IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
15 May 2020
Lukas Aumayr, Oguzhan Ersoy, Andreas Erwig, Sebastian Faust, Kristina Hostáková, Matteo Maffei, Pedro Moreno-Sanchez, Siavash Riahi
ePrint ReportIn this work, we present the first virtual channel protocols that are built on the UTXO-model and require a script language supporting only a digital signature scheme and a timelock functionality, being thus backwards compatible with virtually every cryptocurrency, including Bitcoin. We formalize the security properties of virtual channels as an ideal functionality in the Universal Composability framework, and prove that our protocol constitutes a secure realization thereof. We have prototyped and evaluated our protocol on the Bitcoin blockchain, demonstrating its efficiency: for $n$ sequential payments, they require an off-chain exchange of $11+2\cdot(n-1)$ transactions or a total of $4219+695\cdot(n-1)$ bytes, with no on-chain footprint in the optimistic case.
Hu Xiong, Jinhao Chen, Minghao Yang, Xin Huang
ePrint ReportJoon-Woo Lee, Eunsang Lee, Yongwoo Lee, Young-Sik Kim, Jong-Seon No
ePrint ReportNaoki Shibayama, Yasutaka Igarashi, Toshinobu Kaneko
ePrint ReportRuiyu Zhu, Changchang Ding, Yan Huang
ePrint ReportPrasanna Ravi, Shivam Bhasin, Sujoy Sinha Roy, Anupam Chattopadhyay
ePrint ReportGary Yu
ePrint ReportKai Hu, Qingju Wang, Meiqin Wang
ePrint ReportTo avoid generating a huge number of inequalities for all the sub-matrices, we build a new model that only includes that the sub-matrix corresponding to a valid trail should be invertible. The computing scale of our model can be tackled by most of SMT/SAT solvers, which makes our method practical. For applications, we improve the previous BDP for LED and MISTY1. We also give the 7-round BDP results for Camellia with $FL/FL^{-1}$, which is the longest to date.
Furthermore, we remove the restriction of the \zr method that the matrix has to be invertible, which provides more choices for future designs. Thanks to this, we also reproduce 5-round key-dependent integral distinguishers proposed at Crypto 2016 which cannot be obtained by either the \s or \zr methods.
Xin An, Kai Hu, Meiqin Wang
ePrint ReportIn this paper we investigate further the influence of the specific coefficient property on the AES security. Our target, which is also one of the targets of the previous works, is a 5-round AES variant with a secret S-Box. We will show how we take advantage of the coefficient property to extract the secret key directly without any assistance of the S-Box information. Compared with the previous similar attacks, the present attacks here are the best in terms of the complexity under the chosen-plaintext scenario.
Ran Canetti, Pratik Sarkar, Xiao Wang
ePrint Report- The most efficient yet two-round adaptive string-OT protocol assuming programmable random oracle. Furthermore, the protocol can be made non-interactive in the simultaneous message setting, assuming random inputs for the sender.
- The first two-round string-OT with amortized constant exponentiations and communication overhead which is secure in the observable random oracle model.
- The first two-round receiver equivocal string-OT in the CRS model that incurs constant computation and communication overhead.
We also obtain the first non-interactive adaptive string UC-commitment in the CRS model which incurs a sublinear communication overhead in the security parameter. Specifically, we commit to polylog(k) bits while communicating O(k) bits. Moreover, it is additively homomorphic in nature.
We can also extend our results to the single CRS model where multiple sessions share the same CRS. As a corollary, we obtain a two-round adaptively secure MPC protocol in this model.
Okan Seker, Sebastian Berndt, Thomas Eisenbarth
ePrint ReportIn order to remedy this situation, we extend and generalize the ZKBoo-protocol by making use of the notion of strong non-interference of Barthe et al. (CCS 2016). To apply this notion to ZKBoo, we construct novel versions of strongly non-interfering gadgets that balance the randomness across the different branches evenly. Finally, we show that each circuit can be decomposed into branches using only these balanced strongly non-interfering gadgets. This allows us to construct a version of ZKBoo, called $(n+1)$-ZKBoo secure against side-channel attacks with very limited overhead in both signature-size and running time. Furthermore, $(n+1)$-ZKBoo is scalable to the desired security against adversarial probes. We experimentally confirm that the attacks successful against ZKBoo no longer work on $(n+1)$-ZKBoo.
