International Association
for Cryptologic Research

Homomorphic secret sharing (HSS) allows $n$ clients to secret-share data to $m$ servers, who can then homomorphically evaluate public functions over the shares. A natural application is outsourced computation over private data. In this work, we present the first plain-model homomorphic secret sharing scheme that supports the evaluation of polynomials with degree higher than 2. Our construction relies on any degree-$k$ (multi-key) homomorphic encryption scheme and can evaluate degree-$\left( (k+1)m -1 \right)$ polynomials, for any polynomial number of inputs $n$ and any sub-logarithmic (in the security parameter) number of servers $m$. At the heart of our work is a series of combinatorial arguments on how a polynomial can be split into several low-degree polynomials over the shares of the inputs, which we believe is of independent interest.

Similar to digital circuits, analog and mixed-signal (AMS) circuits are also susceptible to supply-chain attacks such as piracy, overproduction, and Trojan insertion. However, unlike digital circuits, supply-chain security of AMS circuits is less explored. In this work, we propose to perform “logic locking” on digital section of the AMS circuits. The idea is to make the analog design intentionally suffer from the effects of process variations, which impede the operation of the circuit. Only on applying the correct key, the effect of process variations are mitigated, and the analog circuit performs as desired. We provide the theoretical guarantees of the security of the circuit, and along with simulation results for the band-pass filter, low-noise amplifier, and low-dropout regulator, we also show experimental results of our technique on a band-pass filter.

A large number of studies on passwords make use of passwords leaked by attackers who compromised online services. Frequently, these leaks contain only the passwords themselves, or basic information such as usernames or email addresses. While metadata-rich leaks exist, they are often limited in the variety of demographics they cover.

In this work, we analyze a meta-data rich data leak from a Middle Eastern bank with a demographically-diverse user base. We provide an analysis of passwords created by groups of people of different cultural backgrounds, some of which are under-represented in existing data leaks, e.g., Arab, Filipino, Indian, and Pakistani.

The contributions provided by this work are many-fold. First, our results contribute to the existing body of knowledge regarding how users include personal information in their passwords. Second, we illustrate the differences that exist in how users from different cultural/linguistic backgrounds create passwords. Finally, we study the (empirical and theoretical) guessability of the dataset based on two attacker models, and show that a state of the art password strength estimator inflates the strength of passwords created by users from non-English speaking backgrounds. We improve its estimations by training it with contextually relevant information.

Scalability of distributed ledgers is a key adoption factor. As an alternative to blockchain-based protocols, directed acyclic graph (DAG) protocols are proposed with the intention to allow a higher volume of transactions to be processed. However, there is still limited understanding of the behaviour and security considerations of DAG-based systems. We present an asynchronous, continuous time, and multi-agent simulation framework for DAG-based cryptocurrencies. We model honest and semi-honest actors in the system to analyse the behaviour of one specific cryptocurrency, IOTA. Our simulations show that the agents that have low latency and a high connection degree have a higher probability of having their transactions accepted in the network with honest and semi-honest strategies. Last, the simulator is built with extensibility in mind. We are in the process of implementing SPECTRE as well as including malicious agents.

Designing a secure and efficient handover authentication scheme has always been a concern of cellular networks especially in 4G Long Term Evolution (LTE) wireless networks. What makes their handover so complex, is the presence of different types of base stations namely eNodeB (eNB) and Home eNodeB (HeNB). In addition, they cannot directly communicate with each other. Recently, an efficient proxy signature-based handover authentication scheme has been suggested by Qui et al. Despite its better performance and security advantages than previous schemes, it suffers serious vulnerabilities, namely being prone to DoS attack , eNB impersonation attack and lack of perfect forward secrecy. In this paper, we propose an improved handover authentication scheme in LTE wireless networks that resists against such attacks. Further, we validate the security of the proposed scheme using Real-Or- Random (ROR) model and ProVerif analysis tool. The results confirm our security claims of the proposed scheme. In addition, the performance analysis shows that compared to other schemes, our proposed scheme is more efficient.

