International Association for Cryptologic Research

# IACR News Central

Here you can see all recent updates to the IACR webpage. These updates are also available:

Now viewing news items related to:

21 September 2018
Job Posting Ph.D. students / Graduate Research Assistants in the area of Post-Quantum Cryptography Cryptographic Engineering Research Group at George Mason University, U.S.A

Cryptographic Engineering Research Group (CERG) at George Mason University, U.S.A., is seeking qualified candidates for multiple Ph.D. students / Graduate Research Assistants in the area of efficient implementations of Post-Quantum Cryptosystems, side-channel attacks targeting these cryptosystems, and countermeasures against such attacks.

The desired qualifications include

• strong mathematical background in algebra and number theory,
• experience in hardware design using hardware description languages, and
• knowledge of C and scripting languages, such as Python.

• Magma or SageMath,
• ASIC or FPGA design,
• software/hardware codesign,
• High-Level Synthesis,
• embedded software development, and/or
• Linux operating system

is a plus.

The position is open starting in January 2019. Qualified candidates should apply to the ECE Ph.D. program at George Mason University by October 15, 2018. In parallel, an earlier e-mail contact with Dr. Gaj and/or Dr. Kaps is highly recommended.

Closing date for applications: 15 October 2018

Contact: Dr. Kris Gaj, Professor, kgaj (at) gmu.edu, and/or Dr. Jens-Peter Kaps, Associate Professor, jkaps (at) gmu.edu, ECE Department, George Mason University, 4400 University Drive, Fairfax, VA, U.S.A.

Job Posting Ph.D. student / Graduate Research Assistant in the area of Lightweight Cryptography Cryptographic Engineering Research Group at George Mason University, U.S.A

Cryptographic Engineering Research Group (CERG) at George Mason University, U.S.A., is seeking qualified candidates for a Ph.D. student / Graduate Research Assistant in the area of efficient and secure implementations of Lightweight Cryptography.

The desired qualifications include experience in

• embedded systems,
• knowledge of C, assembly, and scripting languages,
• hardware design using hardware description languages,
• Linux operating system, and
• strong experimental skills.

• side-channel and/or fault attacks,
• countermeasures against these attacks,
• ASIC or FPGA design,
• software/hardware codesign,
• embedded software development, and/or
• circuit/PCB design

is a plus.

Closing date for applications: 15 October 2018

Contact: Dr. Jens-Peter Kaps, Associate Professor, jkaps (at) gmu.edu and/or Dr. Kris Gaj, Professor, kgaj (at) gmu.edu, ECE Department, George Mason University, 4400 University Drive, Fairfax, VA, U.S.A.

Job Posting PhD Studentship University of Wollongong, Australia
The Institute of Cybersecurity and Cryptology (iC2) at University of Wollongong, Australia is searching for highly motivated PhD candidates to conduct research in the area of applied cryptography in the topic of dynamic access control in the cloud.

This PhD studentship is partly funded by the Australian Research Council (ARC) Discovery project. The successful candidate will be awarded a PhD scholarship and stipend for the duration of 3 years, with a possible extension for an additional 6 months to complete the PhD thesis.

A successful candidate will be supervised by the Chief Investigators of this project: Prof. Willy Susilo and Dr. Joonsang Baek.

Interested candidates should provide a complete CV highlighting research experience, complete transcript (in English) for Bachelor and Master degrees and a research proposal. The successful candidate is expected to start in March 2019.

Application should be submitted to Dr. Joonsang Baek via email: baek (at) uow.edu.au

Closing date for applications: 20 October 2018

Job Posting Post-doc ENS de Lyon
The AriC team at ENS de Lyon is seeking to recruit a post-doc in the area of cryptography. The position is available now and the term is two years.

The post-doc will work with the cryptography researchers of ENS de Lyon on topics in lattice-based cryptography. This post is part of the EU H2020 PROMETHEUS project for building quantum-safe privacy-preserving systems. Our focus within this project is on primitive/protocol design. Applicants with a background in other areas are also welcome to apply but some familiarity with zero-knowledge proofs is expected.

Applicants should have already completed a PhD in a relevant area. They should have an outstanding research track record in cryptography. They should demonstrate scientific creativity and research independence.

