International Association
for Cryptologic Research

Determining bounds on the differential probability of differential trails and the squared correlation contribution of linear trails forms an important part of the security evaluation of a permutation. For Xoodoo such bounds were proven with a dedicated tool (XooTools), that scans the space of all r-round trails with weight below a given threshold $T_r$. The search space grows exponentially with the value of $T_r$ and XooTools appeared to have reached its limit, requiring huge amounts of CPU to push the bounds a little further. The bottleneck was the phase called trail extension where short trails are extended to more rounds, especially in the backward direction. In this work, we present a number of techniques that allowed us to make extension much more efficient ant that allowed us to increase the bounds significantly. Notably, we prove that the minimum weight of any 4-round trail is 80, the minimum weight of any 6-round trail is at least 132 and the minimum weight of any 12-round trail is at least 264, both for differential and linear trails.

Event date: 16 October to 21 October 2022
Submission deadline: 30 September 2022

Event date: 13 December to 15 December 2022
Submission deadline: 25 August 2022
Notification: 7 October 2022

We would like to invite applications for an up to 3 years fully funded postdoctoral position within the Department of Computer Science, University of Surrey. The expected start is October 2022 or as soon as possible thereafter.

The postdoctoral researcher will contribute to two EU-funded research projects “CONNECT: Continuous and Efficient Cooperative Trust Management for Resilient CCAM” and “REWIRE: Rewiring the Compositional Security Verification and Assurance of Systems of Systems Lifecycle”. The main responsibility of the post holder will be in the design and development of new cryptographic protocols for trusted computing and secure systems, including attribute-based encryption and signatures, anonymous signatures, remote attestation, and distributed ledger technologies. Applicants should have a PhD (or close to completing a PhD degree) in a relevant subject or equivalent professional experience.

The position offers the platform for the research fellow to develop skills to become an independent researcher. The successful candidate will work under the direction of Professor Liqun Chen and Dr Catalin Dragan. The research fellow will also work with the other colleagues of the Surrey Centre for Cyber Security and collaborate with the other partners of the CONNECT project consortium and the REWIRE project consortium.

Requirements:
We are looking for applicants that demonstrate strong research and protocol design skills, have strong communication skills, and have enthusiasm for developing their own research ideas. Applicants should have knowledge and experience in the design of cryptographic protocols for trusted computing and secure systems, and a good understanding of distributed ledger technologies. Skills in software engineering would be an advantage but being willing to learn how to develop a software prototype for demonstration is acceptable. Applicants should have a PhD (or close to completing a PhD degree) in a relevant subject or equivalent professional experience.

Closing date for applications:

Contact: Professor Liqun Chen (liqun.chen@surrey.ac.uk) or Dr Catalin Dragan (c.dragan@surrey.ac.uk)

More information: https://jobs.surrey.ac.uk/Vacancy.aspx?ref=058222

The groups of Cryptology and Quantum Information (Alexander May and Michael Walter) are looking for an excellent candidate for a fully funded Ph.D. position as part of Quantum-Safe Internet (QSI), a Marie Curie Innovative Training Network (MSCA-ITN). The QSI network involves top-ranking partner universities from France, Italy, Germany, the Netherlands, Denmark, Spain, the UK, and Switzerland, as well as industrial partners.

You will conduct research in algorithms for classical and quantum cryptanalysis and publish/present the results at top venues for research in crypto/IT Security. This is a joint doctorate, supervised by Alexander May and Michael Walter.

Your Profile:

• Master’s degree or equivalent in computer science, mathematics, theoretical physics, or a related field.
• Outstanding grades in classes related to cryptography, (quantum) algorithms, theoretical CS, or mathematics. (Familiarity with provable security and/or a strong mathematical background are a plus.)
• Excellent communication/writing skills in English. (No German required.)
• Compliance with the MSCA-ITN mobility rule: You must not have resided or carried out your main activity (work, studies, etc.) in Germany for more than 12 months in the 36 months immediately before your recruitment date.

