IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
16 August 2021
Alexander Golovnev, Jonathan Lee, Srinath Setty, Justin Thaler, Riad S. Wahby
To design Brakedown, we observe that recent work of Bootle, Chiesa, and Groth (BCG, TCC 2020) provides a polynomial commitment scheme that, when combined with the linear-time interactive proof system of Spartan (CRYPTO 2020), yields linear-time IOPs and SNARKs for R1CS (a similar theoretical result was previously established by BCG, but our approach is conceptually simpler, and crucial for achieving high-speed SNARKs). A core ingredient in the polynomial commitment scheme that we distill from BCG is a linear-time encodable code. Existing constructions of such codes are believed to be impractical. Nonetheless, we design and engineer a new one that is practical in our context.
We also implement a variant of Brakedown that uses Reed-Solomon codes instead of our linear-time encodable codes; we refer to this variant as Shockwave. Shockwave is not a linear-time SNARK, but it provides shorter proofs and lower verification times than Brakedown (it also provides a faster prover than prior plausibly post-quantum SNARKs).
As a modest additional contribution, we observe that one can render the aforementioned SNARK zero knowledge and reduce the proof size and verifier time from $O(\sqrt{N})$ to $polylog(N)$---while maintaining a linear-time prover---by outsourcing the verifiers work via one layer of proof composition with an existing zkSNARK as the "outer" proof system.
Divesh Aggarwal, Bhavana Kanukurthi, Sai Lakshmi Bhavana Obbattu, Maciej Obremski, Sruthi Sekar
Meltem Sonmez Turan, Rene Peralta
Ryan Lehmkuhl, Pratyush Mishra, Akshayaram Srinivasan, Raluca Ada Popa
Motivated by the severity of our attack, we design and implement MUSE, an efficient two-party secure inference protocol resilient to malicious clients. MUSE introduces a novel cryptographic protocol for conditional disclosure of secrets to switch between authenticated additive secret shares and garbled circuit labels, and an improved Beaver's triple generation procedure which is 8x-12.5x faster than existing techniques.
These protocols allow MUSE to push a majority of its cryptographic overhead into a preprocessing phase: compared to the equivalent semi-honest protocol (which is close to state-of-the-art), MUSE's online phase is only 1.7x-2.2x slower and uses 1.4x more communication. Overall, MUSE is 13.4x-21x faster and uses 2x-3.6x less communication than existing secure inference protocols which defend against malicious clients.
Neyman's Smoothness Test: a Trade-off between Moment-based and Distribution-based Leakage Detections
Si Gao, Elisabeth Oswald, Yan Yan
Mario Barbara, Lorenzo Grassi, Dmitry Khovratovich, Reinhard Lueftenegger, Christian Rechberger, Markus Schofnegger, Roman Walch
Akinori Kawachi, Maki Yoshida
We consider bounds for the optimal length $\rho$ of the common random string among $k$ parties (or, {\it randomness complexity}) in PSM and CDS protocols with perfect and statistical privacy through combinatorial and entropic arguments. ($i$) We provide general connections from the optimal total length $\lambda = \sum_{i\in[k]}\lambda_i$ of the messages (or, {\it communication complexity}) to the randomness complexity $\rho$. ($ii$) We also prove randomness lower bounds in PSM and CDS protocols for general functions. ($iii$) We further prove randomness lower bounds for several important explicit functions. They contain the following results: For PSM protocols with perfect privacy, we prove $\rho\ge \lambda-1$ and $\rho\le \lambda$ as the general connection. To prove the upper bound, we provide a new technique for randomness sparsification for {\it perfect}\/ privacy, which would be of independent interest. From the general connection, we prove $\rho\ge 2^{(k-1)n}-1$ for a general function $f:(\{0,1\}^n)^k\rightarrow\{0,1\}$ under universal reconstruction, in which $P_0$ is independent of $f$. This implies that the Feige-Killian-Naor protocol for a general function [Proc.~STOC '94, pp.554--563]\ is optimal with respect to randomness complexity. We also provide a randomness lower bound $\rho> kn-2$ for a generalized inner product function. This implies the optimality of the $2$-party PSM protocol for the inner-product function of Liu, Vaikuntanathan, and Wee [Proc.~CRYPTO 2017, pp.758--790]. For CDS protocols with perfect privacy, we show $\rho\ge\lambda-\sigma$ and $\rho\le\lambda$ as the general connection by similar arguments to those for PSM protocols, where $\sigma$ is the length of secrets. We also obtain randomness lower bounds $\rho\ge (k-1)\sigma$ for XOR, AND, and generalized inner product functions. These imply the optimality of Applebaum and Arkis's $k$-party CDS protocol for a general function [Proc. TCC 2018, pp.317--344]\ up to a constant factor in a large $k$.
Pyrros Chaidos, Vladislav Gelfer
Confidential assets is a mechanism that allows multiple currencies to co-exist in the same ledger and (optionally) enables transactions to be conducted without disclosing the currency.
Finally, we also describe how we can use Bulletproof coloring to enable offline payments, thus addressing one of the original shortcomings of Mimblewimble.
Seny Kamara, Abdelkarim Kati, Tarik Moataz, Thomas Schneider, Amos Treiber, Michael Yonli
In this work, we address the main limitations of leakage cryptanalysis. First, we design and implement an open-source framework called LEAKER that can evaluate the major leakage attacks against a given dataset and can serve as a common leakage analysis reference for the community. We identify new real-world datasets that capture different use cases for ESAs and, for the first time, include real-world user queries. Finally, we use LEAKER to evaluate known attacks on our datasets to assess their practical risks and gain insights about the properties that increase or diminish their accuracy.
