position will be to design and evaluate provably secure cryptographic protocols for privacy-preserving authentication and verifiable delegation of computation protocols. The research shall also consider the case where multiple clients outsource jointly computations to untrusted cloud servers.
Research area: Research areas include but are not limited to:

• Verifiable computation
• Secure Multi Party Computation
• Privacy-preserving authentication
• Cryptographic primitives

Your Profile

• A MsC degree in Computer Science, Applied Mathematics or a relevant field;
• Strong mathematical and algorithmic CS background;
• Good skills in programming is beneficial;
• Excellent written and verbal communication skills in English

Deadline for applications: 31 August
Starting date: Fall 2020 or by mutual agreement
Contact: Prof. Katerina Mitrokotsa

Closing date for applications:

Contact: Katerina Mitrokotsa

More information: http://direktlink.prospective.ch/?view=2d5b5bd0-e017-4917-90bb-14f3b6efe9c4

Event date: 2 March to 5 March 2021
Submission deadline: 30 November 2020
Notification: 30 December 2020

We obfuscate the big subset and small superset functionalities in a very simple way. We prove both VBB and input-hiding in the standard model based on the subset product problems. Our security proofs are simple.

Let n in N be the bit length, t in N be the threshold indicating big/small, x in {0,1}^n be the characteristic vector of a set, with its hamming weight |x| denoting the size of the set. Our obfuscation for x requires that ||x|-t| < n/2. Note that a random x has hamming weight approximately n/2, hence this condition is for free most of the time.

Our obfuscation requires hamming distance evasiveness, which is stronger than big subset and small superset evasiveness. Though, this requirement already implies a fairly large family of functions to obfuscate.

We also give a proof of input-hiding for the conjunction obfuscation by Bartusek et al. [5] (see Appendix A) and propose a new conjunction obfuscation based on the big subset and small superset obfuscation (see Appendix B). The security of our conjunction obfuscation is from our new assumption called the twin subset product problem.

This paper contains an analysis of decentralized exchange governance as an effective framework for voting, profit sharing baking and partially updating the system with a possibility to create new pairs for decentralized exchange with automatic market-making. It will also review 2 alternative baker election and rotation mechanisms such as “Simple first-place voting protocol” and “First-place with veto protocol” and will provide a more in-depth look on these mechanisms. It will examine a proposed architectural software solution for monitoring the decentralized network to mediate deviant baker behavior - the watchtower.

The protection of intellectual property (IP) rights of well-trained deep learning (DL) models has become a matter of major concern, especially with the growing trend of deployment of Machine Learning as a Service (MLaaS). In this work, we demonstrate the utilization of a hardware root-of-trust to safeguard the IPs of such DL models which potential attackers have access to. We propose an obfuscation framework called Hardware Protected Neural Network (HPNN) in which a deep neural network is trained as a function of a secret key and then, the obfuscated DL model is hosted on a public model sharing platform. This framework ensures that only an authorized end-user who possesses a trustworthy hardware device (with the secret key embedded on-chip) is able to run intended DL applications using the published model. Extensive experimental evaluations show that any unauthorized usage of such obfuscated DL models result in significant accuracy drops ranging from 73.22 to 80.17% across different neural network architectures and benchmark datasets. In addition, we also demonstrate the robustness of proposed HPNN framework against a model fine-tuning type of attack.

Multivariate cryptography studies applications of endomorphisms of K[x_1, x_2, …, x_n] where K is a finite commutative ring. The importance of this direction for the construction of multivariate digital signature systems is well known. We suggest modification of the known digital signature systems for which some of cryptanalytic instruments were found . This modification prevents possibility to use recently developed attacks on classical schemes such as rainbow oil and vinegar system, and LUOV. Modification does not change the size of hashed messages and size of signatures. Basic idea is the usage of multivariate messages of unbounded degree and polynomial density for the construction of public rules. Modified algorithms are presented for standardization and certification studies.

