IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
23 February 2018
University of Bristol, United Kingdom
Job PostingThis advert is for:
S3 Advancing Leakage Attacks: the aim of the studentship is to experiment with new and advanced techniques to utilise leakage, by e.g. blending it with traditional cryptanalysis, merging it with key ranking strategies, making it less dependent on statistical assumptions via investigation of non-parametric techniques etc. The ideal candidate will have a background in mathematics, or statistics, and cryptography.
Supervisor: Elisabeth Oswald
The studentship S3 supports EU/UK nationals with a tax-free stipend of around 22k GBP. The latest starting date for students is September 30th 2018.
You may apply for one, some, or all advertised studentships simultaneously (please explain your choice in your application). Your application needs to be filed via: http://www.bristol.ac.uk/study/postgraduate/apply/.
This advert has a nominal end date of 1.5.2018, but we will make appointments as soon as we have identified candidates with the right background.
Closing date for applications: 1 May 2018
Contact: Prof. Elisabeth Oswald, Elisabeth.Oswald (at) bristol.ac.uk
University of Bristol, United Kingdom
Job PostingThis advert is for:
S2 Ranking Distinguishers: Modern side channel attack vectors offer increasingly sophisticated trade-offs between the trace complexity of distinguishers and the computational complexity of some associated key ranking procedure. The aim of the studentship is to determine how much computation is required to effectively recover a key using DPA by exploring computationally intensive distinguishers that reduce the cost of the enumeration phase. The ideal candidate will have a background in high performance computing, statistics, or cryptography.
Supervisors: Martijn Stam and Elisabeth Oswald
The studentship S2 supports UK nationals, who need to pass DV clearance, with a tax-free stipend of around 22k GBP. The latest starting date for students is September 30th 2018.
You may apply for one, some, or all advertised studentships simultaneously (please explain your choice in your application). Your application needs to be filed via: http://www.bristol.ac.uk/study/postgraduate/apply/.
This advert has a nominal end date of 1.5.2018, but we will make appointments as soon as we have identified candidates with the right background.
Closing date for applications: 1 May 2018
Contact: Martijn Stam, Martijn.Stam (at) bristol.ac.uk
University of Bristol, United Kingdom
Job PostingThis advert is for:
S1: Usable Abstractions for Secure Programming - A Mental Models Approach: Cryptographic application programming interfaces (APIs) are currently widely used to provide security of communication and information flows in contemporary applications. Existing research has highlighted that vulnerabilities arise in software due to misunderstanding about the guarantees provided by API functions or unintentional misconfiguration of relevant security parameters. However, little is understood about developers’ mental models that lead to such issues and the misalignment between these models and the actual functionality the API as intended by developers. The aim of the studentship is to study developers’ mental models of security APIs and to understand any misalignment with correct API usage. The ideal candidate will have a background in computer science (in particular programming languages) or software engineering and a strong interest in usable security.
Supervisors: Awais Rashid and Bogdan Warinschi
The studentship S1 supports UK nationals, who need to pass DV clearance, with a tax-free stipend of around 22k GBP. The latest starting date for students is September 30th 2018.
You may apply for one, some, or all four studentships simultaneously (please explain your choice in your application). Your application needs to be filed via: http://www.bristol.ac.uk/study/postgraduate/apply/.
This advert has a nominal end date of 1.5.2018, but we will make appointments as soon as we have identified candidates with the right background.
Closing date for applications: 1 May 2018
Contact: Prof. Awais Rashid, Awais.Rashid (at) bristol.ac.uk
Prof. Bogdan Warinschi, Bogdan.Warinschi (at) bristol.ac.uk
Daniele Micciancio
ePrint ReportAmsterdam, The Netherlands, 9 September - 12 September 2018
CHESSubmission deadline: 15 April 2018
Notification: 15 June 2018
University of Lyon, Saint-Etienne, France
Job Postinghttps://laboratoirehubertcurien.univ-st-etienne.fr/en/teams/secure-embedded-systems-hardware-architectures.html
For a new project which addresses the problem of the security of hardware implementation of symmetric cipher face to side channel analysis exploited deep learning techniques, we are looking for candidates with an outstanding Master in security or electrical engineering (with applied cryptography/hardware security) skills or computer science (with Deep Laerning skills). Knowledge of French is not mandatory.
The Ph.D. position will start in September 2018, it is funded for 36 months.
To apply please send your detailed CV, motivation for applying (1 page) and names of at least two people who can provide reference letters (e-mail).
Closing date for applications: 20 April 2018
Contact: Prof. Lilian BOSSUET lilian.bossuet(at)univ-st-etienne.fr
Technische Universität Darmstadt
Job PostingWe are seeking highly motivated and qualified candidates who are interested in joining our team and help strengthening our research work. Candidates must have a very good PhD in Computer Science or related field, and must demonstrate practical experience and solid knowledge in cybersecurity. Candidates must be self-motivated and dedicated, independent, and willing to work in an international and excellence-oriented work environment. Our working languages are German and English; if necessary applicants are expected to improve their language skills through intensive language classes. All employees are expected to contribute to our academic teaching program.
All positions are initially for a limited period but may be extended. Compensation follows the Tarifvertrag für die Technische Universität Darmstadt (TV-TU), corresponding to the candidate’s qualifications and responsibilities.
The Technische Universität Darmstadt aims at increasing the number of female researchers and therefore explicitly encourages women to apply. Severely handicapped will be preferred, given equal qualification.
