IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
14 September 2022
Anthony Hart
ePrint ReportJiamin Cui, Kai Hu, Meiqin Wang, Puwen Wei
ePrint ReportIn this paper, we extend the division property, a state-of-the-art framework for finding the upper bound of the algebraic degree over binary fields, to the scope of $\mathbb{F}_{2^n}$. It is a generic method to detect the algebraic degree for AO ciphers, even applicable to Feistel ciphers which have no better bounds than the trivial exponential one. In this general division property, our idea is to evaluate whether the polynomial representation of a block cipher contains some specific monomials. With a deep investigation of the arithmetical feature, we introduce the propagation rules of monomials for field-based operations, which can be efficiently modeled using the bit-vector theory of SMT. Then the new searching tool for degree estimation can be constructed due to the relationship between the algebraic degree and the exponents of monomials.
We apply our new framework to some important AO ciphers, including Feistel MiMC, GMiMC, and MiMC. For Feistel MiMC, we show that the algebraic degree grows significantly slower than the native exponential bound. For the first time, we present a secret-key higher-order differential distinguisher for up to 124 rounds, much better than the 83-round distinguisher for Feistel MiMC permutation proposed at CRYPTO 2020. We also exhibit a full-round zero-sum distinguisher with a data complexity of $2^{251}$. Our method can be further extended for the general Feistel structure with more branches and exhibit higher-order differential distinguishers against the practical instance of GMiMC for up to 50 rounds. For MiMC in SP-networks, our results correspond to the exact algebraic degree proved by Bouvier et al. We also point out that the number of rounds in MiMC's specification is not sufficient to guarantee the security against the higher-order differential attack for MiMC-like schemes with different exponents. The investigation of different exponents provides some guidance on the cipher design.
Matilda Backendal, Felix Günther, Kenneth G. Paterson
ePrint ReportHu Yupu, Dong Siyue, Wang Baocang, Liu Jun
ePrint ReportIn this paper we discuss the validity and the efficiency of reusable garbling scheme. We present the following three notes on the scheme.
(1) Reusable garbling scheme does not provide new applications, and it is still a one-time garbling scheme.
(2) Even reusable garbling scheme is taken as a one-time garbling scheme, sometimes it is not usable. More detailedly, it can only be used for Basic Scene 2, and cannot be used for Basic Scene 1. For example, it cannot be used for MPC.
(3) Even reusable garbling scheme is taken as a one-time garbling scheme used for Basic Scene 2, there is no evidence to show that its efficiency is better than a former one-time garbling scheme.
Aditya Hegde, Nishat Koti, Varsha Bhat Kukkala, Shravani Patil, Arpita Patra, Protik Paul
ePrint ReportOur contributions are not only motivated by the practical viewpoint, but also consider the theoretical aspects of $\mathtt{FaF}$ security. We prove the necessity of semi-honest oblivious transfer for $\mathtt{FaF}$-secure protocols with optimal resiliency. On the practical side, we present QuadSquad, a ring-based 4PC protocol, which achieves fairness and GOD in the $\mathtt{FaF}$ model, with an optimal corruption of $1$ malicious and $1$ semi-honest party. QuadSquad is, to the best of our knowledge, the first practically efficient $\mathtt{FaF}$ secure protocol with optimal resiliency. Its performance is comparable to the state-of-the-art dishonest majority protocols while improving the security guarantee from abort to fairness and GOD. Further, QuadSquad elevates the security by tackling a stronger adversarial model over the state-of-the-art honest-majority protocols, while offering a comparable performance for the input-dependent computation. We corroborate these claims by benchmarking the performance of QuadSquad. We also consider the application of liquidity matching that deals with highly sensitive financial transaction data, where $\mathtt{FaF}$ security is apt. We design a range of $\mathtt{FaF}$ secure building blocks to securely realize liquidity matching as well as other popular applications such as privacy-preserving machine learning (PPML). Inclusion of these blocks makes QuadSquad a comprehensive framework.
Reo Eriguchi, Kaoru Kurosawa, Koji Nuida
ePrint ReportOana Ciobotaru, Fatemeh Shirazi, Alistair Stewart, Sergey Vasilyev
ePrint Report13 September 2022
University College Dublin
Job PostingClosing date for applications:
Contact: The position is supervised by Asst. Prof. Dr. Madhusanka Liyanage (https://scholar.google.fi/citations?user=p1n0ioUAAAAJ&hl=en) and Asst. Prof. Dr. Shen Wang (https://scholar.google.com/citations?user=rPAOzIwAAAAJ&h).
The University of Adelaide, Australia
Job PostingThis is a fixed term (18 months) position with a flexible start date up to January 2023.
Apply at: https://careers.adelaide.edu.au/cw/en/job/510702
Closing date for applications:
Contact: Yuval Yarom yval(at)cs.adelaide.edu.au
J.P. Morgan Chase & Co.
Job PostingThe Cryptography Architect will be responsible for guiding how advanced and innovative cryptography is leveraged at JPMorgan Chase. As an experienced member of the Emerging Technologies Security group within the Cybersecurity & Technology Controls organization, you will interact with like-minded cryptographers and a group of passionate security engineers to work on concrete applications of advanced cryptography schemes. You will also have the opportunity to collaborate with other cryptographers on research projects.
