IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
12 July 2023
NXP Semiconductors Gratkorn/Austria, Hamburg/Germany, Delft & Eindoven Netherlands
Job Posting• Software security assessment of SoC/IC security architectures and security scope specifications
• Plan, track and execute process, specification as well as software implementation reviews
• Assessment of software security robustness and effectiveness of security mechanisms
• Work with engineering teams and security engineers to innovate solutions to security-related problems
• Manage the NXP’s software secure development lifecycle (SSDLC) applied on product developments to minimize security risks
• Work on continuous improvements to keep up with state-of-the-art security technologies
• Refine software security best practices to assure and efficient and effective application
• Provide consultation on specific areas of security expertise and on the application of the SSDLC
To ensure your successful performance in this role, the following is desired
• Finished a BSEE or MSEE preferred in Security Engineering or Software Engineering
• Have good understanding of embedded software design, programming, documentation, and testing
• Have experience in the design and development of secure software, focus on embedded systems or complete solutions
• Have experience in the security concept/design, thread analysis, risk/threat modelling and mitigation strategies
• Have professional knowledge of software languages (C, Java, Java Card, Python, Rust)
• Knowledge of security compliance and certification processes would be an advantage
• Be familiar with "state of the art" software tools, CI/CD, secure software engineering processes, IoT solutions and service (depending on area of expertise)
• Have excellent communication skills, are willing to listen and adapt
• Are a collaborator with strong soft skills, ideally experienced in multicultural and global working environment
Closing date for applications:
Contact:
Veronika von Hepperger
Senior Talent Acquisition Specialist
(veronika.vonhepperger@nxp.com)
Nillion
Job PostingClosing date for applications:
Contact: Roisin Kavanagh, Head of People and Talent.
More information: https://apply.workable.com/nillion/j/CD9D0CFCD3/
11 July 2023
Liliya Akhmetzyanova, Alexandra Babueva, Andrey Bozhko
ePrint ReportIn this paper we study whether Streebog, a Russian standardized hash function, can instantiate a random oracle from that point of view. We prove that Streebog is indifferentiable from a random oracle under an ideal cipher assumption for the underlying block cipher.
Mohamed ElGhamrawy, Melissa Azouaoui, Olivier Bronchain, Joost Renes, Tobias Schneider, Markus Schönauer, Okan Seker, Christine van Vredendaal
ePrint ReportShah Fahd, Mehreen Afzal, Waseem Iqbal, Dawood Shah, Ijaz Khalid
ePrint ReportMuhammad Haris Mughees, Ling Ren
ePrint ReportAlexander R. Block, Albert Garreta, Jonathan Katz, Justin Thaler, Pratyush Ranjan Tiwari, Michal Zajac
ePrint ReportWe obtain our first result by analyzing the round-by-round (RBR) soundness and RBR knowledge soundness of FRI. For the second result, we prove that if a $\delta$-correlated protocol is RBR (knowledge) sound under the assumption that adversaries always send low-degree polynomials, then it is RBR (knowledge) sound in general. Equipped with this tool, we prove our third result by formally showing that "Plonk-like" protocols are RBR (knowledge) sound under the assumption that adversaries always send low-degree polynomials. We then outline analogous arguments for the remainder of the aforementioned protocols.
To the best of our knowledge, ours is the first formal analysis of the Fiat-Shamir security of FRI and widely deployed protocols that invoke it.
Christian Badertscher, Mahdi Sedaghat, Hendrik Waldner
ePrint ReportIn this work, we present such a solution. We show how to enforce complex policies while offering strong privacy and anonymity guarantees by enhancing the notion of policy-compliant signatures (PCS) introduced by Badertscher, Matt and Waldner (TCC'21). In more detail, we first define the notion of unlinkable PCS (ul-PCS) and show how this cryptographic primitive can be generically integrated with a wide range of systems including UTxO-based ledgers, privacy-preserving protocols like Monero or Zcash, and central-bank digital currencies. We give a generic construction for ul-PCS for any policy, and optimized constructions tailored for special policy classes, such as role-based policies and separable policies.
