IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
15 November 2020
Carsten Baum, Alex J. Malozemoff, Marc Rosen, Peter Scholl
ePrint ReportWe present an interactive zero-knowledge proof system for arithmetic circuits, called Mac'n'Cheese, with a focus on supporting large circuits while using low computational resources. Our work follows the commit-and-prove paradigm instantiated using information-theoretic MACs based on vector oblivious linear evaluation to achieve high efficiency. We additionally show how to optimize disjunctions, with a general OR transformation for proving the disjunction of $m$ statements that has communication complexity proportional to the longest statement (plus an additive term logarithmic in $m$). These disjunctions can further be nested, allowing efficient proofs about complex statements with many levels of disjunctions. We also show how to make Mac'n'Cheese non-interactive (after a preprocessing phase) using the Fiat-Shamir transform, and with only a small degradation in soundness.
We have implemented the non-interactive variant of the online phase of Mac'n'Cheese and can achieve 2.5 $\mu s$ per multiplication gate while requiring a minimal amount of memory: for proving the knowledge of two 512-by-512 matrices that equal some fixed public matrix we require less than 36~MB of memory for both the prover and verifier. We achieve this through a streaming approach which is compatible with our disjunctions over sub-circuits.
Michael Walter
ePrint ReportChen-Da Liu-Zhang, Varun Maram, Ueli Maurer
ePrint ReportThis paper investigates the achievability of broadcast in 'general networks', i.e., networks where only some subsets of minicast channels may be available, thereby addressing open problems posed in [JMS12,Ray15]. To that end, we propose a hierarchy over all possible general adversaries, and identify for each class of general adversaries 1) a set of minicast channels that are necessary to achieve broadcast and 2) a set of minicast channels that are sufficient to achieve broadcast. In particular, this allows us to derive bounds on the amount of $b$-minicasts that are necessary and that suffice towards constructing broadcast in general $b$-minicast networks.
Palash Sarkar
ePrint ReportJohannes Mueller
ePrint ReportIn this paper, we revisit VoteAgain from a security perspective. We show that for each security property, i.e., ballot privacy, verifiability, and coercion-resistance, there exists (at least) one attack which breaks the respective property under the trust assumptions for which the property was claimed to hold true. But our results are even more disillusioning: first, there exists a voting authority in VoteAgain which needs to be trusted for all security properties; second, all voting authorities in VoteAgain need to be trusted for coercion-resistance.
It will be interesting and challenging future work to mitigate, or even remove, these undesirably strong trust assumptions without affecting the usability and superior efficiency of VoteAgain.
Kyoungbae Jang, Hyunjun Kim, Siwoo Eum, Hwajeong Seo
ePrint ReportChen-Dong Ye, Tian Tian
ePrint ReportSyh-Yuan Tan, Thomas Gross
ePrint ReportStéphanie Delaune, Patrick Derbez, Paul Huynh, Marine Minier, Victor Mollimard, Charles Prud'homme
ePrint ReportIn this paper, we compare existing automatic tools to find the best differential characteristic on the SKINNY block cipher. As usually done in the literature, we split this search in two stages denoted by Step 1 and Step 2. In Step 1, each difference variable is abstracted with a Boolean variable and we search for the value that minimizes the trail weight, whereas Step 2 tries to instantiate each difference value while maximizing the overall differential characteristic probability. We model Step 1 using a MILP tool, a SAT tool, an ad-hoc method and a CP tool based on the Choco-solver library and provide performance results. Step 2 is modeled using the Choco-solver as it seems to outperform all previous methods on this stage.
Notably, for SKINNY-128 in the SK model and for 13 rounds, we retrieve the results of Abdelkhalek et al. within a few seconds (to compare with 16 days) and we provide, for the first time, the best differential related-tweakey characteristic up to respectively 14 and 12 rounds for the TK1 and TK2 models.
Beer Sheva, Israel, 8 July - 9 July 2021
Event Calendar14 November 2020
TCC
The conference program and details on how to join can be found at https://tcc.iacr.org/2020/program.php
13 November 2020
University of St. Gallen, Switzerland
Job PostingTopics of research interest include:
- Verifiable computation
- Secure Multi Party Computation
- Privacy-preserving authentication
- Cryptographic primitives
- Publications in top venues in Cryptography and Information Security
- Young researchers who hold a doctorate (PhD) or will complete their doctorate within the next six months
- Young researchers with a completed doctorate (PhD) have been awarded the degree at most two years before 15th of Jan 2021.
