IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
14 January 2018
Boris Ryabko, Aleksandr Soskov
10 January 2018
Davie, Florida, United Stated, 5 April - 6 April 2018
Submission deadline: 15 February 2018
Eli Ben-Sasson, Iddo Bentov, Yinon Horesh, Michael Riabzev
Zero knowledge (ZK) proof systems are an ingenious cryptographic solution to the tension between the ideals of personal privacy and institutional integrity, enforcing the latter in a way that does not compromise the former. Public trust demands transparency from ZK systems, meaning they be set up with no reliance on any trusted party, and have no trapdoors that could be exploited by powerful parties to bear false witness. For ZK systems to be used with Big Data, it is imperative that the public verification process scale sublinearly in data size. Transparent ZK proofs that can be verified exponentially faster than data size were first described in the 1990s but early constructions were impractical, and no ZK system realized thus far in code (including that used by crypto-currencies like Zcash) has achieved both transparency and exponential verification speedup, simultaneously, for general computations.
Here we report the first realization of a transparent ZK system (ZK-STARK) in which verification scales exponentially faster than database size, and moreover, this exponential speedup in verification is observed concretely for meaningful and sequential computations, described next. Our system uses several recent advances on interactive oracle proofs (IOP), such as a fast (linear time) IOP system for error correcting codes.
Our proof-of-concept system allows the Police to prove to the public that the DNA profile of a Presidential Candidate does not appear in the forensic DNA profile database maintained by the Police. The proof, which is generated by the Police, relies on no external trusted party, and reveals no further information about the contents of the database, nor about the candidates profile; in particular, no DNA information is disclosed to any party outside the Police. The proof is shorter than the size of the DNA database, and verified faster than the time needed to examine that database naively.
Jonathan Bootle, Jens Groth
In this work, we give a framework for expressing simple relations between commitments and field elements, and present a zero-knowledge argument which is considerably more efficient than Bootle et al. in the case where the polynomials in the relation have low degree. Our method also directly yields a batch protocol, which allows many copies of the same relation to be more efficiently proved and verified in a single argument.
We instantiate our protocol with concrete polynomial relations to construct zero-knowledge arguments for membership proofs, polynomial evaluation proofs, and range proofs. Our work can be seen as a unified explanation of the underlying ideas of these protocols. In some of these instantiations we also achieve better efficiency than the state of the art.
Tadanori Teruya, Kenji Kashiwabara, Goichiro Hanaoka
Chaya Ganesh, Yashvanth Kondi , Arpita Patra, Pratik Sarkar
We draw motivation from state-of-the-art non-interactive secure computation protocols and leveraging specifics of ZK functionality show a two-round protocol that achieves static security. It is a proof, while most known efficient ZK protocols and our three round protocol are only arguments.
Charanjit S. Jutla, Miyako Ohkubo, Arnab Roy
In this paper, we further improve on the SPS scheme of Abe, Hofheinz, Nishimaki, Ohkubo and Pan (CRYPTO 2017) while maintaining only an $O(\lambda)$-factor security reduction loss to the SXDH assumption. In particular, we compress the size of the signatures by almost 40%, and reduce the number of pairing-product equations in the verifier from fifteen to seven. Recall that structure preserving signatures are used in applications by encrypting the messages and/or the signatures, and hence these optimizations are further amplified as proving pairing-product equations in Groth-Sahai NIZK system is not frugal. While our scheme uses an important novel technique introduced by Hofheinz (EuroCrypt 2017), i.e., structure-preserving adaptive partitioning, our approach to building the signature scheme is different and this leads to the optimizations mentioned. Thus we make progress towards an open problem stated by Abe et al (CRYPTO 2017) to design more compact SPS-es with smaller number of group elements.
09 January 2018
University College London
Whenever you communicate with someone electronically there are intermediaries that process and carry your communication, helping it reliably get to the intended destination, or storing it until the recipient goes online to collect it. We hope that these intermediaries behave properly, but sometimes they get hacked, or the people running them act maliciously, and your communications can then be tampered with and eavesdropped, with potentially severe consequences.
End-to-end encryption is designed to protect against such threats and has been available for decades, but it’s still rarely used because it interferes with modern ways of working. For example, if the company that provides your email service can’t read it, you can’t search it without downloading it all; with collaboration applications, like Google Docs or chat applications, current end-to-end encryption approaches won\'t even work. Even if data is encrypted end-to-end, analysis of the meta-data can still violate privacy, for example disclosing who is working with whom. Anonymous communication systems like Tor can help protect meta-data but the delay that the most secure systems (e.g. Loopix) introduce would prevent standard collaboration technologies from working properly.
