IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
13 November 2023
Suparna Kundu, Angshuman Karmakar, Ingrid Verbauwhede
ePrint ReportPuja Mondal, Suparna Kundu, Sarani Bhattacharya, Angshuman Karmakar, Ingrid Verbauwhede
ePrint ReportElena Kirshanova, Ekaterina Malygina
ePrint ReportYongqin Wang, Pratik Sarkar, Nishat Koti, Arpita Patra, Murali Annavaram
ePrint ReportTo alleviate the tag computation overhead, we introduce CompactTag, a lightweight algorithm for generating MAC tags specifically tailored for linear layers in ML. Linear layer operations in ML, including convolutions, can be transformed into Toeplitz matrix multiplications. For the multiplication of two matrices with dimensions T1 × T2 and T2 × T3 respectively, SPD$\mathbb{Z}_{2^k}$ required O(T1 · T2 · T3) local multiplications for the tag computation. In contrast, CompactTag only requires O(T1 · T2 + T1 · T3 + T2 · T3) local multiplications, resulting in a substantial performance boost for various ML models.
We empirically compared our protocol to the SPD$\mathbb{Z}_{2^k}$ protocol for various ML circuits, including ResNet Training-Inference, Transformer Training-Inference, and VGG16 Training-Inference. SPD$\mathbb{Z}_{2^k}$ dedicated around 30% of its online runtime for tag computation. CompactTag speeds up this tag computation bottleneck by up to 23×, resulting in up to 1.47× total online phase runtime speedups for various ML workloads.
Daniele Micciancio, Adam Suhl
ePrint ReportIn this work, we give the first construction of simulation-secure lattice-based threshold PKE with polynomially large modulus. The construction itself is relatively standard, but we use an improved analysis, proving that when the ciphertext noise and flooding noise are both Gaussian, simulation is possible even with very small flooding noise. Our modulus is small not just asymptotically but also concretely: this technique gives parameters roughly comparable to those of highly optimized non-threshold schemes like FrodoKEM. As part of our proof, we show that LWE remains hard in the presence of some types of leakage; these results and techniques may also be useful in other contexts where noise flooding is used.
Shoichi Hirose, Kazuhiko Minematsu
ePrint ReportSteven D. Galbraith, Derek Perrin, José Felipe Voloch
ePrint ReportRené Rodríguez-Aldama
ePrint ReportDan Boneh, Aditi Partap, Lior Rotem
ePrint ReportIn this paper we explore how to do traitor tracing in the context of a threshold decryption scheme. Again, there are $n$ parties and each party has a secret key, but now~$t$ parties are needed to decrypt a ciphertext~$c$, for some $t>1$. If a subset ${\cal J}$ of at least $t$ parties use their secret keys to create a pirate decoder $D(\cdot)$, then it must be possible to trace $D$ to at least one member of ${\cal J}$. This problem has not yet been explored in the literature, however, it has recently become quite important due to the use of encrypted mempools, as we explain in the paper.
We develop the theory of traitor tracing for threshold decryption. While there are several non-threshold traitor tracing schemes that we can leverage, adapting these constructions to the threshold decryption settings requires new cryptographic techniques. We present a number of constructions for traitor tracing for threshold decryption, and note that much work remains to explore the large design space.
Fatima Elsheimy, Giorgos Tsimos, Charalampos Papamanthou
ePrint ReportJakob Feldtkeller, Tim Güneysu, Patrick Schaumont
ePrint ReportIn this work, we use quantitative information flow analysis to establish a vulnerability metric for hardware circuits under fault injection that measures the severity of an attack in terms of information leakage. Potential use cases range from comparing implementations with respect to their vulnerability to specific fault scenarios to optimizing countermeasures. We automate the computation of our metric by integrating it into a state-of-the-art evaluation tool for physical attacks and provide new insights into the security under an active fault attacker.
Fuxin Zhang, Zhenyu Huang
ePrint ReportSamuel Bouaziz--Ermann, Alex B. Grilo, Damien Vergnaud, Quoc-Huy Vu
ePrint ReportRyad Benadjila, Thibauld Feneuil, Matthieu Rivain
ePrint ReportYimeng Sun, Jiamin Cui, Meiqin Wang
ePrint ReportIn this paper, we improve the attacks on LowMC under low data complexity, i.e. 1 or 2 chosen plaintext/ciphertext pairs. For the difference enumeration attack with 2 chosen plaintexts, we propose new algebraic methods to better exploit the nonlinear relation inside the introduced variables based on the attack framework proposed by Liu et al. at ASIACRYPT 2022. With this technique, we significantly extend the number of attack rounds for LowMC with partial nonlinear layers and improve the success probability from around 0.5 to over 0.9. The security margin of some instances can be reduced to only 3/4 rounds. For the key-recovery attack using a single plaintext, we adopt a different linearization strategy to reduce the huge memory consumption caused by the polynomial methods for solving multivariate equation systems. The memory complexity reduces drastically for all 5-/6-round LowMC instances with full nonlinear layers at the sacrifice of a small factor of time complexity. For 5-round LowMC instances with a block size of 129, the memory complexity decreases from $2^{86.46}$ bits to $2^{48.18}$ bits while the time complexity even slightly reduces. Our results indicate that the security for different instances of LowMC under extremely low data complexity still needs further exploration.