This is a full-time, fixed-term position based in Lyon.

Applications should be sent by email to benoit[dot]libert[at]ens-lyon[dot]fr, damien[dot]stehle[at]gmail[dot]com and fabien[dot]laguillaumie[at]ens-lyon[dot]fr. They should include a CV, a list of publications (with the top 3 ones highlighted) and contact information of two persons who are willing to give references.

Closing date for applications: 28 February 2019

Contact: Benoît Libert (benoit[dot]libert[at]ens-lyon[dot]fr)

QUADRAC is serving job opportunities of software engineer, technical lead and technical manager for those who are enthusiastic about application technology with cryptographic communication and security protocol.

Their roles include own products’ R&D, technical lead, support et al., with the followings: implementation of security protocol with cryptography and authentication, its evaluation and tests, and software developments of security management technologies.

If you are interested in work in Japan with us in our office (in Nogizaka, Tokyo), please contact.

Japanese fluency (incl. your target) is welcome.

Step forward to work together with our skillful colleagues to new innovative product development.

FeliCa(NFC) core developer and skillful colleagues started a business together in 2009.

We are eager to serve people globally a happy, pleasant, convenient new life style with technology innovation, as it has been, from now on.

Closing date for applications: 18 March 2019

We are looking for an outstanding candidate with a research focus on cryptography. The position is open for all aspects of cryptography ranging from the design and analysis of cryptographic primitives/protocols to application and implementation aspects. We offer an interesting research environment, research questions with practical relevance, and integration in a motivated team of researchers and developers.

To increase the proportion of female academic personnel in the position of professor at Graz University of Technology, the Faculty of Computer Science and Biomedical Engineering is seeking to fill a tenure track professorship for the field of Cryptography for women.

The position, is initially restricted to six years as a University Assistant with Doctorate, 40 hours per week and the successful candidate is expected to start on 01.04.2019, at the Institute of Applied Information Processing and Communications.

Upon agreement on a qualification agreement, the candidate will be appointed as assistant professor. As soon as the qualification agreement has been fulfilled, the position will be converted into a tenured position as associate professor.

Closing date for applications: 3 December 2018

Contact: Stefan Mangard, Email: Stefan.Mangard (at) iaik.tugraz.at

20 September 2018
We present (linkable) Raptor, the first lattice-based (link- able) ring signature that is practical. Our scheme is as fast as classical solutions; while the size of the signature is roughly 1.3 KB per user. Our designs are based on a completely new generic construction that is provable secure in random oracle model. Prior to our work, all existing lattice-based solutions are analogues of their discrete-log or pairing-based counterparts. We give instantiations to both standard lattice setting, as a proof of concept, and NTRU lattice, as an efficient instantiation. Our main building block is a so called Chameleon Hash Plus (CH+) function, which may be of independent research interest.
The Blockwise-Korkine-Zolotarev (BKZ) lattice reduction algorithm is central in cryptanalysis, in particular for lattice-based cryptography. A precise understanding of its practical behavior in terms of run-time and output quality is necessary for parameter selection in cryptographic design. As the provable worst-case bounds poorly reflect the practical behavior, cryptanalysts rely instead on the heuristic BKZ simulator of Chen and Nguyen (Asiacrypt'11). It fits better with practical experiments, but not entirely. In particular, it over-estimates the norm of the first few vectors in the output basis. Put differently, BKZ performs better than its Chen-Nguyen simulation.

In this work, we first report experiments providing more insight on this shorter-than-expected phenomenon. We then propose a refined BKZ simulator by taking the distribution of short vectors in random lattices into consideration. We report experiments suggesting that this refined simulator more accurately predicts the concrete behavior of BKZ. Furthermore, we design a new BKZ variant that exploits the shorter-than-expected phenomenon. For the same cost assigned to the underlying SVP-solver, the new BKZ variant produces bases of better quality. We further illustrate its potential impact by testing it on the SVP-120 instance of the Darmstadt lattice challenge.
ePrint Report On the Security of the PKCS#1 v1.5 Signature Scheme Tibor Jager, Saqib A. Kakvi, Alexander May
The RSA PKCS#1 v1.5 signature algorithm is the most widely used digital signature scheme in practice. Its two main strengths are its extreme simplicity, which makes it very easy to implement, and that verification of signatures is significantly faster than for DSA or ECDSA. Despite the huge practical importance of RSA PKCS#1 v1.5 signatures, providing formal evidence for their security based on plausible cryptographic hardness assumptions has turned out to be very difficult. Therefore the most recent version of PKCS#1 (RFC 8017) even recommends a replacement the more complex and less efficient scheme RSA-PSS, as it is provably secure and therefore considered more robust. The main obstacle is that RSA PKCS#1 v1.5 signatures use a deterministic padding scheme, which makes standard proof techniques not applicable.

