Full Domain Hash from (Leveled) Multilinear Maps and Identity-Based Aggregate Signatures, by Susan Hohenberger and Amit Sahai and Brent Waters
In this work, we explore building constructions with full domain hash structure, but with standard model proofs that do not employ the random oracle heuristic. The launching point for our results will be the utilization of a ``leveled\'\' multilinear map setting for which Garg, Gentry, and Halevi (GGH) recently gave an approximate candidate. Our first step is the creation of a standard model signature scheme that exhibits the structure of the Boneh, Lynn and Shacham signatures. In particular, this gives us a signature that admits unrestricted aggregation.
We build on this result to offer the first *identity-based* aggregate signature scheme that admits unrestricted aggregation. In our construction, an arbitrary-sized set of signatures on identity/message pairs can be aggregated into a single group element, which authenticates the entire set. The identity-based setting has important advantages over regular aggregate signatures in that it eliminates the considerable burden of having to store, retrieve or verify a set of verification keys, and minimizes the total cryptographic overhead that must be attached to a set of signer/message pairs. While identity-based signatures are trivial to achieve, their aggregate counterparts are not. To the best of our knowledge, no prior candidate for realizing unrestricted identity-based aggregate signatures exists in either the standard or random oracle models.
A key technical idea underlying these results is the realization of a hash function with a Naor-Reingold-type structure that is publicly computable using repeated application of the multilinear map. We present our results in a generic ``leveled\'\' multilinear map setting and then show how they can be translated to the GGH graded algebras analogue of multilinear maps.
Practical-Time Attacks Against Reduced Variants of MISTY1, by Orr Dunkelman and Nathan Keller
MISTY1 is a block cipher designed by Matsui in 1997. It is widely deployed in Japan where it is an e-government standard, and is recognized internationally as a NESSIE-recommended cipher as well as
an ISO standard and an RFC. Moreover, MISTY1 was selected to be the blueprint on top of which KASUMI, the GSM/3G block cipher, was based. Since its introduction, and especially in recent years, MISTY1 was subjected to extensive cryptanalytic efforts, which resulted in numerous attacks on its reduced variants. Most of these attacks aimed at maximizing the number of attacked rounds, and as a result, their complexities are highly impractical.
In this paper we pursue another direction, by focusing on attacks with a practical time complexity. The best previously-known attacks with practical complexity against MISTY1 could break either 4 rounds (out of 8), or 5 rounds in a modified variant in which some of the FL functions are removed. We present an attack on 5-round MISTY1 with all the FL functions present whose time complexity is 2^38 encryptions. When the FL functions are removed, we present a devastating (and experimentally verified) related-key attack on the full 8-round variant, requiring only 2^18 data and time.
While our attacks clearly do not compromise the security of the full
MISTY1, they expose several weaknesses in MISTY1\'s components, and
improve our understanding of its security. Moreover, future designs which rely on MISTY1 as their base, should take these issues into close consideration.
Scientific Assistant (m/f, E13 TV-G-U), Deutsche Telekom Chair, Goethe University Frankfurt, Germany, EEA
The Deutsche Telekom Chair of Mobile Business & Multilateral Security at Goethe University Frankfurt offers a position of a Scientific Assistant (m/f, E13 TV-G-U). To strengthen our team we are looking for a committed, creative and flexible PhD candidate (male/female) with advanced professional knowledge in Information Technology and interest in the current development in business informatics.
We are looking for people with advanced knowledge and special skills in at least three of the following areas:
- Network and System Security
- Privacy-Enhancing Technologies and data protection
- Identity Management
- Mobile Platforms, Smartcards and Trusted Computing
- Mobile Application Development (e.g. in Android, etc.)
- Programming languages and experiences in software projects
- Administration skills in different platforms (e.g. UNIX, Linux, Windows)
- Web technologies and development
- Project management
The position is available immediately and has a fixed-term of 3 years with an extension option.
Deadline for applications: 2013-07-31
Contact for applications: Prof. Dr. Kai Rannenberg, bewerbungen(at)m-chair(dot)net
Documents recommended to be submitted: personal statement of purpose, current resume, official references, list of publications, official test scores
More Information: http://www.m-chair.net/wps/wse/home/rannenberg/career/
Assistant/Associate Professors, University of Washington Tacoma, USA
The Institute of Technology at the University of Washington Tacoma is seeking applications for five full-time, tenure-track Associate/Assistant Professor positions for the Computer Science and Systems program and the Information Technology and Systems program. A Ph.D. or foreign equivalent in Computer Science, Information Technology, Information Systems or related field is required. Applicants should have experience in teaching and in externally-funded research. Our priority areas for research are (1) information assurance and cybersecurity – 2 positions, (2) data analytics – AI/intelligent systems, (3) CS theory/algorithms, and (4) spatial data/GIS; other areas will also be considered, especially if they are related to needs of the other Institute of Technology programs. Successful candidates will have demonstrated experience or promise for strong potential in research (as evidenced by publications). Evidence of potential to build strong relationships with partners in the technology industry and in developing collaborative research programs is highly desirable.
Applications should be submitted electronically to https://secure.interfolio.com/apply/21679 and include (1) a cover letter describing academic qualifications and experience for this position, (2) a statement of the candidate’s research program, (3) a list of publications, (4) a description of teaching philosophy, including a list of courses the candidate is qualified to teach, (5) evidence of teaching effectiveness, (6) a curriculum vitae, and (7) at least three letters of reference. Screening of applications will begin on October 15, 2013, and will continue until the positions are filled. Salary is competitive and will be commensurate with experience and qualifications.
Fully Funded PhD Student, Université Paris II Panthéon-Assas, PRES Sorbonne Universités, France, European Union
We are seeking for candidates for four funded theses.
The candidates will work on the following topics:
Thesis 1 - Faut and side-channel attacks.
Thesis 2 - Formal proofs of hardware and software implementations.
Thesis 3 - Lightweight cryptography (theory and practice).
Thesis 4 - Embedded equipment securit.
Due to employment visa constraints, the candidates must be of EU citizenship or Swiss.
The candidate will be based in the Paris area with access to very advanced laboratory equipment.
Post-Doc in System Security, University of Twente, The Netherlands
The Centre for Telematics and Information Technology (CTIT) at the University of Twente invites applications for a Post-Doc position in system security with a strong focus on security of industrial control and SCADA systems.
We search for a candidate with a strong background in practical system level security. The candidate is expected to support supervision of PhD students, contribute to our on-going projects, and also contribute to future project proposals to strengthen our research profile. Our group is member of multiple national and European research projects with strong links to industry. One example is the currently ongoing CRISALIS FP7 project (http://www.crisalisproject.eu/).
Successful candidates must hold a PhD degree in computer science or a closely related discipline and have demonstrated their excellence by top-class publications.
Please submit your application via the link provided below including:
- motivation letter specifically addressing our position,
- full curriculum vitae including a list of all courses and marks,
- publication list incl. a one-page summary of your PhD thesis,
- two recommendation letters (or alternatively the names and email addresses of two references).
The position will be closed as soon as a suitable candidate is found.