IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
21 October 2016
Saint Petersburg, Russia, 5 June - 7 June 2017
Submission deadline: 6 February 2017
Notification: 3 April 2017
Rome, Italy, 29 May - 31 May 2017
Submission deadline: 23 December 2016
Notification: 24 February 2017
Radboud University
As a postdoctoral researcher, you will join the European research project DECODE (DEcentralised Citizens Owned Data Ecosystem) that aims to develop distributed architectures for decentralised data governance. You will conduct research on decentralised identity and reputation management using attribute-based credentials and distributed ledgers. You will communicate your findings through papers in peer-reviewed research journals and at international conferences. You will also be involved in training and teaching PhD and BSc/MSc students.
Work environment
You will join the Digital Security section, headed by Prof. Bart Jacobs. The group works on a broad range of topics in computer security and privacy, including applied cryptography, security protocols, smartcards and RFID, and software security and correctness. We are also interested in societal aspects of digital security, such as privacy and e-voting, and interaction with disciplines outside computer science such as cryptography and law.
The Digital Security section is part of the vibrant and growing Institute for Computing and Information Sciences (iCIS). iCIS is consistently ranked as one of the top Computer Science departments in the Netherlands (National Research Review Computer Science 2002-2008 and 2009-2014).
You will work with Jaap-Henk Hoepman (scientific director of the Privacy & Identity Lab) on the DECODE project. Other partners in this project are Nesta (UK), Institut Municipal d\'Informatica de Barcelona (Spain), Arduino Verkstad (Sweden), University College London (UK), Waag Society (Netherlands), Eurecat (Spain) and CNRS (France).
Closing date for applications: 20 November 2016
Contact: Name: Jaap-Henk Hoepman
Email: jhh (at) cs.ru.nl
More information: http://www.ru.nl/werken/details/details_vacature_0/?taal=uk&recid=590659
20 October 2016
Amit Jana, Goutam Paul
Yupu Hu, Zhizhu Lian
Kristen Dorey, Nicholas Chang-Fong, Aleksander Essex
We conducted an investigation of discrete logarithm domain parameters in use across the Internet and discovered evidence of a multitude of potentially backdoored moduli of unknown order in TLS and STARTTLS spanning numerous countries, organizations, and protocols. Although our disclosures resulted in a number of organizations taking down suspicious parameters, we argue the potential for TLS backdoors is systematic and will persist until either until better parameter hygiene is taken up by the community, or finite field based cryptography is eliminated altogether.
Yilei Chen, Craig Gentry, Shai Halevi
For the GGHRSW obfuscator over GGH13, we show how to recover the ideal generating the plaintext space when the branching program has input partitioning. Combined with the information that we extract about the ``multiplicative bundling'' scalars, this lets us extend the annihilation attack of Miles, Sahai and Zhandry, to handle the GGHRSW block-randomization of the branching-program matrices. (We stress that our attack does not break the candidate obfuscators of Miles et al. and Garg et al. (ePrint 2016/588, 2016/817), since their dual-input branching programs are inherently not partitionable.) Alternatively, once we have the ideal we can solve the principle-ideal problem (PIP) in classical subexponential time or quantum polynomial time, hence obtaining a total break.
For the GGH15 variant, we show how to use the left-kernel technique of Coron, Lee, Lepoint and Tibouchi to recover ratios of the bundling scalars. Once we have the ratios of the scalar products, we can use factoring and PIP solvers (in classical subexponential time or quantum polynomial time) to find the scalars themselves, then run mixed-input attacks to break the obfuscation.
Carsten Baum, Ivan Damgård, Sabine Oechsner, Chris Peikert
Francesco Berti, François Koeune, Olivier Pereira, Thomas Peters, François-Xavier Standaert
18 October 2016
University of Surrey, Surrey Centre for Cyber Security
The successful candidate will be working on the design, security analysis and implementation of privacy-oriented cryptographic protocols that use zero-knowledge proofs, distributed ledger technologies and authentication mechanisms.
More information about the position and the application process is available at https://jobs.surrey.ac.uk/vacancy.aspx?ref=079116
The candidate will be working with Dr Mark Manulis, Deputy Director of SCCS. Applications must be made through the online portal. Questions can be sent to m.manulis AT surrey DOT ac DOT uk
Closing date for applications: 18 November 2016
University of Limoges, Limoges, France
Applicants who have a Master degree (for the PhD position) and a PhD degree (for the post-doc position) in Computer Science / Mathematics or related disciplines are encouraged to apply. Further skills in complexity, coding theory and/or software development will also be very appreciated.
The successful applicant will participate in the project ALAMBIC (AppLicAtions of MalleaBIlity in Cryptography) and IDFIX (IDentity-based cryptography For Identification and eXchange) financed by the French governmental research funding agency ANR (Agence Nationale de la Recherche).
International applicants are welcome but need to be eligible to a proper visa before starting their position.
Applications will be considered until the positions are filled, ideally the positions would start in September October 2017.