Dmitrii Koshelev
Jung Hee Cheon, Keewoo Lee
Sacha Servan-Schreiber, Kyle Hogan, Srinivas Devadas
AdVeil additionally supports private metrics for ad interactions, allowing the ad network to correctly charge advertisers and pay websites for publishing ads. This is done without the ad network learning which user interacted with an ad, only that some honest user did. AdVeil achieves this using an anonymizing proxy (e.g., Tor) to transit batched user reports along with unlinkable anonymous tokens with metadata to certify the authenticity of each report.
We build a prototype implementation of AdVeil which we evaluate on a range of parameters to demonstrate the applicability of AdVeil to a real-world deployment. Our evaluation shows that AdVeil scales to ad networks with millions of ads, using state-of-the-art single-server private information retrieval. A selection of ads from a database of 1 million ads can be targeted to a user in approximately 10 seconds with a single 32-core server, and can be parallelized further with more servers. Targeting is performed out-of-band (e.g., on a weekly basis) while ad delivery happens in real time as users browse the web. Verifying report validity (for fraud prevention) requires less than 300 microseconds of server computation per report.
Bruno Sterner
Ben Marshall, Daniel Page, Thinh Hung Pham
15 August 2021
Simula UiB, Bergen, Norway
Simula UiB is a research center owned by Simula Research Laboratory and the University of Bergen. The goal of Simula UiB is to increase the security expertise in Norway through research and education. For further details, see our webpage http://simula-uib.com.
We have a solid background in coding, information theory, communication theory, and many related areas. Currently, our research focus includes various topics in private information retrieval (PIR), private computation (PC), coding for property testing, coding for zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs), and privacy-preserving technologies in general. We are looking for a candidate with a solid background within one/several of these research areas and algebraic coding theory.
We are also looking for interested candidates who:
Simula UiB Offers:
Closing date for applications:
Contact:
More information: https://www.simula.no/about/job/post-doctoral-position-coding-and-information-theory
University of Warsaw
Closing date for applications:
Contact: Stefan Dziembowski
More information: https://www.crypto.edu.pl/post-doc
11 August 2021
Details here: https://csrc.nist.gov/projects/threshold-cryptography
Consider also joining the TC forum: https://csrc.nist.gov/projects/threshold-cryptography/email-list
06 August 2021
EPFL
Postdocs run their own research and are expected to interact with PhD students and to contribute to the lab projects. Our lab is active in cryptographic designs and analysis. fundamental and applied cryptography, security and privacy, and biometric systems.
EPFL is a top-ranked academic institute. It is located in beautiful Switzerland. We offer good environment and conditions.
Closing date for applications:
Contact: Serge Vaudenay <job_lasec@epfl.ch>
Please submit your detailed cv, list of publications, motivation, references, and availability.
More information: https://lasec.epfl.ch
Fujitsu Research, Sunnyvale CA
Fujitsu is hiring research engineers for our research lab based out of Sunnyvale, CA. We are looking for skilled developers with a research background who enjoy building systems and helping to write academic papers about them. This job will have a large open-source component, so someone who is comfortable working in the open-source space would be an ideal candidate. The role offers flexible office time with the potential to work from home for a large fraction of your time.
Job Responsibilities:- Design and develop secure blockchain and blockchain-based systems, and write academic papers about them when possible.
- Assist in the creation and maintenance of blockchain open-source projects, and help with research projects based on them. Engage and participate in the open-source blockchain community.
- Help developers build your research systems into production-ready systems.
- Collaborate with researchers both within and outside of Fujitsu to work towards building cutting-edge systems.
- A master’s degree in computer science or a related field, or relevant experience in research and development
- Some track record of research publications. We don’t expect you to publish every year in top venues, but we do want evidence of familiarity with research.
- Experience in open-source development, or a willingness to learn.
Closing date for applications:
Contact: Hart Montgomery (hmontgomery@fujitsu.com)
Fujitsu Research, Sunnyvale CA
Fujitsu is hiring strong cryptographic researchers for our research lab based out of Sunnyvale, CA. We are looking for researchers who can successfully publish in top venues, collaborate with others in industry and academia, and evangelize cryptography and security within Fujitsu. The role offers flexible office time (including the potential to mostly work from home) and could be fully remote for exceptionally strong candidates.
Job Responsibilities:- Conduct research in cryptography and related fields (i.e. distributed systems, security, and general theory) and publish it in top conferences. While researchers have wide latitude to work on whatever problems they deem interesting in the field, we do expect that at least some portion of research time will be spent on problems that are more relevant to Fujitsu’s business.
- Collaborate with others in both academia and industry on exciting research problems. Promote Fujitsu as a leader in the field of cryptography and computer security.
- Contribute to new Fujitsu technologies and IP, and help research engineers and developers shepherd the “practical” portion of your research into new business offerings.
- Ph.D. in computer science or a related field.
- A strong track record of publishing in top conferences in cryptography and related fields.
- A vision for the future direction of your research and ideas for how it can be impactful both academically and on Fujitsu’s business.
Closing date for applications:
Contact: Hart Montgomery (hmontgomery@fujitsu.com)