IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
10 April 2017
Jan Czajkowski, Leon Groot Bruinderink andAndreas Hülsing, Christian Schaffner
ePrint ReportWe even go one step further and prove that sponges are collapsing (Unruh, EUROCRYPT'16). Thereby, we can also derive the applicability of sponge functions for collapse-binding commitments.
In addition to the security arguments, we also present a quantum collision attack against sponges. The complexity of our attack asymptotically matches the proven lower bound up to a square root.
09 April 2017
On the Non-Existence of Blockwise 2-Local PRGs with Applications to Indistinguishability Obfuscation
Alex Lombardi, Vinod Vaikuntanathan
ePrint ReportOur attack uses tools from the literature on two-source extractors (Chor and Goldreich, SICOMP 1988) and efficient refutation of 2-CSPs over large alphabets (Allen, O'Donnell and Witmer, FOCS 2015). Finally, we propose new ways to instantiate the Lin-Tessaro construction that do not immediately fall to our attacks. While we cannot say with any confidence that these modifications are secure, they certainly deserve further cryptanalysis.
07 April 2017
Lugano, Switzerland, 13 November - 15 November 2017
Event CalendarSubmission deadline: 21 July 2017
Notification: 12 September 2017
Telecom ParisTech, Paris, France
Job PostingThe IQA group is part of several active networks of researchers in quantum information, which provides a dynamic context for scientific exchange, collaboration and opportunities for financial support: the Paris Centre for Quantum Computing” http://www.pcqc.fr/, the “Domaine d’Intérêt Majeur” project called SIRTEQ (regional cluster) and the project IQUPS : quantum information at university Paris –Saclay.
The IQA group is also involved in master courses in Paris-Saclay, in Quantum communications and quantum cryptography, as well as a specialized master program on quantum information and post-quantum cryptography.
The IQA group is part of the Network & Computer Sc. departement (INFRES Dpt.) and the Laboratoire Traitement et Communication de l’information l’Information (LTCI).
The recruited associate professor will contribute to the research and teaching activities, as detailed in the official announcement (in French) http://www.telecom-paristech.fr/nc/telecom-paristech/offres-emploi-stages-theses/fiche-offre- demploi.html?offre_emploi=181
The successful candidate will take part in the research projects lead in the team, and will also initiate new research projects, in particular on quantum information and post-quantum cryptography. Research results will be published in leading journals and conferences. Activities in scientific bodies, organization of special sessions, workshops as well as involvements in committees of scientific conferences will also be encouraged, as they contribute to the visibility.
Teaching can be done at bachelor level, in computer science and maths, and also at master level in more specialized courses, such as information theory, algebra, quantum physics, quantum information, cryptography.
Closing date for applications: 5 May 2017
Contact: Isabelle Zaquine
Département Informatique et Réseaux
Télécom ParisTech, LTCI
Université Paris-Saclay
46 rue Barrault Paris 13e , Bureau C234-5
+33 1 45 81 78 39
isabelle.zaquine (at) telecom-paristech.fr
More information: http://www.telecom-paristech.fr/telecom-paristech/offres-emploi-stages-theses.html
Evernym, Utah
Job PostingUse elliptic curve cryptography, digital signatures, and commitments in an established codebase to help the world securely interact in a way that preserves privacy.
Write code in python and possibly a system language or two (C, Rust, Go) that invokes c-callable crypto libraries to exchange anonymous credentials (see http://www.research.ibm.com/labs/zurich/idemix/ and https://www.microsoft.com/en-us/research/project/u-prove/) and build zero-knowledge proofs. Integrate with technologies like zkSNARKS and Ethereum.
Build byzantine fault tolerant protocols for distributed consensus.
Work on specific federal government contracts.*
Requirements
Master’s degree or PhD in cryptography or a closely related field--or active enrollment in such a program.
At least 5 years of experience with software engineering
Familiarity with applied cryptography, cryptanalysis, and similar topics; the stronger the math background, the better. Familiarity with networking and cryptocurrencies. Good competence as a coder (python preferred, but strengths in other languages may be considered). Comfort on Linux (though we also work on Mac and Windows).
