International Association
for Cryptologic Research

Logic locking aims to protect the intellectual property of a circuit from a fabricator by modifying the original logic of the circuit into a new “locked” circuit such that an entity without the key should not be able to learn anything about the original circuit. While logic locking provides a promising solution to outsourcing the fabrication of chips, unfortunately, several of the proposed logic locking systems have been broken. The lack of established secure techniques stems in part from the absence of a rigorous treatment toward a notion of security for logic locking, and the disconnection between practice and formalisms. We seek to address this gap by introducing formal definitions to capture the desired security of logic locking schemes. In doing so, we investigate prior definitional efforts in this space, and show that these notions either incorrectly model the desired security goals or fail to capture a natural “compositional” property that would be desirable in a logic locking system. Finally we move to constructions. First, we show that universal circuits satisfy our security notions. Second, we show that, in order to do better than universal circuits, cryptographic assumptions are necessary.

We present a diffusion block (DB), which is extraordinarily fast. After one round, it reaches complete diffusion, which means only 16 memory reads and 15 XOR operations. It uses only the most common operations available in any microprocessor. The diffusion and speed are based on a large key, about 64 kB for encryption and 34 kB for decryption, expanded from the classical key size of 128, 256, or more bits. The basic block length is 128 bits and could be expanded to 192, 256, or more. DB uses the same core idea as uses AES, DES, and others, which has been studied for more than 50 years by many cryptanalysts.

This paper presents concrete quantum cryptanalysis for binary elliptic curves for a time-efficient implementation perspective (i.e., reducing the circuit depth), complementing the previous research by Banegas et al., that focuses on the space-efficiency perspective (i.e., reducing the circuit width). To achieve the depth optimization, we propose an improvement to the existing circuit implementation of the Karatsuba multiplier and FLT-based inversion, then construct and analyze the resource in Qiskit quantum computer simulator. The proposed multiplier architecture, improving the quantum Karatsuba multiplier by Van Hoof et al., reduces the depth and yields lower number of CNOT gates that bounds to O(nlog2(3)) while maintaining a similar number of Toffoli gates and qubits. Furthermore, our improved FLT-based inversion reduces CNOT count and overall depth, with a tradeoff of higher qubit size. Finally, we employ the proposed multiplier and FLT-based inversion for performing quantum cryptanalysis of binary point addition as well as the complete Shor’s algorithm for elliptic curve discrete logarithm problem (ECDLP). As a result, apart from depth reduction, we are also able to reduce up to 90% of the Toffoli gates required in a single-step point addition compared to prior work, leading to significant improvements and give a new insights on quantum cryptanalysis for a depth-optimized implementation.

An $\ell$-server Private Information Retrieval (PIR) scheme allows a client to retrieve the $\tau$-th element $a_\tau$ from a database $\bm{a}=(a_1,\ldots,a_n)$ which is replicated among $\ell$ servers. It is called $t$-private if any coalition of $t$ servers learns no information on $\tau$, and $b$-error correcting if a client can correctly compute $a_\tau$ from $\ell$ answers containing $b$ errors. This paper concerns the following problems: Is there a $t$-private $\ell$-server PIR scheme with communication complexity $o(n)$ such that a client can detect errors with probability $1-\epsilon$ even if $\ell-1$ servers return false answers? Is it possible to add error correction capability to it? We first formalize a notion of $(1-\epsilon)$-fully error detecting PIR in such a way that an answer returned by any malicious server depends on at most $t$ queries, which reflects $t$-privacy. We then prove an impossibility result that there exists no $1$-fully error detecting (i.e., $\epsilon=0$) PIR scheme with $o(n)$ communication. Next, for $\epsilon>0$, we construct $1$-private $(1-\epsilon)$-fully error detecting and $(\ell/2-O(1))$-error correcting PIR schemes which have $n^{o(1)}$ communication, and a $t$-private one which has $O(n^{c})$ communication for any $t\geq2$ and some constant $c<1$. Technically, we show generic transformation methods to add error correction capability to a basic fully error detecting PIR scheme. We also construct such basic schemes by modifying certain existing PIR schemes which have no error detection capability.

