IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
25 February 2022
Onur Gunlu, Matthieu Bloch, Rafael F. Schaefer, Aylin Yener
ePrint ReportKeita Emura, Shiho Moriai, Takuma Nakajima, Masato Yoshimi
ePrint ReportHanyu Jia, Xiangxue Li
ePrint ReportPer Austrin, Hao Chung, Kai-Min Chung, Shiuan Fu, Yao-Ting Lin, Mohammad Mahmoody
ePrint ReportWhen only one of the parties is classical and the other party is quantum powered, as long as they ask a total of $d$ oracle queries and agree on a key with probability $1$, then there is always a way to break the key agreement by asking $O(d^2)$ number of classical oracle queries. When both parties can make quantum queries to the random oracle, we introduce a natural conjecture, which if true would imply attacks with $poly(d)$ classical queries to the random oracle. Our conjecture, roughly speaking, states that the multiplication of any two degree-$d$ real-valued polynomials over the Boolean hypercube of influence at most $1/poly(d)$ is nonzero. We then prove our conjecture for exponentially small influences, which leads to an (unconditional) classical $2^{O(md)}$-query attack on any such key agreement protocol, where $m$ is the oracle's output length.
Since our attacks are classical, we then ask whether it is always possible to find classical attacks on key agreements with imperfect completeness in the quantum random oracle model. We proves a barrier for this approach, by showing that if the folklore “Simulation Conjecture” (first formally stated by Aaronson and Ambainis in 2009) about the possibility of simulating efficient-query quantum algorithms using efficient-query classical algorithms is false, then there is in fact such a secure key agreement in the quantum random oracle model that cannot be broken classically.
Luke Beckwith, Duc Tri Nguyen, Kris Gaj
ePrint ReportNishanth Chandran, Bhavana Kanukurthi, Sai Lakshmi Bhavana Obbattu, Sruthi Sekar
ePrint ReportThe most important parameter of LRSS and NMSS schemes is the size of each share. For LRSS, in the "local leakage model" (i.e., when the leakage functions on each share are independent of each other and bounded), Srinivasan and Vasudevan (CRYPTO 2019), gave a scheme for threshold access structures with a share size of approximately ($3$.(message length) + $\mu$), where $\mu$ is the number of bits of leakage tolerated from every share. For the case of NMSS, the best known result (again due to the above work) has a share size of ($11$.(message length)).
In this work, we build LRSS and NMSS schemes with much improved share sizes. Additionally, our LRSS scheme obtains optimal share and leakage size. In particular, we get the following results:
-We build an information-theoretic LRSS scheme for threshold access structures with a share size of ((message length) + $\mu$).
-As an application of the above result, we obtain an NMSS with a share size of ($4$.(message length)). Further, for the special case of sharing random messages, we obtain a share size of ($2$.(message length)).
Ky Nguyen, Duong Hieu Phan, David Pointcheval
ePrint ReportWard Beullens
ePrint ReportJan Bobolz, Fabian Eidens, Stephan Krenn, Sebastian Ramacher, Kai Samelin
ePrint ReportIn this paper, we tackle this problem by introducing the notion of issuer-hiding attribute-based credential systems. In such a system, the verifier can define a set of acceptable issuers in an ad-hoc manner, and the user can then prove that her credential was issued by one of the accepted issuers -- without revealing which one.
We then provide a generic construction, as well as a concrete instantiation based on Groth's structure preserving signature scheme (ASIACRYPT'15) and simulation-sound extractable NIZK, for which we also provide concrete benchmarks in order to prove its practicability.
The online complexity of all constructions is independent of the number of acceptable verifiers, which makes it also suitable for highly federated scenarios.
Boyue Fang, Weize Wang, Yunlei Zhao
ePrint ReportGweonho Jeong, Nuri Lee, Jihye Kim, Hyunok Oh
ePrint ReportTo solve the above problem, we propose an auditable zero-knowledge transfer framework called Azeroth. Azeroth connects a zero-knowledge proof for an encrypted transaction, enabling to check its validation while protecting its privacy. Azeroth also allows authorized auditors to audit transactions. Azeroth is designed as a smart contract for flexible deployment on top of an existing blockchain. According to the result of our experiment, the additional time required to generate a proof is about 901ms.The security of Azeroth is formally proven under the cryptographic assumptions.
Vienna, Austria, 23 August - 26 August 2022
Event CalendarSubmission deadline: 6 March 2022
Notification: 16 May 2022
-
Event CalendarSubmission deadline: 23 November 2022
Notification: 23 January 2023
-
Event CalendarSubmission deadline: 1 September 2022
Notification: 1 November 2022
-
Event CalendarSubmission deadline: 1 June 2022
Notification: 1 August 2022
-
Event CalendarSubmission deadline: 1 June 2022
Notification: 1 August 2022
-
Event CalendarSubmission deadline: 1 March 2022
Notification: 1 May 2022
Norwegian University of Science and Technology (NTNU)
Job PostingClosing date for applications:
Contact: Anamaria Costache
More information: https://www.jobbnorge.no/en/available-jobs/job/221390/postdoctoral-fellow-in-fully-homomorphic-encryption#?p=1
Panther Protocol
Job PostingClosing date for applications:
Contact: Martin Raeburn
More information: https://apply.workable.com/panther-protocol/j/8C5930FE61/
University of Stuttgart, Institute of Information Security
Job Postingfully-funded Postdoc and PhD positions in formal verification.
Successful candidates are expected to carry out research on tool-supported formal verification methods for security-critical systems and security protocols in our new REPROSEC initiative (https://reprosec.org/). See, e.g., our work at ACM CCS 2021 and EuroS&P 2021 on DY*.The positions are available immediately with an internationally competitive salary, ranging from about 4.000 Euro to 6.200 Euro monthly gross salary. The employment periods are between one and six years, following the German Wissenschaftszeitvertragsgesetz (WissZeitVg).
The Institute of Information Security offers a creative international environment for top-level international research in Germany's high-tech region.
You should have a Master's degree or a Ph.D. (or should be very close to completion thereof) in Computer Science, Mathematics, Cyber Security, or a related field. We value excellent analytical skills and
Knowledge in cryptography/security is not required, but a plus. Knowledge of German is not required.
See https://www.sec.uni-stuttgart.de/institute/job-openings/ for the official job announcement and details of how to apply.
The deadline for applications is
March 13th, 2022.
Late applications will be considered until the positions are filled.Closing date for applications:
Contact: Prof. Ralf Küsters
University of Stuttgart, Institute of Information Security ralf.kuesters@sec.uni-stuttgat.de
More information: htttps://sec.uni-stuttgart.de