IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
05 September 2022
Vinod Vaikuntanathan, Hoeteck Wee, Daniel Wichs
ePrint ReportShengtong Zhang, Arvid Lunnemark, Sualeh Asif
ePrint Report1) We describe a vulnerability in existing MPM implementations through a variation of the compromised-friend (CF) attack proposed by Angel et al. Our attack can compromise the exact metadata of any conversations between honest users.
2) We present a security definition for MPM systems assuming that some friends may be compromised.
3) We present a protocol satisfying our security definition based on Anysphere, an MPM system we deployed in practice.
Danai Balla, Pourandokht Behrouz, Panagiotis Grontas, Aris Pagourtzis, Marianna Spyrakou, Giannis Vrettos
ePrint ReportJonas Janneck, Anselme Tueno, Jörn Kußmaul, Matthew Akram
ePrint ReportAny Muanalifah, Ayus Riana Isnawati
ePrint ReportHart Montgomery, Mark Zhandry
ePrint ReportOur main result is that CDH for abelian group actions is quantumly *equivalent* to discrete log. Galbraith et al. (Mathematical Cryptology) previously showed *perfectly* solving CDH to be equivalent to discrete log quantumly; our result works for any non-negligible advantage. We also explore several other questions about group action and isogeny protocols.
04 September 2022
Jeju Island, South Korea, 15 December - 17 December 2022
Event CalendarNotification: 31 October 2022
National Sun Yat-sen University, Department of Computer Science and Engineering; Kaohsiung, Taiwan
Job PostingResponsibilities: Apart from academic work, student must involve in several activities in a group or individually, such as (not limited to):
Requirements: Apart from the university's basic admission policies (https://cse.nsysu.edu.tw/?Lang=en), students are desired to have following key requirements:
Scholarship:
What students can expect:
What the supervisor can expect: Apart from academic and research works, students are expected to have
Deadline: Until September 2022 (for spring semester) and March 2023 (for fall semester)
Closing date for applications:
Contact: Arijit Karati (arijit.karati@mail.cse.nsysu.edu.tw)
Amazon (any US Location)
Job PostingClosing date for applications:
Contact: Apply through link above
More information: https://www.amazon.jobs/en/jobs/2033486/sr-applied-cryptographer-ds-crypto
Nanyang Technological University, Singapore
Job Posting- tool aided cryptanalysis, such as MILP, CP, STP, and SAT
- machine learning aided cryptanalysis and designs
- privacy-preserving friendly symmetric-key designs
- quantum cryptanalysis
- theory and proof
- threshold cryptography
- cryptanalysis against SHA-2, SHA-3 and AES
Closing date for applications:
Contact: Jian Guo, guojian@ntu.edu.sg, with subject [IACR-CATF]
More information: https://team.crypto.sg
CISPA Helmholtz Center for Information Security, Saarbrücken, Germany
Job PostingThe group of Prof. Dr. Cas Cremers at CISPA has multiple open positions. CISPA is one of the leading research institutions in Information Security worldwide, and is situated in Saarbrücken, Germany.
Positions are fully funded and we offer at least two year contracts with optional extension.
We have several ongoing projects in the areas of:
- Provable security : methodologies and automation (e.g., (manual) computational proofs, our work on the Tamarin Prover, or other tools),
- Protocol design, and
- Secure messaging.
We highly welcome new directions, and appreciate applicants with a passion for projects that are different from, but possibly connected to, our ongoing research.
Positions are fully funded and full-time.
Application deadline: September 22, 2022.
For more information, please click the link (title) of this job posting.
Closing date for applications:
Contact: Cas Cremers
More information: https://cispa.saarland/group/cremers/positions/index.html
CISPA Helmholtz Center for Information Security, Saarbrücken, Germany
Job PostingThe group of Prof. Dr. Cas Cremers at CISPA has open positions. CISPA is one of the leading research institutions in Information Security worldwide, and is situated in Saarbrücken, Germany.
We have several open projects in the areas of:- Provable security : methodologies and automation (e.g., (manual) computational proofs, our work on the Tamarin Prover, or other tools),
- Protocol design, and
- Secure messaging.
Positions are fully funded and full-time.
Application deadline: September 22, 2022.
For more information, please click the link (title) of this job posting.
Closing date for applications:
Contact: Cas Cremers
More information: https://cispa.saarland/group/cremers/positions/index.html
31 August 2022
Han-Bing Yu, Qun-Xiong Zheng, Yi-Jian Liu, Jing-Guo Bi, Yu-Fei Duan, Jing-Wen Xue, You Wu, Yue Cao, Rong Cheng, Lin Wang, Bai-Shun Sun
ePrint ReportHaoyu Zheng, Shengke Zeng, Hongwei Li, Zhijun Li
ePrint ReportNicolas Huber, Ralf Kuesters, Toomas Krips, Julian Liedtke, Johannes Mueller, Daniel Rausch, Pascal Reisert, Andreas Vogt
ePrint ReportSeveral e-voting systems have been proposed to address these issues by hiding (parts of) the tally. This property is called tally-hiding. Existing tally-hiding e-voting systems in the literature aim at hiding (part of) the tally from everyone, including voting authorities, while at the same time offering verifiability, an important and standard feature of modern e-voting systems which allows voters and external observers to check that the published election result indeed corresponds to how voters actually voted. In contrast, real elections often follow a different common practice for hiding the tally: the voting authorities internally compute (and learn) the full tally but publish only the final result (e.g., the winner). This practice, which we coin publicly tally-hiding, indeed solves the aforementioned issues for the public, but currently has to sacrifice verifiability due to a lack of practical systems.
In this paper, we close this gap. We formalize the common notion of publicly tally-hiding and propose the first provably secure verifiable e-voting system, called Kryvos, which directly targets publicly tally-hiding elections. We instantiate our system for a wide range of both simple and complex voting methods and various result functions. We provide an extensive evaluation which shows that Kryvos is practical and able to handle a large number of candidates, complex voting methods and result functions. Altogether, Kryvos shows that the concept of publicly tally-hiding offers a new trade-off between privacy and efficiency that is different from all previous tally-hiding systems and which allows for a radically new protocol design resulting in a practical e-voting system.
Jakob Feldtkeller, Jan Richter-Brockmann, Pascal Sasdrich, Tim Güneysu
ePrint ReportCas Cremers, Charlie Jacomme, Philip Lukert
ePrint ReportHowever, modern security protocols often contain elements for which such tools were not originally designed, such as protocols that construct, by design, terms of unbounded size, such as counters, trees, and blockchains. Protocol analysis tools such as Tamarin and ProVerif have some very restricted support, but typically lack the ability to effectively reason about dynamically growing unbounded-depth terms.
In this work, we introduce subterm-based proof techniques that are tailored for automated protocol analysis in the Tamarin prover. In several case studies, we show that these techniques improve automation (allow for analyzing more protocols, or remove the need for manually specified invariants), efficiency (reduce proof size for existing analyses), and expressive power (enable new kinds of properties). In particular, we provide the first automated proofs for TreeKEM, S/Key, and Tesla Scheme~2; and we show substantial benefits, most notably in WPA2 and 5G-AKA, two of the largest automated protocol proofs.