We offer:

• Full-time employment for the duration of the PhD (four years at Ruhr-University Bochum).
• A well-rounded training offered by the QSI network, covering a range of topics related to secure communications in the quantum era, as well as complementary training intended to enhance your personal development.
• Generous travel budget that allows for, e.g., exposure to different sectors via planned placements and attendance to summer schools.

The position is to be filled as soon as possible, deadline for application is Sep 28. We strongly encourage applications from members of any underrepresented group in our research area.

Closing date for applications:

Contact: To apply or for questions, contact alex.may@rub.de. Applications should contain the following in a single PDF:

• Cover letter describing your background and research interests.
• CV, including transcripts.
• A link to your MSc thesis (draft), if available.

On behalf of the Temasek Laboratories at the Nanyang Technological University in Singapore, we solicit application for a paid internship.

Project: Efficient implementation of post-quantum ciphers in quantum logic (with a focus on code-based ciphers)

Vacancy: 2 persons

Duration: September 2022 to February 2023 (6 months)

PI: Anubhab Baksi (anubhab.baksi@ntu.edu.sg)

Closing date for applications:

Contact: Anubhab Baksi

The SYmmetric and Lightweight cryptography Lab (SYLLAB) at Nanyang Technological University is looking for candidates for 2 Research Fellow / postdoc positions (from fresh post-docs to senior research fellows, flexible contract duration) on:

• symmetric-key cryptography,
• lightweight cryptography,
• side-channel analysis,
• optimized software and/or hardware implementations,
• fully-homomorphic encryption,
• machine learning.

Candidates are expected to have a proven record of publications in top cryptography/security/ML venues.

Salaries are competitive and are determined according to the successful applicants accomplishments, experience and qualifications. Interested applicants should send their detailed CVs, cover letter and references to Prof. Thomas Peyrin (thomas.peyrin@ntu.edu.sg).

Review of applications starts immediately and will continue until positions are filled.

Closing date for applications:

Contact: Thomas Peyrin

We are looking for bright and motivated PhD students to work in the topics of information security and cryptography. The students will join the Cybersecurity and applied Cryptography group led by Prof. Katerina Mitrokotsa (https://cybersecurity.unisg.ch/). The students are expected to work on topics that include security and privacy issues for resource-constrained devices (e.g., sensors) that rely on external untrusted servers in order to perform computations. More precisely, the student shall be working on investigating efficient authentication and verifiable delegation of computation mechanisms that provide: i) provable security guarantees, and ii) rigorous privacy guarantees. The positions are funded with a competitive salary and the workplace is in beautiful St. Gallen in Switzerland.
Research areas: Research areas include but are not limited to:

• Verifiable computation
• Secure Multi Party Computation
• Privacy-preserving authentication
• Cryptographic primitives
• Privacy-preserving biometric authentication

Your Profile:

• A MSc degree in Computer Science, Applied Mathematics or a relevant field;
• Strong mathematical and algorithmic CS background;
• Excellent programming skills;
• Excellent written and verbal communication skills in English.

Final Deadline for applications: 31 August 2022
Starting date: By mutual agreement

Closing date for applications:

Contact: Eriane Breu

More information: https://jobs.unisg.ch/offene-stellen/funded-phd-student-in-applied-cryptography-privacy-preserving-biometric-authentication-m-w-d/c4a38453-d472-4ca0-b975-1b1f9d517dc0

CISPA is a world-leading research center that focuses on Information Security and Machine Learning at large. To expand and further strengthen our center, we are looking for Tenure-Track Faculty in all areas related to Security, Privacy, and Cryptography (f/m/d) All applicants are expected to grow a research team that pursues an internationally visible research agenda. To aid you in achieving this, CISPA provides institutional base funding for three full-time researcher positions and a generous budget for expenditures. Upon successful tenure evaluation, you will hold a position that is equivalent to an endowed full professorship at a top research university. We invite applications of candidates with excellent track records in Security, Privacy, and Cryptography, especially in (but not limited to) the fields of