In recent years, deep neural networks (DNN) have become an important type of intellectual property due to their high performance on various classification tasks. As a result, DNN stealing attacks have emerged. Many attack surfaces have been exploited, among which cache timing side-channel attacks are hugely problematic because they do not need physical probing or direct interaction with the victim to estimate the DNN model. However, existing cache-side-channel-based DNN reverse engineering attacks rely on analyzing the binary code of the DNN library that must be shared between the attacker and the victim in the main memory. In reality, the DNN library code is often inaccessible because 1) the code is proprietary, or 2) memory sharing has been disabled by the operating system. In our work, we propose GANRED, an attack approach based on the generative adversarial nets (GAN) framework which utilizes cache timing side-channel information to accurately recover the structure of DNNs without memory sharing or code access. The benefit of GANRED is four-fold. 1) There is no need for DNN library code analysis. 2) No shared main memory segment between the victim and the attacker is needed. 3) Our attack locates the exact structure of the victim model, unlike existing attacks which only narrow down the structure search space. 4) Our attack efficiently scales to deeper DNNs, exhibiting only linear growth in the number of layers in the victim DNN.

Gated Recurrent Unit (GRU) has broad application fields, such as sentiment analysis, speech recognition, malware analysis, and other sequential data processing. For low-cost deployment and efficient machine learning services, a growing number of model owners choose to deploy the trained GRU models through Machine-learning-as-a-service (MLaaS). However, privacy has become a significant concern for both model owners and prediction clients, including model weights privacy, input data privacy, and output results privacy. The privacy leakage may be caused by either external intrusion or insider attacks. To address the above issues, this research designs a framework for privacy-preserving GRU models, which aims for privacy scenarios such as predicting on textual data, network packets, heart rate data, and so on. In consideration of accuracy and efficiency, this research uses additive secret sharing to design the basic operations and gating mechanisms of GRU. The protocols can meet the security requirements of privacy and correctness under the Universal Composability framework with the semi-honest adversary. Additionally, the framework and protocols are realized with a proof-of-concept implementation. The experiment results are presented with respect to time consumption and inference accuracy.

Oblivious transfer (OT) is an essential tool of cryptographic protocols. It can serve as a building block for realizing all multiparty functionalities. The strongest security notion against malicious adversaries is universal composibility (UC-secure). Due to the rigorous algebraic structures and operations, achieving the specific security notion with isogenies is believed to be difficult. Hence, it is an open problem to have an efficient UC-secure OT oblivious transfer scheme based on isogenies.

In this work, we propose the first isogeny-based UC-secure oblivious transfer protocol in the presence of malicious adversaries without analogues in the Diffie-Hellman setting. The simple and compact CSIDH-based scheme consists of a constant number of isogeny computations. The underlying relaxed problem is called the computational reciprocal CSIDH problem which we can prove equivalent to the computational CSIDH problem with a quantum reduction.

The private join and compute (PJC) functionality enables secure computation over data distributed across different databases, which is a functionality with a wide range of applications, many of which address settings where the input databases are of significantly different sizes.

We introduce the notion of private information retrieval (PIR) with default, which enables two-party PJC functionalities in a way that hides the size of the intersection of the two databases and incurs sublinear communication cost in the size of the bigger database. We provide two constructions for this functionality, one of which requires offline linear communication, which can be amortized across queries, and one that provides sublinear cost for each query but relies on more computationally expensive tools. We construct inner-product PJC, which has applications to ads conversion measurement and contact tracing, relying on an extension of PIR with default. We evaluate the efficiency of our constructions, which can enable $\mathbf{2^{12}}$ PIR with default lookups on a database of size $\mathbf{2^{30}}$ (or inner-product PJC on databases with such sizes) with the communication of $\mathbf{945}$MB, which costs less than $\mathbf{\$0.04}$ for the client and $\mathbf{\$5.22}$ for the server.

We show the existence of indistinguishability obfuscators (iO) for general circuits assuming subexponential security of: - the Learning with Error (LWE) assumption (with subexponential modulus-to-noise ratio); - the Decisional Composite Residuosity (DCR) assumption; and, - a circular security conjecture regarding the Gentry-Sahai-Water’s (GSW) and the Damgard-Jurik (DJ) encryption schemes.

