International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News

Here you can see all recent updates to the IACR webpage. These updates are also available:

email icon
via email
RSS symbol icon
via RSS feed

10 November 2020

Elisa Gorla, Daniela Mueller, Christophe Petit
ePrint Report ePrint Report
We give upper bounds for the solving degree and the last fall degree of the polynomial system associated to the HFE (Hidden Field Equations) cryptosystem. Our bounds improve the known bounds for this type of systems. We also present new results on the connection between the solving degree and the last fall degree and prove that, in some cases, the solving degree is independent of coordinate changes.
Expand
M. Bigdeli, E. De Negri, M. M. Dizdarevic, E. Gorla, R. Minko, S. Tsakou
ePrint Report ePrint Report
The security of multivariate cryptosystems and digital signature schemes relies on the hardness of solving a system of polynomial equations over a finite field. Polynomial system solving is also currently a bottleneck of index-calculus algorithms to solve the elliptic and hyperelliptic curve discrete logarithm problem. The complexity of solving a system of polynomial equations is closely related to the cost of computing Gr{\"o}bner bases, since computing the solutions of a polynomial system can be reduced to finding a lexicographic Gr{\"o}bner basis for the ideal generated by the equations. Several algorithms for computing such bases exist: We consider those based on repeated Gaussian elimination of Macaulay matrices. In this paper, we analyze the case of random systems, where random systems means either semi-regular systems, or quadratic systems in $n$ variables which contain a regular sequence of $n$ polynomials. We provide explicit formulae for bounds on the solving degree of semi-regular systems with $m>n$ equations in $n$ variables, for equations of arbitrary degrees for $m=n+1$, and for any $m$ for systems of quadratic or cubic polynomials. In the appendix, we provide a table of bounds for the solving degree of semi-regular systems of $m=n+k$ quadratic equations in $n$ variables for $2\leq k,n\leq 100$ and online we provide the values of the bounds for $2\leq k,n\leq 500$. For quadratic systems which contain a regular sequence of $n$ polynomials, we argue that the Eisenbud-Green-Harris conjecture, if true, provides a sharp bound for their solving degree, which we compute explicitly.
Expand
Akiko Inoue, Kazuhiko Minematsu, Maya Oda, Rei Ueno, Naofumi Homma
ePrint Report ePrint Report
Memory encryption with an authentication tree has received significant attentions due to the increasing threats of active attacks and the widespread use of non-volatile memories. It is also gradually deployed to real-world systems, as shown by SGX available in Intel processors. The topic of memory encryption has been recently extensively studied, most actively from the viewpoint of system architecture. In this paper, we study the topic from the viewpoint of provable secure symmetric-key designs, with a primal focus on latency which is an important criterion for memory. A progress in such a direction can be observed in the memory encryption scheme inside SGX (SGX integrity tree or SIT). It uses dedicated, low-latency symmetric-key components, i.e., a message authentication code (MAC) and an authenticated encryption (AE) scheme based on AES-GCM. SIT has an excellent latency, however, it has a scalability issue for its on-chip memory size. By carefully examining the required behavior of MAC and AE schemes and their interactions in the tree operations, we develop a new memory encryption scheme called ELM. It consists of fully-parallelizable, low-latency MAC and AE schemes and utilizes an incremental property of the MAC. Our AE scheme is similar to OCB, however it improves OCB in terms of decryption latency. To showcase the effectiveness, we consider instantiations of ELM using the same cryptographic cores as SIT, and show that ELM has significantly lower latency than SIT for large memories. We also conducted preliminary hardware implementations to show that the total implementation size is comparable to SIT.
Expand
Graz University of Technology, Graz, Austria
Job Posting Job Posting
We are looking for a candidate with proven scientific expertise in the field of Security & Privacy. The following areas are of particular interest:

  • Formal Methods and Security
  • Privacy Technologies
  • Systems Security
  • Usable Security & Privacy
The successful candidate will cover one of these fields or any other field in security & privacy that complements the existing strengths in the department.