Event date: 18 May 2019
Submission deadline: 10 February 2019
Notification: 3 March 2019

Simultaneous Multithreading (SMT) architectures are attractive targets for side-channel enabled attackers, with their inherently broader attack surface that exposes more per physical core microarchitecture components than cross-core attacks. In this work, we explore SMT execution engine sharing as a side-channel leakage source. We target ports to stacks of execution units to create a high-resolution timing side-channel due to port contention, inherently stealthy since it does not depend on the memory subsystem like other cache or TLB based attacks. Implementing said channel on Intel Skylake and Kaby Lake architectures featuring Hyper-Threading, we mount and end-to-end attack that recovers a P-384 private key from an OpenSSL-powered TLS server using a small number of repeated TLS handshake attempts. Furthermore, we show that traces targeting shared libraries, static builds, and SGX enclaves are essentially identical, hence our channel has wide target application.

Why work at Promise?

We are a high-energy, innovation-focused team of engineers and technologists passionate about leveraging advanced cryptographic primitives. Promise’s environment is highly collaborative, and the ideal candidate will have an eye for detail and be a team player who enjoys working with others to find cutting-edge solutions to tricky problems. Come join us!

What we are looking for in the Senior Cryptography Engineer?

This role is ideal for cryptography scientists who have deep research experience and familiarity with evolving and established post quantum cryptographic protocols and their implementation.

Preferred areas of research interest would be post-quantum cryptography. Candidates are required to have a Ph.D. in Computer Science, ECE or a related area, by the time of appointment and an outstanding research record. Solid background in cryptography, network security, distributed systems, protocols and algorithms, is highly desirable.

What you will be responsible doing?

1. Design and architect post quantum cryptography protocols in distributed p2p systems

2. Work with core internal team and external open source community

3. Collaborate with engineering and product teammates to produce protocol specification that help serve Promise customer objectives

4. Collaborate and support other teams in developing crypto economic consensus protocol

5. Identify and recommend technologies to solve technical challenges such as proof sizes

6. Interest in working in startup environments with a brisk pace and constantly changing challenges

Salary and Benefits:

Please get more information and apply here: https://aquila-1.workable.com/jobs/860808

Closing date for applications:

Contact: Head of Recruiting

jobs (at) promiseprotocols.com

More information: https://aquila-1.workable.com/jobs/860808

The Applied Security and Information Assurance (APSIA) is seeking to recruit a highly motivated post-doc with a strong research profile to complement and strengthen the group’s existing expertise. Applications from candidates with expertise in the core areas of the group are welcome, but consideration will also be given to candidates with expertise that would extend our expertise, see topics below.

The APSIA team, led by Prof. Peter Y. A. Ryan, is part of the SnT and is a dynamic and growing research group, over 20 strong, performing cutting edge research in information assurance, cryptography, and privacy. The group specializes in the mathematical modelling of security mechanisms and systems, especially crypto protocols (classical and quantum), and socio-technical systems. The group is particularly strong in verifiable voting systems.

For further information you may check: www.securityandtrust.lu and https://wwwen.uni.lu/snt/research/apsia.

Ref: R-STR-5004-00-B

Fixed Term Contract 2 years (CDD), full-time 40 hrs/week

Number of positions: 1

Start date: Late 2018/early 2019 upon agreement.

Your Role

The successful candidate will contribute to the research goals of the APSIA group. The APSIA Group specializes in the design and analysis of secure systems:

Cryptographic Protocols

Quantum Cryptographic Protocols

Cryptographic Algorithms and Primitives

Verifiable Voting Schemes

Socio-Technical Analysis of Security

Privacy Enhancing Technologies

but applications are also welcome in

post-quantum crypto

FinTech

Distributed Ledger Technologies

The tasks associated with the role include:

Contributing to the group’s research directions.

Disseminating results through scientific publications

Coordinating research projects and delivering outputs

Help preparing new research proposals

Providing guidance to PhD and MSc students

Opportunities to do some teaching will be available.