Smart contracts and blockchain technologies are inherently limited as their decision cannot rely on real-world events that happen ``outside'' of the blockchain environment. This has motivated the introduction of trusted identities, the so-called ``Oracles'', that attest the information about real-world events into the blockchain. This enables mutually distrustful parties to establish contracts based on said events.

All known solutions to implement oracle-based contracts rely either on Turing-complete smart contracts or on trusted hardware. In particular, no solution comes with provable cryptographic guarantees that are compatible with many popular cryptocurrencies, such as Bitcoin. In this work, we lay the foundations of oracle contracts for cryptocurrencies. We present game-based definitions that model the security properties of oracle contracts and we propose the first construction with provable security guarantees. As a contribution of independent interest and as our main technical building block, we show an efficient construction of \emph{witness encryption} for the following class of languages: $$ \{ (\vk, m) \in \mathcal{L} : \exists~\sigma \text{ s.t. }\mathsf{Verify}(\vk, \sigma, m) = 1\} $$ where $\sigma$ is a BLS digital signature on $m$. We show how this can be extended to the threshold settings and how to efficiently prove that the encrypted message has a certain structure. The former allows distribution of trust among several ``Oracles'' and to guarantee the latter, we develop a new batching technique for cut-and-choose, inspired by the work of Lindell-Riva on garbled circuits.

In this note we study the limitations of incompressible encodings with information-theoretic security. We demonstrate a flaw in the existing proof of the impossibility of constructing incompressible encodings information-theoretically. Our main contribution is a full proof of impossibility of existence of non-trivial information-theoretically secure incompressible encoding schemes.

Leakage-resilient cryptography aims to protect cryptographic primitives from so-called "side channel attacks" that exploit their physical implementation to learn their input or secret state. Starting from the works of Ishai, Sahai and Wagner (CRYPTO`03) and Micali and Reyzin (TCC`04), most works on leakage-resilient cryptography either focus on protecting general computations, such as circuits or multiparty computation protocols, or on specific non-interactive primitives such as storage, encryption and signatures. This work focuses on leakage-resilience for the middle ground, namely for distributed and interactive cryptographic primitives.

Our main technical contribution is designing the first secret-sharing scheme that is equivocal, resists adaptive probing of a constant fraction of bits from each share, while incurring only a constant blowup in share size. Equivocation is a strong leakage-resilience guarantee, recently introduced by Hazay et al. (ITC`21). Our construction is obtained via a general compiler which we introduce, that transforms any secret-sharing scheme into an equivocal scheme against adaptive leakage. An attractive feature of our compiler is that it respects additive reconstruction, namely, if the original scheme has additive reconstruction, then the transformed scheme has linear reconstruction.

We extend our compiler to a general paradigm for protecting distributed primitives against leakage, and show its applicability to various primitives, including secret sharing, verifiable secret sharing, function secret sharing, distributed encryption and signatures, and distributed zero-knowledge proofs. For each of these primitives, our paradigm transforms any construction of the primitive into a scheme that resists adaptive party corruptions, as well as adaptive probing leakage of a constant fraction of bits in each share when the share is stored in memory (but not when it is used in computations). Moreover, the transformation incurs only a constant blowup in the share size, and respects additive reconstruction - an important feature for several of these primitives, such as function secret sharing and distributed encryption.

The looming threat of an adversary with Quantum computing capability led to a worldwide research effort towards identifying and standardizing novel post-quantum cryptographic primitives. Post-standardization, all existing security protocols will need to support efficient implementation of these primitives. In this work, we contribute to these efforts by reporting the smallest implementation of CRYSTALS-Dilithium, a finalist candidate for post-quantum digital signature.

