IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
15 July 2024
Eindhoven University of Technology (TU/e), Netherlands
Job PostingWe are looking for a person to extend our team as postdoc in the Horizon Europe Next Generation Internet pilot NGI TALER. Your task will be to carry out foundational research in the context of the payment system GNU Taler. More precisely, you will be tasked with proving the security of post-quantum replacements for the cryptography used to secure GNU Taler. The position is initially 1 year with funding for a 1-year extension available.
GNU Taler is a privacy-preserving payment system. Customers can stay anonymous, but merchants cannot hide their income through payments with GNU Taler. This helps to avoid tax evasion and money laundering while providing users with a privacy-preserving way of electronic payment. As part of a Next Generation Internet pilot, the cryptography used in GNU Taler will be future-proofed by developing post-quantum secure variants of the involved protocols. Your task will be to prove these new protocols secure against quantum adversaries, closely collaborating with the team that develops the protocols.
If you have a PhD in cryptography or a related area, please apply online via the TU/e website.
Closing date for applications:
Contact: Andreas Hülsing a.t.huelsing [put at here] tue.nl and Kathrin Hövelmanns k.hovelmanns [put at here] tue.nl
More information: https://jobs.tue.nl/en/vacancy/postdoc-in-postquantum-cryptography-1094802.html
Aztec Labs
Job Postinghttps://aztec.network/
We’re creating a general-purpose private smart contract layer for Ethereum, affectionately dubbed ‘Aztec 3’.
We utilise bleeding-edge cryptography in our tech stack to realise private transactions on a public blockchain network, particularly in the realm of zero-knowledge cryptography.
As a result we possess a world-class R&D team that has co-authored the Plonk, Plookup and Zeromorph protocols. Plonk in particular is rapidly becoming an industry standard ZK-SNARK technology.
We are looking for experienced cryptographers to expand our R&D team and allow us to further enhance the state-of-the-art when it comes to generating proofs of private computation.
- Role focus:
- * Research techniques to improve both the constant and asymptotic performance of our cryptographic protocols
- * Perform literature reviews to identify new developments that could improve the Prover/Verifier efficiency of our cryptographic protocols (or replace them entirely)
- * Develop security proofs for our ZK-SNARK circuit architectures
- * Liaise with our applied cryptographers to assist them with implementing our cryptographic protocols in software
- Required experience:
- * PhD-level qualification in cryptography or a related field
- * Named author in one or more papers in the field of zero-knowledge cryptography
- * Ability to read and understand software implementations of cryptographic protocols written in C++
- * Familiarity with algorithms, data structures and basic programming concepts
- * Able to provide clear and constructive feedback for more junior cryptographers / applied cryptographers, mentoring where necessary
- What we offer:
- * A highly competitive compensation package (including equity)
- * Flexible and remote work environment
- * 25 days holiday + bank holidays annually
- * An opportunity to work at the cutting edge of blockchain and FinTech with a world class cryptography and engineering team
Closing date for applications:
Contact: travis@aztecprotocol.com
More information: https://boards.eu.greenhouse.io/aztec/jobs/4098527101
=nilFoundation
Job PostingClosing date for applications:
Contact: Alex Aristides - Alexisaristdes@nil.foundation
More information: https://nil.foundation/careers/jobs?jobId=eKBawSyO9EDP
University of South-Eastern Norway; Kongsberg, Norway
Job PostingWe are seeking a highly motivated candidate for a PhD in Cybersecurity. This project aims to advance the field of healthcare cybersecurity through innovative and scalable solutions. The candidate will focus on the security and privacy of healthcare systems, including but not limited to developing decentralized, secure, and privacy-preserving methods for sharing health data.
Starting date: The position is available from January 1, 2025. An earlier commencement might be possible.
Application deadline: October 7, 2024.
We offer:
- Fully funded position for three years
- No teaching obligations
- Stimulating research environment
- Competitive salary and benefits, starting salary from NOK 532,200
More information is available at bit.ly/phd25
Closing date for applications:
Contact: Mohsen Toorani (mohsen.toorani@usn.no)
More information: https://bit.ly/phd25
Minglang Dong, Yu Chen, Cong Zhang, Yujie Bai
ePrint Report- We propose the first MPSU protocol based on oblivious transfer and symmetric-key techniques in the standard semi-honest model. This protocol is $4.9-9.3 \times$ faster than Liu and Gao in the LAN setting. Concretely, our protocol requires only $3.6$ seconds in online phase for 3 parties with sets of $2^{20}$ items each. - We propose the first MPSU protocol achieving both linear computation and linear communication complexity, based on public-key operations. This protocol has the lowest overall communication costs and shows a factor of $3.0-36.5\times$ improvement in terms of overall communication compared to Liu and Gao.
We implement our protocols and conduct an extensive experiment to compare the performance of our protocols and the state-of-the-art. To the best of our knowledge, our implementation is the first correct and secure implementation of MPSU that reports on large-size experiments.
Adrian Neal
ePrint ReportZhengjun Cao, Lihua Liu
ePrint ReportFrancesco Berti, Carmit Hazay, Itamar Levi
ePrint ReportIn this paper, we introduce two tailored indistinguishability-based security definitions for leakage-resilient OT, focusing on protecting the sender's state. Second, we propose a practical semi-honest secure OT protocol that achieves these security levels while minimizing the assumptions on the protocol's building blocks and the use of a secret state. Finally, we extend our protocol to support sequential composition and explore efficiency-security tradeoffs.
