International Association
for Cryptologic Research

Three-neighbourhood Cellular Automata (CA) are widely studied and accepted as suitable cryptographic primitive. Rule 30, a 3-neighbourhood CA rule, was proposed as an ideal candidate for cryptographic primitive by Wolfram. However, rule 30 was shown to be weak against Meier-Staffelbach attack. The cryptographic properties like diffusion and randomness increase with increase in neighbourhood radius and thus opens the avenue of exploring the cryptographic properties of 4-neighbourhood CA. This work explores whether four-neighbourhood CA can be a better cryptographic primitive. We construct a class of cryptographically suitable 4-neighbourhood nonlinear CA rules that resembles rule 30. One 4-neighbourhood nonlinear CA from this selected class is shown to be resistant against Meier-Staffelbach attack on rule 30, justifying the applicability of 4-neighbourhood CA as better cryptographic primitives.

In this paper, we introduce the notion of (\\epsilon,\\delta)-differential privacy in distribution, a strong version of the existing (\\epsilon,\\delta)-differential privacy, used to mathematically ensure that private data of an individual are protected when embedded into a queried database. In practice, such property is obtained by adding some relevant noise. Our new notion permits to simplify proofs of (\\epsilon,\\delta) privacy for mechanisms adding noise with a continuous distribution. As a first example, we give a simple proof that the Gaussian mechanism is (\\epsilon,\\delta)-differentially private in distribution.

Using differential privacy \\emph{in distribution}, we then give simple conditions for an instance-based noise mechanism to be (\\epsilon,\\delta)-differentially private. After that, we exploit these conditions to design a new (\\epsilon,\\delta)-differentially private instance-based noise algorithm. Compare to existing ones, our algorithm have a better accuracy when used to answer a query in a differentially private manner.

In particular, our algorithm does not require the computation of the so-called Smooth Sensitivity, usually used in instance-based noise algorithms, and which was proved to be NP hard to compute in some cases, namely statistics queries on some graphs. Our algorithm handles such situations and in particular some cases for which no instance-based noise mechanism were known to perform well.

Bitcoin and similar cryptocurrencies are a massive network of

computational devices that maintain the robutness and correctness of the

computation done in the network. Cryptocurrency protocols, including Bitcoin and the

more recent Ethereum system, offer an additional feature that allows

currency users to specify a ``script\'\' or contract which is executed

collectively (via a consensus protocol) by the network. This feature

can be used for many new applications of cryptocurrencies

beyond simple cash transaction. Indeed, several efforts to develop decentralized applications

are underway and recent experimental efforts have proposed to port a

Linux OS to such a decentralized computational platform.

In this work, we study the security of computations on a cryptocurrency

network. We explain why the correctness of such computations is susceptible to

attacks that both waste network resources of honest miners as well as lead to

incorrect results. The essence of our arguments stems from a deeper

understanding of the incentive-incompatibility of maintaining a correct

blockchain. We explain this via a ill-fated choice called the {\\em verifier\'s

dilemma}, which suggests that rational miners are well-incentivized to accept

an unvalidated blockchain as correct, especially in next-generation

cryptocurrencies such as Ethereum that are Turing-complete. To explain which

classes of computation can be computed securely, we formulate a model of

computation we call the consensus verifiability. We propose a solution that

reduces the adversary\'s advantage substantially, thereby achieving near-ideal

incentive-compatibility for executing and verifying computation in our

consensus verifiability model. We further propose two different but

complementary approaches to implement our solution in real cryptocurrency

networks like Ethereum. We show the feasibility of such approaches for a set of

practical outsourced computation tasks as case studies.

We unify the many prior variants of point-function obfuscation via a definitional framework in which security is parameterized by a class of algorithms we call target generators, with different notions corresponding to different choices of this class. This leads to an elegant question, namely whether it is possible to provide a generic construction, meaning one that takes an arbitrary class of target generators and returns a point-function obfuscator secure for it. We answer this in the affirmative with three generic constructions, the first based on indistinguishability obfuscation, the second on deterministic public-key encryption and the third on universal computational extractors. By exploiting known constructions of the primitives assumed, we obtain a host of new point-function obfuscators, including many under standard assumptions.