The position requires strong academic knowledge as well as some industry experience in vetting and applying advanced cryptography schemes to secure complex IT infrastructure, customer-facing services, and sensitive customer and enterprise data.
Knowledge, experience, and capability required for the role include:
- Expertise in both mainstream encryption schemes and key exchange protocols as well as quantum-safe cryptography
- Strong familiarity with NIST post-quantum cryptography standardization & migration efforts
- Hands-on experience with implementing, testing and deploying advanced cryptographic schemes
- Familiarity with NIST Cryptographic Standards and Guidelines
- Proficiency in multiple programming languages, e.g., Java, C#, JavaScript, C/C++
- Ability to convey complex concepts in a clear & concise manner to a wide range of audience
- Proven track record in publishing papers (academia, whitepaper, position paper etc.)
- Proven track record in working with diverse teams to achieve goals
- Driving enterprise-wide transformative security technology initiatives
- PhD (preferred) or MS in computer science
Closing date for applications:
Contact: Hubert Le Van Gong, Ph.D. | Managing Director | Cybersecurity & Technology Controls
More information: https://jpmc.fa.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1001/job/210337824/?utm_medium=jobshare
J.P. Morgan Chase & Co.
Job PostingThe Applied Cryptography Architect will be responsible for leveraging innovative cryptography at JPMorgan Chase. As a member of the Emerging Technologies Security group within the Cybersecurity & Technology Controls organization, you will work alongside cryptographers and a group of passionate security engineers to solve complex security problems and support the deployment of cryptography-based solutions.
The position requires extensive knowledge and industry experience in combining cryptography and security best-practices to secure complex IT infrastructure, customer-facing services, and sensitive customer and enterprise data.
Knowledge, experience, and capability required for the role include:
- Expertise in applying mainstream cryptographic primitives, including digital signatures, public-key ciphers, block ciphers Good understanding and hands-on experience of network security protocols (TLS etc.)
- Familiarity with NIST post-quantum cryptography standardization & migration efforts
- Security solution development utilizing cryptographic agility principles and elements
- Proficiency in multiple programming languages, e.g., Java, C#, JavaScript, C/C++
- Hands-on data protection solution development utilizing industry standard security protocol and best-practices
- Application knowledge of public key infrastructure (PKI) and digital certificates (e.g., X.509)
- Ability to convey complex concepts and ideas in a clear and concise manner to a wide range of audience
- Proven track record in working with diverse teams to achieve goals
- Driving enterprise-wide transformative security technology initiatives
- MS (preferred) or BS in computer science
Closing date for applications:
Contact: Hubert Le Van Gong, Ph.D. | Managing Director | Cybersecurity & Technology Controls
More information: https://jpmc.fa.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1001/job/210337262/?utm_medium=jobshare
University of Oxford, Department of Computer Science; Oxford, UK
Job PostingClosing date for applications:
Contact: James Worrell
12 September 2022
Aayush Jain, Huijia Lin, Ji Luo, Daniel Wichs
ePrint ReportAs our main result, we show how to construct ideal obfuscation in the PrO model, starting from functional encryption (FE), which in turn can be based on well-studied polynomial hardness assumptions. In contrast, we know that ideal obfuscation cannot be instantiated in the basic random oracle model under any assumptions. We believe our result gives a heuristic justification for the following: (1) most natural security goals implied by ideal obfuscation are achievable in the real world; (2) we can construct obfuscation from FE with polynomial security loss.
We also discuss how to interpret our result in the PrO model as a construction of ideal obfuscation using simple hardware tokens or as a way to bootstrap ideal obfuscation for PRFs to that for all functions.
Joël Felderhoff, Alice Pellet-Mary, Damien Stehlé
ePrint ReportFirst, we reduce worst-case mod-uSVP to worst-case NTRU. For this, we rely on an oracle for id-SVP, the problem of finding short non-zero vectors in ideal lattices. Using the worst-case id-SVP to worst-case NTRU reduction from Pellet-Mary and Stehlé [ASIACRYPT'21],this shows that worst-case NTRU is equivalent to worst-case mod-uSVP.
Second, we give a random self-reduction for mod-uSVP. We put forward a distribution D over mod-uSVP instances such that solving mod-uSVP with a non-negligible probability for samples from D allows to solve mod-uSVP in the worst-case. With the first result, this gives a reduction from worst-case mod-uSVP to an average-case version of NTRU where the NTRU instance distribution is inherited from D. This worst-case to average-case reduction requires an oracle for id-SVP.
Gustavo Banegas, Juliane Krämer, Tanja Lange, Michael Meyer, Lorenz Panny, Krijn Reijnders, Jana Sotáková, Monika Trimoska
ePrint ReportArnab Roy, Aakash Chowdhury, Elisabeth Oswald
ePrint ReportSi Chen, Junfeng Fan
ePrint ReportXiaofeng Xie
ePrint ReportAlexander Wagner, Felix Oberhansl, Marc Schink
ePrint ReportDavid Naccache, Ofer Yifrach-Stav
ePrint ReportLet $n$ be a $k$-bit Mersenne number whose factors are unknown. Consider an $\ell$-bit secret number $x=2^{k/2}a+b$. We observe that there are parameter configurations where a chunk of the value $b^2$ is leaked even if $k<2\ell$.
This observation does not endanger any known scheme and in particular not Squash.