Elli Androulaki, Marcus Brandenburger, Angelo De Caro, Kaoutar Elkhiyaoui, Liran Funaro, Alexandros Filios, Yacov Manevich, Senthilnathan Natarajan, Manish Sethi
ePrint ReportThis paper introduces a novel framework for Central Bank Digital Currency settlement that outputs a system of record---acting a a trusted source of truth serving interoperation, and dispute resolution/fraud detection needs---, and brings together resilience in the event of parts of the system being compromised, with throughput comparable to crash-fault tolerant systems. Our system further exhibits agnosticity of the exact cryptographic protocol adopted for meeting privacy, compliance and transparency objectives, while ensuring compatibility with the existing protocols in the literature. For the latter, performance is architecturally guaranteed to scale horizontally. We evaluated our system's performance using an enhanced version of Hyperledger Fabric, showing how a throughput of >100K TPS can be supported even with computation-heavy privacy-preserving protocols are in place.
Yao-Ching Hsieh, Huijia Lin, Ji Luo
ePrint ReportIn this work, we introduce new lattice-based techniques to overcome the depth-dependency limitations:
- Relying on a circular security assumption, we construct LFE, 1-key FE, 1-key ABE, and reusable garbling schemes capable of evaluating circuits of unbounded depth and size.
- Based on the *evasive circular* LWE assumption, a stronger variant of the recently proposed *evasive* LWE assumption [Wee, Eurocrypt '22; Tsabary, Crypto '22], we construct a full-fledged ABE scheme for circuits of unbounded depth and size.
Our LFE, 1-key FE, and reusable garbling schemes achieve optimal succinctness (up to polynomial factors in the security parameter). Their ciphertexts and input encodings have sizes linear in the input length, while function digest, secret keys, and garbled circuits have constant sizes independent of circuit parameters (for Boolean outputs). In fact, this gives the first constant-size garbled circuits without relying on indistinguishability obfuscation. Our ABE schemes offer short components, with master public key and ciphertext sizes linear in the attribute length and secret key being constant-size.
CISPA Helmholtz Center for Information Security
Job PostingTenure-Track Faculty in Artificial Intelligence and Machine Learning (f/m/d)
All applicants are expected to grow a research team that pursues an internationally visible research agenda. To aid you in achieving this, CISPA provides institutional base funding for three full-time researcher positions and a generous budget for expenditures. Upon successful tenure evaluation, you will hold a position that is equivalent to an endowed full professorship at a top research university. We invite applications of candidates with excellent track records in Artificial Intelligence and Machine Learning
CISPA values diversity and is committed to equality. We provide special dual-career support. We explicitly encourage female and diverse researchers to apply.
The CISPA Tenure-Track in a nutshell:
Applications are invited for tenure-track faculty positions in all areas related to Security, Privacy, and Cryptography.
All applications are due by December 7, 2023 with interviews starting in January 2024. Please submit the following documents:
Closing date for applications:
Contact: scientific-recruiting@cispa.de
More information: https://jobs.cispa.saarland/de_DE/jobs/detail/tenure-track-faculty-in-artificial-intelligence-and-machine-learning-f-m-d-240
CISPA Helmholtz Center for Information Security
Job PostingTenure-Track Faculty in all areas related to Security, Privacy, and Cryptography (f/m/d)
All applicants are expected to grow a research team that pursues an internationally visible research agenda. To aid you in achieving this, CISPA provides institutional base funding for three full-time researcher positions and a generous budget for expenditures. Upon successful tenure evaluation, you will hold a position that is equivalent to an endowed full professorship at a top research university. We invite applications of candidates with excellent track records in all areas related to Security, Privacy, and Cryptography.
CISPA values diversity and is committed to equality. We provide special dual-career support. We explicitly encourage female and diverse researchers to apply.
The CISPA Tenure-Track in a nutshell:
Applications are invited for tenure-track faculty positions in all areas related to Security, Privacy, and Cryptography.
All applications are due by December 7, 2023 with interviews starting in January 2024. Please submit the following documents:
Closing date for applications:
Contact: scientific-recruiting@cispa.de
More information: https://jobs.cispa.saarland/de_DE/jobs/detail/tenure-track-faculty-in-all-areas-related-to-security-privacy-and-cryptography-f-m-d-241
11 November 2023
Cosade'24: The 15th International Workshop on "Constructive Side-channel Analysis and Secure Design"
Gardanne, France, 9 April - 10 April 2024
Event CalendarSubmission deadline: 8 December 2023
Notification: 26 January 2024