We introduce a new technique that enables the first security proof for RSA-PKCS#1 v1.5 signatures. We prove full existential unforgeability against adaptive chosen-message attacks (EUF-CMA) under the standard RSA assumption. Furthermore, we give a tight proof under the Phi-Hiding assumption. These proofs are in the random oracle model and the parameters deviate slightly from the standard use, because we require a larger output length of the hash function. However, we also show how RSA-PKCS#1 v1.5 signatures can be instantiated in practice such that our security proofs apply.

In order to draw a more complete picture of the precise security of RSA PKCS#1 v1.5 signatures, we also give security proofs in the standard model, but with respect to weaker attacker models (key-only attacks) and based on known complexity assumptions. The main conclusion of our work is that from a provable security perspective RSA PKCS#1 v1.5 can be safely used, if the output length of the hash function is chosen appropriately.
ePrint Report Multi-party Poisoning through Generalized $p$-Tampering Saeed Mahloujifar, Mahammad Mahmoody, Ameer Mohammed
In a poisoning attack against a learning algorithm, an adversary tampers with a fraction of the training data $T$ with the goal of increasing the classification error of the constructed hypothesis/model over the final test distribution. In the distributed setting, $T$ might be gathered gradually from $m$ data providers $P_1,\dots,P_m$ who generate and submit their shares of $T$ in an online way.

In this work, we initiate a formal study of $(k,p)$-poisoning attacks in which an adversary controls $k\in[n]$ of the parties, and even for each corrupted party $P_i$, the adversary submits some poisoned data $T'_i$ on behalf of $P_i$ that is still "$(1-p)$-close" to the correct data $T_i$ (e.g., $1-p$ fraction of $T'_i$ is still honestly generated). For $k=m$, this model becomes the traditional notion of poisoning, and for $p=1$ it coincides with the standard notion of corruption in multi-party computation.

We prove that if there is an initial constant error for the generated hypothesis $h$, there is always a $(k,p)$-poisoning attacker who can decrease the confidence of $h$ (to have a small error), or alternatively increase the error of $h$, by $\Omega(p \cdot k/m)$. Our attacks can be implemented in polynomial time given samples from the correct data, and they use no wrong labels if the original distributions are not noisy.

At a technical level, we prove a general lemma about biasing bounded functions $f(x_1,\dots,x_n)\in[0,1]$ through an attack model in which each block $x_i$ might be controlled by an adversary with marginal probability $p$ in an online way. When the probabilities are independent, this coincides with the model of $p$-tampering attacks, thus we call our model generalized $p$-tampering. We prove the power of such attacks by incorporating ideas from the context of coin-flipping attacks into the $p$-tampering model and generalize the results in both of these areas.
ePrint Report Towards a Smart Contract-based, Decentralized, Public-Key Infrastructure Christos Patsonakis, Katerina Samari , Mema Roussopoulos , Aggelos Kiayias
Public-key infrastructures (PKIs) are an integral part of the security foundations of digital communications. Their widespread deployment has allowed the growth of important applications, such as, internet banking and e-commerce. Centralized PKIs (CPKIs) rely on a hierarchy of trusted Certification Authorities (CAs) for issuing, distributing and managing the status of digital certificates, i.e., unforgeable data structures that attest to the authenticity of an entity's public key. Unfortunately, CPKIs have many downsides in terms of security and fault tolerance and there have been numerous security incidents throughout the years. Decentralized PKIs (DPKIs) were proposed to deal with these issues as they rely on multiple, independent nodes. Nevertheless, decentralization raises other concerns such as what are the incentives for the participating nodes to ensure the service's availability.