By invoking multiple optimizations to leverage parallelism, pre-computation and memory access sharing, we obtain an implementation that could be fit into one of the smallest Zynq FPGA. On Zynq Ultrascale+, our design achieves an improvement of about 36.7%/35.4%/42.3% in Area×Time (LUTs×s) trade-off for KeyGen/Sign/Verify respectively over state-of-the-art implementation. We also evaluate our design as a co-processor on three different hardware platforms and compare the results with software implementation, thus presenting a detailed evaluation of CRYSTALS-Dilithium targeted for embedded applications. Further, on ASIC using TSMC 65nm technology, our design requires 0.227mm$^2$ area and can operate at a frequency of 1.176 GHz. As a result, it only requires 53.7μs/96.9μs/57.7μs for KeyGen/Sign/Verify operation for the best-case scenario.

Event date: 19 October to 21 October 2022
Submission deadline: 30 May 2022
Notification: 30 June 2022

Event date: 12 July to 15 July 2022

Event date: 24 August to 26 August 2022
Submission deadline: 8 June 2022
Notification: 18 July 2022

A full-time 2-year postdoctoral position is available at IMB (Institut de Mathématiques de Bordeaux), supported by the ANR-NSF project CHARM (Cryptographic hardness of module lattices). Potential research topics include:

• Lattice algorithms and cryptanalysis (shortest or closest vector problems, LWE, for rings, modules or lattices)
• Algebraic number theory and lattices (geometry of numbers, ideals in numbers fields, automorphic forms)
• Quantum algorithms for lattices (security proofs, cryptanalysis)

The candidate should hold a PhD degree in Mathematics or Computer Science, and should have a strong record related to any of the above topics. Starting date is flexible, preferably before October 2022.
To apply, please send your CV, a motivation letter and names of at least two persons who can provide reference letters.
The CHARM project is a collaboration between four scientific intitutions in France and in the USA. Members in Bordeaux are: Bill Allombert, Karim Belabas, Aurel Page, Alice Pellet-Mary, and Benjamin Wesolowski.

Closing date for applications:

Contact: Benjamin Wesolowski, benjamin.wesolowski@math.u-bordeaux.fr

The Institute of Information Security and Dependability at KIT is looking for two PostDocs in privacy-preserving cryptographic protocols. Experiences with secure multi-party computation and MPC compilers and UC-based security models are desired. A track record in this field is expected, including publications at reputable conferences such as Crypto, Eurocrypt, ACM CCS, PETS, etc.

You will be a member of the KASTEL Security Research Labs (https://zentrum.kastel.kit.edu) and the Topic "Engineering Secure Systems" of the Helmholtz Association. Your research is dealing with cryptographic protocols for privacy-preserving computations, e.g., applied to mobility or productions systems. It will result in both theoretical security concepts (protocol designs, security proofs, etc.) and their practical implementation (e.g., a demonstrator) for some application domain. The contract will initially be limited to 1 year, but can be extended to several years.

If you are interested, please send an email including your CV and a list of publications to andy.rupp@partner.kit.edu. Applications will be considered until the positions are filled.

Closing date for applications:

Contact: Andy Rupp (andy.rupp@partner.kit.edu)

More information: https://crypto.kastel.kit.edu/english/research_group_rupp.php

At the Department of Computer Science which is part of the Faculty of Computer Science, Electrical Engineering and Mathematics this PostDoc position is to be filled in the working group Codes and Cryptography. It's a full-time position in the field of post-quantum cryptography, available immediately and with a flexible start date. The position is limited to a period of 3 years. Your tasks: • Research in the field of post-quantum cryptography • Teaching to the extent of 4 hours a week • Participation in the Department of Computer Science Your profile: • Doctorate degree in the field of cryptography • Expertise in one of these areas: post-quantum cryptography, lattice-based cryptography • Experience in the field of quantum algorithms or quantum complexity is an advantage If you are interested, please send an email including your detailed CV and a list of publications to bloemer@upb.de. Applications will be reviewed continuously until the position is filled.

