IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
21 June 2021
Université libre de Bruxelles
Teaching assistants will perform high-quality research under the supervision of one professor from the Department in order to obtain a PhD degree. Possible research topics include any area of cryptography, particularly applied, post-quantum and mathematical cryptography. Cryptography researchers affiliated with ULB include Liran Lerman, Olivier Markowitch, Christophe Petit and Gilles Van Assche
Main requirements:
- master degree in computer science or a cognate discipline
- sufficient knowledge of French to teach at undergraduate level
More information here: http://wwwdev.ulb.ac.be/greffe/files/7311.pdf
For informal inquiries, particularly related to post-quantum and mathematical cryptography, please contact Christophe Petit (first name dot last name at ulb dot be)
Closing date for applications:
Contact: Christophe Petit
More information: http://wwwdev.ulb.ac.be/greffe/files/7311.pdf
Robin Jadoul, Nigel P. Smart, Barry Van Leeuwen
Keita Xagawa, Akira Ito, Rei Ueno, Junko Takahashi, Naofumi Homma
We survey effective key-recovery attacks if we can skip the equality test. We found the existing key-recovery attacks against Kyber, NTRU, Saber, FrodoKEM, HQC, one of two KEM schemes in NTRU Prime, and SIKE. We propose a new key-recovery attack against the other KEM scheme in NTRU Prime. We also report an attack against BIKE that leads to leakage of information of secret keys.
The open-source pqm4 library contains all KEM schemes except Classic McEliece and HQC. We show that giving a single instruction-skipping fault in the decapsulation processes leads to skipping the equality test *virtually* for Kyber, NTRU, Saber, BIKE, and SIKE. We also report the experimental attacks against them. We also report the implementation of NTRU Prime allows chosen-ciphertext attacks freely and the timing side-channel of FrodoKEM reported in Guo, Johansson, and Nilsson (CRYPTO 2020) remains.
Feng Hao
Pasan Tennakoon, Supipi Karunathilaka, Rishikeshan Lavakumar, Janaka Alawatugoda
Luca Mariot, Stjepan Picek, Radinka Yorgova
Xiao Liang, Omkant Pandey
We propose an alternative approach to bypass Rosulek's impossibility result. Instead of asking for a ZK proof directly for the given one-way function $f$, we seek to construct a \textit{new} one-way function $F$ given only black-box access to $f$, \textit{and} an associated ZK protocol for proving non-trivial statements, such as range membership, over its output. We say that $F$, along with its proof system, is a \textit{proof-based} one-way function. We similarly define proof-based versions of other primitives, specifically pseudo-random generators and collision-resistant hash functions.
We show how to construct proof-based versions of each of the primitives mentioned above from their ordinary counterparts under mild but necessary restrictions over the input. More specifically,
- We first show that if the prover entirely chooses the input, then proof-based pseudo-random generators cannot be constructed from ordinary ones in a black-box manner, thus establishing that some restrictions over the input are necessary.
- We next present black-box constructions handling inputs of the form $(x,r)$ where $r$ is chosen uniformly by the verifier. This is similar to the restrictions in the widely used Goldreich-Levin theorem. The associated ZK proofs support range membership over the output as well as arbitrary predicates over prefixes of the input.
Our results open up the possibility that general-purpose ZK proofs for relations that require black-box access to the primitives above may be possible in the future without violating their black-box nature by instantiating them using proof-based primitives instead of ordinary ones.
Sen Yuan, Milan Shen, Ilya Mironov, Anderson C. A. Nascimento
Vipul Goyal, Antigoni Polychroniadou, Yifan Song
In this work, we construct the first unconditional multi-party computation protocol evaluating a single arithmetic circuit with amortized communication complexity of $O(1)$ elements per gate.