In our work, we leverage the scalability, as well as, the built-in incentive mechanism of blockchain systems and propose a smart contract-based DPKI. The main barrier in realizing a smart contract-based DPKI is the size of the contract's state which, being its most expensive resource to access, should be minimized for a construction to be viable. We resolve this problem by proposing and using in our DPKI a public-state cryptographic accumulator with constant size, a cryptographic tool which may be of independent interest in the context of blockchain protocols. We also are the first to formalize the DPKI design problem in the Universal Composability (UC) framework and formally prove the security of our construction under the strong RSA assumption in the Random Oracle model and the existence of an ideal smart contract functionality.
ePrint Report Fault Attacks on Nonce-based Authenticated Encryption: Application to Keyak and Ketje Christoph Dobraunig, Stefan Mangard, Florian Mendel, Robert Primas
In the context of fault attacks on nonce-based authenticated encryption, an attacker faces two restrictions. The first is the uniqueness of the nonce for each new encryption that prevents the attacker from collecting pairs of correct and faulty outputs to perform, e.g., differential fault attacks. The second restriction concerns the verification/decryption, which releases only verified plaintext. While many recent works either exploit misuse scenarios (e.g. nonce-reuse, release of unverified plaintext), we turn the fact that the decryption/verification gives us information on the effect of a fault (whether a fault changed a value or not) against it. In particular, we extend the idea of statistical ineffective fault attacks (SIFA) to target the initialization performed in nonce-based authenticated encryption schemes. By targeting the initialization performed during decryption/verification, most nonce-based authenticated encryption schemes provide the attacker with an oracle whether a fault was ineffective or not. This information is all the attacker needs to mount statistical ineffective fault attacks. To demonstrate the practical threat of the attack, we target software implementations of the authenticated encryption schemes Keyak and Ketje. The presented fault attacks can be carried out without the need of sophisticated equipment. In our practical evaluation the inputs corresponding to 24 ineffective fault inductions were required to reveal large parts of the secret key in both scenarios.
ePrint Report More is Less: Perfectly Secure Oblivious Algorithms in the Multi-Server Setting T-H. Hubert Chan, Jonathan Katz, Kartik Nayak, Antigoni Polychroniadou, Elaine Shi
The problem of Oblivious RAM (ORAM) has traditionally been studied in the single-server setting, but more recently the multi-server setting has also been considered. Yet it is still unclear whether the multi-server setting has any inherent advantages, e.g., whether the multi-server setting can be used to achieve stronger security goals or provably better efficiency than is possible in the single-server case.

In this work, we construct a perfectly secure 3-server ORAM scheme that outperforms the best known single-server scheme by a logarithmic factor. In the process we also show, for the first time, that there exist specific algorithms for which multiple servers can overcome known lower bounds in the single-server setting.
19 September 2018
Job Posting Lecturer/Senior Lecturer in Secure Systems University of Surrey, Guildford, UK
As part of our continued strategy for growth, the Department of Computer Science is seeking to appoint one Senior Lecturer(Associate Prof) and one Lecturer (Assistant Prof).

The Department has a large secure systems research group, led by Professor Steve Schneider, with expertise in security by design, authentication, verification, distributed ledger technologies, trusted systems and cloud security.

This post offers an exciting opportunity for an appointment in the Secure Systems group. Suitable areas of expertise that complement and extend strengths of the group include (but are not limited to): practical system security, trusted systems, verification, distributed systems, complex systems and networks, and the interface between security and machine learning.

The University and the Department specifically are committed to building a culturally diverse organisation and strongly encourages applications from female, minority candidates and industry experts.

Interested candidates will find details of these posts at: https://jobs.surrey.ac.uk/Vacancy.aspx?id=5405&forced=1

Closing date 21 October 2018.

Interviews 5 and 6 November 2018.

For an informal discussion about the position, please contact the Head of Department of Computer Science, Dr Helen Treharne on h.treharne (at) surrey.ac.uk, Professor Steve Schneider or Professor Liqun Chen ( s.schneider (at) surrey.ac.uk, liqun.chen (at) surrey.ac.uk ).

