IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
20 September 2021
Geoffroy Couteau, Helger Lipmaa, Roberto Parisella, Arne Tobias Ødegaard
ePrint ReportFrancesco Berti, Chun Guo, Thomas Peters, François-Xavier Standaert
ePrint ReportInformation Security Group, Royal Holloway, University of London
Job PostingFull-Time, Permanent
The Information Security Group (ISG) at Royal Holloway is looking to appoint two excellent permanent members of academic staff to contribute to its research and teaching. The applicant should have a high-quality research profile that fits within the wide range of research undertaken by the ISG. Successful applicants must be able to demonstrate enthusiasm for research as well as teaching and communicating with diverse audiences.
The ISG was founded in 1990 and carries out research and teaching at both undergraduate and postgraduate level, with particularly high numbers of master’s students – we are one of the very few academic departments worldwide devoted solely to Information Security, enabling our staff to focus their teaching in this area. Our MSc in Information Security is one of the oldest programmes in the world, having started in 1992 and has a large alumni network with over 4,000 graduates. We have hosted, and continue to host, a series of Centres for Doctoral Training (CDT) in cyber security, which has enabling us to recruit 10 fully funded and first-rate PhD students every year, contributing to a large and vibrant PhD community.
We are involved in a range of inter/multidisciplinary research activities, spanning technology to psychology and social sciences. Our research strengths have continued to generate significant collaborative opportunities from industry and other leading universities.
We are now recruiting academic members of staff who can complement or strengthen our existing research and teaching in Information Security. We are also interested in candidates with interests in broader multidisciplinary research. The successful candidate must hold a PhD or equivalent, and will have a proven research record. Experience in attracting funding, engaging with industry, or contributing to outreach activities will also be valuable.
Closing date for applications:
Contact: Prof. Chris Mitchell c.mitchell@rhul.ac.uk or Prof. Martin Albrecht martin.albrecht@royalholloway.ac.uk
More information: https://jobs.royalholloway.ac.uk/vacancy.aspx?ref=0921-369
Wei Dai
ePrint ReportIn this work, we propose a framework of privacy-preserving and composable DeFi on public-state smart contract platforms. First, we define a cryptographic primitive called a flexible anonymous transaction (FLAX) system with two distinctive features: (1) transactions authenticate additional information known as ``associated data'' and (2) transactions can be applied flexibly via a parameter that is determined at processing time, e.g. during the execution time of smart contracts. Second, we design a privacy-preserving token standard (extending ERC20), which requires read access to the inter-contract call stack and admits composable} usage by other contracts. Third, we demonstrate how the FLAX token standard can realize privacy-preserving variants of the Ethereum DeFi ecosystem of today---we show contract designs for asset pools, decentralized exchanges, and lending, covering the largest DeFi projects to date including Curve, Uniswap, Dai stablecoin, Aave, Compound, and Yearn. Lastly, we provide formal security definitions for FLAX and describe instantiations from existing designs of anonymous payments such as Zerocash, RingCT, Quisquis, and Zether.
Yongge Wang
ePrint ReportTim Beyne
ePrint ReportMyrto Arapinis, Nikolaos Lamprou, Thomas Zacharias
ePrint ReportSeetal Potluri, Shamik Kundu, Akash Kumar, Kanad Basu, Aydin Aysu
ePrint ReportMing Li, Jian Weng∗, Member, IEEE, Yi Li, Yongdong Wu, Jiasi Weng, Dingcheng Li, Robert Deng, Fellow, IEEE
ePrint ReportAndre Esser, Emanuele Bellini
ePrint ReportBenedikt Bünz, Yuncong Hu, Shin'ichiro Matsuo, Elaine Shi
ePrint ReportIn this paper, we show that if one is willing to relax the security notion to $(\epsilon, \delta)$-differential privacy, henceforth also called $(\epsilon, \delta)$-differential anonymity, then, a non-interactive construction exists with subquadratic router computation, also assuming standard hardness assumptions in bilinear groups. Morever, even when $1-1/\poly\log n$ fraction of the senders are corrupt, we can attain strong privacy parameters where $\epsilon = O(1/\poly\log n)$ and $\delta = \negl(n)$.