Vipul Goyal, Hanjun Li, Rafail Ostrovsky, Antigoni Polychroniadou, Yifan Song
-- The best known result in the semi-honest setting has been due to Damgard and Nielsen (CRYPTO 2007). Over the last decade, their construction has played an important role in the progress of efficient secure computation. However despite a number of follow-up works, any significant improvements to the basic semi-honest protocol have been hard to come by. We show 33% improvement in communication complexity of this protocol. We show how to generalize this result to the malicious setting, leading to the best known unconditional honest majority MPC with malicious security. -- We focus on the round complexity of the Damgard and Nielsen protocol and improve it by a factor of 2. Our improvement relies on a novel observation relating to an interplay between Damgard and Nielsen multiplication and Beaver triple multiplication. An implementation of our constructions shows an execution run time improvement compared to the state of the art ranging from 30% to 50%.
Cecilia Boschini, Dario Fiore, Elena Pagnin
In detail, we develop formal frameworks for signatures with efficient verification, flexible verification and combinations of the two. Crucially, we regard these as features that may enhance existing constructions. Flexibility is of particular interest as standard verification cannot provide any meaningful information about the validity of a given signature if interrupted in media res. We exhibit generic transformations to realize efficient (and) flexible verification for schemes that involve matrix-vector multiplications among the verification checks. In addition, we present concrete instantiations of efficient (and) flexible verification for Rainbow [ACNS05] (as representative of schemes based on multivariate quadratic equations), MP [EC12] and GVW [STOC15] (as representative of lattice-based constructions). Interestingly, we are able to efficiently verify Rainbow signatures using 50% of the original computational cost, and as little as 0.4% for GVW homomorphic signatures, provided a one-time preprocessing and with only negligible impact on security.
Onur Gunlu, Matthieu Bloch, Rafael F. Schaefer
Lars Tebelmann, Ulrich Kühne, Jean-Luc Danger, Michael Pehl
Christof Beierle, Patrick Felke, Gregor Leander
Chitchanok Chuengsatiansup, Eyal Ronen, Gregory G. Rose, Yuval Yarom
Suvadeep Hajra, Sayandeep Saha, Manaar Alam, Debdeep Mukhopadhyay
17 June 2021
Vellore, India, 6 January - 8 January 2022
Submission deadline: 30 September 2021
Notification: 15 December 2021
Rome, Italy, 20 June - 23 June 2022
Submission deadline: 3 September 2021
Notification: 5 January 2021
Aarhus University, Department of Computer Science; Aarhus, Denmark
A fully-funded PhD scholarship is available at the Cryptography and Security Group (https://cs.au.dk/research/cryptography-and-security/) at Aarhus University.
Project description. The PhD candidate will develop new algorithms and implementation techniques to accelerate public-key cryptography in both the classical and postquantum settings. The project includes designing arithmetic algorithms that are friendlier to parallelization, more precise complexity analysis of existing techniques, and aspects of formal verification to ensure correctness and real-world implementation security.
The PhD candidate will also be involved in other educational activities, such as serving as teaching assistant in courses related to his/her expertise.
Qualifications. We are looking for dedicated and enthusiastic applicants, preferably with a Master’s degree in Computer Science/Engineering, Mathematics or related discipline. A BSc. degree with demonstrated research experience is also welcome. A background in cryptography or formal verification is required. Practical experience with software development will be seen as a plus. Further requirements are fluency in English, good reporting/organization skills and being able to work independently.
Application process: You can apply online at https://phd.nat.au.dk/for-applicants/apply-here >Choose August 2021 Call with deadline 1 August 2021 at noon (11.59 AM CEST) and the corresponding project.
Closing date for applications:
Contact: Contact: Diego F. Aranha, Associate Professor of Computer Science, dfaranha (at) cs.au.dk
More information: https://phd.nat.au.dk/for-applicants/apply-here/
16 June 2021
University of Luxembourg
Closing date for applications:
Contact: Alex Biryukov (alex.biryukov@uni.lu)
More information: http://emea3.mrted.ly/2qpcj