IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
04 May 2022
Apple
Job PostingClosing date for applications:
Contact: ysierra (at) apple.com
More information: https://jobs.apple.com/en-us/details/200312812/cryptographic-engineer
QPQ Global
Job PostingWhat do we give you?
• A stimulating, Socratic intellectual environment.
• Hybrid office approach – we have been a distributed workforce from the start. This role is centred around our European axis, so we expect you to live within +/- 3 hours of CET. We get together a complete team every quarter, so you must be willing to travel and embrace being part of a diverse team drawn from many walks of life and cultures.
• Good salary, travel expense budget and many future opportunities to participate in the company’s growth.
• The mother of all intellectual challenges!
Responsibilities:
• implement and embed in products cryptographic protocols in the privacy space.
• Working with a multi-faceted team of practitioners on a set of blockchain-based privacy protocols interacting with the DeFi space and providing compliance with financial regulations.
• Focus on zero knowledge schemes which provide privacy and compliance.
Requirements:
• MSc or multi-year experience in cryptography or a closely related field.
• Knowledge of modern cryptographic primitives.
• Be able to productize protocols/schemes/algorithms in at least one relevant programming language (C++ or Rust desirable).
• General understanding of full-stack system architecture.
• Have a thorough approach and be committed to high quality output. Have prior research/code already published in the space.
- Excellent communication and collaboration skills.
Closing date for applications:
Contact: opportunities@qpq.io
University of Warsaw
Job PostingClosing date for applications:
Contact: Stefan Dziembowski
More information: https://www.crypto.edu.pl/post-doc
Technical University of Denmark, Kgs. Lyngby, Denmark
Job PostingClosing date for applications:
Contact: Tyge Tiessen or Christian Majenz (tyti or chmaj at dtu.dk)
More information: https://www.compute.dtu.dk/om-os/ledige-stillinger/job?id=2e9ac066-5deb-4361-a669-7fdcb405f2f8
02 May 2022
Jurian van Geest, Ileana Buhan
ePrint ReportGeorge Teseleanu
ePrint ReportPavel Hubáček, Ľubica Jančová, Veronika Králová
ePrint ReportGiven that DDLog is solved repeatedly with respect to a fixed group in its applications, a natural approach for improving the efficiency of DDLog protocols could be via leveraging some precomputed group-specific advice. To understand the limitations of this approach, we revisit the distributed discrete logarithm problem in the preprocessing model and study the possible time-space trade-offs for DDLog in the generic group model. As our main result, we show that, in a group of size $N$, any generic DDLog protocol for secrets of magnitude $W$ with parties running in time $T$ using precomputed group-specific advice of size $S$ has success probability \[ \epsilon = O\left(\dfrac{T^2}{W} + \dfrac{\max\{S,\log W\} \cdot T^2}{N}\right). \] Thus, assuming $N \geq W \log W$, we get a lower bound $ST^2= \Omega(\epsilon N)$ on the time-space trade-off for DDLog protocols using large advice of size $S= \Omega(N/W)$. Interestingly, for DDLog protocols using \emph{small advice} of size $S=O(N/W)$, we get a lower bound $T^2=\Omega(\epsilon W)$ on the running time, which, in the constant-error regime, asymptotically matches the running time of the DDLog protocol \emph{without any advice} of Dinur et al. (J. Cryptol. 2020). In other words, we show that generic DDLog protocols achieving constant success probability do not benefit from any advice of size $S= O(N/W)$ in the online phase of the DDLog problem.
Vidal Attias, Luigi Vigneri, Vassil Dimitrov
ePrint ReportMd Rasid Ali, Debranjan Pal, Abhijit Das, Dipanwita Roychowdhury
ePrint ReportJeremy Booher, Ross Bowden, Javad Doliskani, Tako Boris Fouotsa, Steven D. Galbraith, Sabrina Kunzweiler, Simon-Philipp Merz, Christophe Petit, Benjamin Smith, Katherine E. Stange, Yan Bo Ti, Christel
ePrint ReportJaime Gutierrez, Jorge Jimenez Urroz
ePrint ReportDimitris Mouris, Charles Gouert, Nektarios Georgios Tsoutsos
ePrint ReportAntonio Guimarães, Edson Borin, Diego F. Aranha
ePrint ReportQian Guo, Andreas Johansson, Thomas Johansson
ePrint ReportThe attack is described using power analysis both on the FPGA reference implementation and a software implementation running on an ARM Cortex-M4. We use a machine-learning-based classification algorithm to determine the error locator polynomial from a single trace. The attack is fully implemented and evaluated in the Chipwhisperer framework and is successful in practice. For the smallest parameter set, it is using about 300 traces for partial key recovery and less than 800 traces for full key recovery, in the FPGA case. A similar number of traces are required for a successful attack on the ARM software implementation.
