Universally Composable Efficient Priced Oblivious Transfer from a Flexible Membership Encryption, by Pratish Datta and Ratna Dutta and Sourav Mukhopadhyay
Membership encryption is a newly developed cryptographic primitive that combines membership proof and encryption into an unified setting. This paper presents a new flexible membership encryption scheme which is provably secure and significantly more efficient than the previous scheme. Further we apply our proposed membership encryption to construct a round optimal 1-out-of-$n$ priced oblivious transfer (POT) protocol which, unlike the existing 1-out-of-n POT schemes,is proven secure under the universally composable (UC) security model and thus preserves security when it is executed with multiple protocol instances that run concurrently in an adversarily controlled way. Moreover, using our membership encryption, the POT protocol exhibits constant
communication complexity on the buyer\'s side and $O(n)$ communication cost on the vendor\'s side, which is so far the best known in the literature.
An Algebraic Approach to Non-Malleability, by Vipul Goyal and Silas Richelson and Alon Rosen and Margarita Vald
In their seminal work on non-malleable cryptography, Dolev, Dwork and Naor, showed how to construct a non-malleable commitment with logarithmically-many \"rounds\"/\"slots\", the idea being that any adversary may successfully maul in some slots but would fail in at least one. Since then new ideas have been introduced, ultimately resulting in constant-round protocols based on any one-way function. Yet, in spite of this remarkable progress, each of the known constructions of non-malleable commitments leaves something to be desired.
In this paper we propose a new technique that allows us to to construct a non-malleable protocol with only a single ``slot\", and to improve in at least one aspect over each of the previously proposed protocols. Two direct byproducts of our new ideas are a four round non-malleable commitment and a four round non-malleable zero-knowledge argument, the latter matching the round complexity of the best known zero-knowledge argument (without the non-malleability requirement). The protocols are based on the existence of one-way permutations (or alternatively one-way functions with an extra round) and admit very efficient instantiations via standard homomorphic commitments and sigma protocols.
Our analysis relies on algebraic reasoning, and makes use of error correcting codes in order to ensure that committers\' tags differ in many coordinates. One way of viewing our construction is as a method for combining many atomic sub-protocols in a way that simultaneously amplifies soundness and non-malleability, thus requiring much weaker guarantees to begin with, and resulting in a protocol which is much trimmer in complexity compared to the existing ones.
Non-interactive zero-knowledge proofs in the quantum random oracle model, by Dominique Unruh
We present a construction for non-interactive zero-knowledge proofs of
knowledge in the random oracle model from general sigma-protocols. Our
construction is secure against quantum adversaries. Prior
constructions (by Fiat-Shamir and by Fischlin) are only known to be
secure against classical adversaries, and Ambainis, Rosmanis, Unruh
(FOCS 2014) gave evidence that those constructions might not be secure
against quantum adversaries in general.
To prove security of our constructions, we additionally develop new
techniques for adaptively programming the quantum random oracle.
Authenticated Key Exchange from Ideal Lattices, by Jiang Zhang, Zhenfeng Zhang, Jintai Ding, Michael Snook
In this paper, we propose an authenticated key exchange (AKE) protocol
from Ideal lattices. The protocol
is simple since it does not involve any other cryptographic primitives
to achieve authentication (e.g., signatures). This allows us
to establish a security proof solely based on the hardness of
the well-known ring-LWE problems, thus on some hard lattice problems in the worst-case (e.g., SVP and SIVP). We give the security proof of the proposed
AKE protocol in an enhanced variant of the original
Bellare-Rogaway (BR) model,
which additionally captures weak Perfect Forward Secrecy (wPFS),
in the random oracle (RO) model.
Research Associate, Faculty of Computer Science, University of New Brunswick, Fredericton, Canada
The Information Security Centre of Excellence (ISCX) at the Faculty of Computer Science, University of New Brunswick’s Fredericton Campus invites application for a Research Associate in the field of Cyber Security. The successful candidate will work with the members of ISCX to conduct original research, design, and development for the Intelligent Tools for an Automated Security Analysis and Risk Management for Large-Scale Systems project. This project will be carried out in collaboration with IBM Security Division and is mainly funded under the Atlantic Innovation Foundation (AIF) program. For more information on the project and ISCX, please see www.iscx.ca.
To be considered for the position the applicant should have a PhD degree in Computer Science. Some postdoctoral research experience is an asset. Good oral and written communication skills and the ability to work on a team project are essential.
This is a full-time position, available as of October 1, 2014 and will initially be for one year, with the possibility of renewal for three more years. Salary will depend upon the qualifications and experience of the successful applicant.
Interested applicants should submit a covering letter, along with a resume, and the name, address, phone and e-email addresses of three academic references. Review of applications will begin in August 1, 2014 and will continue until the position is filled.
Post-Doc, HASLab, INESC TEC, Braga, Portugal
The High Assurance Software Laboratory (HASLab) at INESC TEC has an opening for a 2 year Post-Doc position.
The position is within the cryptography and information security group in the HASLab.
The group is actively working on: provable security, domain-specific languages and software development tools for cryptography, efficient implementation of cryptographic software, and formal verification of cryptographic proofs and implementations.
We are looking for a highly motivated researcher with a recent Ph.D. and background in at least one of the following fields:
efficient implementation of cryptography,
programming languages and verification,
and an interest in carrying out research at their intersection.
The position starts from November 2014. The salary is around 18K euros per year after tax. The working language is English.
Applications should arrive no later than September 19, 2014 and should include a CV, a cover letter, and the names and contact details for two references.
Scan Based Side Channel Attack on Grain v1, by Sonu Kumar Jha
In this paper we study a scan based side channel attack
against the Grain family of stream ciphers. The attack works
because scan chain test of circuits can be transformed into a
powerful cryptographic attack due to the properties of scan
based technique. So as a result the attack targets the test
circuitry. We show how the attacker gains the knowledge about
the locations of internal state bits of the NFSR and the LFSR and
how he finds the secret key.