Closing date for applications: 30 November 2018

Contact: Peter Y A Ryan, peter.ryan (at) uni.lu

More information: http://emea3.mrted.ly/1ztz4

At ING, increasing the pace of innovation is a strategic priority of the Think Forward strategy. We need to get faster and better at innovating so we can stay abreast of the pace of change around us. Blockchain technology is one of the innovation enablers at ING and the Blockchain program encompasses all of our efforts to explore and unlock its business value. As such, the Blockchain program at ING is directly responsible for all DLT related initiatives at ING globally.

The Blockchain program is also responsible for identifying and piloting the most promising use cases. To do so, we constantly scope the environment for relevant opportunities, actively engage with and educate the organization about the technology’s potential as well as researching trends within the industry. This allows us to have a comprehensive approach in our delivery of business value.

We are looking for an eager collaborator to support the management of the program. Your main tasks that you will be performing are:

•Produce software solutions based on Distributed Ledger technology;

•Research actively latest development in the cryptography and DLT space;

•Implementing improvements to existing DL technologies;

•Assess and deep dive on various ledger technologies.

Relevant stakeholders: you will be working with the DLT team, and reporting to the Chapter lead.

Your personal profile:

•Master’s degree in Computer Science.

•Curious by nature, willing to experiment.

•Ability to think from a business perspective when considering alternatives.

•Excellent team player.

•Intrinsic motivation for blockchain (i.e. some prior knowledge).

•Fast learner

•Knowledge of Kotlin / Solidity / Go is a plus

Must be proficient in at least one of the skills below (and motivation and basic-knowledge in the other).

You will be fully part of an enthusiastic multi-disciplinary team that has a willingness to help you grow and learn as much as possible throughout your position.

Closing date for applications: 30 March 2019

Contact: Stanley Waccary

Business manager Innovation

Stanley.Waccary (at) ing.com

More information: https://www.ing.jobs/Nederland/Vacatures/Vacature/DLT-Development-Engineer-Cryptography-1.htm?org=searchresult

Cambridge Quantum Computing is looking to hire a Research Scientist for its Cambridge team to work ona variety of projects including quantum resistance in cryptocurrencies. The successful candidate will join the Cambridge office and will be working in a highly dynamic, research-focused group with scientific direction from leading researchers. With the freedom to think independently and creatively this is an excellent opportunity for the successful candidate to build their career.

Key Requirements

A degree in Mathematics or other quantitative disciplines such as Physics or Computer Science with a strong mathematical component.

A Passion for approaching complex problems with the goal to design and deliver novel practical solutions.

Experience writingelegant, functional and well tested code in languagessuch as python, matlab, C/C++ etc.

The ability to understand technical and advanced material and translate this into code.

DesirableRequirements

Interest in the Blockchain and its protocols, Several Existing Cryptocurrencies, FinTech, mining, “proof of work” concept etc.

Some elementary knowledge of quantum computing (what is it, why in theory it can compromise cyber security in several aspects of our day to day life)

All candidates must be eligible to live and work in the UK.

The successful candidate will be compensated with a competitive salary and will join the company’s attractive share option and bonus scheme.

Closing date for applications: 1 December 2018

At DarkMatter, we are building an organization of specialists to provide the ultimate integrated cyber security protection available. Whatever the scope, scale or sensitivity of our clients’ work, we\'ll assess their risks, resolve their vulnerabilities and always keep them ahead of the threat, offering them the best possible products and solutions.

As a Senior Cryptography Engineer - Cloud Engineer, you will:

- Design, implement and deploy cryptographic algorithms tailored for a cloud environment.

- Conduct research and development in differential privacy, secret sharing, multi-party secure computation and fully homomorphic encryption.

- Perform security assessments of crypto-primitives, cryptosystems and cloud security solutions at the theoretical and implementation level.

- Work closely with the other teams in the organization to design and deploy safe cloud-based solutions .

- Be involved in the integration of developed cryptosystems within DarkMatter products.

- Enjoy all the cultural, educational and travel opportunities Abu Dhabi offers

To bring your dream to life, you’ll need:

- PhD degree in Cryptography, Applied Cryptography, Information Theory and Mathematics or Computer Science.

- Extensive experience developing in various programming languages.

