IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
29 October 2021
Hyeonbum Lee, Jae Hong Seo
ePrint ReportXianrui Qin, Cailing Cai, Tsz Hon Yuen
ePrint ReportNext, we give a generic construction of blind ECDSA based on an additive homomorphic encryption and a corresponding zero-knowledge proof. Our concrete instantiation is about 40 times more bandwidth efficient than the blind ECDSA in AsiaCCS 2019.
After that, we give the first formal proof of one-more unforgeability for blind ECDSA, under a new model called algebraic bijective random oracle. The security of our generic blind ECDSA relies on the hardness of a discrete logarithm-based interactive assumption and an assumption of the underlying elliptic curve.
Finally, we analyze the hardness of the ECDSA-ROS problem in the algebraic bijective random oracle model.
Apheris, Berlin, Germany
Job PostingAs a Privacy and Cryptography Engineer at Apheris, your primary focus will be driving development of privacy and cryptographic modules in our product core and push it to customers together with a team of great software engineers and data scientists. You will be working on challenging deep tech projects closely together with customers from various industries with a focus on Healthcare, Pharma and Sustainability. With your engineering expertise, you will be responsible for meeting project and product goals and act accordingly to upcoming bottlenecks. You will design and build new features and enhance our product core with innovative technologies, participate in code reviews, and promote engineering best practices in our tech team. We empower you to be a major contributor to the success of projects, customer’s satisfaction, and the advancement of our product core.
What you will do- Implement privacy and cryptographic modules into our product in a secure, robust and scalable way
- Be a hands-on engineering contributor and promote best practices in our tech team
- Contribute to the writing of scientific whitepapers, Jupyter Notebook tutorials and blog posts about privacy and cryptographic algorithms and their usage in our product
- Contribute to team deliverables following an agile methodology and participate in retrospective sessions to continuously improve the teams’ way of working
- Master or PhD in Computer Science, Mathematics or Cryptography, or equivalent practical experience
- 3 or more years of relevant work experience
- Expert coding skills in Python, including common data science and ML libraries. Further languages are a plus (e.g.,R, C, C++, Go, Rust)
- Solid understanding of privacy technologies and machine learning
- ...
Closing date for applications:
Contact: See link to full text of the job description
More information: https://apheris.jobs.personio.de/job/492987?_pc=222318
Microsoft Research, Redmond, WA
Job PostingThe Cryptography and Privacy Research Group is hiring interns for the summer of 2022. We are seeking strong candidates to work with our renowned researchers on various topics. We are particularly interested in privacy-preserving ML, privacy and transparency techniques for digital identity systems and public key infrastructures, account/identity/password recovery, and web privacy/security, including fraud detection and prevention. We encourage all PhD students with relevant technical background in any of these topics to apply as soon as possible, as we will start interviewing immediately.
For summer internships, we typically work closely with Microsoft product groups (Teams, Edge, to name a few) to bring research ideas to real life. The internships often involve prototyping the research results, so a strong candidate is expected to have some proficiency in programming and interest in working alongside our engineers.
More information and application at https://careers.microsoft.com/us/en/job/1195145/Research-Intern-Privacy-and-Cryptography
Closing date for applications:
Contact: Kim Laine (kim.laine@microsoft.com)
KIT, Karlsruhe, Germany
Job PostingClosing date for applications:
Contact: Thorsten Strufe and Javier Parra-Arnau
More information: https://ps.tm.kit.edu/english/200.php
KIT, Karlsruhe, Germany
Job PostingClosing date for applications:
Contact: Thorsten Strufe
More information: https://ps.tm.kit.edu/english/200.php
27 October 2021
Canterbury, United Kingdom, -
Event CalendarSubmission deadline: 21 March 2022
Notification: 6 June 2022
Giesecke+Devrient Mobile Security GmbH, Munich, Germany
Job PostingG+D Mobile Security is looking for a Cryptography Engineer (m/f/d) for its Cryptology department at its Munich Headquarters as soon as possible
Job description:
- Secure implementation of cryptographic algorithms and security relevant OS components for smart cards in assembler
- Optimization regarding run time and memory consumption
- Design and implementation of countermeasures to defend against hardware related attacks against smart cards
- Analysis of the results of side-channel attacks and derivation of effective countermeasures
- Background in mathematics, computer science or electronic engineering
- Ideally PhD in cryptography or 3+ years experience in cryptography or related area
- Programming skills in assembler for 8/16/32 bit embedded microcontrollers
- Ideally experience in embedded security and side-channel-attacks
- High level of responsibility and exciting projects
- Working in an international security technology company
- Very flexible working hours and home office possibilities
- Wide range of training and further education opportunities
- Attractive family benefits such as a summer holiday camp for children
- Other benefits such as an own sports club and a canteen subsidized by the employer
https://careers.gi-de.com/job/Munich-Kryptologen-%28mfd%29-81677/723297801/
Closing date for applications:
Contact: Dr. Harald Vater (Harald.Vater (at) gi-de.com)
University of the West of England
Job PostingClosing date for applications:
Contact: Essam Ghadafi (Essam.Ghadafi@uwe.ac.uk)
More information: https://www.uwe.ac.uk/research/postgraduate-research-study/how-to-apply/studentship-opportunities/iot-over-wireless-networks
Tenure-Track Faculty Positions in all areas related to IT-Security, Privacy and Cryptography (f/m/d)
CISPA Helmholtz Center for Information Security
Job PostingCISPA is located in Saarbrücken, in the tri-border area of Germany, France, and Luxembourg. We maintain an international and diverse work environment and seek applications from outstanding researchers worldwide. The working language is English. A command of German is not required for a successful career at CISPA.