This project will develop techniques to build collaboration applications that are end-to-end secure, and protect privacy. We will quantify how secure and effective they are, working with investigative journalists who need high levels of security in their collaboration applications.
Funding is available for a 4-year PhD studentship working on this project, providing a standard stipend and fees (at UK/EU rate). The project will be supervised by Dr Steven Murdoch and will start in October 2018 (unless agreed otherwise).
Closing date for applications: 27 April 2018
Contact: Steven Murdoch (s.murdoch (at) ucl.ac.uk)
More information: http://www.cs.ucl.ac.uk/prospective_students/phd_programme/funded_scholarships/#c31028
Computer Engineering, University of South Florida
USF is an R1 university and among the leading institutions in Florida. We are looking for motivated, talented, and hardworking applicants who have background and are interested in working on different aspects of Cryptographic Engineering with emphasis on:
- Cryptographic hardware systems
- Side-channel attacks, particularly fault and power analysis attacks
The required expertise includes:
- Masters (or Bachelors with outstanding background) in Computer Engineering or Electrical Engineering
- Solid background in digital design, VLSI, computer arithmetic, and ASIC/FPGA implementations
- Solid HDL expertise
- Outstanding English (if English tests are taken) to be eligible for department funding
- Motivation to work beyond the expectations from an average Ph.D. student and publish in top tier venues
Please closely observe the admission requirement details here before emailing:
http://www.usf.edu/engineering/cse/graduate/phd-program.aspx
Please send me your updated CV (including list of publications, language test marks, and references), transcripts for B.Sc. (and/or M.Sc.), and a statement of interest at mehran2 (at) usf.edu as soon as possible.
NOTE: At this time, I consider only the applicants who have already taken TOEFL/IELTS and GRE exams with excellent marks. The successful candidate will be asked to apply formally very soon to the USF CSE department, so all the material has to be ready.
Mehran Mozaffari-Kermani
Assistant Professor, CSE @ USF
College of Engineering
University of South Florida
Tampa, FL 33620
Website: http://www.csee.usf.edu/~mehran2/
Contact: Mehran Mozaffari-Kermani
Closing Date for Applications: 2018-02-01
Closing date for applications: 15 February 2018
University College Cork, Ireland
University College Cork (UCC) and the China Scholarship Council (CSC) have an agreement to jointly fund a number of PhD scholarships. The scholarship will support Chinese students willing to undertake a PhD in UCC for up to 4 years, including payment of registration and tuition fees, a monthly living allowance and a return ticket.
The Department of Computer Science in UCC is particularly interested in hosting PhD students in the areas of cryptography, privacy, and security. Topics of particular interest are cryptographic protocols, privacy-enhancing technologies, and location privacy, but all proposals relevant to security will be considered. Interested candidates are encouraged to contact Dr. Paolo Palmieri (e-mail address below) to discuss a potential application.
University College Cork (UCC) is an internationally competitive, research-led institution. Cork, Ireland\'s second-largest city, is a thriving, international hub for technological innovation, hosting companies such as Apple, Amazon, EMC, IBM and McAfee.
Please note that, due to eligibility requirements, this opportunity is restricted to Chinese nationals.
Closing date for applications: 31 January 2018
Contact: Dr. Paolo Palmieri, Lecturer in Cyber Security, UCC
E-mail: p.palmieri (at) cs.ucc.ie
Takahiro Matsuda, Jacob C.N. Schuldt
To overcome this difficulty, we propose a new notion which we denote related refreshable randomness security. This notion captures a scenario in which an adversary has limited time to attack a system before new entropy is added. More specifically, the number of encryption queries with related randomness the adversary can make before the randomness is refreshed, is bounded, but the adversary is allowed to make an unbounded total number of queries. Furthermore, the adversary is allowed to influence how entropy is added to the system. In this setting, we construct an encryption scheme which remains secure in the standard model for arbitrary function families of size $2^p$ (where $p$ is polynomial in the security parameter) that satisfy certain collision-resistant and output-unpredictability properties. This captures a rich class of functions, which includes, as a special case, circuits of polynomial size. Our scheme makes use of a new construction of a (bounded) related-key attack secure pseudorandom function, which in turn is based on a new flavor of the leftover hash lemma. These technical results might be of independent interest.