Closing date for applications: 21 October 2018

Contact:

• Dr Helen Treharne (h.treharne (at) surrey.ac.uk),
• Professor Steve Schneider (s.schneider (at) surrey.ac.uk), or
• Professor Liqun Chen (liqun.chen (at) surrey.ac.uk)

Job Posting Post-Doc in Lattice-based cryptographic protocols Universitat Politècnica de Catalunya (Barcelona, Spain)
The candidate will do both theoretical and practical research in the framework of the European project PROMETHEUS:

http://prometheuscrypt.gforge.inria.fr/

Specifically, to design/analyze/implement better lattice-based cryptographic protocols that may be needed in electronic voting applications; this includes encryption, (group, blind) signatures and zero-knowledge proofs of knowledge.

The candidate (with a phD. completed or close to be completed) should therefore have experience in the area of lattice-based cryptography.

The expected salary will be around 43.000 euros per year, before taxes are applied (which may mean around 30.000 euros per year, at the end). The work place will be in UPC Campus Nord (Barcelona). The contract would start at some point in 2019, and could last 1-2 years.

Closing date for applications: 30 November 2018

Contact: Interested candidates can send an e-mail to Javier Herranz (javier.herranz (at) upc.edu) with a CV.

As part of our continued strategy for growth, the Department of Computer Science is seeking to appoint one Senior Lecturer (Associate Prof) and one Lecturer (Assistant Prof).

The Department has a large secure systems research group, led by Professor Steve Schneider, with expertise in security by design, authentication, verification, distributed ledger technologies, trusted systems and cloud security.

This post offers an exciting opportunity for an appointment in the Secure Systems group. Suitable areas of expertise that complement and extend strengths of the group include (but are not limited to): practical system security, trusted systems, verification, distributed systems, complex systems and networks, and the interface between security and machine learning.

The University and the Department specifically are committed to building a culturally diverse organisation and strongly encourages applications from female, minority candidates and industry experts.

For an informal discussion about the position, please contact the Head of Department of Computer Science, Dr Helen Treharne on h.treharne (at) surrey.ac.uk, Professor Steve Schneider or Professor Liqun Chen (s.schneider (at) surrey.ac.uk, liqun.chen (at) surrey.ac.uk).

Closing date for applications: 21 October 2018

Contact:
Dr Helen Treharne, Head of Department of Computer Science, h.treharne (at) surrey.ac.uk

Prof Steve Schneider, Director of Surrey Centre for Cyber Security, s.schneider (at) surrey.ac.uk

Prof Liqun Chen, Professor of Secure Systems, liqun.chen (at) surrey.ac.uk

Job Posting Assistant professor, Associate Professor and Professor King Khaled University. Abha, Saudi Arabia
The College of Computer Science at King Khalid University is seeking applicants for full

time positions of Professor, Associate Professor and Assistant Professor in the following

fields:

Network Security

IoT Security

cloud Security

Cryptography

Hardware Security

Salary:

The University offers a competitive salary based on qualification, professional

experience, and the position offered, as follows:

Professor: $52,500 -$88,500 per annum.

Associate professor: $43,000-$73,000 per annum.

Assistant professor: $35,500 -$60,000 per annum.

Common Benefits:

Free visa.

Around 1-week vacation on each Islamic Eid.

60-days annually paid vacation.

Annual air tickets for up to 4 family members to home country.

Free Medical Services for all family members at all government hospitals.

Children Education Allowance (Terms and Conditions apply).

Annual housing allowance (Terms and Conditions apply).

Furniture allowance upon arrival (Terms and Conditions apply).

Weekends (Friday and Saturday) are off.

Closing date for applications: 31 December 2018

Contact: ccs (at) kku.edu.sa

Job Posting PostDoc Charles University in Prague
The Computer Science Institute of Charles University in Prague, Czech Republic invites applications for a postdoctoral position in cryptography hosted by Pavel Hubacek (https://iuuk.mff.cuni.cz/~hubacek).

Potential research topics may include (but are not limited to):

- cryptographic hardness of total search problems,

- verifiable delegation of computation,

- applications of game theory in cryptography.

The position is funded by the Primus Research Programme of Charles University. The funding is available for one year with a flexible starting date from October 2018, a competitive salary and a possibility of extension. The applicants should hold a PhD degree (or be near its completion) in computer science, mathematics or a related field.

