International Association
for Cryptologic Research

We have several open positions for PhD/PostDoc at School of Computer Science, Guangzhou University. The university is located at Guangzhou, which is the third biggest city in China. Our attractive openings are suitable for PhD candidates and PostDoc researchers who seek to work in the field of information security. The research topics include but are not limited to: cloud computing security, big data security, privacy protection in machine learning, IoT security, and public-key cryptography.

PhD candidates will be provided full research scholarship, allowances, free single dorm room, and round-trip tickets (twice a year). PostDoc researchers will be offered competitive salary package plus other benefits.

Interested candidates please send your CV, reference letters, and copies of certificates to Prof. Jin Li. PostDocs please add your publication list.

More information about Prof. Jin Li:

http://www.scholat.com/jinli71

https://scholar.google.com/citations?user=7GDV2vUAAAAJ&hl=en&oi=ao

Closing date for applications: 30 June 2018

Contact: Prof. Jin Li

Email: jinli71 (at) gmail.com

The 2017 election was held to fill three of nine IACR Director positions. 618 ballots were cast (39.6% of 1559 eligible voters). The results are below, with elected candidates in bold:

Candidates for IACR Director:

• Tancrède Lepoint: 330
• Masayuki Abe: 301
• Moti Yung: 283
• Josh Benaloh: 227

Election verification data can be found at https://vote.heliosvoting.org/helios/e/IACR2017.

Event date: 4 January to 8 January 2018

The Agency for Science, Technology and Research (A*STAR) is Singapore’s lead government agency for economic-oriented Research and Development (R&D). We advance science and develop innovative technology to further economic growth and improve lives. For more information about A*STAR, please visit: www.a-star.edu.sg

JOB DESCRIPTION

This security project is related to “Computing on Encrypted Data” and address how to efficiently outsource computation with fully homomorphic encryption, leakage-resilient cryptography, lattice-based cryptography and secure multi-party computation. The project is to address data security problems and develop new security technologies by focusing on Fully Homomorphic Encryption (FHE). The applicant will need to develop optimise and implement FHE schemes in field level. Furthermore, an in depth security analysis of the proposed systems will be required. Highly motivated candidates interested in this research area are welcome to apply. Candidates are expected to have thorough understanding of the state-of-the-art research in this field and with breadth of knowledge of the current issues and recent technology advancements. An in depth security analysis of the proposed systems will be required. Specific skills required strong background in mathematics and preferably experience with implementing advanced mathematical structures.

DESIRED SKILLS AND EXPERIENCE

PhD in Applied Mathematics or equivalent

Strong interest in secure and efficient cryptographic implementations

Experience in developing prototypes in a research environment

Highly self-motivated and willing to learn new technology

Demonstrated potential to excel in collaborative research spanning multiple research areas

Prior experience in embedded software or hardware design is a plus point

Closing date for applications: 31 December 2018

Contact:

• Khin Mi Mi Aung
• Senior Scientist
• Agency for Science, Technology and Research (A*STAR), Singapore

More information: http://www.a-star.edu.sg/dsi

Continental, the Security Competence Center is part of the unit Cross Divisional Systems leading by CTO, which is a cross-divisional organization within Corporate System & Technology, reporting directly to the board of Continental and supporting all automotive business units of Continental.

Your task is to define, implement and execute Security and Privacy attack methods and their countermeasures for in-vehicle networks, Car2X and Backend services.

Responsibilities:

• Define security tests for embedded systems, backend, Smartphone & Connectivity

• Develop countermeasures for detected vulnerabilities

• Develop tools to demonstrate the efficiency of the security mechanisms

• Develop and refine the Security and Privacy concept for connected services between vehicle and backend services

• Implementation of novel Security & Privacy mechanisms

Requirements:

• University degree in computer science, electrical engineering or mathematics with a deep focus on security, privacy, cryptology, or similar

• In-depth Experiences with projects related to cloud security, smartphone security and backend security

• Knowledge of Security Risk Analysis methods (e.g. STRIDE)

• Knowledge of Security Source Code Analysis methods

• Knowledge of Quantum cryptography is preferred

• An application with several years of experience in the field of Automotive Security and Privacy is preferred

• Good & open communication

• Mobility to collaborate creatively in international teams

Please apply as soon as possible.