- A desire to innovate in the UAE

 

Closing date for applications: 17 February 2019

Contact: Mehdi Messaoudi

Sourcing Specialist - Recruitment

More information: https://careers.darkmatter.ae/jobs/senior-cryptography-engineer-cloud-engineer-abu-dhabi-united-arab-emirates

The Engineering Cryptographic Protocols (ENCRYPTO) Group at TU Darmstadt, Germany is looking for a research assistant (doctoral researcher / PhD student) in Techniques for Protecting Privacy in Applications.

The ENCRYPTO group is member of the Center for Research in Security and Privacy (CRISP) and the profile area Cybersecurity at TU Darmstadt (CYSEC). We develop methods and tools for protecting privacy in applications. See https://encrypto.de for details.

The candidate will do cutting-edge research on techniques for protecting privacy in applications such as cryptographic protocols that scale to real-world problem sizes, including secure multi-party computation and private information retrieval.

The candidate is expected to have a completed Master (or equivalent) degree with excellent grades in IT security, computer science, electrical engineering, mathematics, or a closely related field. Solid knowledge in IT security, applied cryptography, efficient algorithms, circuit design, and excellent programming skills are required. Additional knowledge in cryptographic protocols, parallel computing, compiler construction, programming languages, and software engineering is a plus.

Review of applications starts immediately until the position is filled.

Please consult the webpage given below for more details and how to apply.

Closing date for applications:

Contact: Prof. Thomas Schneider

More information: https://encrypto.de/jobs/CRISP2

Choosing safe post-quantum parameters for the new CSIDH isogeny-based key-exchange system requires concrete analysis of the cost of quantum attacks. The two main contributions to attack cost are the number of queries in hidden-shift algorithms and the cost of each query. This paper analyzes algorithms for each query, introducing several new speedups while showing that some previous claims were too optimistic for the attacker. This paper includes a full computer-verified simulation of its main algorithm down to the bit-operation level.

Thanks to the ease of access and low expenses, it is now popular for people to store data in cloud servers. To protect sensitive data from being leaked to the outside, people usually encrypt the data in the cloud. However, management of these encrypted data becomes a challenging problem, e.g. data classification. Besides, how to selectively share data with other users is also an important and interesting problem in cloud storage. In this paper, we focus on ciphertext-policy attribute based encryption with equality test (CP-ABEET). People can use CP-ABEET to implement not only flexible authorization for the access to encrypted data, but also efficient data label classification, i.e. test of whether two encrypted data contain the same message. We construct an efficient CP-ABEET scheme, and prove its security based on a reasonable number-theoretic assumption. Compared with the only existing CP-ABEET scheme, our construction is more efficient in key generation, and has shorter attribute-related secret keys and better security.

Many cryptographic mechanisms depend on the availability of secure random numbers. In practice, the sources of random numbers can be unreliable for many reasons. There exist ways to improve the reliability of randomness, but these often do not work well with practical constraints. One proposal to reduce the impact of untrusted randomness is the proposal by Cremers et al. [draft-irtf-cfrg-randomness-improvements-03.txt], which aims to be effective in existing deployments.

Fully homomorphic encryption, with its widely-known feature of computing on encrypted data, empowers a wide range of privacy-concerned cloud applications including deep learning as a service. This comes at a high cost since FHE includes highly-intensive computation that requires enormous computing power. Although the literature includes a number of proposals to run CNNs on encrypted data, the performance is still far from satisfactory. In this paper, we push the level up and show how to accelerate the performance of running CNNs on encrypted data using GPUs. We evaluated a CNN to classify homomorphically the MNIST dataset into 10 classes. We used a number of techniques such as low-precision training, unified training and testing network, optimized FHE parameters and a very efficient GPU implementation to achieve high performance. Our solution achieved high security level ($> 128$ bit) and high accuracy (99\%). In terms of performance, our best results show that we could classify the entire testing dataset in 14.105 seconds, with per-image amortized time (1.411 milliseconds) 40.41$\times$ faster than prior art.