Applications should include a CV and a research statement and may be sent directly to Pavel Hubacek (informal inquiries are welcome).

The applications will be considered until the position is filled.

Closing date for applications: 30 November 2018

Contact: Pavel Hubacek, hubacek (at) iuuk.mff.cuni.cz

Job Posting Post-Doc Friedrich-Alexander-University Erlangen-Nuremberg
The Chair of Applied Cryptography at Friedrich-Alexander-University in Nuremberg is offering a postdoctoral researcher position. Applicants are expected to have research interests in both foundational and applied research topics. Application should demonstrate their ability to perform excellent research through publications in venues like CRYPTO, EUROCRYPT, ASIACRYPT, CCS, S&P, USENIX, NDSS, PKC,… The salary is based on state tariff A 13 (“Akademischer Rat auf Zeit”), 100% position, according to the current tariff in the German state Bavaria (around 4000 EUR - 4700 EUR net per month, depending on family status, experience etc.).

The city of Nuremberg is very international with over 20% of foreigners and the teaching language for our MSc courses is English. Therefore, there is no need to speak/learn German.

The position is initially offered for one year, with the option of an extension to two or more years (up to six years). The starting date is December 1st or later. There is no closing date for applications, the position remains open until filled.

To apply for this position, please send a single pdf document with the following content:

- Cover letter

- research and teaching statement

- CV and a list of publications

- Optional: one or two letter(s) of recommendation

- Optional: further supporting material

Incomplete applications or obvious mass applications that do not specifically address the offered position can not be considered.

Please submit applications by e-mail to Dominique Schröder and using the tag [POSTDOC] in the subject.

Closing date for applications: 1 November 2018

Contact: Dominique Schröder

dominique.schroeder (at) fau.de

17 September 2018
Job Posting Computer Science Professor - Tenure Track New York University (NYU) Abu Dhabi
New York University (NYU) Abu Dhabi’s Program in Computer Science invites applications for a faculty position in computer science at the rank of assistant professor, tenure track. All areas of computer science are welcome to apply. However, one specific area of research interest is cyber-security, with experience building and deploying large-scale security solutions in the real world that focus on systems security, network security, privacy, cryptography, and formal methods.

Closing date for applications: 15 October 2018

Contact: Christina Pöpper

Dear Aplicant,

At ING, increasing the pace of innovation is a strategic priority of the Think Forward strategy. We need to get faster and better at innovating so we can stay abreast of the pace of change around us. Blockchain technology is one of the innovation enablers at ING and the Blockchain program encompasses all of our efforts to explore and unlock its business value. As such, the Blockchain program at ING is directly responsible for all DLT related initiatives at ING globally.

The Blockchain program is also responsible for identifying and piloting the most promising use cases. To do so, we constantly scope the environment for relevant opportunities, actively engage with and educate the organization about the technology’s potential as well as researching trends within the industry. This allows us to have a comprehensive approach in our delivery of business value.

We are looking for a cryptographer to strengthen the team. Your main tasks that you will be performing are:

Research:

- Follow the developments in cryptography, with a focus on subjects important to DLT, such as zero-knowledge protocols, secret sharing, ring signatures, homomorphic encryption, etc.

- Implement interesting protocols in a proof-of-concept fashion

- Present interesting advances/protocols to the DLT team

Experimenting:

Participate in projects that experiment with DLT solutions, with a focus on cryptography, security and privacy components

- Advise on the cryptographic solutions to be used and how these should be used

Analysis:

- Analyse solutions and implementations thereof to verify if the implementation is correct and the privacy and/or security requirements ING has are met

Relevant stakeholders: you will be working with the DLT team, and reporting to the Chapter Lead and squad’s Customer Journey Expert / Product Owner.

You will be fully part of an enthusiastic multi-disciplinary team that has a willingness to help you grow and learn as much as possible throughout your position.

