IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
13 September 2017
Iddo Bentov, Ranjit Kumaresan, Andrew Miller
Zvika Brakerski, Aayush Jain, Ilan Komargodski, Alain Passelegue, Daniel Wichs
We also show how to upgrade the above results to get non-trivially exponentially efficient indistinguishability obfuscation for null circuits (niO), which guarantees that the obfuscations of any two circuits that always output 0 are indistinguishable. In particular, under the LWE assumptions we get a XniO scheme where the obfuscation time is $2^{n/2}$ for all circuits with input size $n$. It is known that in the case of indistinguishability obfuscation (iO) for all circuits, non-trivially efficient XiO schemes imply fully efficient iO schemes (Lin et al., PKC '16) but it remains as a fascinating open problem whether any such connection exists for WE or niO.
Lastly, we explore a potential approach toward constructing fully efficient WE and niO schemes via multi-input ABE.
Sarah Miracle, Scott Yilek
Jonathan Bootle, Andrea Cerulli, Essam Ghadafi, Jens Groth, Mohammad Hajiabadi, Sune K. Jakobsen
Our construction proceeds in three steps. First, we give a zero-knowledge proof for arithmetic circuit satisfiability in an ideal linear commitment model where the prover may commit to secret vectors of field elements, and the verifier can receive certified linear combinations of those vectors. Second, we show that the ideal linear commitment proof can be instantiated using error-correcting codes and non-interactive commitments. Finally, by choosing efficient instantiations of the primitives we obtain linear-time zero-knowledge proofs.
Shai Halevi, Yuval Ishai, Abhishek Jain, Ilan Komargodski, Amit Sahai, Eylon Yogev
In this work, we present a new solution for NI-MPC against arbitrary collusions using a public-key infrastructure (PKI) setup supplemented with a common random string. A PKI is, in fact, the minimal setup that one can hope for in this model in order to achieve a meaningful ``best possible'' notion of security, namely, that an adversary that corrupts the evaluator and an arbitrary set of parties only learns the residual function obtained by restricting the function to the inputs of the uncorrupted parties. Our solution is based on indistinguishability obfuscation and DDH both with sub-exponential security. We extend this main result to the case of general interaction patterns, providing the above best possible security that is achievable for the given interaction.
Our main result gives rise to a novel notion of (public-key) multiparty obfuscation, where $n$ parties can independently obfuscate program modules $M_i$ such that the obfuscated modules, when put together, exhibit the functionality of the program obtained by ``combining'' the underlying modules $M_i$. This notion may be of independent interest.
Eike Kiltz, Julian Loss, Jiaxin Pan
Sebastian Faust, Clara Paglialonga, Tobias Schneider
Takanori Isobe, Kyoji Shibutani
S.Sharmila Deva Selvi, Arinjita Paul, C. Pandu Rangan
Papa B. Seye, Augustin P. Sarr
Maik Ender, Samaneh Ghandali, Amir Moradi, Christof Paar
Akinori Hosoyamada, Yu Sasaki, Keita Xagawa
Nijmegen, Netherlands, 16 November - 18 November 2017
Submission deadline: 30 September 2017
Washington DC Metro Area, USA, 1 May - 10 May 2018
Submission deadline: 25 September 2017
Notification: 15 January 2018
12 September 2017
Learnrnd
Closing date for applications: 19 December 2017
Contact: Software Development Engineer-Cryptography
Your responsibilities include:
- owning the complete software development life-cycle; defining, prioritizing, designing, implementing, and testing new features for Cryptography.
Skills require in Java or C++
Contact:admin (at) learnrnd.com
More information: http://learnrnd.com
University of Surrey, UK
The research fellow will be working under supervision of Dr Mark Manulis in the interdisciplinary EPSRC funded project “TAPESTRY: Trust, Authentication and Privacy over a DeCentralised Social Registry” that develops and demonstrates new cryptographic protocols to enable people, businesses and services to connect safely online.