Santi J. Vives
ePrint ReportDiego Aranha, Mathias Hall-Andersen, Anca Nitulescu, Elena Pagnin, Sophia Yakoubov
ePrint ReportAnonymity is a central feature in threshold ring signature applications, such as whistleblowing, e-voting and privacy-preserving cryptocurrencies: it is often crucial for signers to remain anonymous even from their fellow signers. When the generation of a signature requires interaction, this is difficult to achieve. There exist threshold ring signatures with non-interactive signing - where signers locally produce partial signatures which can then be aggregated - but a limitation of existing threshold ring signature constructions is that all of the signers must agree on the group on whose behalf they are signing, which implicitly assumes some coordination amongst them. The need to agree on a group before generating a signature also prevents others - from outside that group - from endorsing a message by adding their signature to the statement post-factum.
We overcome this limitation by introducing extendability for ring signatures, same-message linkable ring signatures, and threshold ring signatures. Extendability allows an untrusted third party to take a signature, and extend it by enlarging the anonymity set to a larger set. In the extendable threshold ring signature, two signatures on the same message which have been extended to the same anonymity set can then be combined into one signature with a higher threshold. This enhances signers' anonymity, and enables new signers to anonymously support a statement already made by others.
For each of those primitives, we formalize the syntax and provide a meaningful security model which includes different flavors of anonymous extendability. In addition, we present concrete realizations of each primitive and formally prove their security relying on signatures of knowledge and the hardness of the discrete logarithm problem. We also describe a generic transformation to obtain extendable threshold ring signatures from same-message-linkable extendable ring signatures. Finally, we implement and benchmark our constructions.
Xavier Bonnetain, Gaëtan Leurent, María Naya-Plasencia, André Schrottenloher
ePrint ReportIn this paper, we introduce the \emph{quantum linearization attack}, a new way of using Simon's algorithm to target MACs in the superposition query model. Specifically, we use inputs of multiple blocks as an interface to a function hiding a linear structure. Recovering this structure allows to perform forgeries.
We also present some variants of this attack that use other quantum algorithms, which are much less common in quantum symmetric cryptanalysis: Deutsch's, Bernstein-Vazirani's, and Shor's. To the best of our knowledge, this is the first time these algorithms have been used in quantum forgery or key-recovery attacks.
Our attack breaks many parallelizable MACs such as LightMac, PMAC, and numerous variants with (classical) beyond-birthday-bound security (LightMAC+, PMAC) or using tweakable block ciphers (ZMAC). More generally, it shows that constructing parallelizable quantum-secure PRFs might be a challenging task.
Marek Broll, Federico Canale, Gregor Leander, Antonio Flórez Gutiérrez, María Naya-Plasencia
ePrint ReportYu Chen, Qiang Tang, Yuyu Wang
ePrint ReportWe instantiate our generic constructions of (global escrow) HISE and implement all the resulting concrete schemes for 128-bit security. Our schemes have performance that is comparable to the best Cartesian product combined public-key scheme, and exhibit advantages in terms of richer functionality and public key reuse. As a byproduct, we obtain a new global escrow PKE scheme that is $12-30 \times$ faster than the best prior work, which might be of independent interest.
Pantea Kiaei with Tom Conroy with Patrick Schaumont
ePrint ReportPantea Kiaei with Zhenyuan Liu with Ramazan Kaan Eren with Yuan Yao with Patrick Schaumont
ePrint ReportChristian Badertscher, Christian Matt, Hendrik Waldner
ePrint ReportWe introduce an indistinguishability-based privacy notion for PCS and present a generic and modular scheme based on standard building blocks such as signatures, non-interactive zero-knowledge proofs, and a (predicate-only) predicate encryption scheme. We show that it can be instantiated to obtain an efficient scheme that is provably secure under standard pairing-assumptions for a wide range of policies. We further model PCS in UC by describing the goal of PCS as an enhanced ideal signature functionality which gives rise to a simulation-based privacy notion for PCS. We show that our generic scheme achieves this composable security notion under the additional assumption that the underlying predicate encryption scheme satisfies a stronger, fully adaptive, simulation-based attribute-hiding notion.