The professorship will be part of the Institute of Applied Information Processing and Communications, which is an internationally visible research environment with more than 60 researchers in information security. The institute collaborates closely with research groups and industry partners around the globe. It is a central part of the recently established Cybersecurity Campus Graz, which unites basic research, education, technology transfer, and industry partners in cybersecurity all under one roof.

The new professor will build an internationally visible group, and will be an engaged teacher in the Computer Science programs at the Bachelor’s, Master’s, and PhD level. At Graz University of Technology, undergraduate courses are taught in German or English and graduate courses are taught in English. For further question, please contact Stefan Mangard / stefan.mangard@iaik.tugraz.at

The application should be sent to the Dean of the Department of Computer Science and Biomedical Engineering at applications.csbme@tugraz.at until 26.11.2020 referencing to 7050/20/035

Closing date for applications:

Contact: Prof. Stefan Mangard - stefan.mangard@iaik.tugraz.at

More information: https://www.tugraz.at/fakultaeten/csbme/news/jobs-grants-calls/tenure-track-professor-in-security-and-privacy/

Expand

09 November 2020

Grenada, Grenada, 5 March 2021
Event Calendar Event Calendar
Event date: 5 March 2021
Submission deadline: 10 January 2021
Notification: 10 January 2021
Expand
Paris, France, 4 November - 6 November 2020
Event Calendar Event Calendar
Event date: 4 November to 6 November 2020
Expand
University of Bristol
Job Posting Job Posting

Within the Department of Computer Science at the University of Bristol, the Cryptography research group fosters an internationally leading and inter-disciplinary programme of research; current and previous work spans the full range theoretical and practical aspects relating to cryptography, applied cryptography, and cryptographic engineering.

This post represents an exciting opportunity to join the group as part of the SCARV [1] project, which in turn forms part of the NCSC-supported [2] Research Institute in Hardware Security & Embedded Systems (RISE). You will work at the intersection of computer architecture and cryptography, in collaboration with industrial (i.e., Cerberus Security Labs. and Thales) and academic partners, to deliver more efficient, more secure platforms based on RISC-V. Given the project goals, a strong background in micro-processor design and implementation, and/or implementation (e.g., side-channel) attacks on cryptography is therefore desirable.

[1] https://gow.epsrc.ac.uk/NGBOViewGrant.aspx?GrantRef=EP/R012288/1, http://github.com/scarv
[2] https://www.ncsc.gov.uk/information/research-institutes

Closing date for applications:

Contact: Dr. Daniel Page (csdsp@bristol.ac.uk): ref. job ID ACAD104784

More information: https://www.bristol.ac.uk/jobs/find/details/?jobId=200210

Expand
University of Bristol
Job Posting Job Posting

Within the Department of Computer Science at the University of Bristol, the Cryptography research group fosters an internationally leading and inter-disciplinary programme of research; current and previous work spans the full range theoretical and practical aspects relating to cryptography, applied cryptography, and cryptographic engineering.

This post represents an exciting opportunity to join the group as part of the SIPP [1] project: as part of the EPSRC center-to-center programme, SIPP is a collaborative effort between the 5 UK-based core project partners within the NCSC-supported [2] Research Institute in Hardware Security & Embedded Systems (RISE) and partners in Singapore. Within SIPP, the University of Bristol leads a work package of activity at the intersection of cryptographic and energy efficient engineering. For example, the work package will explore how energy efficiency constraints can be satisfied by (secure) cryptographic designs and implementations, and, on the other hand, how energy efficient technologies can impact on security in a positive or negative way. Given this remit, a strong background in micro-processor design and implementation, and/or analysis and design of energy efficient technologies, and/or implementation (e.g., side-channel) attacks on cryptography is therefore desirable.

[1] https://gow.epsrc.ukri.org/NGBOViewGrant.aspx?GrantRef=EP/S030867/1
[2] https://www.ncsc.gov.uk/information/research-institutes

Closing date for applications:

Contact: Dr. Daniel Page (csdsp@bristol.ac.uk): ref. job ID ACAD104782

More information: https://www.bristol.ac.uk/jobs/find/details/?jobId=200210

Expand

06 November 2020

Max Planck Institutes in Computer Science, Germany
Job Posting Job Posting

The Max Planck Institutes for Informatics (Saarbruecken), Software Systems (Saarbruecken and Kaiserslautern), and Security and Privacy (Bochum), invite applications for tenure-track faculty in all areas of computer science. We expect to fill several positions.