Link:

https://krb-sjobs.brassring.com/tgwebhost/jobdetails.aspx?jobId=1118857&PartnerId=30050&SiteId=5879&JobReqLang=1&JobSiteId=5879&JobSiteInfo=1118857_5879&phid=89434&codes=SM_Linkedin&nonloginid=

Closing date for applications: 1 March 2018

Contact: Estelle Wang

Estelle.wang (at) continental-corporation.com

NTRUEncrypt is a fast lattice-based cryptosystem and a probable alternative of the existing public key schemes. The existing provable-secure NTRUEncrypts are limited by the cyclotomic field it works on - the prime-power cyclotomic field. This is worth worrying, due to the subfield attack methods proposed in $2016$. Also, the module used in computation and security parameters rely heavily on the choice of plaintext space. These disadvantages restrict the applications of NTRUEncrypt.

In this paper, we give a new provable secure NTRUEncrypt in standard model under canonical embedding over any cyclotomic field. We give an reduction from a simple variant of RLWE - an error distribution discretized version of RLWE, hence from worst-case ideal lattice problems, to our NTRUEncrypt. In particular, we get a union bound for reduction parameters and module for all choices of plaintext space, so that our NTRUEncrypt can send more encrypted bits in one encrypt process with higher efficiency and stronger security. Furthermore, our scheme's decryption algorithm succeeds with probability $1-n^{\o(\sqrt{n\log n})}$ comparing with the previous works' $1-n^{-\o(1)}$, making our scheme more practical in theory.

We propose a new attack framework based upon cube testers and d-monomial tests. The d-monomial test is a general framework for comparing the ANF of the symmetric cipher’s output with ANF of a random Boolean function. In the d-monomial test, the focus is on the frequency of the special monomial in the ANF of Boolean functions, but in the proposed framework, the focus is on the truth table. We attack ACORN-v3 and Grain-128a and demonstrate the efficiency of our framework. We show how it is possible to apply a distinguishing attack for up to 676 initialization rounds of ACORN-v3 and 171 initialization rounds of Grain-128a using our framework. The attack on ACORN-v3 is the best practical attack (and better results can be obtained by using more computing power). One can apply distinguishing attacks to black box symmetric ciphers by the proposed framework, and we suggest some guidelines to make it possible to improve the attack by analyzing the internal structure of ciphers. The framework is applicable to all symmetric ciphers and hash functions. We discuss how it can reveal weaknesses that are not possible to find by other statistical tests. The attacks were practically implemented and verified.

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) has been proposed to implement fine-grained access control. Data owners encrypt data with a certain access policy so that only data users whose attributes satisfy the access policy can decrypt the ciphertext. A user can be automatically assigned an access privilege based on whether his/her attributes satisfying a given access policy described by attributes and their logical relations. In order to provide more flexible policy-based access control, attribute-based revocation approaches had been proposed to provide the NOT logic on attributes to allow attribute-based revocation. However, previous solutions increase the attribute management overhead when considering each user’s ID as an attribute for more precise revocations at the individual user-level. To address this issue, in this paper, an ID-ABE scheme is presented, where a user’s ID is incorporated into the key generation procedure allowing user-ID-based revocation. In addition to ID-based revocation, ID-ABE also presents a hierarchical identity structure to build a delegation framework to enable group-based revocation. In the end, we also evaluate the performance of the proposed scheme in terms of computation, storage and communication overhead, which shows the practical value of the solution for secure data sharing applications.