We show general transformations from subexponentially-secure approximate indistinguishability obfuscation (IO) where the obfuscated circuit agrees with the original circuit on a $1/2+\\epsilon$ fraction of inputs, into exact indistinguishability obfuscation where the

obfuscated circuit and the original circuit agree on all inputs (except for a negligible probability over the coin tosses of the obfuscator). As a step towards our results, which is of independent interest, we also obtain an approximate-to-exact transformation for functional encryption. At the core of our techniques is a method for ``fooling\'\' the obfuscator into giving us the correct answer, while preserving the indistinguishability-based security. This is achieved based on various types of secure computation protocols that can be obtained from different standard assumptions.

Put together with the recent results of Canetti, Kalai and Paneth (TCC 2015), Pass and Shelat (Eprint 2015), and Mahmoody, Mohammed and Nemathaji (Eprint 2015), we show how to convert indistinguishability obfuscation schemes in various ideal models into exact obfuscation schemes in the plain model.

We present a technique to achieve O(n) communication complexity per multiplication for a wide class of robust practical MPC protocols. Previously such a communication complexity was only known in the case of non-robust protocols in the full threshold, dishonest majority setting. In particular our technique applies to robust threshold computationally secure protocols in the case of t

Applications are invited for a full-time PhD position in the Security in Information Technology (SIT) Research Group at Technische Universität Darmstadt, Germany, under the direction of Prof. Dr. Michael Waidner.

The vacancy is within the newly established research training group \"Privacy and Trust for Mobile Users\", funded by DFG, the German Research Foundation.

We are looking for a candidate interested in working at the intersection of privacy engineering, identity management, applied cryptography, and machine learning, starting October 01, 2015.

More Information: https://www.sit.informatik.tu-darmstadt.de/de/security-in-information-technology/open-positions/phd-position-on-consent-management/

Submission: 15 October 2015
Notification: 5 November 2015
From December 7 to December 8
Location: Beijing, China
More Information: http://www.onets.com.cn/intrust2015/

We are looking for a research scientist or post-doc in cryptography to work on novel cryptographic concepts for emerging ICT domains (e.g. cloud computing or cyber physical systems). Ideally you have experience in fields like modern public-key cryptography, distributed cryptography, privacy enhancing technologies, or multi-party computation. You will be involved in a EU research project on identity management and research/improve cryptography for secure and privacy preserving cloud based identity management.

Further infos:

• Direct job posting: http://www.ait.ac.at/fileadmin/inserate/Scientist_for_Cryptography.pdf

• Project site (avail. soon): https://www.credential.eu

• AIT Digital Safety & Security Department: http://www.ait.ac.at/departments/digital-safety-security

,

Submission: 15 October 2015
Notification: 15 January 2016
From June 1 to October 15
More Information: http://www.journals.elsevier.com/computer-networks/call-for-papers/special-issue-on-recent-advances-in-physical-lay

Submission: 14 September 2015
Notification: 14 November 2015
From June 1 to September 14
More Information: http://digital-library.theiet.org/files/IET_IFS_SI_CFP.pdf

Submission: 4 September 2016
From November 2 to November 3
Location: Nijmegen, The Netherlands
More Information: http://crossfyre15.cs.ru.nl/index.html

Simula Research Laboratory in Norway seeks a researcher in cryptography or computer security for an initial two-year contract with possibility for further employment. The successful candidate will also be responsible for leading the process of applying for EU-grants under H2020. Previous involvement in EU projects and experience in building and maintaining consortia will count as a big plus.

The chair Modeling and Analysis of Information Systems (MAIS) of Prof. Dr.-Ing. Heiko Mantel in the Department of Computer Science at TU Darmstadt, Germany, is offering two PostDoc positions:

- Concurrent Program Security (detailed position announcement at http://www.mais.informatik.tu-darmstadt.de/assets/misc/2015-PostDoc-IFS-Concurrent.pdf)

- Information-Flow Security by Design (detailed position announcement at http://www.mais.informatik.tu-darmstadt.de/assets/misc/2015-PostDoc-IFS-SecurityEngineering.pdf)

The detailed announcements contain information about the position descriptions, benefits, qualifications, and the application procedure.

