Post-Doc, University of Warsaw, Poland, European Union
A post-doc position in the area of cryptography in the Cryptography and Data Security Group at the Department of Mathematics, Informatics and Mechanics at University of Warsaw is available. The position is supported by the EU FNP Welcome Grant \\\"Cryptographic Protocols Provably-Secure Against Physical Attacks\\\". This project is about the design of cryptographic schemes that are provably-secure against physical attacks, such as side-channel leakages, tampering, or malware intrusion. We offer excellent networking and training opportunities, including participation in international workshops and conferences.
All candidates with PhD in cryptography are encouraged to apply and will be carefully considered. Knowledge of Polish is not required, but a good knowledge of English is essential.
Successful candidates can start from 10.2013. Funding is available until 5.2015 (extensions are possible depending on the funding availability)
Smashing MASH-1, by Vladimir Antipkin
MASH-1 is modular arithmetic based hash function. It is presented in Part 4 of ISO/IEC 10118
standard for one and a half decade. Cryptographic strength of MASH-1 hash function is based on
factorization problem of an RSA modulus along with redundancy in the input blocks of compression
functions. Despite of this, we are able to introduce two large classes of moduli which allow
practical time collision finding algorithm for MASH-1. In one case even multicollisions of
arbitrary length can be constructed.
EyeDecrypt -- Private Interactions in Plain Sight, by Andrea Forte and Juan Garay and Trevor Jim and Yevgeniy Vahlis
We introduce EyeDecrypt, a novel technology for privacy-preserving human-computer interaction. EyeDecrypt allows only authorized users to decipher data shown on a public display, such as an electronic screen or printed material; in the former case, the authorized user can then interact with the system (e.g., by pressing buttons), without revealing the details of the interaction to others who may be watching.
The user views data on a closely-held personal device, such as a pair of smart glasses with a camera and heads-up display, or a smartphone. The decrypted data is displayed as an image overlay on the personal device--a form of augmented reality. The user\'s inputs are protected through randomization.
EyeDecrypt consists of three main components: a visualizable encryption scheme; a dataglyph-based visual encoding scheme for the ciphertexts generated by the encryption scheme; and a randomized input and augmented reality scheme that protects user inputs without harming usability. We describe all aspects of EyeDecrypt, from security definitions, constructions and formal analysis, to implementation details of a prototype developed on a smartphone.
One-Sided Adaptively Secure Two-Party Computation, by Carmit Hazay and Arpita Patra
Adaptive security is a strong security notion that captures additional security threats that are not addressed by static corruptions. For instance, it captures scenarios in which the attacker chooses which party to corrupt based on the protocol communication. It further captures real-world scenarios where ``hackers\'\' actively break into computers, possibly while they are executing secure protocols. Studying this setting is interesting from both theoretical and practical points of view. The former is because the theoretical understanding of this setting is not yet profound and important questions are still unresolved; a notable example is the question regarding the feasibility of constant round adaptively secure protocols. From practical viewpoint, generic adaptively secure protocols are far more complicated and less efficient than static protocols.
A primary building block in designing adaptively secure protocols is a non-committing encryption or NCE that implements secure communication channels in the presence of adaptive corruptions. Current NCE constructions require a number of public key operations that grows linearly with the length of the message. Furthermore, general two-party protocols require a number of NCE calls that is linear in the circuit size (or otherwise the protocol is not round efficient). As a result the number of public key operations is inflated and depends on the circuit size as well.
In this paper we study the two-party setting in which at most one of the parties is adaptively corrupted, which we believe is the right security notion in the two-party setting. We study the feasibility of (1) NCE with constant number of public key operations for any message space. (2) Oblivious transfer with constant number of public key operations for any sender\'s input space, and (3) constant round secure computation protocols with a number of NCE calls, and an overall number of public key operations, that are independent of the circuit size. Our study demonstrates that such primitives indeed exist in the presence of single corruptions, while this is not the case for fully adaptive security (where both parties may get corrupted).