Ciphertext Policy Attribute-Based Encryption (CP- ABE) has been proposed to implement the attribute-based access control model. In CP-ABE, data owners encrypt the data with a certain access policy such that only data users whose attributes satisfy the access policy could obtain the corresponding private decryption key from a trusted authority. Therefore, CP-ABE is considered as a promising fine-grained access control mechanism for data sharing where no centralized trusted third party exists, for example, cloud computing, mobile ad hoc networks (MANET), Peer-to-Peer (P2P) networks, information centric networks (ICN), etc.. As promising as it is, user revocation is a cumbersome problem in CP-ABE, thus impeding its application in practice. To solve this problem, we propose a new scheme named HIR-CP-ABE, which implements hierarchical identity- based user revocation from the perceptive of encryption. In particular, the revocation is implemented by data owners directly without any help from any third party. Compared with previous attribute-based revocation solutions, our scheme provides the following nice properties. First, the trusted authority could be offline after system setup and key distribution, thus making it applicable in mobile ad hoc networks, P2P networks, etc., where the nodes in the network are unable to connect to the trusted authority after system deployment. Second, a user does not need to update the private key when user revocation occurs. Therefore, key management overhead is much lower in HIR-CP-ABE for both the users and the trusted authority. Third, the revocation mechanism enables to revoke a group of users affiliated with the same organization in a batch without influencing any other users. To the best of our knowledge, HIR-CP-ABE is the first CP-ABE scheme to provide affiliation-based revocation functionality for data owners. Through security analysis and performance evaluation, we show that the proposed scheme is secure and efficient in terms of computation, communication and storage.

Ciphertext-Policy Attribute-Based Encryp- tion (CP-ABE) is an access control mechanism over encrypted data and well suited for secure group-based communication. However, it also suffers from the fol- lowing problem, i.e., it is impossible to build all de- sired groups. For example, if two group members have exactly the same attributes, how to construct a group including only one of the two members? Obviously, at- tributes alone cannot distinguish these two members, therefore existing CP-ABE solutions do not work. To address this issue, in this paper, we present a new CP-ABE scheme (called IR-CP-ABE) that incorporates an Identity-based Revocation capability. With IR-CP-ABE, an access policy will be constructed by not only group members’ attributes but also their identities. To build a group, first, build a candidate group based on all de- sired group members’ attributes; second, remove unde- sired members by revoking their identities. By evaluat- ing the security and efficiency of a proposed construc- tion, we show that the IR-CP-ABE scheme is secure and efficient for practical applications.

The IACR congratulates Chris Peikert and Alon Rosen for being awarded the Theory of Cryptogrpahy Conference (TCC) Test of Time Award. Their article Efficient Collision-Resistant Hashing from Worst-Case Assumptions on Cyclic Lattices, published in TCC 2006, is recognized for advancing the use of hard algebraic lattice problems in cryptography, paving the way for major theoretical and practical advances. The award was presented this Tuesday at the TCC 2017 conference in Baltimore.

The TCC Test of Time award was introduced in 2015. It recognizes outstanding papers, published in the Theory of Cryptography Conference (TCC) at least eight years ago, making a significant contribution to the theory of cryptography, preferably with influence also in other area of cryptography, theory, and beyond. For more information about the Test of Time award, including information on nominating a paper, please see the page at http://www.iacr.org/workshops/tcc/awards.html.

A dealer-free and non-interactive dynamic threshold secret sharing scheme has been proposed by Harn et.al., in 2015. In this scheme, a (t; n) secret sharing scheme in secret reconstruction phase can turn into a (m; n) scheme in secret reconstruction phase, where m is the number of participanting shareholders. It has been claimed that the secrecy of shares and the secrecy of the secret are unconditionally preserved if $m \in (t; 1 + t(t + 1)=2]$. This paper provides a security analysis of this scheme in two directions. Firstly, we show that this scheme does not have the dynamic property, i.e. any t + 1 released values are sufficient to reconstruct the secret, even the agreed updated threshold is larger. Secondly, we show that any t + 1 released values are sufficient to forge the released value of a non-participating shareholder. The technique that we enjoyed for our analysis is the linear subspace method, which basically measures the information leaked by the known parameters of the scheme by computing the dimension of the linear subspace spanned by these parameter. This method has shown to be capable of cryptanalysis of some secret sharing based schemes, whose security relies on keeping the coefficients of the underlying polynomial(s) secret.

