IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
15 November 2024
Emanuele Di Giandomenico, Doreen Riepel, Sven Schäge
ePrint ReportSougata Mandal
ePrint ReportIn this work, we propose forkcipher design for various tweak lengths, based on a block cipher as the underlying primitive. We provide proofs of security for these constructions, assuming the underlying block cipher behaves as an ideal block cipher. First, we present a forkcipher, $\widetilde{\textsf{F}}1$, for an $n$-bit tweak and prove its optimal ($n$-bit) security. Next, we propose another construction, $\widetilde{\textsf{F}}2$, for a $2n$-bit tweak, also proving its optimal ($n$-bit) security. Finally, we introduce a construction, $\widetilde{\textsf{F}}r$, for a general $rn$-bit tweak, achieving $n$-bit security.
Umut Pekel, Oguz Yayla
ePrint ReportTao Lu, Yuxun Chen, Zonghui Wang, Xiaohang Wang, Wenzhi Chen, Jiaheng Zhang
ePrint ReportWe propose a fully pipelined GPU-accelerated system for batch generation of zero-knowledge proofs. Our system has three features to improve throughput. First, we design a pipelined approach that enables each GPU thread to continuously execute its designated proof generation task without being idle. Second, our system supports recent efficient ZKP protocols with their computational modules: sum-check protocol, Merkle tree, and linear-time encoder. We customize these modules to fit our pipelined execution. Third, we adopt a dynamic loading method for the data required for proof generation, reducing the required device memory. Moreover, multi-stream technology enables the overlap of data transfers and GPU computations, reducing overhead caused by data exchanges between host and device memory.
We implement our system and evaluate it on various GPU cards. The results show that our system achieves more than 259.5× higher throughput compared to state-of-the-art GPU-accelerated systems. Moreover, we deploy our system in the verifiable machine learning application, where our system generates 9.52 proofs per second, successfully achieving sub-second proof generation for the first time in this field.
George Teseleanu
ePrint ReportSihem Mesnager, Ahmet SINAK
ePrint ReportSeungwan Hong, Jiseung Kim, Changmin Lee, Minhye Seo
ePrint ReportIn this paper, we propose a fully encrypted FE-based PPML protocol, which supports the evaluation of arbitrary functions over encrypted data with no information leakage during computation, for the first time. To achieve this, we newly construct a vector functional encryption scheme for quadratic polynomials and combine it with an inner product encryption scheme. This enables multiple compositions of quadratic polynomials to compute arbitrary complex functions in an encrypted manner.
Our FE-based PPML protocol is secure in the malicious model, which means that an adversary cannot obtain any information about the input data even though they intentionally deviate from the protocol. We then show how to use our protocol to build a fully encrypted 2-layer neural network model with quadratic activation functions and present experimental results.
Wonhee Cho, Jiseung Kim, Changmin Lee
ePrint ReportWe propose two polynomial time algorithms to break the simulation security of $t$-out-of-$N$ $\sf TFHE$ based on Shamir secret sharing scheme proposed by Boneh et al.. First, we show that an adversary can break the simulation security by recovering the secret key under some constraints on $t$ and $N$, which does not violate the conditions for security proof. Next, we introduce a straightforward fix that theoretically satisfies the simulation security. However, we argue that this modification remains insecure insecure when implemented with any state-of-the-art fully homomorphic encryption libraries in practice. To ensure robustness against our subsequent attacks, we recommend using an error-refreshing algorithm, such as bootstrapping or modulus switching, for each addition operation.
Ojaswi Acharya, Weiqi Feng, Roman Langrehr, Adam O'Neill
ePrint ReportOn the theoretical side, we use AC-IPFRE to show that function- hiding inner-product functional encryption (FH-IPFE), introduced by Bishop et al. (ASIACRYPT 2015), is equivalent to IPFRE. To show this, we in particular generically construct AC-IPFRE from IPFRE for the “non-zero inner-product” (NZIP) access policy. This result uses an effective version of Lagrange’s Four Square Theorem. One consequence of this result is that lower bounds by Ünal (EUROCRYPT 2020) suggest that, as for FH-IPFE, bilinear pairings will be needed to build IPFRE.
