IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
12 April 2024
Aron van Baarsen, Marc Stevens
ePrint ReportIn this paper we consider several settings in which parties take part in multiple Circuit-PSI executions with the same input set, and aim to amortize communications and computations. To that end, we build up a new framework for Circuit-PSI around generalizations of oblivious (programmable) PRFs that are extended with offline setup phases. We present several efficient instantiations of this framework with new security proofs for this setting. As a side result, we obtain a slight improvement in communication and computation complexity over the state-of-the art Circuit-PSI protocol by Bienstock et al. (USENIX '23). Additionally, we present a novel Circuit-PSI protocol from a PRF with secret-shared outputs, which has linear communication and computation complexity in the parties' input set sizes, and incidentally, it realizes ``almost malicious'' security, making it the first major step in this direction since the protocol by Huang et al. (NDSS '12). Lastly, we derive the potential amortizations over multiple protocol executions, and observe that each of the presented instantiations is favorable in at least one of the multiple-execution settings.
Foo Yee Yeo, Jason H. M. Ying
ePrint ReportDa Lin, Chunli Yang, Shengyuan Xu, Shizhu Tian, Bing Sun
ePrint ReportAlexander May, Massimo Ostuzzi
ePrint ReportMoreover, we show that solving multiple group action dlog instances $y_1, \ldots , y_m$ allows for speedups. Namely, our collision finding algorithm solves $m$ group action dlogs in $\sqrt{m}N^{\frac 1 2}$ steps, instead of the straight-forward $mN^{\frac 1 2}$ steps required for running $m$ times GHS. Interestingly, our multi instance algorithm (with precomputation) can be seen as a special case of our precomputation algorithm. Our multiple instance approach can be freely combined with our precomputations, allowing for a variety of tradeoffs.
Technically, our precomputation and multiple instance group action dlog attacks are adaptations of the techniques from the standard dlog setting in abelian groups. While such an adaptation seems natural, it is per se unclear which techniques transfer from the dlog to the more restricted group dlog setting, for which $X$ does not offer a group structure.
Our algorithms have direct implications for all group action based cryptosystems, such as CSIDH and its variants. We provide experimental evidence that our techniques work well in the CSIDH setting.
Xavier Bonnetain, Virginie Lallemand
ePrint ReportHarjasleen Malvai, Gregory Neven, Andrew Miller, Siam Hussain
ePrint ReportFarzin Renan, Péter Kutas
ePrint ReportRobin Berger, Felix Dörre, Alexander Koch
ePrint ReportAxel Mertens, Georgio Nicolas, Sergi Rovira
ePrint ReportWe propose a practical FHE-friendly image compression and processing pipeline where an image can be compressed and encrypted on the client-side, sent to a server which decompresses it homomorphically and then performs image processing in the encrypted domain before returning the encrypted result to the client.
Inspired by JPEG, our pipeline also relies on discrete cosine transforms and quantization to simplify the representation of an image in the frequency domain, making it possible to effectively use a compression algorithm. This pipeline is designed to be compatible with existing image-processing techniques in FHE, such as pixel-wise processing and convolutional filters. Using this technique, a high-definition ($1024\times1024$) image can be homomorphically decompressed, processed with a convolutional filter and re-compressed in under $24.7$s, while using ~8GB memory.
11 April 2024
Luxembourg Institute of Science and Technology
Job PostingClosing date for applications:
Contact: Schwartz Cathy
More information: https://www.list.lu/en/jobs/
University of Bergen, Norway
Job PostingClosing date for applications:
Contact: Prof. Budaghyan: lilya.budaghyan@uib.no
More information: https://www.jobbnorge.no/en/available-jobs/job/260444/lead-ai-postdoctoral-research-fellow-position-within-cryptography-and-security-of-ai
NXP Semiconductors GmbH Austria
Job PostingReady to join the future of innovation in our team at NXP? We are expanding our Trust Provisioning Team at NXP Gratkorn!
Trust Provisioning is the secure creation, insertion, and distribution of confidential data and key material for chip personalization, including product configuration and development of software for underlying production flows.
Key Responsibilities:
Closing date for applications:
Contact: Kerstin Krauss
More information: https://nxp.wd3.myworkdayjobs.com/careers/job/Gratkorn/Secure-Web-Service-Java-Software-Engineer-for-Trust-Provisioning--m-f-d-_R-10051290
IBM Research Zürich
Job PostingClosing date for applications:
Contact: Andrea Basso and Luca De Feo for questions. Apply online via the form at the given link. Only applications received before May 1st are guaranteed to be taken in consideration.
More information: https://www.zurich.ibm.com/careers/2024_008.html
Universitat Autònoma de Barcelona
Job PostingWe are pleased to announce an opportunity for a highly motivated individual to join our team at Universitat Autònoma de Barcelona as a Postdoctoral Researcher in Blockchain Technology. This position offers a unique chance to contribute to cutting-edge research and innovation in the field of distributed ledger technologies.