Applications must include a professional CV, copies of diplomas and certificates, and in particular for post-doc candidates a list of publications, copies of two selected publications and two references.
Closing date for applications: 31 March 2018
Contact: staff-sit (at) crisp-da.de
More information: http://www.sit.tu-darmstadt.de
22 February 2018
Eleftherios Kokoris-Kogias, Enis Ceyhun Alp, Sandra Deepthy Siby, Nicolas Gaillya, Philipp Jovanovic, Linus Gasser, Bryan Ford
ePrint ReportCarmit Hazay, Emmanuela Orsini, Peter Scholl, Eduardo Soria-Vazquez
ePrint ReportWe first apply this technique to a modified version of the semi-honest GMW protocol, using OT extension with short keys, to improve the efficiency of standard GMW with fewer corruptions. We also obtain more efficient constant-round MPC, using BMR-style garbled circuits with short keys, and present an implementation of the online phase of this protocol. Our techniques start to improve upon existing protocols when there are around $n=20$ parties with $h=6$ honest parties, and as these increase we obtain up to a 13 times reduction (for $n=400,h=120$) in communication complexity for our GMW variant, compared with the best-known GMW-based protocol modified to use the same threshold.
Marshall Ball, Dana Dachman-Soled, Siyao Guo, Tal Malkin, Li-Yang Tan
ePrint ReportWe obtain our codes via a new efficient non-malleable reduction from small-depth tampering to split-state tampering. A novel aspect of our work is the incorporation of techniques from unconditional derandomization into the framework of non-malleable reductions. In particular, a key ingredient in our analysis is a recent pseudorandom switching lemma of Trevisan and Xue (CCC 2013), a derandomization of the influential switching lemma from circuit complexity; the randomness-efficiency of this switching lemma translates into the rate-efficiency of our codes via our non-malleable reduction.
Edouard Dufour Sans, Romain Gay, David Pointcheval
ePrint ReportThaddeus Dryja, Quanquan C. Liu, Sunoo Park
ePrint ReportDefinitions of memory-hardness are not yet unified in this somewhat nascent field, however, and the guarantees proven are with respect to a range of proposed definitions.
In this work, we improve upon two main limitations of existing models of memory-hardness.
First, existing measures of memory-hardness only account for dynamic (i.e., runtime) memory usage, and do not consider static memory usage. We propose a new definition of static-memory-hard function (SHF) which takes into account static memory usage and allows the formalization of larger memory requirements for efficient functions, than in the dynamic setting (where memory usage is inherently bounded by runtime). We then give two SHF constructions based on pebbling; to prove static-memory-hardness, we define a new pebble game (``black-magic pebble game''), and new graph constructions with optimal complexity under our proposed measure.
Secondly, existing memory-hardness models implicitly consider linear tradeoffs between the costs of time and space. We propose a new model to capture nonlinear time-space trade-offs and prove that nonlinear tradeoffs can in fact cause adversaries to employ different strategies from linear tradeoffs.
Finally, as an additional contribution of independent interest, we present the first asymptotically tight graph construction that achieves the best possible space complexity up to loglogn-factors for an existing memory-hardness measure called cumulative complexity.
Serge Fehr, Pierre Karpman, Bart Mennink
ePrint ReportAnita Aghaie, Amir Moradi, Shahram Rasoolzadeh, Falk Schellenberg, Tobias Schneider
ePrint ReportJack L.H. Crawford, Craig Gentry, Shai Halevi, Daniel Platt, Victor Shoup
ePrint ReportAs part of this project, we implemented optimized versions of many "bread and butter" FHE tools. These tools include binary arithmetic, comparisons, partial sorting, and low-precision approximation of "complicated functions" such as reciprocals and logarithms. Our eventual solution can handle thousands of records and hundreds of fields, and it takes a few hours to run. To achieve this performance we had to be extremely frugal with expensive bootstrapping and data-movement operations.
We believe that our experience in this project could server as a guide for what is or is not currently feasible to do with fully-homomorphic encryption.
Jim Basilakis, Bahman Javadi
ePrint ReportEugene Pilyankevich, Ignat Korchagin, Andrey Mnatsakanov
ePrint ReportDavid Derler, Tibor Jager, Daniel Slamanig, Christoph Striecks
ePrint ReportFor a long time, it was unclear whether protocols that simultaneously achieve 0-RTT and full forward secrecy exist. Only recently, the first forward-secret 0-RTT protocol was described by Günther et al. (Eurocrypt 2017). It is based on Puncturable Encryption. Forward secrecy is achieved by "puncturing" the secret key after each decryption operation, such that a given ciphertext can only be decrypted once (cf. also Green and Miers, S&P 2015). Unfortunately, their scheme is completely impractical, since one puncturing operation takes between 30 seconds and several minutes for reasonable security and deployment parameters, such that this solution is only a first feasibility result, but not efficient enough to be deployed in practice.
In this paper, we introduce a new primitive that we term Bloom Filter Encryption (BFE), which is derived from the probabilistic Bloom filter data structure. We describe different constructions of BFE schemes, and show how these yield new puncturable encryption mechanisms with extremely efficient puncturing. Most importantly, a puncturing operation only involves a small number of very efficient computations, plus the deletion of certain parts of the secret key, which outperforms previous constructions by orders of magnitude. This gives rise to the first forward-secret 0-RTT protocols that are efficient enough to be deployed in practice. We believe that BFE will find applications beyond forward-secret 0-RTT protocols.