Adrián Ranea, Vincent Rijmen
ePrint ReportIn this work we present CASCADA, an open-source Python library to evaluate the security of cryptographic primitives, specially block ciphers, against distinguishing attacks with bit-vector SMT solvers. The tool CASCADA implements the bit-vector property framework herein proposed and several SMT-based automated search methods to evaluate the security of ciphers against differential, related-key differential, rotational-XOR, impossible-differential, impossible-rotational-XOR, related-key impossible-differential, linear and zero-correlation cryptanalysis. The library CASCADA is the result of a huge engineering effort, and it provides many functionalities, a modular design, an extensive documentation and a complete suite of tests.
Seyyed Arash Azimi, Adrián Ranea, Mahmoud Salmasizadeh, Javad Mohajeri, Mohammad Reza Aref, Vincent Rijmen
ePrint ReportIn this paper, we present the first bit-vector differential model for the $n$-bit modular addition by a constant input. Our model contains $O(\log_2(n))$ basic bit-vector constraints and describes the binary logarithm of the differential probability. We describe an SMT-based automated method that includes our model to search for differential characteristics of ARX ciphers including constant additions. We also introduce a new automated method for obtaining impossible differentials where we do not search over a small pre-defined set of differences, such as low-weight differences, but let the SMT solver search through the space of differences. Moreover, we implement both methods in our open-source tool \texttt{ArxPy} to find characteristics and impossible differentials of ARX ciphers with constant additions in a fully automated way. As some examples, we provide related-key impossible differentials and differential characteristics of TEA, XTEA, HIGHT, LEA, SHACAL-1, and SHACAL-2, which achieve better results compared to previous works.
Mo Zhang, Eduard Marin, David Oswald, Vassilis Kostakos, Mark Ryan, Benjamin Tag, Kleomenis Katevas
ePrint ReportLiam Eagen
ePrint ReportUsing the permutation argument, as well as a new variant of the weighted inner product argument for weighted norms, Bulletproofs++ range proofs can support larger bases and achieve much smaller witness sizes. For a 64 bit range, representing the value as 16 hexadecimal digits reduces the length of the witness per commitment by a factor of approximately 6, asymptotically approaching 8 as the number of values increases. The proof size for a single value using Curve25519 is 416 bytes, which is 160 bytes smaller than Bulletproofs+. This technique has a small asymptotic affect on the witness size, going from O(n) to O(n/log n) where n is the number of bits required to encode all the values to be proven.
For confidential transactions, the ``elements" of the multiset are the types of currency and the multiplicities are the amounts for each input. Since the argument is linear in the elements of the set, multiple provers can show that all the inputs and outputs for a transaction satisfy typed conservation of money without breaking their mutual privacy. This confidential transaction protocol has essentially the same structure as the generic base range proof and can be added to a range proof at minimal additional cost to make a confidential transaction protocol.
29 April 2022
CHES
The deadline for nominations is May 2nd: https://ches.iacr.org/2022/testoftime.php
Brandenburg University of Technology
Job Posting- Active research in the area of intrusion detection systems (IDS) for critical infrastructures, secure cyber-physical systems, and artificial intelligence / machine learning for traffic analysis
- Implementation and evaluation of new algorithms and methods
- Cooperation and knowledge transfer with industrial partners
- Publication of scientific results
- Assistance with teaching
Requirements:
- Master’s degree (or equivalent) in Computer Science or related disciplines
- Strong interest in IT security and/or networking and distributed systems
- Knowledge of at least one programming language (C++, Java, etc.) and one scripting language (Perl, Python, etc.) or strong willingness to quickly learn new programming languages
- Linux/Unix skills
- Knowledge of data mining, machine learning, statistics and result visualization concepts is of advantage
- Excellent working knowledge of English; German is of advantage
- Excellent communication skills
Applications containing the following documents:
- A detailed Curriculum Vitae
- Transcript of records from your Master studies
- An electronic version of your Master thesis should be sent in a single PDF file as soon as possible, but not later than 15.05.2022 at itsec-jobs.informatik@lists.b-tu.de
Closing date for applications:
Contact: Prof. Andriy Panchenko
More information: https://www.b-tu.de/en/fg-it-sicherheit