Closing date for applications:

Contact: Prof. Dr. Johannes Blömer (bloemer@upb.de)

More information: https://www.uni-paderborn.de/fileadmin/zv/4-4/stellenangebote/Kennziffer5167_Englisch.pdf

One Ph.D. position opening (post-quantum cryptography and related) at Dr. Jiafeng Harvest Xie's Security and Cryptography (SAC) Lab (https://www.ece.villanova.edu/~jxie02/lab/), Department of Electrical and Computer Engineering, Villanova University, Villanova, PA USA.

Villanova University ranks #49 National Universities in the USA (US News), is located in Villanova, west suburban of Philadelphia. Famous alumni include the current First Lady of the USA!

Requirements: Preferred to be in majors of CS/CE/EE, Applied Mathematics/Cryptography.

Skillful in programming Languages such as CC++, Python, VHDL/Verilog, and so on.

Deadline: better to start in Fall 2022/Spring 2023.

This research focuses on the security aspects of post-quantum cryptography and related implementations. Advisor and senior Ph.D. student will guide you to get started and work together on forthcoming challenges. You will not be fighting alone!!!

Closing date for applications:

Contact: Dr. Jiafeng Harvest Xie

More information: https://www.ece.villanova.edu/~jxie02/lab/

Several, fully-funded, PhD student openings (for Fall 2022 and Spring 2023) in the domains of cryptography, computer security, privacy, and blockchain-based systems are available at the University of Connecticut (UConn), Computer Science and Engineering department, led by Prof. Ghada Almashaqbeh.

Scope: The positions provide a great opportunity to work on timely topics in cryptography (both theory and applied), systems security, and privacy. A large part of our lab research is around security and privacy for blockchains. We target real-world problems and aim to provide secure and practical solutions backed by rigorous foundations and efficient implementations/thorough performance testing. We are also interested in conceptual projects that contribute in bridging the gap between theory and practice of Cryptography. Students will gain experience in topics around multiparty computation, FHE, zero-knowledge proofs, cryptography from physical assumptions, and distributed systems security (mainly blockchain-based systems and privacy-preserving machine learning).

More information: For more information about our current and previous projects please check https://ghadaalmashaqbeh.github.io/research/

About UConn: UConn is R1 Research University in Storrs, CT. It is well connected to New York, Boston, and Providence areas, offering easy access to other top research institutions and lead-industrial companies for research, collaborations, and internship opportunities. The CSE department at UConn has a large and strong cybersecurity group, and it is ranked 18 among all USA computer science programs in Cryptography (based on csranking.org).

Get in touch: For interested students, please send your CV, an overview of current/previous research experiences and skills/related background, and transcripts to ghada@uconn.edu

Closing date for applications:

Contact: Ghada Almashaqbeh

Huawei German Research Center in Munich is responsible for advanced technical research, architecture evolution design and strategic technical planning. The Cyber Security and Privacy Lab is developing cutting-edge technologies, which are designed for supporting data protection and accountability in the Cloud, IoT and cloud-based networks.

To support our research activities, we are looking for an enthusiastic and highly motivated PhD student Security &Trust - Connected, Cooperative, Automated Mobility (m/f/d)

Research Topic

• Perform research and develop new solutions for Trust Management in the Next-Generation CCAM technologies.
• Contribute to new mechanisms for assessing dynamic trust relationship based on Zero Trust and Subjective Logic.
• Define a trust model and trust reasoning framework based on which involved entities can establish trust for cooperatively executing safety-critical functions.

Responsibilities

• Contribute to the research and development of technologies in the upcoming domain of Connected, Cooperative and Automated Mobility (CCAM).
• Being involved in international initiatives including industry groups such as 5GAA, Gaia-X, DIF and Horizon Europe research projects.