The positions are available from September 1st 2015, but a later start is also possible. We will consider applications until the positions are filled.

Questions about the positions can be sent to recruiting (at) mais.informatik.tu-darmstadt.de. For more information about the chair MAIS, please visit http://www.mais.informatik.tu-darmstadt.de.

This position in the Laboratories’ Security Group involves research in the areas of Cloud Security, Device Security, SDN Security and Software Security. Our work ranges from foundational research and IPR creation to prototype development for transfer to NEC products and services.

Applicants are sought with an in-depth understanding in at least two of the following areas:

• Security technologies and protocols, including applied cryptography and privacy enhancing technologies
• Distributed systems and protocols, especially secure management of distributed resources e.g. IoT devices, software, services and data
• Operating system internals and software development including experience with programming languages, such as Java, Scala or C/C++

We are looking for individuals with excellent research skills and a passion to create new technologies. We expect that the applicant holds a master’s or doctorate degree with several years of professional experience in research and development in the security area, and has an excellent publication track record. The applicant should also have a very good background in Computer Science.

I am looking for highly motivated and qualified candidates to fill two PhD positions for research in applied cryptography and side channel analysis. Topics include:

• Side channel analysis and countermeasures

• Cache-based Cross-VM attacks; analysis and countermeasures

• Secure and efficient cryptographic implementations

Candidates should have a degree in electronics, computer science or applied mathematics with strong interest in algorithms and signal processing. Prior experience in side channel analysis and embedded software or hardware design is an asset.

We offer a competitive salary and an international cutting-edge research program in an attractive working environment. WPI is a highly-ranked research university in the Boston area, and offers the opportunity to collaborate with world-class faculty and students in a collegial environment. We maintain close connections with surrounding universities and private companies.

Dear IACR members,

The Australian government has recently enacted its Defence Trade Controls Act (DTCA) which places export controls on cryptographic technologies. As it contains no exemption for ordinary research & teaching, the act apparently criminalizes the scholarly activities of our Australian colleagues.

The IACR has drafted a petition in response to this legislation (https://www.iacr.org/petitions/australia-dtca/). If you are an IACR member, we encourage you to add your signature. With enough support, we hope to contribute to an improvement to the situation in Australia.

As this is the first petition hosted by the IACR, we welcome your feedback. Please send comments to petitions@iacr.org.

Hello Roman Oliynykov and others, I have double checked my concerns, and I have to confess that you are right, and I was wrong. Indeed, the linear transformation is not per-word, as it seemed to me from the brief look, but per-column. However, how did you create your S-boxes? From: 2015-05-07 21:41:08 (UTC)

In secure multi-party shuffling, multiple parties, each holding an input, want to agree on a random permutation of their inputs while keeping the permutation secret. This problem is important as a primitive in many privacy-preserving applications such as anonymous communication, location-based services, and electronic voting.

Known techniques for solving this problem suffer from poor scalability, load-balancing issues, trusted party assumptions, and/or weak security guarantees.

In this paper, we propose an unconditionally-secure protocol for multi-party shuffling that scales well with the number of parties and is load-balanced. In particular, we require each party to send only a polylogarithmic number of bits and perform a polylogarithmic number of operations while incurring only a logarithmic round complexity. We show security under universal composability against up to about n/3 fully-malicious parties. We also provide simulation results showing that our protocol improves significantly over previous work. For example, for one million parties, when compared to the state of the art, our protocol reduces the communication and computation costs by at least three orders of magnitude and slightly decreases the number of communication rounds.

We initiate a systematic treatment of the communication complexity of conditional disclosure of

secrets (CDS), where two parties want to disclose a secret to a third party if and only if their respective inputs

satisfy some predicate. We present a general upper bound and the first non-trivial lower bounds for conditional

disclosure of secrets. Moreover, we achieve tight lower bounds for many interesting setting of parameters for

CDS with linear reconstruction, the latter being a requirement in the application to attribute-based encryption.

In particular, our lower bounds explain the trade-off between ciphertext and secret key sizes of several existing

attribute-based encryption schemes based on the dual system methodology.