Seb Neumayer, Mayank Varia, Ittay Eyal
In this work we study the implications of using such a policy compared with the standard option that ignores block timing information. Using an exact expression for the probability of double spend, via numerical results, we analyze time to transaction acceptance (performance) as well as the time and cost to perform a double spend attack (security). We show that while expected time required for transaction acceptance is improved using a dynamic policy, the time and cost to perform a double spend attack for a particular transaction is reduced.
Gregor Seiler
08 January 2018
Incheon, South Korea, 4 June 2018
Submission deadline: 31 January 2018
Notification: 1 March 2018
The NUS-Singtel Cyber Security Corporate Lab
Duties & Responsibilities:
- Evaluation of current-state-of-the-art security products and technologies
- Formulate security research problems based on real-world requirements and industry needs
- Assist and support the NUS-Singtel Corp Lab R&D team in conducting high-quality applied research and development of innovative solutions that results in new intellectual properties
- Design, develop and test research prototypes
Requirements:
- M.Sc/B.Sc in Computer Science, Computer Engineering, Electrical Engineering, or related field, preferably with at least 1-2 years of experience in security research and development
- Strong interest and familiar with one or more of the following areas: data encryption, data privacy protection, cloud security, key management, applied cryptography
- Strong software development skills in Java, C/C++, Python
- Excellent written and verbal communications skills
- Highly motivated, independent and resourceful team player
- Strong analytical thinking, interpersonal and problem solving skills
Closing date for applications: 1 May 2018
Contact: Dr Xu Jia (comxj (at) nus.edu.sg)
University of South Florida
Topics of interest are:
- Computational number theory
- Lattice and ring-based cryptosystems
- Isogeny-based cryptosystems
- Quantum cryptanalysis
- Fully homomorphic encryption
- Crytocurrencies
Information on how to apply can be found here: http://math.usf.edu/grad/apply/
Important remark: for full consideration, both domestic and international applicants should submit their application by February 15th 2018.
Successful candidates will be supervised by Dr. Jean-François Biasse. Contact usf.crypto.phd.2018 (at) gmail.com prior to sending the application to assess eligibility (provide a CV and a brief description of your research interests).
Closing date for applications: 1 June 2018
More information: http://math.usf.edu/grad/apply/
University of Surrey, UK
The Department has a large secure systems research group, led by Professor Steve Schneider, with expertise in security by design, authentication, verification, distributed ledger technologies, trusted systems and cloud security.
Candidates will demonstrate an excellent research record in cybersecurity. Suitable areas of expertise that complement current strengths of the group include (but are not limited to): anti-malware security, adversarial machine learning, risk management and threat modelling, trusted systems, verification, and distributed systems.
The University and the Department specifically are committed to building a culturally diverse organisation and strongly encourages applications from female, minority candidates and industry experts.
Interested candidates may find details of these (and other) posts at: http://jobs.surrey.ac.uk/106517 and http://jobs.surrey.ac.uk/106617
For an informal discussion about the position, please contact the Head of Department of Computer Science, Dr Helen Treharne on h.treharne (at) surrey.ac.uk, Professor Steve Schneider or Professor Liqun Chen ( s.schneider (at) surrey.ac.uk, liqun.chen (at) surrey.ac.uk ).
Closing date for applications: 5 March 2018
Contact: Helen Treharne (h.treharne (at) surrey.ac.uk)
More information: http://jobs.surrey.ac.uk
Department of Computing, The Hong Kong Polytechnic University, Hong Kong
Candidates for research fellow/associate should have completed (or close to completing) a PhD in computer science, mathematics, or a related discipline. Research assistant are expected to have an honours degree or an equivalent qualification. Post-secondary students will be considered for the position of research administrative assistant.
Applicants should have solid experience in any of the following areas:
- Public key cryptography and provable security.
- Software engineering
- Cloud computing
Successful candidates are expected to contribute to the research or development blockchain applications
The post has a flexible starting date. The initial appointment will be for 12 months, with a strong possibility for further appointment.
Review of applications will start immediately until the positions are filled.
Closing date for applications: 30 June 2018
Contact: Allen Au
http://www4.comp.polyu.edu.hk/~csallen
csallen at comp dot polyu dot edu dot hk
More information: http://www4.comp.polyu.edu.hk/~csallen
Yuval Ishai, Manika Mittal, Rafail Ostrovsky
We show that for functionalities that take inputs from $n$ parties and deliver outputs to $k$ parties, $2n+k-3$ messages are necessary and sufficient. The negative result holds even when given access to an arbitrary correlated randomness setup. The positive result can be based on any 2-round MPC protocol (which can in turn can be based on 2-message oblivious transfer), or on a one-way function given a correlated randomness setup.