Applied and Post-Quantum Cryptography

Autonomous Systems Security

Cybercrime, Misinformation, and Fake News

Hardware Security and Secure Hardware Designs

Human-Centered Security and Privacy

Privacy-Enhancing Technologies

Security of Critical Infrastructures and Embedded Systems

Software Security, Analysis, and Engineering

The CISPA Tenure-Track in a nutshell:

Tenure-track of five years towards the equivalent of an Endowed Full Professorship

Three fully funded full-time research staff positions for your entire tenure-track

Generous budget for research expenses

Low teaching load of only one course (of your choice) per semester

World-renowned colleagues in (almost) all areas of Security and Machine Learning

Young and dynamic environment, with an average faculty age below 40 years

CISPA values diversity and is committed to equality. We provide special dual-career support. We explicitly encourage female and diverse researchers to apply.

Application

All applicants are strongly encouraged to submit their complete application by November 1, 2022 with interviews starting in December 2022. However, applications will continue to be accepted until December 15, 2022 with interviews in 2023.

Closing date for applications:

Contact: scientific-recruiting@cispa.de

More information: https://faculty.jobs.cispa.de/sec/iacr

Dear security community, We are looking for 2 PhD students to join our team at TU Berlin, on (1) network security and on (2) network algorithms and optimization. The positions come with research freedom, and the specific topic will depend on the interests and skills of the student. Topics of relevance include: blockchain security, security of payment channel networks, DNS security, post-quantum crypto, Internet measurements, etc. To apply, search "INET" at: https://www.personalabteilung.tu-berlin.de/menue/jobs/stellenausschreibungen/parameter/en/ For more information of our group, see - Prof. Schmid: https://schmiste.github.io/ - Group: https://ct.cs.univie.ac.at/ (being migrated to TU Berlin) Please do not hesitate to contact me if you have any questions. Stefan Schmid

Closing date for applications:

Contact: Stefan Schmid (stefan.schmid@tu-berlin.de)

The post-quantum cryptography research group at the Department of Software Systems and Cybersecurity, Faculty of Information Technology, Monash University, Australia, has Ph.D. student scholarship openings for research projects, including in particular the following areas:

1. Post-quantum cryptographic primitives and their practical applications in blockchain consensus protocols.

2. Post-quantum Zero Knowledge Proof and SNARK protocols and their applications for privacy preserving blockchain transactions and smart contracts.

3. Post-quantum cryptographic primitives and protocols for scalable and accountable blockchain transactions, including layer 2 payment channel protocols.

Students will have the opportunity to work in an excellent research environment and collaborate with experts in cryptography and blockchain systems in the Monash Blockchain Technology Centre, and with industry partners.

Monash University is among the leading universities in Australia and is located in Melbourne, ranked as Australia's most liveable city and among the most liveable cities in the world.

Applicants should have a strong background and skills in preferably all of the following: mathematics, cryptography, and programming, especially in Sagemath/python and/or C/C++. They should have (or expected to complete in the next 12 months) a Masters or Honours equivalent qualification with a research thesis.

To apply, please contact ron.steinfeld@monash.edu and include your CV, copies of undergraduate and postgraduate academic result transcripts, and any relevant publications.

Closing date for applications:

Contact: To apply, please contact ron.steinfeld@monash.edu and send your CV, copies of undergraduate and postgraduate academic result transcripts, and any relevant publications.

We are looking for a bright and motivated PhD student for a 3-year PhD position starting 1 November 2022 (negotiable). The goal of the PhD project is to improve post-quantum secure alternatives for key exchange.

Project description
You will look at a number of open questions and loose ends in the security proof of the Fujisaki-Okamoto transformation, a variant of which is used in virtually all post-quantum-secure protocols for key encapsulation. You will use and develop mathematical tools like, for example, random matrix theory and probability theory to analyze post-quantum public-key encryption schemes and key encapsulation mechanisms.