Singapore University of Technology and Design (SUTD) is a young university which was established in collaboration with MIT. iTrust is a Cyber Security Research Center with about 15 multi-discipline faculty members from SUTD. It has the world\'s best facilities in cyber-physical systems (CPS) including testbeds for Secure Water Treatment (SWaT), Water Distribution (WADI), Electric Power and Intelligent Control (EPIC), and IoT. (See more info at https://itrust.sutd.edu.sg/research/testbeds/).

We are seeking applications for a tenure track assistant professor on network and system security, which is available immediately. The candidates should have track record of strong R&D capability, with publications at top security conferences.

Interested candidates please send your CV to Prof. Jianying Zhou (faculty search committee).

Closing date for applications: 31 March 2018

Contact: jianying_zhou (at) sutd.edu.sg

More information: https://istd.sutd.edu.sg/

Functional encryption technology (FENTEC) is a project within the H2020 RIA starting January 2018. The project aims to advance the state of art of functional encryption. The consortium members seek to fill following positions:

• ENS Paris seeks 1 PostDoc to work on the design of new functional encryption schemes, both in the single-input and multi-input settings. The candidate will be joining the ENS Crypto Team (https://crypto.di.ens.fr) and is expected to have a strong academic record with demonstrated experience in the design of cryptographic schemes. Contact: Michel Abdalla (michel.abdalla (at) ens.fr)
• Flensburg University seeks 2 PhD/PostDocs to research novel lattice and pairing-based functional encryption schemes. Your host will be Prof. Dr. Sebastian Gajek, chair of the ITSC group (https://www.itsc.inf.hs-flensburg.de/). Contact: Sebastian Gajek (sebastian.gajek (at) hs-flensburg.de)
• University of Helsinki seeks a PhD student or a PostDoc to research optimisations of functional encryption schemes for efficient hardware based implementations. Your host will be Dr. Kimmo Järvinen, Senior Researcher in Secure Systems group in Department of Computer Science. Contact: Dr. Kimmo Järvinen (kimmo.u.jarvinen (at) helsinki.fi)
• Atos seeks a software developer with experience in cryptography to participate in the implementation of functional encryption systems, in addition to participating in other e-identity and cybersecurity research projects. This position is based in Spain, in the Atos Research & Innovation division Contact: Pedro Soria-Rodriguez (pedro.soria (at) atos.net)
• Wallix seeks a researcher with relevant experience in cryptography, that is interested both in research and proper implementation of primitives and applied cryptography. The position within the Innovation Department is based in Paris, France. Contact: Henri Binsztok (hbinsztok at wallix.com)

Please send your CV with a covering letter. PostDocs are asked to add two letters of recommendation. The positions are vacant until they are filled.

Closing date for applications: 1 February 2018

Contact:

• ENS: Michel Abdalla (michel.abdalla (at) ens.fr)
• FUAS: Sebastian Gajek (sebastian.gajek (at) hs-flensburg.de)
• HU: Dr. Kimmo Järvinen (kimmo.u.jarvinen (at) helsinki.fi)
• ATOS: Pedro Soria-Rodriguez (pedro.soria (at) atos.net)
• WALLIX: Henri Binsztok (hbinsztok at wallix.com)

Efficiently searchable and easily deployable encryption schemes enable an untrusted, legacy service such as a relational database engine to perform searches over encrypted data. The ease with which such schemes can be deployed on top of existing services makes them especially appealing in operational environments where encryption is needed but it is not feasible to replace large infrastructure components like databases or document management systems. Unfortunately all previously known approaches for efficiently searchable encryption are vulnerable to inference attacks where an adversary can use knowledge of the distribution of the data to recover the plaintext with high probability.