Changcun Wang, Zhaopeng Dai
ePrint ReportChen Yang, Jingwei Chen, Wenyuan Wu, Yong Feng
ePrint ReportChristian Majenz, Giulio Malavolta, Michael Walter
ePrint ReportDana Dachman-Soled, Esha Ghosh, Mingyu Liang, Ian Miers, Michael Rosenberg
ePrint ReportUnfortunately, the size of a strike-list, and hence the storage required by the server, is proportional to the total number of issued tokens, $N \cdot t$, where $N$ is the number of clients and $t$ is the maximum number of tickets per client. In this work, we ask whether it is possible to realize a strike-list-like functionality, which we call the anonymous tickets functionality, with storage requirements proportional to $N \log(t)$.
For the anonymous tickets functionality we construct a secure protocol from standard assumptions that achieves server storage of $O(N)$ ciphertexts, where each ciphertext encrypts a message of length $O(\log(t))$. We also consider an extension of the strike-list functionality where the server stores an arbitrary state for each client and clients advance their state with some function $s_i\gets f(s_{i-1},\mathsf{auxinput})$, which we call the anonymous outsourced state-keeping functionality. In this setting, malicious clients are prevented from rolling back their state, while honest clients are guaranteed anonymity and confidentiality against a malicious server. We achieve analogous results in this setting for two different classes of functions.
Our results rely on a new technique to preserve client anonymity in the face of selective failure attacks by a malicious server. Specifically, our protocol guarantees that misbehavior of the server either (1) does not prevent the honest client from redeeming a ticket or (2) provides the honest client with an escape hatch that can be used to simulate a redeem in a way that is indistinguishable to the server.
Nir Bitansky, Prahladh Harsha, Yuval Ishai, Ron D. Rothblum, David J. Wu
ePrint Report- Small-field DPP. For any finite field $\mathbb{F}$ and Boolean circuit $C$ of size $S$, there is a DPP for proving that there exists $\mathbf{w}$ such that $C(\mathbf{x}, \mathbf{w})=1$ with a proof $\boldsymbol{\pi}$ of length $S\cdot\mathsf{poly}(|\mathbb{F}|)$ and soundness error $\varepsilon=O(1 / \sqrt{|\mathbb{F}|})$. We show this error to be asymptotically optimal. In particular, and in contrast to the best known PCPs, there exist strictly linear-length DPPs over constant-size fields.
- Large-field DPP. If $|\mathbb{F}|\ge\mathsf{poly}(S/\varepsilon)$, there is a similar DPP with soundness error $\varepsilon$ and proof length $O(S)$ (in field elements).
The above results do not rely on the PCP theorem and their proofs are considerably simpler. We apply our DPP constructions toward two kinds of applications.
- Hardness of approximation. We obtain a simple proof for the NP-hardness of approximating MAXLIN (with dense instances) over any finite field $\mathbb{F}$ up to some constant factor $c>1$, independent of $\mathbb{F}$. Unlike previous PCP-based proofs, our proof yields exponential-time hardness under the exponential time hypothesis (ETH).
- Succinct arguments. We improve the concrete efficiency of succinct interactive arguments in the generic group model using input-independent preprocessing. In particular, the communication is comparable to sending two group elements and the verifier's computation is dominated by a single group exponentiation. We also show how to use DPPs together with linear-only encryption to construct succinct commit-and-prove arguments.
Ludo N. Pulles, Mehdi Tibouchi
ePrint ReportIn this paper, we show that those claimed advantages come at the cost of security. More precisely, we show that the distribution of EagleSign signatures leaks information about the private key, to the point that only a few hundred signatures on arbitrary known messages suffice for a full key recovery, for all proposed parameters.
A related vulnerability also affects EagleSign-V2, a subsequent version of the scheme specifically designed to thwart the initial attack. Although a larger number of signatures is required for key recovery, the idea of the attack remains largely similar. Both schemes come with proofs of security that we show are flawed.
Zhongyi Zhang, Chengan Hou, Meicheng Liu
ePrint ReportChristian Badertscher, Maxim Jourenko, Dimitris Karakostas, Mario Larangeira
ePrint ReportThomas Debris-Alazard, Pierre Loisel, Valentin Vasseur
ePrint ReportHossein Arabnezhad, Babak Sadeghiyan
ePrint ReportTianpei Lu, Bingsheng Zhang, Xiaoyuan Zhang, Kui Ren
ePrint ReportIn this work, we propose a new PPML paradigm that is tailor-made for and can benefit from quantized models. Our main observation is that lookup tables can ignore the complex internal constructs of any functions which can be used to simplify the quantized operator evaluation. We view the model inference process as a sequence of quantized operators, and each operator is implemented by a lookup table. We then develop an efficient private lookup table evaluation protocol, and its online communication cost is only $\log n$, where $n$ is the size of the lookup table. On a single CPU core, our protocol can evaluate $2^{15}$ tables with 8-bit input and 8-bit output per second.
The resulting PPML framework for quantized models offers extremely fast online performance. The experimental results demonstrate that our quantization strategy achieves substantial speedups over SOTA PPML solutions, improving the online performance by $40\sim 60 \times$ w.r.t. convolutional neural network (CNN) models, such as AlexNet, VGG16, and ResNet18, and by $10\sim 25 \times$ w.r.t. large language models (LLMs), such as GPT-2, GPT-Neo, and Llama2.