Your position is part of the MSCA doctoral network QSI (Quantum-Safe Internet), a consortium of more than 10 European institution with the purpose of training a world-class cohort of doctoral researchers. Within this network you will receive guidance and training from researchers at other participating institutions, facilitated by research visits, schools, and workshops.

For more information, click the link (title of this job posting).

Closing date for applications:

Contact: Christian Majenz, chmaj@dtu.dk

More information: https://www.dtu.dk/english/about/job-and-career/vacant-positions/job?id=daeafa63-78fe-4aa5-ad68-5c3d56c3b6ec

Event date: 5 September to 8 September 2022
Submission deadline: 11 April 2022
Notification: 6 June 2022

Event date: 12 December to 13 December 2022
Submission deadline: 15 September 2022
Notification: 3 November 2022

Masked cryptographic implementations can be vulnerable to higher-order attacks. For instance, deep neural networks have proven effective for second-order profiling side-channel attacks even in a black-box setting (no prior knowledge of masks and implementation details). While such attacks have been successful, no explanations were provided for understanding why a variety of deep neural networks can (or cannot) learn high-order leakages and what the limitations are. In other words, we lack the explainability of how neural network layers combine (or not) unknown and random secret shares, which is a necessary step to defeat, e.g., Boolean masking countermeasures.

In this paper, we use information-theoretic metrics to explain the internal activities of deep neural network layers. We propose a novel methodology for the explainability of deep learning-based profiling side-channel analysis to understand the processing of secret masks. Inspired by the Information Bottleneck theory, our explainability methodology uses perceived information to explain and detect the different phenomena that occur in deep neural networks, such as fitting, compression, and generalization. We provide experimental results on masked AES datasets showing where, what, and why deep neural networks learn relevant features from input trace sets while compressing irrelevant ones, including noise. This paper opens new perspectives for the understanding of the role of different neural network layers in profiling side-channel attacks.

Quantum computers pose a threat to the security of communications over the internet. This imminent risk has led to the standardization of cryptographic schemes for protection in a post-quantum scenario. We present a design methodology for future implementations of such algorithms. This is manifested using the NIST selected digital signature scheme CRYSTALS-Dilithium and key encapsulation scheme CRYSTALS-Kyber. A unified architecture, $\texttt{KaLi}$, is proposed that can perform key generation, encapsulation, decapsulation, signature generation, and signature verification for all the security levels of CRYSTALS-Dilithium, and CRYSTALS-Kyber. A unified yet flexible polynomial arithmetic unit is designed that can processes Kyber operations twice as fast as Dilithium operations. Efficient memory management is proposed to achieve optimal latency.

$\texttt{KaLi}$, is explicitly tailored for ASIC platforms using multiple clock domains. On ASIC 28nm/65nm technology, it occupies 0.263/1.107 mm$^2$ and achieves a clock frequency of 2GHz/560MHz for the fast clock used for memory unit. On Xilinx Zynq Ultrascale+ZCU102 FPGA, the proposed architecture uses 23,277 LUTs, 9,758 DFFs, 4 DSPs, and 24 BRAMs, and achieves a 270 MHz clock frequency. $\texttt{KaLi}$, performs better than the standalone implementations of either of the two schemes. This is the first work that provides a unified design in hardware for both schemes.

The overhead of non-linear functions dominates the performance of the secure multiparty computation (MPC) based privacy-preserving machine learning (PPML). This work introduces a family of novel secure three-party computation (3PC) protocols, Bicoptor, which improve the efficiency of evaluating non-linear functions. The basis of Bicopter is a new sign determination protocol, which relies on a clever use of the truncation protocol proposed in SecureML (S\&P 2017). Our 3PC sign determination protocol only requires two communication rounds, and does not involve any preprocessing. Such sign determination protocol is well-suited for computing non-linear functions in PPML, e.g. the activation function ReLU, Maxpool, and their variants. We develop suitable protocols for these non-linear functions, which form a family of GPU-friendly protocols, Bicopter. All Bicoptor protocols only require two communication rounds without preprocessing. We evaluate Bicoptor under a 3-party LAN network over a public cloud, and achieve 90,000 DReLU/ReLU or 3,200 Maxpool (find the maximum value of nine inputs) operations per second. Under the same settings and environment, our ReLU protocol has a one or even two order(s) of magnitude improvement to the state-of-the-art works, Edabits (CRYPTO 2020) or Falcon (PETS 2021), respectively without batch processing.