Closing date for applications: 22 December 2018

Contact: Mariana Gómez de la Villa

Global Program Manager Distributed Ledger Technology

ING Wholesale Banking Innovation

AMP G.04, Bijlmerplein 888, 1102 MG Amsterdam Zuidoost

P.O. Box 1800, 1000 BV Amsterdam, The Netherlands

M +31649420406

E mariana.gomez.de.la.villa (at) ing.nl

Job Posting Research Fellow / Postdoc Singapore University of Technology and Design (SUTD)
We are looking for three research fellows / postdocs for the Future-proof Public Distributed Ledger project. We offer a competitive salary (S$5.5k-7k+/month) with benefits, very low income tax (3-4%), and a collaboration on other security and blockchain-related projects. Preferable starting date: January 2019 (negotiable). Candidates should have a strong interest in the blockchain technology and an excellent background in at least one of the following fields: cryptography, security protocol analysis, network or system security, distributed systems, networking, or related. If you are interested, please send your CV to Pawel Szalachowski. Closing date for applications: 1 January 2019 Contact: Pawel Szalachowski pawel (at) sutd.edu.sg Job Posting PhD Student Fellowship in Computer Science New York University (NYU) Abu Dhabi The fellowship provides full financial cover to get a doctorate in Computer Science at New York University (at the Courant Institute or at the Tandon School of Engineering). The first year is spent in New York taking classes; the rest of the degree in the NYU Abu Dhabi campus. One possible focus area is cyber security and privacy. Deadline coming up soon: Dec 12 (through Courant) and Dec 15 (through Tandon). Closing date for applications: 12 December 2018 Contact: Christina Pöpper Job Posting Computer Science Professor - Tenured New York University (NYU) Abu Dhabi New York University (NYU) Abu Dhabi’s Program in Computer Science invites applications for a faculty position at the rank of associate professor or professor, each with tenure. Applicants from all areas of computer science are welcome to apply. One specific research areas of interest is cyber-security, with experience building and deploying large-scale security solutions in the real world that focus on systems security, network security, privacy, cryptography, and formal methods. Closing date for applications: 15 November 2018 More information: https://apply.interfolio.com/52873 16 September 2018 We apply Scholten's construction to give explicit isogenies between the Weil restriction of supersingular Montgomery curves with full rational 2-torsion over$GF(p^2)$and corresponding abelian surfaces over$GF(p)$. Subsequently, we show that isogeny-based public key cryptography can exploit the fast Kummer surface arithmetic that arises from the theory of theta functions. In particular, we show that chains of 2-isogenies between elliptic curves can instead be computed as chains of Richelot (2,2)-isogenies between Kummer surfaces. This gives rise to new possibilities for efficient supersingular isogeny-based cryptography. 14 September 2018 ePrint Report Improved (Almost) Tightly-Secure Simulation-Sound QA-NIZK with Applications Masayuki Abe, Charanjit S. Jutla, Miyako Ohkubo, Arnab Roy We construct the first (almost) tightly-secure unbounded-simulation-sound quasi-adaptive non-interactive zero-knowledge arguments (USS-QA-NIZK) for linear-subspace languages with compact (number of group elements independent of the security parameter) common reference string (CRS) and compact proofs under standard assumptions in bilinear-pairings groups. In particular, under the SXDH assumption, the USS-QA-NIZK proof size is only seventeen group elements with a factor$O(\log{Q})$loss in security reduction to SXDH. The USS-QA-NIZK primitive has many applications, including structure-preserving signatures (SPS), CCA2-secure publicly-verifiable public-key encryption (PKE), which in turn have applications to CCA-anonymous group signatures, blind signatures and unbounded simulation-sound Groth-Sahai NIZK proofs. We show that the almost tight security of our USS-QA-NIZK translates into constructions of all of the above applications with (almost) tight-security to standard assumptions such as SXDH and, more generally,$\mathcal D_k$-MDDH. Thus, we get the first publicly-verifiable (almost) tightly-secure multi-user/multi-challenge CCA2-secure PKE with practical efficiency under standard bilinear assumptions. Our (almost) tight SPS construction is also improved in the signature size over previously known constructions. ePrint Report A Universally Composable Framework for the Privacy of Email Ecosystems Pyrros Chaidos, Olga Fourtounelli, Aggelos Kiayias, Thomas Zacharias Email communication is amongst the most prominent online activities, and as such, can put sensitive information at risk. It is thus of high importance that internet email applications are designed in a privacy-aware manner and analyzed under a rigorous threat model. The Snowden revelations (2013) suggest that such a model should feature a global adversary, in