IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
30 May 2023
Pascal Bemmann, Sebastian Berndt, Denis Diemert, Thomas Eisenbarth, Tibor Jager
Miranda Christ, Sam Gunn, Or Zamir
To this end we introduce a cryptographically-inspired notion of undetectable watermarks for language models. That is, watermarks can be detected only with the knowledge of a secret key; without the secret key, it is computationally intractable to distinguish watermarked outputs from those of the original model. In particular, it is impossible for a user to observe any degradation in the quality of the text. Crucially, watermarks should remain undetectable even when the user is allowed to adaptively query the model with arbitrarily chosen prompts. We construct undetectable watermarks based on the existence of one-way functions, a standard assumption in cryptography.
Sivanarayana Gaddam, Ranjit Kumaresan, Srinivasan Raghuraman, Rohit Sinha
In this paper, we address the above by showing the first protocols for fair secure computation in the multi-blockchain setting. More concretely, in a $n$-party setting where at most $t < n$ parties are corrupt, our protocol for fair secure computation works as long as (1) $t$ parties have access to a TEE (e.g., Intel SGX), and (2) each of the above $t$ parties are on some blockchain with each of the other parties. Furthermore, only these $t$ parties need write access on the blockchains.
In an optimistic setting where parties behave honestly, our protocol runs completely off-chain.
Sebastian Angel, Aditya Basu, Weidong Cui, Trent Jaeger, Stella Lau, Srinath Setty, Sudheesh Singanamalla
Anton Wahrstätter, Liyi Zhou, Kaihua Qin, Davor Svetinovic, Arthur Gervais
This paper presents an in-depth longitudinal study of the Ethereum block construction market, spanning from the introduction of PoS and PBS in September 2022 to May 2023. We analyze the market shares of builders and relays, their temporal changes, and the financial dynamics within the PBS system, including payments among builders and block proposers---commonly referred to as bribes. We introduce an MEV-time law quantifying the expected MEV revenue wrt. the time elapsed since the last proposed block. We provide empirical evidence that moments of crisis (e.g. the FTX collapse, USDC stablecoin de-peg) coincide with significant spikes in MEV payments compared to the baseline.
Despite the intention of the PBS architecture to enhance decentralization by separating actor roles, it remains unclear whether its design is optimal. Implicit trust assumptions and conflicts of interest may benefit particular parties and foster the need for vertical integration. MEV-Boost was explicitly designed to foster decentralization, causing the side effect of enabling risk-free sandwich extraction from unsuspecting users, potentially raising concerns for regulators.
Jeongeun Park, Sergi Rovira
Laura Hetz, Thomas Schneider, Christian Weinert
In our work, we make significant steps towards truly practical large-scale mobile private contact discovery. For this, we combine and substantially optimize the unbalanced PSI protocol of Kales et al. (USENIX Security '19) and the private information retrieval (PIR) protocol of Kogan and Corrigan-Gibbs (USENIX Security '21). Our resulting protocol has a total communication overhead that is sublinear in the size of the server's user database and also has sublinear online runtimes. We optimize our protocol by introducing database partitioning and efficient scheduling of user queries. To handle realistic change rates of databases and contact lists, we propose and evaluate different possibilities for efficient updates. We implement our protocol on smartphones and measure online runtimes of less than 2s to query up to 1024 contacts from a database with more than two billion entries. Furthermore, we achieve a reduction in setup communication up to factor 32x compared to state-of-the-art mobile private contact discovery protocols.
Zhengjun Cao, Lihua Liu
26 May 2023
Santa Barbara, USA, 20 August 2023
Submission deadline: 15 June 2023
University of St.Gallen, Switzerland
The student is expected to work on topics that include security and privacy issues in authentication. More precisely, the student will be working on investigating efficient and privacy-preserving authentication that provides: i) provable security guarantees, and ii) rigorous privacy guarantees.
Key Responsibilities:
- Perform exciting and challenging research in the domain of information security and cryptography.
- Support and assist in teaching computer security and cryptography courses.
- The PhD student is expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics.
- Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial.
- Excellent programming skills.
- Excellent written and verbal communication skills in English
The starting date for the position is flexible and come with a very competitive salary. The selection process runs until the suitable candidate has been found.
Closing date for applications:
Contact:
Eriane Breu, eriane.breu@unisg.ch (Administrative matters)
Prof. Katerina Mitrokotsa, katerina.mitrokotsa@unisg.ch (Research related questions)
University of St.Gallen, Switzerland
Our research interests are centered around information security and applied cryptography, with the larger goal of safeguarding communications and providing strong privacy guarantees. We are active in several areas, a subset of which include:
- Verifiable computation
- Secure, private and distributed aggregation
- Secure multi-party computation
- Privacy-preserving biometric authentication
- Anonymous credentials
- Distributed and privacy-preserving authentication
The starting date for the position is flexible and come with a very competitive salary. The selection process runs until the suitable candidate has been found. The University of St.Gallen conducts excellent research with international implications. The city of St.Gallen is located one hour from Zurich and offers a high quality of life.
Closing date for applications:
Contact:
Eriane Breu, eriane.breu@unisg.ch (Administrative matters)
Prof. Katerina Mitrokotsa, katerina.mitrokotsa@unisg.ch (Research related questions)
University of Klagenfurt; Klagenfurt, Austria
The University of Klagenfurt in southern Austria is looking for a Professor of Cybersecurity:
https://jobs.aau.at/en/job/professor-of-cybersecurity/
Application deadline is 18 June 2023.