The highly transmissible COVID-19 disease is a serious threat to people’s health and life. To automate tracing those who have been in close physical contact with newly infected people and/or to analyse tracing-related data, researchers have proposed various ad-hoc programs that require being executed on users’ smartphones. Nevertheless, the existing solutions have two primary limitations: (1) lack of generality: for each type of analytic task, a certain kind of data needs to be sent to an analyst; (2) lack of transparency: parties who provide data to an analyst are not necessarily infected individuals; therefore, infected individuals’ data can be shared with others (e.g., the analyst) without their fine-grained and direct consent. In this work, we present Glass-Vault, a protocol that addresses both limitations simultaneously. It allows an analyst to run authorised programs over the collected data of infectious users, without learning the input data. Glass-Vault relies on a new variant of generic Functional Encryption that we propose in this work. This new variant, called DD-Steel, offers these two additional properties: dynamic and decentralised. We illustrate the security of both Glass-Vault and DD-Steel in the Universal Composability setting. Glass-Vault is the first UC-secure protocol that allows analysing the data of Exposure Notification users in a privacy-preserving manner. As a sample application, we indicate how it can be used to generate “infection heatmaps”.

Leveraging hardware enclaves technology, Signal was the first to offer a privacy-preserving contact discovery service, where users can discover whether their friends have signed up for the service, without divulging their entire address books. The crux of their design is an algorithm to search for the user's contacts such that the access patterns are independent of the queries.

To achieve this, Signal implemented a naive batched linear scan algorithm that scans through the entire database for each batch of queries. Signal published a high-profile blog post arguing that for billion-sized databases, batched linear scan outperforms the asymptotically superior oblivious algorithms. While subsequent works revisited the same question, we still do not have conclusive evidence why Signal should use oblivious algorithms instead.

Our work is motivated by the observation that the previous enclave implementations of oblivious algorithms are sub-optimal both asymptotically and concretely. We make the key observation that for enclave applications, the number of page swaps should be a primary performance metric. We therefore adopt techniques from the external-memory algorithms literature, and we are the first to implement such algorithms inside hardware enclaves. We also devise asymptotically better algorithms for ensuring a strong notion of obliviousness that resists cache-timing attacks. We complement our algorithmic improvements with various concrete optimizations that save constant factors in practice. The resulting system, called EnigMap, achieves 5.5x speedup over Signal's linear scan implementation, and 21x speedup over the prior best oblivious algorithm implementation, at a realistic database size of 256 million and a batch size of 1000. The speedup is asymptotical in nature and will be even greater as Signal's user base grows.

Private Information Retrieval (PIR) addresses the cryptographic problem of hiding sensitive database queries form database operators. In practice, PIR schemes suffer from either high computational costs or from restrictive requirements difficult to justify in practical settings. In this work, we introduce Assisted Private Information Retrieval (APIR), a new PIR problem for keyword-value databases which generalizes and relaxes the database consistency assumption in multi-server PIR. Leveraging the decentralized nature of Domain Name Service (DNS), APIR is able to address a privacy issue inherent to encrypted DNS proposals such as DNS-over-HTTPS (DoH) by preventing DNS operators from collecting sensitive data. We propose a construction of Synchronized APIR, an efficient hybrid APIR scheme between black-box single-server PIR and non-black-box multi-server PIR. We apply Synchronized APIR to a proof-of-concept protocol for private DNS query, and demonstrate that APIR is able to outperform the baseline single-server PIR protocol after the initial one-time cost.