CISPA is looking for candidates that hold a doctoral degree in computer science or related areas and have an outstanding research track record in all areas related to IT-Security, Privacy and Cryptography, especially in, but not limited to the fields of
All applicants are expected to build up a research team that pursues an internationally visible research agenda.
Tenure-track positions are intended for candidates with excellent research credentials and the potential to pursue a program of innovative research. The positions are comparable to tenure-track positions at a leading university, and come with two full time research staff positions and generous support for other expenses.
Closing date for applications:
Contact: scientific-recruiting@cispa.saarland
More information: https://jobs.cispa.saarland/jobs/detail/tenure-track-faculty-positions-in-all-areas-related-to-it-security-privacy-and-cryptography-f-m-d-129
Akash Shah, Nishanth Chandran, Mesfin Dema, Divya Gupta, Arun Gururajan, Huan Yu
ePrint Report1. We initiate the formal study of secure featurization and its use in conjunction with secure inference protocols. 2. We build secure featurization protocols in the one/two/three-server settings that provide a tradeoff between security and efficiency. 3. Finally, we apply our algorithms in the context of secure phishing detection and evaluate our end-to-end protocol on models that are commonly used for phishing detection.
Sebastian Paul, Yulia Kuzovkova, Norman Lahr, Ruben Niederhagen
ePrint ReportIn this work, we propose and investigate a migration strategy towards post-quantum (PQ) authentication for the network protocol Transport Layer Security (TLS). Our strategy is based on the concept of “mixed certificate chains” which use different signature algorithms within the same certificate chain. In order to demonstrate the feasibility of our migration strategy we combine the well-studied and trusted hash-based signature schemes SPHINCS+ and XMSS with elliptic curve cryptography first and subsequently with lattice-based PQC signature schemes (CRYSTALS-Dilithium and Falcon). Furthermore, we combine authentication based on mixed certificate chains with the lattice-based key encapsulation mechanism (KEM) CRYSTALS-Kyber as representative for PQC KEMs to evaluate a fully post-quantum and mutually authenticated TLS 1.3 handshake.
Our results show that mixed certificate chains containing hash-based signature schemes only at the root certificate authority level lead to feasible connection establishment times despite the increase in communication size. By analyzing code size and peak memory usage of our client and server programs we further demonstrate the suitability of our migration strategy even for embedded devices.
Dmitrii Koshelev
ePrint ReportLukas Aumayr, Sri AravindaKrishnan Thyagarajan, Giulio Malavolta, Pedro Monero-Sanchez, Matteo Maffei
ePrint ReportWe present Sleepy Channels, the first bi-directional PC protocol without watchtowers (or any other third party) that supports an unbounded number of payments and does not require parties to be persistently online. The key idea is to confine the period in which PC updates can be validated on-chain to a short, pre-determined time window, which is where the PC parties have to be online. This behavior is incentivized by letting the parties lock a collateral in the PC, which can be adjusted depending on their mutual trust and which they get back much sooner if they are online during this time window. Our protocol is compatible with any blockchain that is capable of verifying digital signatures (e.g., Bitcoin), as shown by our proof of concept. Moreover, Sleepy Channels impose a communication and computation overhead similar to state-of-the-art PC protocols while removing watchtower's collateral and fees for the monitoring service.
Bo-Yuan Peng, Adrian Marotzke, Ming-Han Tsai, Bo-Yin Yang, Ho-Lin Chen
ePrint ReportKarl Wüst, Kari Kostiainen, Srdjan Capkun
ePrint ReportYupu Hu, Jun Liu, Baocang Wang, Xingting Dong, Yanbin Pan
ePrint ReportIn this paper, we demonstrate that the Agr17 FE scheme is $P/poly$ invalid. More specifically, we show that, when processing $P/poly$ functions, the Agr17 FE scheme cannot be implemented again after its modulus reduction. To show the soundness of our demonstration, we present the statements in two stages. At the first stage, we show that the modulus reduction of the Agr17 FE scheme should be a double modulus reduction, which includes two modulus reductions for the FHE ciphertext and ABE ciphertext, respectively. This double modulus reduction has the following three key points: (1) The modulus reduction for the FHE ciphertext should be seen as a series of Boolean operations, and converted into `attribute quasi-homomorphic operations'. (2) The modulus reduction for the ABE ciphertext is a learning-with-errors (LWE) -based modulus reduction, which is an ordinary modulus reduction. (3) The two modulus reductions should obtain the same new modulus, otherwise, the scheme would not be implemented again. At the second stage, we show that the modulus reduction for the ABE ciphertext will destroy the structure of ABE so that the subsequent decryption would not be executed. The reason lies in that the decryption of ABE is an LWE decryption with conditions rather than an ordinary LWE decryption, and the modulus reduction will destroy the conditions of decryption. Besides, to show such invalidity cannot be easily crossed by revising the scheme, we design a `natural' revised version of the Agr17 scheme. The key point is to change the small modulus inner product into an arithmetic inner product, which can be obtained by the modulus inner product of the ABE ciphertext. The revised scheme is valid, i.e., the decryption can be implemented correctly. However, the revised scheme is insecure because the decryptor knows much more secret information, and hence the scheme can be broken by collusion attacks with much less cost.