To bridge the gap between theory and practice, we provide prototype implementations for all our schemes. We give the first benchmarks for policy-compliant signatures in general, and demonstrate their feasibility for reasonably sized attribute sets for the special cases.
Nadim Kobeissi
ePrint ReportDuckyZip is the first provably honest URL shortening service which cannot selectively provide different "long URLs" to different parties undetected. DuckyZip uses a combination of Verifiable Random Function (VRF) constructions and a smart contract in order to provide a URL shortening service with strong security guarantees: despite the transparency of the smart contract log, observers cannot feasibly create a mapping of all short URLs to long URLs that is faster than classical enumeration.
Ben Nassi, Ofek Vayner, Etay Iluz, Dudi Nassi, Or Hai Cohen, Jan Jancar, Daniel Genkin, Eran Tromer, Boris Zadov, Yuval Elovici
ePrint ReportMarkulf Kohlweiss, Mahak Pancholi, Akira Takahashi
ePrint ReportThe factoring of SIM-EXT into KS + WUR + TLZK is becoming a cornerstone of the analysis of non-malleable SNARK systems. We show how to prove WUR and TLZK for PIOP compiled SNARKs under mild falsifiable assumptions on the polynomial commitment scheme. This means that the analysis of knowledge soundness from PIOP properties that inherently relies on non-falsifiable or idealized assumption such as the algebraic group model (AGM) or generic group model (GGM) need not be repeated.
While the proof of WUR requires only mild assumptions on the PIOP, TLZK is a different matter. As perfectly hiding polynomial commitments sometimes come at a substantial performance premium, SNARK designers prefer to employ deterministic commitments with some leakage. This results in the need for a stronger zero-knowledge property for the PIOP.
The modularity of our approach implies that any analysis improvements, e.g. in terms of tightness, credibility of the knowledge assumption and model of the KS analysis, or the precision of capturing real-world optimizations for TLZK also benefits the SIM-EXT guarantees.
Jieyi Long
ePrint ReportZhengjun Cao, Lihua Liu
ePrint ReportErnesto Dominguez Fiallo, Pablo Freyre Arrozarena, Luis Ramiro Piñeiro
ePrint ReportSofía Celi, Alex Davidson, Hamed Haddadi, Gonçalo Pestana, Joe Rowell
ePrint ReportGal Arnon, Alessandro Chiesa, Eylon Yogev
ePrint ReportOur main technical contribution is a high-soundness small-query proximity test for the Reed-Solomon code. We construct an IOP of proximity for Reed-Solomon codes, over a field $\mathbb{F}$ with evaluation domain $L$ and degree $d$, with perfect completeness, soundness error (roughly) $\max\{1-\delta , O(\rho^{1/4})\}$ for $\delta$-far functions, round complexity $O(\log \log d)$, proof length $O(|L|/\rho)$ over $\mathbb{F}$, and query complexity $O(\log \log d)$; here $\rho = (d+1)/|L|$ is the code rate. En route, we obtain a new high-soundness proximity test for bivariate Reed-Muller codes.
The IOP for NP is then obtained via a high-soundness reduction from NP to Reed-Solomon proximity testing with rate $\rho = 1/poly(n)$ and distance $\delta = 1-1/poly(n)$ (and applying our proximity test). Our constructions are direct and efficient, and hold the potential for practical realizations that would improve the state-of-the-art in real-world applications of IOPs.
Alireza Kavousi, Duc V. Le, Philipp Jovanovic, George Danezis
ePrint ReportPengfei Wang, Xiangyu Su, Mario Larangeira, Keisuke Tanaka
ePrint ReportXiangyu Su, Mario Larangeira, Keisuke Tanaka
ePrint ReportBrent Waters, Daniel Wichs
ePrint ReportAs an independently interesting feature of our result, our construction does not need to know the actual specification of the underlying 1-key circular secure scheme, and we only rely on the existence of some such scheme in the proof of security. In particular, we present a universal construction of a multi-key KDM-secure encryption that is secure as long as some 1-key circular-secure scheme exists. While this feature is similar in spirit to Levin's universal construction of one-way functions, the way we achieve it is quite different technically, and does not come with the same ``galactic inefficiency''.