IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
18 September 2024
Thomas Szymkowiak, Endrit Isufi, Markku-Juhani Saarinen
ePrint ReportHari Krishnan P. Anilkumar, Varun Narayanan, Manoj Prabhakaran, Vinod M. Prabhakaran
ePrint ReportLing Song, Huimin Liu, Qianqian Yang, Yincen Chen, Lei Hu, Jian Weng
ePrint ReportSaikrishna Badrinarayanan, Peihan Miao, Xinyi Shi, Max Tromanhauser, Ruida Zeng
ePrint ReportIn this work, we address all the above limitations. In particular, we study UPSI with semi-honest security in both the addition-only and addition-deletion settings. We present new protocols for both settings that support plain PSI as well as extended functionalities including PSI-Cardinality and PSI-Sum, achieving one-sided output (which implies two-sided output). In the addition-only setting, we also present a protocol for a more general functionality Circuit-PSI that outputs secret shares of the intersection. All of our protocols have worst-case computation and communication complexity that only grow with the set updates instead of the entire sets (except for a polylogarithmic factor). We implement our new UPSI protocols and compare with the state-of-the-art protocols for PSI and extended functionalities. Our protocols compare favorably when the total set sizes are sufficiently large, the new updates are sufficiently small, or in networks with low bandwidth.
Riccardo Taiello, Emre Tosun, Alberto Ibarrondo, Hervé Chabanne, Melek Önen
ePrint ReportEric Verheul
ePrint ReportOğuz Yayla, Yunus Emre Yılmaz
ePrint ReportOğuz Yayla, Yunus Emre Yılmaz
ePrint ReportNan Wang, Dongxi Liu
ePrint ReportIn this paper, we introduce, FlashSwift, a stronger DLOG-based logarithmic-sized alternative. It stands out for its greater shortness and significantly enhanced computational efficiency compared with the cutting-edge logarithmic-sized ones for the most common ranges where $N \leq 64$. It is developed by integrating the techniques from Flashproof and SwiftRange without using a trusted setup. The substantial efficiency gains stem from our dedicated efforts in overcoming the inherent incompatibility barrier between the two techniques. Specifically, when $N=64$, our proof achieves the same size as Bulletproof and exhibits 1.1$\times$ communication efficiency of SwiftRange. More importantly, compared with the two, it achieves $2.3\times$ and $1.65\times$ proving efficiency, and $3.2\times$ and $1.7\times$ verification efficiency, respectively. At the time of writing, our proof also creates two new records of the smallest proof sizes, 289 bytes and 417 bytes, for 8-bit and 16-bit ranges among all the bit-decomposition-based ones without requiring trusted setups. Moreover, to the best of our knowledge, it is the first {\em configurable} range proof that is adaptable to various scenarios with different specifications, where the configurability allows to trade off communication efficiency for computational efficiency. In addition, we offer a bonus feature: FlashSwift supports the aggregation of multiple single proofs for efficiency improvement. Finally, we provide comprehensive performance benchmarks against the state-of-the-art ones to demonstrate its practicality.
Johann Knechtel, Mohammad Eslami, Peng Zou, Min Wei, Xingyu Tong, Binggang Qiu, Zhijie Cai, Guohao Chen, Benchao Zhu, Jiawei Li, Jun Yu, Jianli Chen, Chun-Wei Chiu, Min-Feng Hsieh, Chia-Hsiu Ou, ...
ePrint ReportHere, we present a large-scale, first-of-its-kind community effort through red-versus-blue teaming that thoroughly explores this threat. Four independently competing blue teams of 23 IC designers in total had to analyze and fix vulnerabilities of representative IC layouts, whereas a red team of 3 experts in hardware security and IC design continuously pushed the boundaries of these defense efforts through different HTs and novel insertion techniques. Importantly, we find that, despite the blue teams’ commendable efforts, even highly-optimized layouts retained at least some exploitable vulnerabilities.
Our effort follows a real-world setting for a modern 7nm technology node and industry-grade tooling for IC design, all embedded into a fully-automated and extensible benchmarking framework. To ensure the relevance of this work, strict rules that adhere to real-world requirements for IC design and manufacturing were postulated by the organizers. For example, not a single violation for timing and design-rule checks were allowed for defense techniques. Besides, in an advancement over prior art, neither red nor blue teams were allowed to use any so-called fillers and spares for trivial attack or defense approaches.
Finally, we release all methods and artifacts: the representative IC layouts and HTs, the devised attack and defense techniques, the evaluation metrics and setup, the technology setup and commercial-grade reference flow for IC design, the encompassing benchmarking framework, and all best results. This full release enables the community to continue exploring this important challenge for hardware security, in particular to focus on the urgent need for further advancements in defense strategies.
Suparna Kundu, Quinten Norga, Angshuman Karmakar, Shreya Gangopadhyay, Jose Maria Bermudo Mera, Ingrid Verbauwhede
ePrint ReportWeihao Wang, Shuai Han, Shengli Liu
ePrint ReportIn this paper, we propose Anamorphic Authentication Key Exchange (AM-AKE) to solve the problem. Similar to anamorphic encryption, AM-AKE contains a set of anamorphic algorithms besides the normal algorithms. With the help of the anamorphic algorithms in AM-AKE, the initiator and the responder are able to exchange not only a session key but also a double key. We define robustness and security notions for AM-AKE, and also prove some impossibility results on plain AM-AKE whose anamorphic key generation algorithm only outputs a key-pair. To bypass the impossibility results, we work on two sides.