Thomas Kerber, Aggelos Kiayias, Markulf Kohlweiss
ePrint ReportYusuke Naito, Yu Sasaki, Takeshi Sugawara
ePrint ReportOur first design $\mathsf{PFB\_Plus}$ aims to break the barrier of the $3s$-bit state in TI. The block size of an underlying TBC is $s/2$ bits and the output of TBC is linearly expanded to $s$ bits. This expanded state requires only 2 shares in the first-order TI, which makes the total state size $2.5s$ bits. We also provide rigorous security proof of $\mathsf{PFB\_Plus}$. Our second design $\mathsf{PFB}\omega$ further increases a parameter $\omega$: a ratio of the security level $s$ to the block size of an underlying TBC. We prove security of $\mathsf{PFB}\omega$ for any $\omega$ under some assumptions for an underlying TBC and for parameters used to update a state. Next, we show a concrete instantiation of $\mathsf{PFB\_Plus}$ for 128-bit security. It requires a TBC with 64-bit block, 128-bit key and 128-bit tweak, while no existing TBC can support it. We design a new TBC by extending \textsf{SKINNY} and provide basic security evaluation. Finally, we give hardware benchmarks of $\mathsf{PFB\_Plus}$ in the first-order TI to show that TI of $\mathsf{PFB\_Plus}$ is smaller than that of \textsf{PFB} by more than one thousand gates and is the smallest within the schemes having 128-bit security.
13 May 2020
Cercul Militar Na?ional, Romania, 19 November - 20 November 2020
Event CalendarSubmission deadline: 20 September 2020
Notification: 25 October 2020
Rennes, France, 18 November - 19 November 2020
Event CalendarSubmission deadline: 14 June 2020
Notification: 26 July 2020
Santa Barbara, USA, -
Event CalendarSubmission deadline: 1 June 2021
Bengaluru, India, 13 December - 16 December 2020
Event CalendarSubmission deadline: 31 August 2020
Notification: 19 October 2020
12 May 2020
CHES
Different targets are proposed in parallel, both in software and in hardware, corresponding to masked implementations with various number of shares. Challengers are provided with the source code of the implementations (C in software and Verilog in hardware/FPGA), a tool to predict intermediate values of the hardware implementation, profiling sets of traces including the nonces, (random) keys, (random) plaintexts and the randomness used for masking, test sets of traces corresponding to a few fixed keys (without the masking randomness), and finally prototype attacks against a single byte of the secret key for exemplary targets.
The goal of the challenge is to modify and improve the prototype attacks. The submitted attacks will be rated based on the number of measurements needed to reduce the rank of the master key below 2^32 using a rank estimation algorithm. All the attacks submitted will be made public to all challengers (under a GPLv3 license or alternatives).
Link to the challenge website: https://ctf.spook.dev/
Inria, Paris region, France
Job PostingThe RIOT-FP project is looking for a postdoctoral research to work with Inria's GRACE team (on the campus of École poytechnique in the southern suburbs of Paris) and the PROSECCO team (in central Paris). The project aims to develop high-speed, high-security, low-memory cryptographic primitives (especially post-quantum public-key algorithms), backed by proven implementations with safety guarantees for software execution on low-end IoT devices. The real-world objective is to provide some future-proofing for RIOT OS (https:/riot-os.org), a free and open-source operating system for low-end IoT devices.
Candidates are expected to have a strong background in cryptographic algorithms, IoT software security, or formally verified software. They must have, or expect to hold, a PhD in a field related to the project; they must also have strong programming experience and mathematical skills. They should have an international research profile, and be fluent in written and spoken English.
Closing date for applications:
Contact: Benjamin Smith, at inria dot fr
Simula UiB, Bergen, Norway
Job PostingThe postdoc will have considerable freedom in selecting specific problems to work on within the larger scope of the project. One focus is the effect that side-channel attacks that do not result in full key recovery have on security, including provable security, higher up the chain. Another focus is the effect that large-scale deployment deviating from some abstract ideal has.
Simula UiB Offers
- Excellent opportunities for performing high-quality research, as part of a highly competent and motivated team of international researchers and engineers.
- An informal and inclusive international working environment
- Generous support for travel and opportunities to build international networks, through established collaboration with industry, exchange programs and research visits with other universities, and funding to attend conferences
- Modern office facilities located in downtown Bergen
- A competitive salary. Starting salary from NOK 532.300
- Numerous benefits: access to company cabin, BabyBonus arrangements, sponsored social events, generous equipment budgets (e.g., computer, phone and subscription), comprehensive travel/health insurance policy, etc
- Relocation assistance: accommodation, visas, complimentary Norwegian language courses, etc
- Administrative research support: e.g., quality assurance process for grant proposals (including RCN and EU programs)
- Wellness and work-life balance. Our employees’ health and well-being is a priority and we encourage them to make use of our flexible work arrangements to help balance their work and home lives efficiently
Closing date for applications:
Contact: Martijn Stam
More information: https://www.simula.no/about/job/call-post-doctoral-fellow-concrete-cryptography