IACR News
If you have a news item you wish to distribute, they should be sent to the communications secretary. See also the events database for conference announcements.
Here you can see all recent updates to the IACR webpage. These updates are also available:
10 May 2018
Kevin Lewi, Callen Rain, Stephen Weis, Yueting Lee, Haozhi Xiong, Benjamin Yang
To handle these more complicated scenarios, we have developed two token-based mechanisms for authentication. The first type is based on certificates and allows for flexible verification due to its public-key nature. The second type, known as crypto auth tokens, is symmetric-key based, and hence more restrictive, but also much more scalable to a high volume of requests. Crypto auth tokens rely on pseudorandom functions to generate independently-distributed keys for distinct identities.
Finally, we provide (mock) examples which illustrate how both of our token primitives can be used to authenticate real-world flows within our infrastructure, and how a token-based approach to authentication can be used to handle security more broadly in other infrastructures which have strict performance requirements and where relying on TLS alone is not enough.
Karl Wüst, Kari Kostiainen, Vedran Capkun, Srdjan Capkun
We propose a novel digital currency, called PRCash, where the control of money supply is centralized, money is represented as value-hiding transactions for transferability and improved privacy, and transactions are verified in a distributed manner and published to a public ledger for verifiability and transparency. Strong privacy and regulation are seemingly conflicting features, but we overcome this technical problem with a new regulation mechanism based on zero-knowledge proofs. Our implementation and evaluation shows that payments are fast and large-scale deployments practical. PRCash is the first digital currency to provide control of money supply, transparency, regulation, and privacy at the same time, and thus make its adoption as a fiat currency feasible.
Angela Jäschke, Frederik Armknecht
Zhengjun Cao, Lihua Liu
Willy Quach, Hoeteck Wee, Daniel Wichs
* We construct a 2-round 2PC protocol between Alice and Bob with respective inputs $x_A,x_B$ in which Alice learns the output $f(x_A,x_B)$ in the second round. This is the first such protocol which is "Bob-optimized", meaning that Alice does all the work while Bob's computation and the total communication of the protocol are smaller than the size of the circuit $f$ or even Alice's input $x_A$. In contrast, prior solutions based on fully homomorphic encryption are "Alice-optimized".
* We construct an MPC protocol, which allows $N$ parties to securely evaluate a function $f(x_1,...,x_N)$ over their respective inputs, where the total amount of computation performed by the parties during the protocol execution is smaller than that of evaluating the function itself! Each party has to individually pre-process the circuit $f$ before the protocol starts and post-process the protocol transcript to recover the output after the protocol ends, and the cost of these steps is larger than the circuit size. However, this gives the first MPC where the computation performed by each party during the actual protocol execution, from the time the first protocol message is sent until the last protocol message is received, is smaller than the circuit size.
Jung Hee Cheon, Minki Hhan, Jiseung Kim, Changmin Lee
Cencen Wan, Yuncong Zhang, Chen Pan, Zhiqiang Liu, Yu Long, Zhen Liu, Yu Yu, Shuyang Tang
To do so, firstly we take advantage of the basic framework (i.e., two-layer chain structure) adopted in Bitcoin-NG which was introduced by Eyal et al. to extend the throughput of Bitcoin-derived blockchains significantly via blocks of a two-layer structure, inheriting the high throughput merit while ridding off the vulnerability to the attack of microblock swamping in Bitcoin-NG as well as attaining a better fairness property, by presenting two-level mining mechanism and incorporating this mechanism into the two-layer chain structure. Furthermore, to tackle the selfish mining issue, strengthen the robustness against the "51%" attack of PoW miners, and offer the flexibility for future protocol updating effectively, we borrow the idea of ticket-voting mechanism from DASH and Decred, and combine it with our improved structure elaborately to build a novel efficient, robust and flexible blockchain protocol (named Goshawk). Last but not the least, this scheme has been implemented and deployed in the testnet of the public blockchain project Hcash for months, and has demonstrated its stability and high efficiency with such real-world test.
Gideon Samid
Sankhanil Dey, Ranjan Ghosh
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Hugo Pacheco, Vitor Pereira, Bernardo Portela
Specifications are then compiled into multi-party protocols. We formalize protocol security using (distributed) probabilistic information-flow and prove that compilation is security-preserving: protocols do not leak more than allowed by the source policy. The proof exploits a natural but previously missing correspondence between simulation-based cryptographic proofs and (composable) probabilistic non-interference.
Finally, we extend our framework to justify leakage cancelling, a domain-specific optimization that allows to, first, write an efficiently computable specification that fails to meet the allowed leakage upper-bound, and then apply a probabilistic pre-processing that brings the overall leakage to within the acceptable range.
06 May 2018
Payman Mohassel, Peter Rindal
In this paper, we design and implement a general framework for privacy-preserving machine learning and use it to obtain new solutions for training linear regression, logistic regression and neural network models. Our protocols are in a three-server model wherein data owners secret share their data among three servers who train and evaluate models on the joint data using three-party computation (3PC).