A doctoral degree in computer science or related areas and an outstanding research record are required. Successful candidates are expected to build a team and pursue a highly visible research agenda, both independently and in collaboration with other groups.

The institutes are part of a network of over 80 Max Planck Institutes, Germany’s premier basic-research organisations. MPIs have an established record of world-class, foundational research in the sciences, technology, and the humanities. The institutes offer a unique environment that combines the best aspects of a university department and a research laboratory: Faculty enjoy full academic freedom, lead a team of doctoral students and post-docs, and have the opportunity to teach university courses; at the same time, they enjoy ongoing institutional funding in addition to third-party funds, a technical infrastructure unrivaled for an academic institution, as well as internationally competitive compensation.

We maintain an international and diverse work environment and seek applications from outstanding researchers worldwide. The working language is English; knowledge of the German language is not required for a successful career at the institutes.

Qualified candidates should apply on our application website (apply.cis.mpg.de). To receive full consideration, applications should be received by December 15th, 2020.

The Max Planck Society wishes to increase the number of women in those areas where they are underrepresented. Women are therefore explicitly encouraged to apply. The Max Planck Society is also committed to increasing the number of employees with severe disabilities in its workforce. Applications from persons with severe disabilities are expressly desired.

Closing date for applications:

Contact: Catalin Hritcu

More information: https://www.cis.mpg.de/tenure-track-openings-at-max-planck-institutes-in-computer-science

Expand
University of Rochester, Rochester, NY
Job Posting Job Posting
The Computer Science Department at the University of Rochester (http://www.cs.rochester.edu) seeks applicants for tenure-track faculty positions. We are particularly eager to hire in theory, security/privacy/cryptography, quantum computing, data management, natural language processing, and machine learning, but candidates in all areas of computer science and at any level of seniority are encouraged to apply: we are always on the lookout for unique opportunities and synergies.

Candidates must have (or be about to receive) a doctorate in computer science or a related discipline. Applications should be submitted online (at https://www.rochester.edu/faculty-recruiting/login) no later than January 1, 2021, for full consideration; submissions beyond this date risk being overlooked due to limited interview slots.

Closing date for applications:

Contact: Muthu Venkitasubramaniam

More information: https://www.rochester.edu/faculty-recruiting/positions/show/10942

Expand

02 November 2020

Temasek Labs, Nanyang Technological University, Singapore
Job Posting Job Posting

Physical Analysis and Cryptographic Engineering (PACE) is research group under Temasek Laboratories, NTU, Singapore. As a group of dynamic researchers, the main focus of PACE is to explore advanced aspects of embedded security.

PACE group is seeking applications for a motivated researcher in the area of embedded and mobile security. The successful candidate will work with experienced researchers to explore new security vulnerabilities in commercial products like smartphones and IoT, with a focus on secure boot.

We are looking for a candidate who meets the following requirements:

  • Have already completed, or be close to completing a PhD degree in mathematics, computer science, electrical engineering, or related disciplines, with strong track record in research and development (publications in international journals and conferences). Master degree with relevant research experience can be considered.
  • Experienced in security evaluation and have understanding of crypto- graphic algorithms (symmetric and asymmetric). Coding background in C/Java/Assembly/Python/VHDL for analysis is required.
  • Has experience in working with embedded/IoT devices or android devices for vulnerability assessment.
  • Has previous lab experience in developing prototypes, FPGA design, manipulating oscilloscopes, writing device drivers and communication interfaces, which are used in analysis of implemented designs.
  • Knowledge of side-channel or fault attacks is a plus.
  • Fluent in written and spoken English
  • Creative, curious, self-motivated and a team player with good analyti- cal and problem-solving skills.

You will be joining a dynamic group performing research on embedded security, specific to physical attacks. This position is available from December 2020. The initial contract will be one year. There are strong possibilities for extensions upon successful performance. TL offers competitive salary package plus other benefits.