light of the observational tools available. Furthermore, the fact that protecting metadata can be of equal importance as protecting the communication context implies that end-to-end encryption may be necessary, but it is not sufficient. With this in mind, we utilize the Universal Composability framework [Canetti, 2001] to introduce an expressive cryptographic model for email ecosystems'' that can formally and precisely capture various well-known privacy notions (unobservability, anonymity, unlinkability, etc.), by parameterizing the amount of leakage an ideal-world adversary (simulator) obtains from the email functionality. Equipped with our framework, we present and analyze the security of two email constructions that follow different directions in terms of the efficiency vs. privacy tradeoff. The first one achieves optimal security (only the online/offline mode of the users is leaked), but it is mainly of theoretical interest; the second one is based on parallel mixing [Golle and Juels, 2004] and is more practical, while it achieves anonymity with respect to users that have similar amount of sending and receiving activity. We provide generic and black box transformations from any chosen plaintext secure Attribute-Based Encryption (ABE) or One-sided Predicate Encryption system into a chosen ciphertext secure system. Our transformation requires only the IND-CPA security of the original ABE scheme coupled with a pseudorandom generator (PRG) with a special security property. In particular, we consider a PRG with an$n$bit input$s \in {0,1}^n$and$n\cdot \ell$bit output$y_1, ..., y_n$where each$y_i$is an$\ell$bit string. Then for a randomly chosen$s$the following two distributions should be computationally indistinguishable. In the first distribution$r_{i,s_i} = y_i$and$r_{i, \bar{s}_i}$is chosen randomly for$i \in [n]$. In the second distribution all$r_{i,b}$are chosen randomly for$i \in [n], b \in {0,1}$. Leakage-resilient encryption is a powerful tool to protect data confidentiality against side channel attacks. In this work, we introduce a new and strong leakage setting to counter backdoor (or trojan horse) plus covert channel attack, by relaxing the restrictions on leakage. We allow bounded leakage (e.g. 10000 bits) at anytime and anywhere and over anything. Our leakage threshold could be much larger than typical secret key (e.g. AES key or RSA private key) size. Under such a strong leakage setting, we propose an efficient encryption scheme which is semantic secure in standard setting (i.e. without leakage) and can tolerate strong continuous leakage. We manage to construct such a secure scheme under strong leakage setting, by hiding partial (e.g.$1\%\$) ciphertext as secure as we hide the secret key using a small amount of more secure hardware resource, so that it is almost equally difficult for any adversary to steal information regarding this well-protected partial ciphertext or the secret key. We remark that, the size of such well-protected small portion of ciphertext is chosen to be much larger than the leakage threshold. We provide concrete and practical examples of such more secure hardware resource for data communication and data storage. We also introduce a new notion of computational entropy, as a sort of computational version of Kolmogorov complexity. Our quantitative analysis shows that, hiding partial ciphertext is a powerful countermeasure, which enables us to achieve higher security level than existing approaches in case of backdoor plus covert channel attacks. We also show the relationship between our new notion of computational entropy and existing relevant concepts, including Shannon-Entropy, Yao-Entropy, Hill-Entropy, All-or-Nothing Transform, and Exposure Resilient Function. This new computation entropy formulation may have independent interests.
We propose a framework for achieving a public-key encryption (PKE) scheme that satisfies key dependent message security against chosen ciphertext attacks (KDM-CCA security) based on projective hash function. Our framework can be instantiated under the decisional diffie-hellman (DDH), quadratic residuosity (QR), and decisional composite residuosity (DCR) assumptions. The constructed schemes are KDM-CCA secure with respect to affine functions and compatible with the amplification method shown by Applebaum (EUROCRYPT 2011). Thus, they lead to PKE schemes satisfying KDM-CCA security for all functions computable by a-priori bounded size circuits. They are the first PKE schemes satisfying such a security notion in the standard model using neither non-interactive zero knowledge proof nor bilinear pairing.

The above framework based on projective hash function captures only KDM-CCA security in the single user setting. However, we can prove the KDM-CCA security in the multi user setting of our concrete instantiations by using their algebraic structures explicitly. Especially, we prove that our DDH based scheme satisfies KDM-CCA security in the multi user setting with the same parameter setting as in the single user setting.