IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
10 May 2021
Shravan Srinivasan, Alex Chepurnoy, Charalampos Papamanthou, Alin Tomescu, Yupeng Zhang
ePrint ReportAs another added benefit over Merkle trees, Hyperproofs are homomorphic: digests (and proofs) for two vectors can be homomorphically combined into a digest (and proofs) for their sum. Homomorphism is very useful in emerging applications such as stateless cryptocurrencies. First, it enables unstealability, a novel property that incentivizes proof computation. Second, it makes digests and proofs much more convenient to update.
Finally, Hyperproofs have certain limitations: they are not transparent, have linear-sized public parameters, are slower to verify, and have larger aggregated proofs than SNARK-based approaches. Nonetheless, end-to-end, aggregation and verification in Hyperproofs is 10$\times$ to 100$\times$ faster than SNARK-based Merkle trees.
Panagiotis Chatzigiannis, Konstantinos Chalkias
ePrint ReportRami Elkhatib, Reza Azarderakhsh, Mehran Mozaffari-Kermani
ePrint ReportVanesa Daza, Abida Haque, Alessandra Scafuro, Alexandros Zacharakis, Arantxa Zapico
ePrint ReportIn this paper we formally define mutual accountability: a user can be held accountable for her otherwise anonymous digital actions and a manager is held accountable for every de-anonymization attempt; plus, no honest party can be framed -- regardless of what malicious parties do.
Instead of distributing the de-anonymization power across entities, instead, we decouple the power of de-anonymization from the power of monitoring de-anonymization attempts. This allows for greater flexibility, particularly in the choice of the monitoring entities.
We show that our framework can be instantiated generically from threshold encryption schemes and succinct non-interactive zero-knowledge. We also show that the highly-efficient threshold group signature scheme by Camenisch et al.(SCN'20) can be modified and extended to instantiate our framework.
Xuechao Wang, Viswa Virinchi Muppirala, Lei Yang, Sreeram Kannan, Pramod Viswanath
ePrint ReportThe Bitcoin difficulty adjustment rule adjusts the difficulty target of block mining periodically to get a constant mean inter-block time. While superficially simple, the rule has proved itself to be sophisticated and successfully secure, both in practice and in theory [11, 13]. We show that natural adaptations of the Bitcoin adjustment rule to the parallel-chain case open the door to subtle, but catastrophic safety and liveness breaches. We uncover a meta-design principle that allow us to design variable mining difficulty protocols for three popular PoW blockchain proposals (Prism [3], OHIE [26], Fruitchains [21]) inside a common rubric.
The principle has three components: (M1) a pivot chain, based on which blocks in all chains choose difficulty, (M2) a monotonicity condition for referencing pivot chain blocks and (M3) translating additional protocol aspects from using levels (depth) to using difficulty levels. We show that protocols employing a subset of these principles may have catastrophic failures. The security of the designs is also proved using a common rubric the key technical challenge involves analyzing the interaction between the pivot chain and the other chains, as well as bounding the sudden changes in difficulty target experienced in non-pivot chains. We empirically investigate the responsivity of the new mining difficulty rule via simulations based on historical Bitcoin data, and find that the protocol very effectively controls the forking rate across all the chains.
Zhelei Zhou, Xinlei Cao, Jian Liu, Bingsheng Zhang, Kui Ren
ePrint ReportShumo Chu, Danyang Zhuo, Elaine Shi, T-H. Hubert Chan (randomized author ordering)
ePrint ReportIn this paper, we consider the {\tt Join} operator, an important database primitive that has been extensively studied and optimized. Unfortunately, any {\it fully oblivious} {\tt Join} algorithm would require {\it always} padding the result to the {\it worst-case} length which is {\it quadratic} in the data size $N$. In comparison, an insecure baseline incurs only $O(R + N)$ cost where $R$ is the true result length, and in the common case in practice, $R$ is relatively short. As a typical example, when $R = O(N)$, any fully oblivious algorithm must inherently incur a prohibitive, $N$-fold slowdown relative to the insecure baseline. Indeed, the (non-private) database and algorithms literature invariably focuses on studying the {\it instance-specific} rather than {\it worst-case} performance of database algorithms. Unfortunately, the stringent notion of full obliviousness precludes the design of efficient algorithms with non-trivial instance-specific performance.
To overcome this worst-case performance barrier of full obliviousness and enable algorithms with good instance-specific performance, we consider a relaxed notion of access pattern privacy called $(\epsilon, \delta)$-differential obliviousness (DO), originally proposed in the seminal work of Chan et al. (SODA'19). Rather than insisting that the access patterns leak no information whatsoever, the relaxed DO notion requires that the access patterns satisfy $(\epsilon, \delta)$-differential privacy. We show that by adopting the relaxed DO notion, we can obtain efficient database {\tt Join} mechanisms whose instance-specific performance {\it approximately matches} the insecure baseline, while still offering a meaningful notion of privacy to individual users.
Complementing our upper bound results, we also prove new lower bounds regarding the performance of any DO {\tt Join} algorithm.