Successful applicants will have core skills in the design, analysis and implementation of privacy-oriented cryptographic protocols (e.g. zero-knowledge protocols) and experience in the implementation of distributed/web-based applications (incl. browser plugins). They are expected to hold a PhD, be able to drive their own research direction within the scope of the project and engage with project partners. Funding for conference travel and other dissemination activities will be provided through the project.
Surrey Centre for Cyber Security is an Academic Centre of Excellence in Cyber Security Research recognized by the British Government. More information about SCCS can be found at http://sccs.surrey.ac.uk/
Closing date for applications: 7 October 2017
Contact: Informal inquiries can be sent to Dr Mark Manulis (m.manulis (at) surrey.ac.uk)
More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=079116-R
The contributed talks committee is seeking submissions to be considered for presentation at RWC. The deadline for full consideration is October 5. Information is available at https://rwc.iacr.org/2018/contributed.html.
RWC 2018 will be held in Zurich, Switzerland, January 10-12.
11 September 2017
Julia Kastner, Alexander Koch, Stefan Walzer, Daiki Miyahara, Yu-ichi Hayashi, Takaaki Mizuki, Hideaki Sone
Securely computing arbitrary circuits needs protocols for negation, AND and bit copy in committed-format, where outputs are commitments again. Negation just swaps the bit's cards, computing AND and copying a bit $n$ times can be done with six and $2n+2$ cards, respectively, using the simple protocols of Mizuki and Sone (FAW 2009).
Koch, Walzer and Härtel (ASIACRYPT 2015) showed that five cards suffice for computing AND in finite runtime, albeit using relatively complex and unpractical shuffle operations. In this paper, we show that if we restrict shuffling to closed permutation sets, the six-card protocol is optimal in the finite-runtime setting. If we additionally assume a uniform distribution on the permutations in a shuffle, we show that restart-free four-card AND protocols are impossible. These shuffles are easy to perform even in an actively secure manner (Koch and Walzer, ePrint 2017).
For copying bit commitments, the protocol of Nishimura et al. (ePrint 2017) needs only $2n+1$ cards, but performs a number of complex shuffling steps that is only finite in expectation. We show that it is impossible to go with less cards. If we require an a priori bound on the runtime, we show that the $(2n+2)$-card protocol is card-minimal.
Aner Ben-Efraim, Yehuda Lindell, Eran Omri
In this paper, we consider the case of constant-round multiparty computation, via the garbled circuit approach of BMR (Beaver et al., STOC 1990). In recent work, it was shown that this protocol can be efficiently instantiated for semi-honest adversaries (Ben-Efraim et al., ACM CCS 2016). However, it scales very poorly with the number of parties, since the cost of garbled circuit evaluation is quadratic in the number of parties, per gate. Thus, for a large number of parties, it becomes expensive. We present a new way of constructing a BMR-type garbled circuit that can be evaluated with only a constant number of operations per gate. Our constructions use key-homomorphic pseudorandom functions (one based on DDH and the other on Ring-LWE) and are concretely efficient. In particular, for a large number of parties (e.g., 100), our new circuit can be evaluated faster than the standard BMR garbled circuit that uses only AES computations. Thus, our protocol is an important step towards achieving concretely efficient large-scale multiparty computation for Internet-like settings (where constant-round protocols are needed due to high latency).
09 September 2017
T-H. Hubert Chan, Kai-Min Chung, Elaine Shi
In this paper, we ask whether oblivious simulation of PRAM programs can be further sped up if the OPRAM is allowed to have more CPUs than the original PRAM. We thus initiate a study to understand the true depth of OPRAM schemes (i.e., when the OPRAM may have access to unbounded number of CPUs). On the upper bound front, we construct a new OPRAM scheme that gains a logarithmic factor in depth and without incurring extra blowup in total work in comparison with the state-of-the-art OPRAM scheme. On the lower bound side, we demonstrate fundamental limits on the depth any OPRAM scheme --- even when the OPRAM is allowed to have an unbounded number of CPUs and blow up total work arbitrarily. We further show that our upper bound result is optimal in depth for a reasonably large parameter regime that is of particular interest in practice.