On the practical side, we build an outsourced approximate nearest- neighbor (ANN) search protocol and mitigate its leakage via AC-IPFRE. For this, we construct a practical AC-IPFRE scheme in the generic bilinear group model for a specific access policy for ANN search. To this end, we show that techniques of Wee (TCC 2020) implicitly give the most practical FH-IPFE scheme to date. We implement the resulting outsourced ANN search protocol and report on its performance.
Of independent interest, we show AC-IPFRE for NZIP implies attribute-hiding small-universe AC-IPFRE for arbitrary access policies. Previous work on access control for FE did not achieve attribute hiding. Overall, our results demonstrate that AC-IPFRE is of both theoretical and practical interest and set the stage for future work in the area.
Upasana Mandal, Rupali Kalundia, Nimish Mishra, Shubhi Shukla, Sarani Bhattacharya, Debdeep Mukhopadhyay
ePrint ReportIn this work, we contend this folklore. We develop a theoretical model of interleaved attacks using lightweight statistical tools like Gaussian Mixture Models and Dip Test for Unimodality and prove they are detectable for the correct choices of HPCs. Furthermore, we also show possible defence strategy against a stronger threat model than considered in literature: where the attacker interleaves multiple attacks instead of a single attack. Empirically, to instantiate our detector, in contrast to prior detection strategies, we choose LLMs for a number of reasons: (1) LLMs can easily contextualize data from a larger set of HPCs than generic machine learning techniques, and (2) with simple prompts, LLMs can quickly switch between different statistical analysis methods. To this end, we develop an LLM-based methodology to detect probabilistically interleaved attacks. Our experiments establish that our improved methodology is able to achieve 100% speculative attacks like Spectre v1/v2/v3, Meltdown, and Spectre v2 (with improved gadgets that even evade recent protections like Enhanced IBRS, IBPB conditional, and so on). This makes our methodology suitable for detecting speculative attacks in a non-profiled setting: where attack signatures might not be known in advance. All in all, we achieve a 100% attack detection rate, even with very low interleave frequencies (i.e. $10^{-6}$). Our detection principle and its instantiation through LLMs shows how probabilistically interleaving attack code in benign execution is not a perfect strategy, and more research is still needed into developing and countering better attack evasion strategies.
Noel Elias
ePrint ReportTom Gur, Jack O'Connor, Nicholas Spooner
ePrint ReportAli Raya, Vikas Kumar, Aditi Kar Gangopadhyay, Sugata Gangopadhyay
ePrint ReportShiping Cai, Mingjie Chen, Christophe Petit
ePrint ReportJingwei Chen, Linhan Yang, Chen Yang, Shuai Wang, Rui Li, Weijie Miao, Wenyuan Wu, Li Yang, Kang Wu, Lizhong Dai
ePrint ReportSönke Jendral, Elena Dubrova
ePrint ReportLing Sun
ePrint Report13 November 2024
Common Prefix
Job PostingClosing date for applications:
Contact: Dimitris Lamprinos (careers@commonprefix.com)
More information: https://commonprefix.com
Rovira i Virgili University, Tarragona, Spain
Job PostingWe seek to hire a full-time postdoctoral researcher in the area of security and privacy.
The University offers:- A 2.5-year contract at an exciting international environment.
- Generous travel funds.
- Possibility to co-supervise PhD students.
The successful candidate is expected to contribute to the PROVTOPIA project, which focuses on counteracting disinformation via Secure and Private Provenance Verification of Media Content. The candidate will work under the umbrella of the Crises research group (https://crises-deim.urv.cat/) and the direction of Dr. Rolando Trujillo. Candidates with experience in applied cryptography, threat modelling or formal verification are encouraged to apply.
Include in your application the following documents:- Curriculum Vitae
- Research statement
- Contact information for 3 referees
Deadline for applications is 15 January 2025 . Early applications are highly encouraged, though, as they will be processed upon reception.
Closing date for applications:
Contact: Dr. Rolando Trujillo (rolando.trujillo@urv.cat)
More information: https://rolandotr.bitbucket.io/open-positions.html
Aalto University, Finland
Job PostingClosing date for applications:
Contact: For additional information about the position, please contact Professor Riku Jäntti at riku.jantti at aalto.fi. For questions related to the recruitment process, HR Partner Hanna Koli at hanna.koli at aalto.fi.
More information: https://www.aalto.fi/en/open-positions/professor-computer-engineering