Our main contribution is a new and complete framework ($ABY^3$) for efficiently switching back and forth between arithmetic, binary, and Yao 3PC which is of independent interest. Many of the conversions are based on new techniques that are designed and optimized for the first time in this paper. We also propose new techniques for fixed-point multiplication of shared decimal values that extends beyond the three-party case, and customized protocols for evaluating piecewise polynomial functions. We design variants of each building block that is secure against malicious adversaries who deviates arbitrarily.
We implement our system in C++. Our protocols are up to four orders of magnitude faster than the best prior work, hence significantly reducing the gap between privacy-preserving and plaintext training.
Bonn, Germany, 23 July - 27 July 2018
Nanyang Technological University
We are soliciting candidates to have an introductory knowledge in cryptography and strong background in digital/system design, including relevant experience in managing large-scale programming projects in C/C++/VHDL/Verilog. Candidates with prior industrial experience and familiarity with state-of-the-art tools in these domains are preferred.
Review of applications starts immediately and will continue until positions are filled.
Closing date for applications: 31 December 2018
Contact: Asst. Prof. Anupam Chattopadhyay, Nanyang Technological University (Singapore), anupam at ntu.edu.sg
NuCypher
We\'re looking for a scientist with expertise in fully homomorphic encryption (FHE) to assist with our research efforts on performance improvements and potential applications for smart contracts. Familiarity with related technologies like proxy re-encryption (PRE) and multi-party computation (MPC) is helpful.
Ideally, candidates have an understanding of the surrounding issues and problems and have an interest in identifying potential solutions. Due to the unproven and highly theoretical nature of these schemes, candidates should be willing to pivot research when practical solutions cannot be found. Qualified candidates are likely (but not required) to have a PhD or similarly extensive experience in cryptography.
Closing date for applications: 31 December 2018
Contact: Please email founders (at) nucypher.com with your CV and any previous research/publications you\'re able to share.
More information: http://www.nucypher.com/
04 May 2018
Simula@UiB, Bergen, Norway
Closing date for applications: 15 June 2018
Contact: Professor Øyvind Ytrehus, Simula@UiB
Email: oyvindy (at) simula.no
More information: https://www.simula.no/about/job/call-phd-student-cryptography-simulauib
Norwegian University of Science and Technology (NTNU)
Post-quantum primitives. Post-quantum public-key primitives are the main focus of the ongoing NIST standardization process that officially started on 30 November 2017. Initially 69 proposed schemes were proposed in three main categories: encryption schemes, key encapsulation mechanisms, and digital signatures. Those, and possibly new primitives, are the subject of the research for this position.
Post-quantum ecosystem. Current public key cryptosystems have a large associated ecosystem of auxiliary protocols and tools, such as proofs of knowledge, proofs of relations, verifiable decryption, and shuffles of ciphertexts. This ecosystem is sparse for most post-quantum schemes. Our group has already begun working on new tools, such as shuffles and verifiable decryption, mostly for lattice-based cryptosystem. We intend to continue this line of research, with a focus on lattice-based cryptography, but we will also work on code-based and multivariate cryptography.
Post-quantum key exchange. This project will focus on how to achieve efficient quantum-secure key exchange which can achieve some useful key exchange properties, such as: forward secrecy, key compromise impersonation, deniability, anonymity, contributiveness, and key control. Strong models of security, such as those accounting for ephemeral key leakage and side channels, and different settings, such as password-based key exchange and group key exchange, will also be investigated.
Closing date for applications: 1 June 2018
Contact: Professor Kristian Gjøsteen (kristian.gjosteen (at) ntnu.no), or Professor Colin Boyd (colin.boyd (at) ntnu.no), or Professor Danilo Gligoroski (danilo.gligoroski (at) ntnu.no)
More information: https://www.jobbnorge.no/en/available-jobs/job/152421/
03 May 2018
Ioana Boureanu, Anda Anda
We only sketch possible designs in the right directions, with the idea to pass on the message that these problems should be look at much more carefully.
We shortly debate what should and should not be the case w.r.t. confirmation of EMV contactless payments.
We also discuss alternative views onto making contactless payments secure against relay-attacks via proximity-checking.
02 May 2018
Nanyang Technological University, Singapore
Candidates are expected to have a strong backgroung in symmetric-key cryptography and/or machine learning, with good experience in programming with C/C++ and/or Python.
Review of applications starts immediately and will continue until positions are filled.
Closing date for applications: 31 December 2018
Contact: Assoc. Prof. Thomas Peyrin, Nanyang Technological University (Singapore), thomas.peyrin (at) ntu.edu.sg
DarkMatter - Abu Dhabi
If you are looking for a real technical challenge within a top of the notch Lab, using the most recent technologies, a true work life balance, a tax free salary and the beach all year round, feel free to go on our website to apply for these open postions below:
- Hardware Security Researcher
- Embedded Security Researcher
- Malware Researcher
- Software Security Researcher
- Cryptanalyst
Apply here : https://careers.darkmatter.ae/jobs/search
Have a nice day !
Closing date for applications: 1 October 2018
Contact: Mehdi Messaoudi
Talent Acquisition Specialist at DarkMatter
mehdi.messaoudi (at) darkmatter.ae
More information: https://careers.darkmatter.ae/jobs/search