Flexibility to work with remote colleagues in different time zones.
Strongly preferred: Ability to work in our Utah office (Lehi/American Fork). Some remote work possible.
This is a regular full-time position.
*Federal Government project requires US Citizenship.
Closing date for applications: 4 July 2017
Contact: Steve Tolman
careers (at) evernym.com
06 April 2017
Iddo Bentov, Pavel Hub\'{a}\v{c}ek, Tal Moran, Asaf Nadler
ePrint ReportMeshcash, is designed to be race-free: there is no ``race'' to generate the next block, hence honestly-generated blocks are always rewarded. This property, which we define formally as a game-theoretic notion, turns out to be useful in analyzing rational miners' behavior: we prove (using a generalization of the blockchain mining games of Kiayias et al.) that race-free blockchain protocols are incentive-compatible and satisfy linearity of rewards (i.e., a party receives rewards proportional to its computational power).
Because Meshcash can tolerate a high block rate regardless of network propagation delays (which will only affect latency), it allows us to lower both the variance and the expected time between blocks for honest miners; together with linearity of rewards, this makes pooled mining far less attractive. Moreover, race-free protocols scale more easily (in terms of transaction rate). This is because the race-free property implies that the network propagation delays are not a factor in terms of rewards, which removes the main impediment to accommodating a larger volume of transactions.
We formally prove that all of our guarantees hold in the asynchronous communication model of Pass, Seeman and shelat, and against a constant fraction of byzantine (malicious) miners; not just rational ones.
Hao Chen, Kim Laine, Peter Rindal
ePrint ReportThe most computationally efficient PSI protocols have been constructed using tools such as hash functions and oblivious transfer, but a potential limitation with these approaches is the communication complexity, which scales linearly with the size of the larger set. This is of particular concern when performing PSI between a constrained device (cellphone) holding a small set, and a large service provider (e.g. WhatsApp), such as in the Private Contact Discovery application.
Our protocol has communication complexity linear in the size of the smaller set, and logarithmic in the larger set. More precisely, if the set sizes are Nx for the sender, and Ny for the receiver, we achieve a communication overhead of O(NylogNx). Our benchmarks show that it takes 36 seconds of online-computation, 71 seconds of non-interactive (receiver-independent) pre-processing, and only 12.5MB of round trip communication to intersect five thousand 32-bit strings with 16 million 32-bit strings. Compared to prior works, this is roughly a 38 times reduction in communication, with minimal increase in computation.
Séamus Brannigan, Neil Smyth, Tobias Oder, Felipe Valencia, Elizabeth O'Sullivan, Tim Güneysu, Francesco Regazzoni
ePrint ReportGildas Avoine, Xavier Bultel, S\'ebastien Gambs, David G\'erault, Pascal Lafourcade, Cristina Onete, Jean-Marc Robert
ePrint ReportIn this paper, we propose a novel approach to obtain provable terrorist-fraud resistant protocols without assuming that provers have any long-term secret key. Instead, the attacker simply has to replay the information that he has received from his accomplice. Based on this, we present a generic construction for provably secure distance-bounding protocols, and give three instances: (1) an efficient symmetric-key protocol, (2) a public-key protocol protecting the identities of the provers against external eavesdroppers, and finally (3) a fully anonymous protocol protecting the identities of the provers even against malicious verifiers trying to profile them.
05 April 2017
Seoul, Korea, 10 August - 11 August 2017
Event CalendarSubmission deadline: 23 April 2017
Notification: 9 June 2017
Rhodes, Greece, 23 October - 24 October 2017
Event CalendarSubmission deadline: 12 July 2017
Notification: 20 August 2017
04 April 2017
Dennis Hofheinz
ePrint ReportOur definition and construction can be seen as generalizations of all-but-one LTFs (due to Peikert and Waters) and all-but-N LTFs (due to Hemenway et al.). However, to achieve ABM-LTFs (and thus a number of lossy tags which is not bounded by any polynomial), we have to employ some new tricks. Concretely, we give two constructions that employ ``disguised'' variants of the Waters, resp. Boneh-Boyen signature schemes to make the generation of lossy tags hard without trapdoor. In a nutshell, lossy tags simply correspond to valid signatures. At the same time, tags are disguised (i.e., suitably blinded) to keep lossy tags indistinguishable from injective tags.