Closing date for applications:
Contact: Wolfgang Faber
More information: https://jobs.aau.at/en/job/professor-of-cybersecurity/
Fraunhofer Institute for Applied Information Technology FIT, Aachen/Sankt Augustin, Germany
The Fraunhofer-Gesellschaft (www.fraunhofer.com) currently operates 76 institutes and research institutions throughout Germany and is the world’s leading applied research organization. We at Fraunhofer FIT are an excellent partner for the human-centric design of our digital future. Some 350 scientists are working within interdisciplinary teams on innovative solutions for current challenges in the domains of Digital Energy, Health and Sustainability as well as Human-centered Engineering & Design, Data Science & AI, Business & Information Systems Engineering, Microsimulation, and Cooperation Systems like Blockchain.
Are you interested in research & practical projects around the topic Data Privacy and Data Spaces? Then take the chance and become part of our department Data Science and Artificial Intelligence in Aachen/Sankt Augustin in Germany!
Our research group, Data Protection and Sovereignty, is dedicated to developing cutting-edge solutions that ensure the security and privacy of sensitive data in real-world data-driven use-cases across various application domains. These include, but are not limited to, cybersecurity, data spaces, energy, supply chain, finance, and health. Data sovereignty, the ability of individuals or entities to have complete control over their data, requires advanced technologies beyond anonymization, such as homomorphic encryption (HE), secure multi-party computation (MPC), and differential privacy. As a part of this team, you will conduct research and develop secure solutions for real-world use-cases (e.g., data spaces, machine learning applications, secure data exchange, distributed systems) to enable data privacy and data sovereignty with partners from industry and research, in national and international projects.
Apply here: https://jobs.fraunhofer.de/job/Sankt-Augustin-Junior-Research-Group-LeaderPostdoc-%28mfd%29-in-the-area-of-Data-Privacy-and-Data-Sovereignty-53757/936608601/
Closing date for applications:
Contact: Dr. Avikarsha Mandal
More information: https://jobs.fraunhofer.de/job/Sankt-Augustin-Junior-Research-Group-LeaderPostdoc-%28mfd%29-in-the-area-of-Data-Privacy-and-Data-Sovereignty-53757/936608601/
Technical University of Denmark, Section for Cybersecurity Engineering
The goal of the PhD project is to improve the state of threshold post-quantum cryptography. You will join the growing cryptography team at DTU and be able to work with researchers in- and outside of the Copenhagen region and Denmark.
Closing date for applications:
Contact: Carsten Baum
More information: https://efzu.fa.em2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1/job/1763/?utm_medium=jobshare
OpenZeppelin
The security services team at OpenZeppelin is responsible for the planning, execution, and delivery of Security Audits for the world’s leading web3 organizations and protocols.
What you'll be doing:
1. Review smart contracts for the top decentralized applications before they get launched and present findings and vulnerabilities that the protocol can have to the client.
2. Team up with one or two auditors and review code line by line and try to hack it.
3. Working on proposals to make code easier to understand and use in the future by sharing good practices
4. Conduct open-ended research around cutting edge blockchain technologies
5. Paid time to conduct research and contribute to OpenZeppelin’s projects and knowledge
Benefits
1. Unlimited holidays
2. Fully remote: your way of working
3. Paid parental leave & benefits for primary or second caregiver
4. Team events: onboarding tour & company retreats in different locations around the world
5. Work from home office equipment stipend of up to $500 USD
6. Monthly allowance for wellness activities
7. Coworking: access to a coworking space of your choice
8. Learning: technical training; spoken language lessons in any language of your choice (using Italki)
Closing date for applications:
Contact: David Bessin
More information: https://www.openzeppelin.com/jobs/opening?gh_jid=4254142003
OpenZeppelin
Closing date for applications:
Contact: David Bessin
More information: https://www.openzeppelin.com/jobs/opening?gh_jid=5612131003
CISPA Helmholtz Center for Information Security; Saarbrücken, Germany
Wouter Lueks (https://wouterlueks.nl) has fully-funded PhD and post-doc positions available in the area of privacy-enhancing technologies at CISPA Helmholtz Center for Information Security. His research group is interested in designing of end-to-end privacy-friendly systems that solve real-world problems. His research covers three broad areas to achieve this goal: (1) applied cryptography; (2) systems building for anonymity; and (3) the evaluation of privacy-friendly systems.
Applicants for a PhD position should hold a bachelor or master’s degree in Computer Science, Mathematics, or related field, and have an interest in privacy, security and/or cryptography. Post-doc applications should hold a PhD in a related field, and have an proven publication record with publications in top venues (e.g., USENIX, S&P, NDSS, or CCS) or specific privacy venues (e.g., PETS).
For more information, including instructions for how to apply, see: https://wouterlueks.nl/positions/. If you have any questions, please don’t hesitate to reach out by email. Applications will be considered on a rolling basis.
Closing date for applications:
Contact: Wouter Lueks (lueks .at. cispa .dot. de)
More information: https://wouterlueks.nl/positions/
University of Wollongong, Australia
Closing date for applications:
Contact: Prof. Willy Susilo