*19:17* [Pub][ePrint]
Hardness Preserving Reductions via Cuckoo Hashing, by Itay Berman and Iftach Haitner and Ilan Komargodski and Moni Naor
A common method for increasing the usability and uplifting the security of pseudorandom function families (PRFs) is to ``hash\" the inputs into a smaller domain before applying the PRF. This approach, known as ``Levin\'s trick\", is used to achieve ``PRF domain extension\" (using a short, e.g., fixed, input length PRF to get a variable-length PRF), and more recently to transform non-adaptive PRFs to adaptive ones. Such reductions, however, are vulnerable to a ``birthday attack\": after $\\sqrt{|\\mathcal U|}$ queries to the resulting PRF, where $\\mathcal U$ being the hash function range, a collision (i.e., two distinct inputs have the same hash value) happens with high probability. As a consequence, the resulting PRF is insecure against an attacker making this number of queries.In this work we show how to go beyond the birthday attack barrier, by replacing the above simple hashing approach with a variant of cuckoo hashing --- a hashing paradigm typically used for resolving hash collisions in a table, by using two hash functions and two tables, and cleverly assigning each element into one of the two tables. We use this approach to obtain: (i) A domain extension method that requires just two calls to the original PRF, can withstand as many queries as the original domain size and has a distinguishing probability that is exponentially small in the non cryptographic work. (ii) A security-preserving reduction from non-adaptive to adaptive PRFs.

*19:17* [Pub][ePrint]
Two Exponentiation Algorithms Resistant to Cross-correlation Power Analysis and to Other Known Attacks, by Yaacov Belenky, Zeev Geyzel, Michael Kara-Ivanov and Avraham Entelis
In order to prevent the SPA (Simple Power Analysis) attack against modular exponentiation algorithms, a multiply-always implementation is generally used. Witteman et al. introduced in \\cite{WI} a new cross-correlation power analysis attack against the multiply-always implementation. We suggest two new algorithms, resistant to this attack and also to other known attacks.The first algorithm is an alternative approach to exponentiation algorithms used in cryptography, which usually receive as an input some representation (e.g. binary) of the exponent. In our approach both the exponent and the result are functions (not necessarily easily invertible) of the exponentiation algorithm input. We show that this approach can have a good performance and that it is also resistant to several known attacks, especially to the cross-correlation power analysis. It is particularly relevant for cryptographic schemes in which the private exponent can be chosen arbitrarily.

Another exponentiation algorithm that we present here may be preferable for use with RSA in certain settings. It is resistant to the cross-correlation power analysis attack, C safe error attack, and other attacks; although it involves squaring operations.

*16:51* [Job][New]
6-month Internship on Baseband Modem security, *Intel Corporation, Hillsboro, Oregon, USA*
**Description and Responsibilities: **Embedded platforms comprising SoCs, i.e., Tablets and Smartphones, have become important players in the products offered by Intel. One of the key component of SoC-based platforms is the baseband processor. The goal of this internship is to investigate the threats posed to/by baseband to a phone platform. In this position, you will be a member of the Security Center of Excellence (SeCoE) in the Intel Architecture Group to identify security vulnerabilities in the architecture, design and implementation of future SoC-based products. During this internship, your responsibilities will include but not be limited to:

- Performing the threat analysis of a current baseband processor,

- Driving the investigation of Intel baseband software and hardware for evaluating their security features,

- Researching literature from conferences (e.g.; BlackHat, PacSec) and technical forums to find out relevant attacks.

You will also be developing software and/or hardware solutions to hack the platform.

**Qualifications: **

You must be currently enrolled in a Ph.D or a Master\\\'s degree program in Computer Science, Computer Engineering or Electrical Engineering or equivalent discipline with knowledge of computer security, applied cryptography, computer architecture, hardware design (SystemVerilog or VHDL) and programming (C, Assembly). Demonstrable results in academic projects involving the above areas are essential. Exposure to security threat analysis and knowledge of existing attacks on security of System-on-chip (SoC) based platforms (For example, smartphones) would be highly desirable. Experience with hacking hardware (programming FPGAs, Flash chips etc) will be a plus. Behavioral skills include: solid analytical skills, willingness to tackle complex problems, attention to detail, self-driven, excellent written and verbal communication skills.

*16:46* [Job][New]
Post?Doc, *Electronic Health Information Laboratory, CHEO Research Institute, Canada, North America*
The Electronic Health Information Laboratory (EHIL) at the Children\\\'s Hospital of Eastern Ontario (CHEO) Research Institute is looking for a Post?Doctoral Fellow responsible for research and development of secure multi?party computation and privacy preserving protocols for applications in the area of health information and medical research.Candidates should have a Ph.D. in Computer Science, Computer Engineering, Mathematics, Engineering, or a related field, and a strong research track record with journal or conference publications in secure computation and/or privacy preserving statistics and data?mining.

*19:17* [Pub][ePrint]
Unprovable Security of Two-Message Zero Knowledge, by Kai-Min Chung and Edward Lui and Mohammad Mahmoody and Rafael Pass
Goldreich and Oren (JoC\'94) show that only trivial languages have 2-message zero-knowledge arguments. In this note we consider weaker, \\emph{super-polynomial-time} simulation (SPS), notions of zero-knowledge. We present barriers to using black-box reductions for demonstrating soundness of 2-message protocols with efficient prover strategies satisfying SPS zero-knowledge. More precisely, we show that assuming the existence of $\\poly(T(n))$-hard one-way functions, the following holds:\\begin{itemize}

\\item For sub-exponential (or smaller) $T(\\cdot)$, \\emph{polynomial-time} black-box reductions cannot be used to prove soundness of 2-message $T(\\cdot)$-simulatable arguments based on any polynomial-time intractability assumption. This matches known 2-message quasi-polynomial-time simulatable arguments using a quasi-polynomial-time reduction (Pass\'03), and 2-message exponential-time simulatable proofs using a polynomial-time reduction (Dwork-Naor\'00, Pass\'03).

\\item $\\poly(T(\\cdot))$-time black-box reductions cannot be used to prove soundness of 2-message \\emph{strong} $T(\\cdot)$-simulatable (efficient prover) arguments based on any $\\poly(T(\\cdot))$-time intractability assumption; strong $T(\\cdot)$-simulatability means that the output of the simulator is indistinguishable also for $\\poly(T(\\cdot))$-size circuits. This matches known 3-message strong quasi-polynomial-time simulatable proofs (Blum\'86, Canetti et al\'00).

\\end{itemize}

*17:36* [Job][New]
Post-doc (three posts), *Centre for Cybercrime and Computer Security, Newcastle University, UK, EU*
You will join a vibrant and growing team of security researchers at the Centre for Cybercrime and Computer Security (CCCS) at Newcastle University. The aim of the project is to address one of the grand challenges in the real world: how to develop an e-voting system that is secure, dependable and usable for future elections.This is a five-year project, supported by the European Research Council (ERC) Starting Grant. The initial appointments will be three years. Further extension by another two years will be possible subject to the performance and available funding. The expected starting date is 1 March, 2013 (flexible)

To apply for the posts, you need to have a PhD in Computer Science, engineering or related discipline, with a solid background in security and an excellent track record. Expertise in one of the following areas is especially desirable: cryptography, dependability and usable security.