More precisely, the circular security conjecture states that a notion of leakage-resilient security (which we refer to as “shielded randomness leakage security”) satisfied by GSW (assuming LWE) is retained in the presence of a key-cycle w.r.t. GSW and DJ.

Our work thus places iO on qualitatively similar assumptions as (unlevelled) FHE, for which known constructions also rely on a circular security conjecture.

We construct a VBB and perfect circuit-hiding obfuscator for evasive deterministic finite automata using a matrix encoding scheme with a limited zero-testing algorithm. We construct the matrix encoding scheme by extending an existing matrix FHE scheme. Using obfuscated DFAs we can for example evaluate secret regular expressions or disjunctive normal forms on public inputs. In particular, the possibility of evaluating regular expressions solves the open problem of obfuscated substring matching.

Side-channel attacks exploit information that is leaked from hardware. The differential power analysis (DPA) attack aims at extracting sensitive information that is processed by the operations in a cryptographic primitive. Power traces are collected and subsequently processed using statistical methods. The ChipWhisperer Nano is a low-cost, open-source device that can be used to implement and study side-channel attacks. This paper describes how the DPA attack with the difference of means method can be used to extract the secret key from both an 8-bit and a 32-bit implementation of AES using the ChipWhisperer Nano. The results show that although it is possible to carry out the attack on both implementations, the attack on the 32-bit implementation requires more traces than the 8-bit implementation.

In 2019, Gu Chunsheng introduced Integer-RLWE, a variant of RLWE devoid of some of its efficiency flaws. Most notably, he proposes a setting where $n$ can be an arbitrary positive integer, contrarily to the typical construction $n = 2^k$. In this paper, we analyze the new problem and implement the classical meet-in-the-middle and lattice-based attacks. We then use the peculiarity of the construction of $n$ to build an improved lattice-based attack in cases where $n$ is composite with an odd divisor. For example, for parameters $n = 2000$ and $q = 2^{33}$, we reduce the estimated complexity of the attack from $2^{288}$ to $2^{164}$. We also present reproducible experiments confirming our theoretical results.

CSIDH is an isogeny-based post-quantum key establishment protocol proposed in 2018. In this work, we analyze attacking implementations of CSIDH which use dummy isogeny operations using fault injections from a mathematical perspective. We detail an attack by which the private key can be learned by the attacker up to sign with absolute certainty using $\sum \lceil \log_2(b_i) + 1 \rceil$ fault attacks on pairwise distinct group action evaluations under the same private key under ideal conditions using a binary search approach, where $\vec{b}$ is the bound vector defining the keyspace. As a countermeasure to this attack, we propose randomly mixing the real degree $\ell_j$ isogenies together with the dummy ones by means of a binary decision vector. To evaluate the efficacy of this countermeasure, we formulate a probability-based attack on this randomized scheme using a maximum likelihood approach and simulate the attack using 6 bound vectors used in previous CSIDH implementations. We found that the number of attacks required under our model to reach just 1% certainty about the key increased by a factor between 8--12 over the standard approach in the setting of signed private keys and a factor between 28--45 using non-negative private keys, depending on $\vec{b}$. We derive theoretical upper bounds on the number of attacks required to reach a specified certainty threshold about the key under our model. Based on our data and the minimal additional overhead required, we recommend all future implementations of CSIDH to employ a randomized decision vector approach. Finally since our model assumes fault attacks provide no information on the sign of the key, we use a technique based on Gray codes to optimize the standard meet-in-the-middle attack for learning the sign of the key values once their magnitudes have been learned through fault attacks. We estimate that, on average, this optimized technique uses approximately 88% fewer field-multiplication-equivalent operations over the standard approach.

Event date: 3 May to 6 May 2021
Submission deadline: 4 December 2020
Notification: 19 February 2021

Event date: 5 November to 6 November 2020
Submission deadline: 10 September 2020
Notification: 26 October 2020

Event date: 3 September to 4 September 2020