In this paper, we present the first efficiently searchable, easily deployable database encryption scheme that is provably secure against inference attacks even when used with real, low-entropy data. Ours is also the only efficiently searchable construction that provides any provable security for protecting multiple related attributes (columns) in the same database. Using this ESE construction as a building block, we give an efficient construction for performing range queries over encrypted data.

We implemented our constructions in Haskell and used them to query encrypted databases of up to 10 million records. In experiments with a local Postgres database and with a Google Cloud Platform database, the response time for our encrypted queries is not excessively slower than for plaintext queries. With the use of parallel query processing, our encrypted queries can achieve similar and in some cases superior performance to queries on the plaintext.

Non-malleable Codes (NMCs), introduced by Dziembowski, Peitrzak and Wichs (ITCS 2010), serve the purpose of preventing "related tampering" of encoded messages. The most popular tampering model considered is the $2$-split-state model where a codeword consists of 2 states, each of which can be tampered independently. While NMCs in the $2$-split state model provide the strongest security guarantee, despite much research in the area we only know how to build them with poor rate ($\Omega(\frac{1}{logn})$, where $n$ is the codeword length). However, in many applications of NMCs one only needs to be able to encode randomness i.e., security is not required to hold for arbitrary, adversarially chosen messages. For example, in applications of NMCs to tamper-resilient security, the messages that are encoded are typically randomly generated secret keys. To exploit this, in this work, we introduce the notion of "Non-malleable Randomness Encoders" (NMREs) as a relaxation of NMCs in the following sense: NMREs output a random message along with its corresponding non-malleable encoding.

Our main result is the construction of a $2$-split state, rate-$\frac{1}{2}$ NMRE. While NMREs are interesting in their own right and can be directly used in applications such as in the construction of tamper-resilient cryptographic primitives, we also show how to use them, in a black-box manner, to build a $3$-split-state (standard) NMCs with rate $\frac{1}{3}$. This improves both the number of states, as well as the rate, of existing constant-rate NMCs.

With the gradual progress of NIST's post-quantum cryptography standardization, several practical post-quantum secure key encapsulation mechanism (KEM) schemes have been proposed. Generally, an IND-CCA-secure KEM is usually achieved by introducing an IND-CPA-secure (or OW-CPA-secure) public-key encryption (PKE) scheme, then applying some generic transformations to it. All these generic transformations are constructed in the random oracle model (ROM). To fully assess the post-quantum security, security analysis in the quantum random oracle model (QROM) is preferred. However, current works either lacked a QROM security proof or just followed Targhi and Unruh's proof technique (TCC-B 2016) and modified the original transformations by adding an additional hash to the ciphertext to achieve the QROM security.

In this paper, by using a novel proof technique, we present QROM security reductions for two widely used generic transformations without suffering any ciphertext overhead. Meanwhile, the security bounds are much tighter than the ones derived by utilizing Targhi and Unruh's proof technique. Thus, our QROM security proofs not only provide a solid post-quantum security guarantee for previous KEM schemes, but also simplify the constructions and reduce the ciphertext sizes. We also provide QROM security reductions for Hofheinz-Hoevelmanns-Kiltz modular transformations (TCC 2017), which can help to obtain a variety of combined transformations with different requirements and properties.

Event date: 4 June 2018
Submission deadline: 20 January 2018
Notification: 10 March 2018

Event date: 4 June to 8 June 2018
Submission deadline: 8 December 2017
Notification: 3 March 2018

Event date: 5 September to 7 September 2018
Submission deadline: 10 April 2018
Notification: 8 June 2018