Closing date for applications:

Contact:

Dr. Shivam Bhasin

Programme Manager

sbhasin (at) ntu.edu.sg

Expand
Palaiseau, France, 3 November - 4 November 2020
Event Calendar Event Calendar
Event date: 3 November to 4 November 2020
Expand
Paris, France, 6 September - 10 December 2021
Event Calendar Event Calendar
Event date: 6 September to 10 December 2021
Expand
University of Warsaw
Job Posting Job Posting
The positions are available within a recently funded project ERC Advanced Grant “PROCONTRA: Smart-Contract Protocols: Theory for Applications” (see here for more). The project is led by Stefan Dziembowski. ​

We offer:

  • very interesting research problems (ranging from theory of cryptography to more applied topics),
  • membership in an active and vibrant research team with several international collaborators,
  • budget for conference travel and research visits,
  • attractive salary: approximately 6,500 PLN per month (gross), and
  • an employment contract.
The ideal candidates should have an MSc degree in computer science or mathematics from a leading university and have a good background in probability theory, computational complexity, algebra, and number theory. The knowledge of cryptography, information theory, and game theory is a significant plus, but is not a prerequisite. The candidates must be fluent in written and spoken English. ​

Other details:

  • Starting date: January 2021
  • Duration: 2 years

The successful candidates will have to enroll in the PhD program at the University of Warsaw (Poland).

Application deadline: Dec 2nd, 2020.

To apply please follow this link: https://www.crypto.edu.pl/research-assistants.

Closing date for applications:

Contact: Stefan Dziembowski

More information: https://www.crypto.edu.pl/research-assistants

Expand
Mohammed VI Polytechnic University (UM6P), Benguerir. Morroco
Job Posting Job Posting

Located at the heart of the future Green City of Benguerir, Mohammed VI Polytechnic University (UM6P), a higher education institution with an international standard, is established to serve Morocco and the African continent. Its vision is honed around research and innovation at the service of education and development. This unique nascent university, with its state-of-the-art campus and infrastructure, has woven a sound academic and research network, and its recruitment process is seeking high quality academics and professionals in order to boost its quality-oriented research environment in the metropolitan area of Marrakech.

The School of Computer and Communication Sciences at Mohammed VI Polytechnic University (UM6P), Benguerir, Morocco is currently looking for motivated and talented Postdoctoral researchers in the area of applied cryptography, and Information security. The successful candidates will primarily be working on the following topics (but not limited to):

  • Blockchains and Cryptocurrencies
  • Secure Multi Party Computation

The ideal candidates should have a PhD degree in cryptography (or related field) from a leading university, and a proven record of publications in top cryptography/security/TCS venues. We offer competitive salary (the net salary per month is 2000 USD), a budget for conference travel and research visit, and membership in a young and vibrant team with several international contacts (for more see: https://www.um6p.ma/en).

Submit your application via email including

  • full CV,
  • sample publications,
  • a detailed research proposal,
  • and 2-3 reference letters sent directly by the referees.
There is no specific deadline for this call, but we will start looking at the applications from Oct 15th, 2020.

Closing date for applications:

Contact: Assoc. Prof. Mustapha Hedabou (mustapha.hedabou@um6p.ma) https://career2.successfactors.eu/sfcareer/jobreqcareer?jobId=1339&company=ump

More information: https://career2.successfactors.eu/sfcareer/jobreqcareer?jobId=1339&company=ump