Differing-inputs obfuscation (diO), first proposed by Barak et. al. [4], provides stronger security than that provided by indistinguishability obfuscation (iO). An iO scheme provides indistinguishability between the obfuscations of two programs that are equivalent and have the same length of description. A diO scheme ensures that the obfuscations of two efficiently generated programs with the same description length are indistinguishable if it is hard to find an input on which their outputs differ. Ananth et. al. [1] showed the definition of diO with respect to arbitrary auxiliary inputs. However, Garg et al. [19] showed that the existence of this kind of diO contradicts a certain “special-purpose obfuscation” conjecture. Ishai, Pandey and Sahai [23] suggested a diO variant called public-coin diO, which requires the auxiliary input to be a public random string and given as input to all relevant algorithms. They gave a construction of public-coin diO by assuming the existence of public-coin differing-inputs obfuscator for NC^1 circuits. In this paper, we use a slightly different definition, called public-coin-dependent diO. It allows the obfuscation algorithm to additionally take as input the random coins used to sample the circuit pair (including the circuit to be obfuscated) and thus the obfuscation algorithm can use the property of the circuit pair. We first construct a public-coin differing-inputs obfuscator for a class of new defined function with iO and point obfuscation with auxiliary input (AIPO). And then we use it to complete the public-coin-dependent diO for any pair of circuits that are hard to be found an input on which their outputs differ. The constructions are based on secure iO schemes for NC^1, fully homomorphic encryption scheme, and the existence of AIPO. Besides, we show the applications of our constructions.

Multi-Key Full Homomorphic Encryption scheme (MKFHE) can perform arbitrary operation on encrypted data under different public keys (users), and the final ciphertext can be jointly decrypted. Therefore, MKFHE has natural advantages and application value in security multi-party computation (MPC). For BGV-type MKFHE scheme, the amount of ciphertexts and keys are relatively large, and the process of generating evaluation keys is complicated. In this paper, we presented an efficient BGV-type MKFHE scheme with short extended ciphertexts and less public parameters. Firstly, we construct a nested ciphertext extension for BGV and separable ciphertext extension for GSW, which can reduce the amount of the extended ciphertext. Secondly, we construct a hybrid homomorphic multiplication between RBGV ciphertext and RGSW ciphertext, which can reduce the size of input ciphertext and improve the computational efficiency. Finally, the coefficient of user’s secret key is limited to $\{-1,0,1\}$, which can reduce the ciphertext size in key switching process. Comparing to CZW17 proposed in TCC17, analysis shows that the our scheme reduces the amount of ciphertext from $2k$ to $(k + 1)$, and the evaluation key generation materials are reduced from $\sum\nolimits_{l = 0}^L {24\beta _l^2}$ to $\sum\nolimits_{l = 0}^L {4{\beta _B} + 4{\beta _l}}$, and the amount of evaluation keys are reduced from $4{k^2}\beta _l^{}$ to ${(k + 1)^2}{\beta _B}$, where $k$ is the number of users participating in the homomorphic evaluations, $L$ is a bound on the circuit depth, ${\beta _l}$ and ${\beta _B}$ relatively denotes the bit length of modulus $q_l$ and the noise bound $B$. The reduction in the amount of data may lead to improvement in computational efficiency. Further more, the separable ciphertext extension for GSW can also be used in GSW-type MKFHE scheme such as CM15 to reduce the amount of ciphertext and improve the efficiency of homomorphic operations.

We investigate the problem of securely outsourcing modular exponentiations to a single, malicious computational resource. We revisit recently proposed schemes using single server and analyse them against two fundamental security properties, namely privacy of inputs and verifiability of outputs. Interestingly, we observe that the chosen schemes do not appear to meet both the security properties. In fact we present a simple polynomial-time attack on each algorithm, allowing the malicious server either to recover a secret input or to convincingly fool the client with wrong outputs. Then we provide a fix to the identified problem in the ExpSOS scheme. With our fix and without pre-processing, the improved scheme becomes the best to-date outsourcing scheme for single-server case. Finally we present the first precomputation-free single-server algorithm, \pi ExpSOS for simultaneous exponentiations.