ABM-LTFs are useful in settings in which there are a polynomial number of adversarial challenges (e.g., challenge ciphertexts). Specifically, building on work by Hemenway et al., we show that ABM-LTFs can be used to achieve selective opening security against chosen-ciphertext attacks. One of our ABM-LTF constructions thus yields the first SO-CCA secure encryption scheme with compact ciphertexts (O(1) group elements) whose efficiency does not depend on the number of challenges. Our second ABM-LTF construction yields an IND-CCA (and in fact SO-CCA) secure encryption scheme whose security reduction is independent of the number of challenges and decryption queries.
03 April 2017
Swedish NCSA
Job PostingPlease note that a Swedish citizenship is a mandatory requirement to apply for this position. Applicants considered for employment will be required to undergo security vetting.
Closing date for applications: 30 April 2017
More information: http://jobb.forsvarsmakten.se/sv/lediga-tjanster/13088
Swedish NCSA
Job PostingPlease note that a Swedish citizenship is a mandatory requirement to apply for this position. Applicants considered for employment will be required to undergo security vetting procedures.
Closing date for applications: 30 April 2017
More information: http://jobb.forsvarsmakten.se/sv/lediga-tjanster/13085
TU Wien, Vienna
Job PostingThe salary as a postdoctoral researcher is covered by level B1 of the Austrian
Collective Agreement for university staff, and is currently EUR 3.626,60 per month/gross (14 times a year).
The successful applicant will carry out his/her research activity in one of the following areas:
- Formal Methods for Security and Privacy
- Web Security
- Mobile Security
- Cryptocurrencies
- Privacy-Enhancing Technologies
- Applied Cryptography
Outstanding candidates in other security domains are also encouraged to apply.
The specific requirements for this postdoc position are the following:
- Scientific excellence, as witnessed by publications in top-tier security venues
- PhD in Computer Science
- Very good English skills (writing, speaking)
The TU Wien is committed to increasing female employment in leading scientific positions. Female applicants are explicitly encouraged to apply. Preference will be given to female applicants when equally qualified.
Only applications received by April 26, 2017 will receive consideration.
Applications should be submitted by e-mail to veronika.korn (at) tuwien.ac.at and include
A cover letter stating the candidate\'s motivation to apply, and the reason(s) why they should be selected for the position
- A CV
- A short research statement
- Three most significant publications
- The contact details of two referees
For informal inquiries, please contact
Univ. Prof. Matteo Maffei (matteo.maffei (at) tuwien.ac.at)
Closing date for applications: 26 April 2017
Adi Akavia, Rio LaVigne, Tal Moran
ePrint ReportOur techniques employ random-walks to generate paths covering the graph, upon which we apply the Akavia-Moran topology-hiding broadcast for chain-graphs (paths). To prevent topology information revealed by the random-walk, we design multiple random-walks that, together, are locally identical to receiving at each round a message from each neighbors and sending back processed messages in a randomly permuted order.
Ludo Tolhuizen, Ronald Rietman, Oscar Garcia-Morchon
ePrint ReportJung Hee Cheon, Miran Kim, Yongsoo Song
ePrint ReportThe important feature of our method is to encode a genomic database as a single element of polynomial ring. It also requires only a single homomorphic multiplication for query computation. Thus this method has the advantage over the previous methods in parameter size, computational complexity, and communication cost.
We evaluate the performance of our method and verify that computation on large-scale personal data can be securely and practically outsourced to a cloud environment during data analysis. It takes about 3.9 seconds to search-and-extract the reference and alternate sequences of the queried position in a database of size 4M.