Expand
Quebec City, Canada, 6 December - 10 December 2021
Event Calendar Event Calendar
Event date: 6 December to 10 December 2021
Submission deadline: 1 December 2020
Notification: 28 February 2021
Expand
Clément Hoffmann, Pierrick Méaux, Thomas Ricosset
ePrint Report ePrint Report
Improved filter permutators are designed to build stream ciphers that can be efficiently evaluated homomorphically. So far the transciphering with such ciphers has been implemented with homomorphic schemes from the second generation. In theory the third generation is more adapted for the particular design of these ciphers. In this article we study how suitable it is in practice. We implement the transciphering of different instances of the stream cipher family FiLIP with homomorphic encryption schemes of the third generation using the TFHE library. We focus on two kinds of filter for FiLIP. First we consider the direct sum of monomials, already evaluated using HElib and we show the improvements on these results. Then we focus on the XOR-threshold filter, we develop strategies to efficiently evaluate any symmetric Boolean function in an homomorphic way, allowing us to give the first timings for such filters. We investigate different approaches for the homomorphic evaluation: using the leveled homomorphic scheme TGSW, an hybrid approach combining TGSW and TLWE schemes, and the gate boostrapping approach. We discuss the costs in time and memory and the impact on delegation of computation of these different approaches, and we perform a comparison with others transciphering schemes.
Expand
Chan Fan, Xiaolei Dong, Zhenfu Cao, Jiachen Shen
ePrint Report ePrint Report
Searchable Symmetric Encryption(SSE) remains to be one of the hot topics in the field of cloud storage technology. However, malicious servers may return incorrect search results intentionally, which will bring significant security risks to users. Therefore, verifiable searchable encryption emerged. In the meantime, single-keyword query limits the applications of searchable encryption. Accordingly, more expressive searchable encryption schemes are desirable. In this paper, we propose a verifiable conjunctive keyword search scheme based on Cuckoo filter (VCKSCF), which significantly reduces verification and storage overhead. Security analysis indicates that the proposed scheme achieves security in the face of indistinguishability under chosen keyword attack and the unforgeability of proofs and search tokens. Meanwhile, the experimental evaluation demonstrates that it achieves preferable performance in real-world settings.
Expand
Divesh Aggarwal, Maciej Obremski, João Ribeiro, Mark Simkin, Luisa Siniscalchi
ePrint Report ePrint Report
We study two-source non-malleable extractors, which extract randomness from weak sources even when an adversary is allowed to learn the output of the extractor on correlated inputs. First, we study consequences of improving the best known constructions of such objects. We show that even small improvements to these constructions lead to explicit low-error two-source extractors for very low linear min-entropy, a longstanding open problem in pseudorandomness. Moreover, we show the resulting extractor can be made non-malleable for samplable sources in the computational CRS model introduced by Garg, Kalai, and Khurana (Eurocrypt 2020) under standard hardness assumptions, against an unbounded distinguisher. Remarkably, previous constructions of similar extractors require much stronger assumptions.

To complement the above, we study unconditional explicit constructions of computational two-source non-malleable extractors for samplable sources in the CRS model with significantly better parameters than their information-theoretic counterparts by exploiting stronger hardness assumptions. Under a quasipolynomial hardness assumption, we achieve security against bounded distinguishers, while assuming the existence of nearly optimal collision-resistant hash functions allows us to achieve security against unbounded distinguishers.

Finally, we introduce the setting of privacy amplification resilient against memory-tampering active adversaries. Here, we aim to design privacy amplification protocols that are resilient against an active adversary that can additionally choose one honest party at will and arbitrarily corrupt its memory (i.e., its shared secret and randomness tape) before the execution of the protocol. We show how to design such protocols using two-source non-malleable extractors.
Expand
Daniel J. Bernstein
ePrint Report ePrint Report
This paper presents an attack against common procedures for comparing the size-security tradeoffs of proposed cryptosystems. The attack begins with size-security tradeoff data, and then manipulates the presentation of the data in a way that favors a proposal selected by the attacker, while maintaining plausible deniability for the attacker.

As concrete examples, this paper shows two manipulated comparisons of size-security tradeoffs of lattice-based encryption proposals submitted to the NIST Post-Quantum Cryptography Standardization Project. One of these manipulated comparisons appears to match public claims made by NIST, while the other does not, and the underlying facts do not. This raises the question of whether NIST has been subjected to this attack.

This paper also considers a weak defense and a strong defense that can be applied by standards-development organizations and by other people comparing cryptographic algorithms. The weak defense does not protect the integrity of comparisons, although it does force this type of attack to begin early. The strong defense stops this attack.
Expand
◄ Previous Next ►