Responsibilities:
- Conducting original research in blockchain technology, with a focus on cryptographic protocols, consensus mechanisms, and scalability solutions.
- Developing novel algorithms and protocols to address key challenges in blockchain scalability, security, and privacy.
- Publishing high-quality research papers in top-tier conferences and journals.
- Mentoring graduate students and contributing to academic initiatives within the department.
Qualifications:
- A Ph.D. in Computer Science, Mathematics, or a related field, with a strong publication record in blockchain or cryptography.
- Expertise in cryptographic protocols and blockchain technology, with demonstrated proficiency in Python or Rust programming languages.
- Familiarity with Solidity programming for smart contract development is highly desirable.
- Strong analytical and problem-solving skills, with a passion for exploring new ideas and pushing the boundaries of research.
- Excellent communication and collaboration abilities, with a track record of working effectively in multidisciplinary teams.
This is a fixed-term position with a contract lasting until December 31, 2025.
To apply, please submit the following documents to jordi.herrera@uab.cat with subject [Blockchain Postdoctoral Position] before May 2, 2024:
- A detailed CV including a list of publications.
- A cover letter describing your research interests, relevant experience, and career goals.
- Contact information for at least three professional references.
Closing date for applications:
Contact: jordi.herrera@uab.cat
10 April 2024
Damien Robissout, Lilian Bossuet, Amaury Habrard
ePrint ReportCharlotte Lefevre, Bart Mennink
ePrint ReportLeonie Reichert, Gowri R Chandran, Phillipp Schoppmann, Thomas Schneider, Björn Scheuermann
ePrint ReportIn this paper, we present Menhir, an oblivious TEE database that hides access patterns with ORAM guarantees and volume patterns through differential privacy. The database allows range and point queries with SQL-like WHERE-clauses. It builds on the state-of-the-art oblivious AVL tree construction Oblix (S&P'18), which by itself does not protect against volume leakage. We show how volume leakage can be exploited in range queries and improve the construction to mitigate this type of attack. We prove the correctness and obliviousness of Menhir. Our evaluation shows that our approach is feasible and scales well with the number of rows and columns in the database.
Yilei Chen
ePrint ReportTo develop a quantum algorithm for solving LWE, we mainly introduce two new techniques. First, we introduce Gaussian functions with complex variances in the design of quantum algorithms. In particular, we exploit the feature of the Karst wave in the discrete Fourier transform of complex Gaussian functions. Second, we use windowed quantum Fourier transform with complex Gaussian windows, which allows us to combine the information from both time and frequency domains. Using those techniques, we first convert the LWE instance into quantum states with purely imaginary Gaussian amplitudes, then convert purely imaginary Gaussian states into classical linear equations over the LWE secret and error terms, and finally solve the linear system of equations using Gaussian elimination. This gives a polynomial time quantum algorithm for solving LWE.
Alexander Hoover, Ruth Ng, Daren Khu, Yao'an Li, Joelle Lim, Derrick Ng, Jed Lim, Yiyang Song
ePrint ReportWe address this by providing the first leakage-abuse attacks against StE for SQL schemes. Our attacks can be run by a passive adversary on a server with access to some information about the distribution of underlying data, a common model in prior work. They achieve partial query recovery against select operations and partial plaintext recovery against join operations. We prove the optimality and near-optimality of two new attacks, in a Bayesian inference framework. We complement our theoretical results with an empirical investigation testing the performance of our attacks against real-world data and show they can successfully recover a substantial proportion of queries and plaintexts.
In addition to our new attacks, we provide proofs showing that the conditional optimality of a previously proposed leakage-abuse attack and that inference against join operations is NP-hard in general.
Yuxi Xue, Xingye Lu, Man Ho Au, Chengru Zhang
ePrint ReportTo instantiate our framework, we adapt the well-known post-quantum secure non-interactive argument of knowledge (NIAoK), ethSTARK, into an SoK. This SoK inherents the post-quantum security and has a signature size poly-logarithmic in the size of the NP statement. Thus, our resulting LRS has a signature size of $O(\text{polylog}(\log n))$. By comparison, existing post-quantum ring signatures, regardless of linkability considerations, have signature sizes of $O(\log n)$ at best. Furthermore, leveraging online/offline verification, part of the verification of signatures on the same ring can be shared, resulting in a state-of-the-art amortized verification cost of $O(\text{polylog}(\log n))$.
Our LRS also performs favourably against existing schemes in practical scenarios. Concretely, our scheme has the smallest signature size among all post-quantum ring signatures for any ring size larger than $32$. In our experiment, at $128$-bit security and ring size of $1024$, our LRS has a size of $29$KB, and an amortized verification cost of $0.3$ ms, surpassing the state-of-the-art by a significant margin. Even without considering amortization, the verification time for a single signature is $128$ ms, which is still 10x better than state-of-the-art succinct construction, marking it comparable to those featuring linear signature size. A similar performance advantage can also be seen at signing.