Your Profile

• Completed master studies (or equivalent) in computer science, information technology, electrical engineering, or mathematics;
• Exposure and understanding of data protection and security development technologies;
• Good programming skill;
• Excellent collaboration and communication skills;
• Fluent in English;

Closing date for applications:

Contact: Dr. Ioannis Krontiris (ioannis.krontiris@huawei.com)

More information: https://apply.workable.com/huawei-16/j/708737847F/

Applications are invited for a PhD position in the field of cryptography at the Universitat Pompeu Fabra in Barcelona, Spain. The applicant will be supervised by Carla Ràfols. The topic of research will be theoretical aspects of zero-knowledge proofs. The candidate should have completed his/her master´s degree by Oct. 2022 in computer science, mathematics or a related area. The starting date will be around Oct. 2022. Applications should start with a a short motivation letter, include a full CV, a copy of grade transcript(s) of completed studies and (when possible) one name of reference. To apply or request further information, please send an email to cryptophdupf (at) upf.edu. The review of applications will start end of May and continue until the position is filled.

Closing date for applications:

Contact: Carla Ràfols: cryptophdupf@upf.edu

1) Research The topic of this academic chair is the security of embedded systems. By systems we intend to mean: the component-level, the low-power/high-performance processor-level, and the architecture. The main component and focus is the hardware part but, as an extension, we anticipate a joint (collaborative) research with a specific focus on communication aspects and, possibly, embedded software aspects. The desired required areas of interest include, but are not limited to: - Hardware implementation of cryptographic algorithms/primitives - Implementation of physical security countermeasures - Technology-aware design of secure systems (emerging IC-manufacturing technologies) - Trusted computing (platforms, protocols) - Hardware roots of trust (PUF, TRNG) - Secure hardware/software codesign - System-on-chip security - IoT security (protocols implementation, network aspects) - Cyberphysical systems security - Embedded software security - Processor architecture security The successful applicant will benefit from existing research and experimental equipment of the laboratories of the Engineering and Sciences Faculty (electronics, network security, wireless communications, cryptography, ..) and the immediate involvement in the supervision of 5+ running PhD theses. 2) Education The teaching responsibilities of the prospective candidate will cover various types of activities, including lectures, tutorials and project-based learning at the Bachelor and Master’s level in the Brussels School of Engineering (Ecole Polytechnique de Bruxelles). Proven teaching skills with experience in teaching in English and in French will be considered as an asset. The appointed academic will take the responsibility of the following courses : Architecture and security of processors, Design of secure systems, Hardware security.

Closing date for applications:

Contact: jean-michel.dricot@ulb.be

More information: https://www.ulb.be/greffeintra/files/7734.pdf

The Centre for Hardware Security at TalTech, led by Prof. Samuel Pagliarini, invites applications for several fully-funded PhD positions. The Centre conducts research in the area of Hardware Security focusing on trustworthy integrated circuit (IC) design, electronic design automation (EDA) for secure systems, hardware trojans, reverse engineering, circuit obfuscation, crypto hardware, and other similar security topics. Successful candidates will have access to silicon fabrication in order to validate research ideas as it is already a practice of the Centre (see portfolio).

Requirements: We are looking for motivated candidates with a strong background in circuit design. PhD candidates must have completed a Master's degree (or be about to complete). Previous expertise on Hardware Security/Cryptography is not required but is highly desirable. The candidates are expected to have the following core skills:

Ability to describe digital circuitry (preferably in Verilog)

Ability to write C++/python scripts for building small EDA tools

Familiarity w/ Cadence tools for IC design (Genus, Innovus, Virtuoso, etc.) or equivalent tools from Siemens/Synopsys

Strong writing skills (English) that are compatible with doctoral-level requirements, i.e., writing academic papers and articles.

How to apply: Please submit your CV and transcripts to Prof. Pagliarini by email using the subject ‘PhD in Hardware Security’. Candidates with adequate backgrounds will be invited to interview over Skype. Applications are processed as they arrive. All positions have a tentative start date of September 2022. The nominal duration of a PhD degree is 4 years at TalTech. Salaries are approximately 1600 EUR/month (net), which allows for a comfortable standard of living in Tallinn.

Closing date for applications:

Contact: Samuel Pagliarini via email, name.lastname@taltech.ee

More information: https://ati.ttu.ee/~spagliar/timeline/index.html