Deadline for project proposal: 15th of Jan. 2021
To Apply: Send your cv and research statement to aikaterini.mitrokotsa@unisg.ch with subject ''Post-doc Fellowship'' by the 9th of Dec. 2020
Closing date for applications:
Contact: Katerina Mitrokotsa
CryptoLux Group, University of Luxembourg
Job PostingThe CryptoLux group of the University of Luxembourg has a vacancy for a post-doctoral researcher in the area of symmetric cryptography. The successful candidate will contribute to a research project entitled Analysis and Protection of Lightweight Cryptographic Algorithms (APLICA), which is funded by the Luxembourgish Fonds National de la Recherche and the German Research Foundation. Starting in 2021, APLICA will run over a period of 3 years as a joint research project between the CryptoLux group and the Workgroup for Symmetric Cryptography of Ruhr-University Bochum. The mission of the APLICA project is to develop new cryptanalytic techniques for lightweight authenticated encryption algorithms and hash functions, and to design and implement new countermeasures against side-channel attacks that are suitable for constrained devices.
Candidates must have a Ph.D. degree in symmetric cryptography or a closely related field. Preference will be given to candidates with a strong publication record that includes at least one paper at an IACR conference/workshop or one of the top-4 security conferences. Experience in software development for embedded systems or mounting side-channel attacks is a plus. Candidates with an interest to conduct research in one of the following areas are particularly encouraged to apply:
- Cryptanalysis of authenticated encryption algorithms or hash functions
- Leakage resilience or leakage reduction by design (e.g. modes of operation)
- Security evaluation of leakage-resilient primitives or constructions
The position is available from Jan. 2021 on basis of a fixed-term contract for 3 years. The University of Luxembourg offers excellent working conditions and a highly competitive salary. Interested candidates are invited to send their application by email to Alex Biryukov before Dec. 15, 2020 (early submission is strongly encouraged, applications will be processed upon receipt). The application material should contain a cover letter explaining the candidate's research interests, a CV (incl. photo), a list of publications, scans of diploma certificates, and contact details of 3 references
Closing date for applications:
Contact: Prof. Alex Biryukov (alex.biryukov@uni.lu)
More information: https://www.fnr.lu/projects/analysis-and-protection-of-lightweight-cryptographic-algorithms/
University of Luxembourg
Job PostingArea (potential topics of the thesis)
- Cryptanalysis and design of cryptographic primitives
- Lightweight block ciphers, hash functions, authenticated encryption schemes
- Privacy Enhancing Technology (Tor-like networks, privacy for cryptocurrencies, blockchains)
- Blockchain Cryptography
- White-box cryptography
Starting date 1-Feb-2020 or later upon agreement. Early submission is encouraged; applications will be processed upon receipt.
Closing date for applications:
Contact: Prof. Alex Biryukov
More information: https://www.cryptolux.org/index.php/Vacancies
12 November 2020
University of Luxembourg
Job Posting- Design and cryptanalysis of symmetric cryptographic primitives
- Cryptocurrencies, ZK proofs, blockchain
- Privacy enhancing technologies, Tor, etc
- Side-channel attacks and countermeasures
- White-box cryptography
Your Profile
- A Ph.D. degree in Computer Science, Applied Mathematics or a related field
- Competitive research record in applied cryptography or information security (at least one paper in top 10 IT security conferences or several papers at conferences like ToSC, CHES, PETS, PKC)
- Strong mathematical and algorithmic CS background
- Good development skills in C or C++ and/or scripting languages
- Fluent written and verbal English
We offer
The University offers a two-year employment contract (Ref: F1-070025, OTP code R-STR-8019-00-A), which may be extended up to five years. The University offers highly competitive salaries and is an equal opportunity employer.Closing date for applications:
Contact: Alex Biryukov
More information: https://www.cryptolux.org
UConn, Computer Science and Engineering Dept.
Job PostingClosing date for applications:
Contact: Ghada Almashaqbeh
More information: https://ghadaalmashaqbeh.github.io/
10 November 2020
Zvika Brakerski, Henry Yuen
ePrint ReportIn the classical setting, garbled circuits (and randomized encodings in general) are a versatile cryptographic tool with many applications such as secure multiparty computation, delegated computation, depth-reduction of cryptographic primitives, complexity lower-bounds, and more. However, a quantum analogue for garbling general circuits was not known prior to this work. We hope that our quantum randomized encoding scheme can similarly be useful for applications in quantum computing and cryptography.
To illustrate the usefulness of quantum randomized encoding, we use it to design a conceptually-simple zero-knowledge (ZK) $\Sigma$-protocol for the complexity class QMA. Our protocol has a single-bit challenge, and allows the inputs to be delayed to the last round. The only previously-known ZK $\Sigma$-protocol for QMA is due to Broadbent and Grilo (FOCS 2020), which does not have the aforementioned properties.
Balthazar Bauer, Georg Fuchsbauer, Chen Qian
ePrint ReportIn this paper we first revisit the model for transferable e-cash, proposing simpler yet stronger security definitions and then give the first concrete instantiation of the primitive, basing it on bilinear groups, and analyze its concrete efficiency.