-- On the one side, for plain AM-AKE, the securities have to be relaxed to resist only passive attacks from the dictator. Under this setting, we propose a generic construction of two-pass plain AM-AKE from a two-pass AKE with partially randomness-recoverable algorithms.
-- On the other side, we consider (non-plain) AM-AKE whose key generation algorithm also outputs an auxiliary trapdoor besides the key-pairs. We ask new properties from AKE: its key generation algorithm has secret extractability and other algorithms have separability. Based on such a two-pass AKE, we propose a generic construction of two-pass (non-plain) AM-AKE. The resulting AM-AKE enjoys not only robustness but also the strong security against any dictator knowing both users' secret keys and even the internal randomness of the AKE algorithms and implementing active attacks.
Finally, we present concrete AM-AKE schemes from the popular SIG+KEM paradigm and three-KEM paradigm for constructing AKE.
14 September 2024
Bangalore, India, 3 March - 6 March 2025
Event CalendarSubmission deadline: 15 October 2024
Notification: 15 November 2024
Wollongong, Australia, 14 July - 16 July 2025
Event CalendarSubmission deadline: 6 November 2024
Notification: 22 January 2025
West Bengal, India, 14 January - 16 January 2025
Event CalendarSubmission deadline: 20 September 2024
Notification: 1 October 2024
The chair of IT Security, Brandenburg University of Technology, Cottbus-Senftenberg
Job PostingOur chair performs research and teaching in the area of IT Security with a strong focus on Network Security and Online Privacy. More information about us can be found at https://www.b-tu.de/en/fg-it-sicherheit.
- Tasks:
- Active research in the area of intrusion detection systems (IDS) for critical infrastructures, secure cyber-physical systems, and artificial intelligence / machine learning for traffic analysis
- Implementation and evaluation of new algorithms and methods
- Cooperation and knowledge transfer with industrial partners
- Publication of scientific results
- Assistance with teaching
- Requirements:
- Master’s degree (or equivalent) and PhD degree (only for PostDocs) in Computer Science or related disciplines
- Strong interest in IT security and/or networking and distributed systems
- Knowledge of at least one programming language (C++, Java, etc.) and one scripting language (Perl, Python, etc.) or strong willingness to quickly learn new programming languages
- Linux/Unix skills
- Knowledge of data mining, machine learning, statistics and result visualization concepts is of advantage
- Excellent working knowledge of English; German is of advantage
- Excellent communication skills
- Applications containing the following documents:
- A detailed Curriculum Vitae
- Transcript of records from your Master studies
- An electronic version of your Master thesis, if possible should be sent in a single PDF file as soon as possible, but not later than 04.10.2024 at itsec-jobs.informatik@lists.b-tu.de. Applications sent to email addresses other than that will be automatically discarded
Closing date for applications:
Contact: Prof. Dr.-Ing. Andriy Panchenko,
Email: itsec-jobs.informatik@lists.b-tu.de
More information: https://www.informatik.tu-cottbus.de/~andriy/phd-ad-btu_en.pdf
Chalmers University of Technology, Department of Computer Science & Engineering, Gothenburg, Sweden
Job PostingThis position offers an exciting opportunity to delve into the rapidly evolving field of Transparency Protocols and to make impactful contributions towards new designs, security proofs, and the uptake of this technology. You will join the CryptoTeam under the supervision of Assistant Professor Elena Pagnin and your base will be Chalmers (Gothenburg, Sweden). Chalmers is a renown University in Technical subjects, and provides a dynamic, highly international work environment within a world-leading research group with expertise in various aspects of cryptography, security, formal methods, and their applications.
For more information visit the official ad https://www.chalmers.se/en/about-chalmers/work-with-us/vacancies/?rmpage=job&rmjob=13180&rmlang=UK . Note that only applications received via the Chalmers Vacancies portal will be considered. Application deadline: October 4, 2024.
Closing date for applications:
Contact: Elena Pagnin
More information: https://www.chalmers.se/en/about-chalmers/work-with-us/vacancies/?rmpage=job&rmjob=13180&rmlang=UK
Chinese Academy of Sciences, Academy of Mathematics and Systems Science
Job PostingClosing date for applications:
Contact: Dr. Zhifang Zhang, email: zfz@amss.ac.cn; Dr. Yanbin Pan, email: panyanbin@amss.ac.cn; Dr. Xiutao Feng, email: fengxt@amss.ac.cn
More information: https://www.mathjobs.org/jobs/list/23139
Hebrew University of Jerusalem
Job PostingClosing date for applications:
Contact: Ilan Komargodski (ilank at cs dot huji dot ac dot il)
University of Amsterdam, Netherlands
Job PostingYou will conduct research in the “Challenges in Cyber Security” project, one of the few projects receiving funding in the prestigious NWO Gravitation program. In cooperation with researchers from TU Eindhoven, Radboud University Nijmegen, VU Amsterdam, and CWI, you will work on the grand challenges of cybersecurity in areas such as cryptography, software security, or physical security. Besides cutting-edge research, you will also contribute to education – for example, in the top-rated Security and Network Engineering MSc program – and other activities, including acquisition and management of funded research projects, supervision of PhD students, and supervision of BSc/MSc graduation projects.
Closing date for applications:
Contact: Christian Schaffner
More information: https://vacatures.uva.nl/UvA/job/Assistant-Professor-in-Cyber-Security/802718502/