Differential obliviousness (DO) is a new notion and is a relatively unexplored territory. Following the pioneering investigations by Chan et al. and others, our work is among the very first to formally explore how DO can help overcome the worst-case performance curse of full obliviousness; moreover, we motivate our work with database applications.
Our work shows new evidence why DO might be a promising notion, and opens up several exciting future directions.
Loïc Masure, Rémi Strullu
ePrint ReportJan Peter Drees, Pritha Gupta, Eyke Hüllermeier, Tibor Jager, Alexander Konze, Claudia Priesterjahn, Arunselvan Ramaswamy, Juraj Somorovsky
ePrint ReportCarla Ràfols, Arantxa Zapico
ePrint ReportHidenori Kuwakado, Shoichi Hirose, Masahiro Mambo
ePrint ReportThomas Haines, Johannes Mueller
ePrint ReportIn this work, we propose a generic compiler which can transform any "shuffle-compatible" Sigma-protocol (including, among others, Sigma-protocols for re-randomization, decryption, or key shifting) into a Sigma-protocol for permutations of the underlying relation. The resulting proof of shuffle is black-box, easily implementable, simple to explain, and comes with an acceptable computational overhead over the state-of-the-art. Because we machine-checked our compiler in Coq, the new proof of shuffle is particularly suitable for applications that require a superior level of security assurance (e.g., high-stake elections).
David Heath, Vladimir Kolesnikov
ePrint ReportZK ORAM is essential for proving statements that are best expressed as RAM programs, rather than Boolean or arithmetic circuits.
Our construction is private-coin ZK. We integrate it with [HK20a]s ZK Proof (ZKP) protocol and prove the resulting ZKP system secure.
We implemented PrORAM in C++. Compared to the state-of-the-art BubbleRAM, our PrORAM is $~10\times$ faster for arrays of size $2^{20}$ of $40$-bit values.
Laila El Aimani
ePrint ReportMaxime Plançon, Thomas Prest
ePrint Report09 May 2021
Virtual event, Anywhere on Earth, 6 September 2021
Event CalendarSubmission deadline: 21 May 2021
Notification: 2 July 2021
08 May 2021
Cryptanalysis Taskforce @ Nanyang Technological University, Singapore
Job Posting- tool aided cryptanalysis, such as MILP, CP, STP, and SAT
- machine learning aided cryptanalysis and designs
- privacy-preserving friendly symmetric-key designs
- quantum cryptanalysis
- theory and Proof
- cryptanalysis against SHA-3 and AES
Closing date for applications:
Contact: Asst Prof Jian Guo, guojian@ntu.edu.sg
More information: http://team.crypto.sg
07 May 2021
Friedrich-Alexander-Universität
Job PostingAssistant Professor for Computer Science
at the Department of Computer Science at the Chair for Applied Cryptography. The professorship is to be filled by the earliest possible starting date for an initial period of three years. Upon successful evaluation, the appointment will be extended for another three years.
We seek to appoint a top early-career scientist who will develop outstanding expertise in the field of theoretical and applied cryptography and has excellent scientific expertise within the broad area of cryptography and/or areas of IT security closely related to cryptography. We welcome applications from candidates with research experience in the following topics:
- Efficient proof systems
- Homomorphic cryptography
- Postquantum cryptography
- Cryptography and machine learning
- Anonymity and privacy
- Cryptocurrencies
- Blockchain-based cryptography
Please submit your complete application documents (CV, research/teaching statement, list of publications, list of lectures and courses taught, copies of certificates and degrees, list of third-party funding) online at https://berufungen.fau.de by 21.06.2021.
Closing date for applications:
Contact: Dominique Schröder
More information: https://www.fau.de
Chaincode Labs
Job PostingChaincode Labs is currently seeking a Postdoctoral Researcher with a passion for ensuring privacy and security within Bitcoin and related technologies.
Chaincode Labs is a NYC research and development center focused on open-source contributions, original research, training new engineers, and building implementations of new systems and ideas. Past research efforts have contributed to faster block relay, more reliable fee estimation, more bandwidth-efficient transaction relay, and more (1, 2). Candidates joining Chaincode should expect to make similarly significant contributions.
The person in this role will be expected to focus their research on applied cryptography and their applications in relation to the variety of challenges facing Bitcoin. This individual will disseminate, both internally and externally, the results of research activities through publications, seminar participation, internal documentation, etc. They will be encouraged to publish their findings in top conferences and peer-reviewed journals.
We are a well funded and staffed organization and have the resources to write software and provide critical infrastructure support.
Applicants Can Expect- Competitive compensation
- Excellent health care benefits
- Paid time off
- Retirement savings plans, generous parental leave, and commuter benefits
Closing date for applications:
Contact: Caralie Chrisco
caralie@chaincode.com
More information: http://www.chaincode.com
Xkey, Paris
Job PostingClosing date for applications:
Contact: Houda Ferradi
More information: https://jobs.stationf.co/companies/xkey-1/jobs/principal-software-engineer_paris