Closing date for applications:
Contact: Applications and questions should be directed as soon as possible to:
- Olivier Blazy
olivier.blazy (at) unilim.fr
- Duong Hieu Phan
duong-hieu.phan (at) unilim.fr.
University of Luxembourg
We welcome candidates with an MSc degree in computer science, mathematics, engineering and related areas.
Good analytical skills and familiarity with mathematical reasoning are mandatory. Strong background in theoretical computer science and principles of modern cryptography are an advantage.
The candidate will be supervised by Dr. Vincenzo Iovino and Prof. Peter Ryan, head of the APSIA, a very active and large research group aimed to conduct research in several aspects of information assurance from the mathematical foundations to the usability concerns.
The University offers highly competitive salaries, excellent working conditions and may assist in finding accommodation.
Closing date for applications: 31 December 2016
Contact:
Dr. Vincenzo Iovino, vincenzo.iovino (at) uni.lu
Prof. Peter Ryan, peter.ryan (at) uni.lu
Aarhus University
Applicants should be able to show solid expertise (in the form of scientific publications at major crypto/security venues such as CRYPTO, EUROCRYPT, ASIACRYPT, TCC, PKC, ACM CCS, IEEE S&P, USENIX Security, etc.) in the design and/or implementation of cryptographic protocols. Topics of particular interest include: secure multiparty computation, zero-knowledge, homomorphic encryption, oblivious RAM, differential-privacy, cryptocurrencies, etc.
The closing date is nominal only. Write to Claudio Orlandi (orlandi AT cs au dk) for more information.
(PhD positions are available too, see earlier posting).
Closing date for applications: 31 December 2016
Contact: Claudio Orlandi, Associate Professor,
orlandi AT cs au dk
University of Illinois
Qualified senior candidates may also be considered for tenured full Professor positions as part of the Grainger Engineering Breakthroughs Initiative, which is backed by a $100-million gift from the Grainger Foundation. Over the next few years, more than 35 new endowed professorships and chairs will be established, which will provide incredible opportunities for world-renowned researchers.
Closing date for applications: 6 January 2017
Contact: Carl A. Gunter
More information: https://cs.illinois.edu/about-us/faculty-positions
17 October 2016
Luke Valenta, David Adrian, Antonio Sanso, Shaanan Cohney, Joshua Fried, Marcella Hastings, J. Alex Halderman, Nadia Heninger
Leonid Reyzin, Dmitry Meshkov, Alexander Chepurnoy, Sasha Ivanov
A public ledger (blockchain) in a cryptocurrency needs to be easily verifiable. However, maintaining a data structure of all account balances, in order to verify whether a transaction is valid, can be quite burdensome: a verifier who does not have the large amount of RAM required for the data structure will perform slowly because of the need to continually access secondary storage. We use experiments to demonstrate that authenticated dynamic dictionaries can considerably reduce verifier load. On the other hand, per-transaction proofs generated by authenticated dictionaries increase the size of the blockchain, which motivates us to find a solution with most compact proofs.
Our improvements to the design of authenticated dictionaries reduce proof size and speed up verification by 1.4-2.5 times, making them better suited for the cryptocurrency application. We further show that proofs for multiple transactions in a single block can compressed together, reducing their total length by approximately an additional factor of 2.
Liran Lerman, Olivier Markowitch, Nikita Veshchikov
Matthew Amy, Olivia Di Matteo, Vlad Gheorghiu, Michele Mosca, Alex Parent, John Schanck
We exhibit a circuit for a pre-image attack on SHA-256 that is approximately $2^{153.8}$ surface code cycles deep and requires approximately $2^{12.6}$ logical qubits. This yields an overall cost of $2^{166.4}$ logical-qubit-cycles. Likewise we exhibit a SHA3-256 circuit that is approximately $2^{146.5}$ surface code cycles deep and requires approximately $2^{20}$ logical qubits for a total cost of, again, $2^{166.5}$ logical-qubit-cycles. Both attacks require on the order of $2^{128}$ queries in a quantum black-box model, hence our results suggest that executing these attacks may be as much as $275$ billion times more expensive than one would expect from the simple query analysis.
Juan A. Garay, Aggelos Kiayias, Nikos Leonardos, Giorgos Panagiotakos
In this paper we show how to remove the latter assumption, presenting a ``bootstrapped'' Bitcoin-like blockchain protocol relying on POWs that builds genesis blocks ``from scratch'' in the presence of adversarial pre-computation. The only known previous result in the same setting (unauthenticated parties, no trusted setup) [Crypto 2015] is indirect in the sense of creating a PKI first and then employing conventional PKI-based authenticated communication.
With our construction we establish that consensus can be solved directly by a blockchain protocol {\em without} trusted setup assuming an honest majority (in terms of computational power). % We also formalize {\em miner unlinkability}, a privacy property for blockchain protocols, and demonstrate that our protocol retains the same level of miner unlinkability as Bitcoin itself.