Distributed Cryptography Based on the Proofs of Work, by Marcin Andrychowicz and Stefan Dziembowski
Motivated by the recent success of Bitcoin we study the question of constructing distributed cryptographic protocols in a fully peer-to-peer scenario (without any trusted setup) under the assumption that the adversary has limited computing power. We propose a formal model for this scenario and then we construct the following protocols working in it:
(i) a broadcast protocol secure under the assumption that the honest parties have computing power that is some non-negligible fraction of computing power of the adversary (this fraction can be small, in particular it can be much less than 1/2),
(ii) a protocol for identifying a set of parties such that the majority of them is honest, and every honest party belongs to this set (this protocol works under the assumption that the majority of computing power is controlled by the honest parties).
Our broadcast protocol can be used to generate an unpredictable beacon (that can later serve, e.g., as a genesis block for a new cryptocurrency). The protocol from Point (ii) can be used to construct arbitrary multiparty computation protocols. Our main tool for checking the computing power of the parties are the Proofs of Work (Dwork and Naor, CRYPTO 92). Our broadcast protocol is built on top of the classical protocol of Dolev and Strong (SIAM J. on Comp. 1983). Although our motivation is mostly theoretic, we believe that our ideas can lead to practical implementations (probably after some optimizations and simplifications). We discuss some possible applications of our protocols at the end of the paper.
Tightly-Secure Authenticated Key Exchange, by Christoph Bader and Dennis Hofheinz and Tibor Jager and Eike Kiltz and Yong Li
We construct the first Authenticated Key Exchange (AKE) protocol whose security does not degrade with an increasing number of users or sessions. We describe a three-message protocol and prove security in an enhanced version of the classical Bellare-Rogaway security model.
Our construction is modular, and can be instantiated efficiently from standard assumptions (such as the SXDH or DLIN assumptions in pairing-friendly groups). For instance, we provide an SXDH-based protocol whose communication complexity is only 14 group elements and 4 exponents (plus some bookkeeping information).
Along the way we develop new, stronger security definitions for digital signatures and key encapsulation mechanisms. For instance, we introduce a security model for digital signatures that provides existential unforgeability under chosen-message attacks in a multi-user setting with adaptive corruptions of secret keys. We show how to construct efficient schemes that satisfy the new definitions with tight security proofs under standard assumptions.
Verifiable Random Functions from Weaker Assumptions, by Tibor Jager
Constructing a verifiable random function (VRF) with large input space and full adaptive security from a static complexity assumption, like decisional Diffie-Hellman for instance, has proven to be a challenging task. To date it is not even clear that such a VRF exists. Most known constructions either allow only a small input space of polynomially-bounded size, or do not achieve full adaptive security under a static complexity assumption.
The only known constructions without these restrictions are based on non-static, so-called \"q-type\" assumptions, which are parametrized by an integer q. Since q-type assumptions get stronger with larger q, it is desirable to have q as small as possible. In current constructions q is a polynomial (Hohenberger and Waters, Eurocrypt 2010) or at least linear (Boneh et al., CCS 2010) in the security parameter.
We construct a relatively simple and efficient verifiable random function, based on a q-type assumption where q is only logarithmic in the security parameter. We also describe a verifiable unpredictable function from a similar, but weaker assumption. Both constructions have full adaptive security and large input spaces.
Associate professor (lecturer) in Computer Security., University of Birmingham, UK
This is a permanent research and teaching position in one of UK\'s top research-led universities. The Security and Privacy group undertakes research in all fields related to information and cyber security,
privacy, cryptography, etc.
Two full-time PhD or Postdoc positions in the area of Wireless Sensor Networks (WSN) Security, Universität Mannheim (Germany) and Friedrich-Alexander-Universität Erlangen-Nürnberg (Germany)
The positions are funded by the German Research Foundation (DFG) in the project WSNSec (Wireless Sensor Network Security). The project is a collaboration between the Universität Mannheim (Germany) and the Friedrich-Alexander Universität Erlangen-Nürnberg (Germany) where the two positions are located, respectively.
Position 1 at the Working Group for Theoretical Computer Science and IT-Security at Universität Mannheim (Germany) focuses on the theoretical aspects of WSNSec:
- Formalization of attacker models and security goals
- Cryptanalysis of existing cryptographic protocols
- Development of provably secure cryptographic protocols
Position 2 at the Chair for IT-Security Infrastructures (Informatik 1) at the Friedrich-Alexander-Universität Erlangen-Nürnberg (Germany) focuses on the practical aspects of WSNSec:
- Investigation of security strengths and weaknesses of the real WSNs at both the hardware and the software levels
- Implementation of cryptographic protocols for WSNs in simulation environments and on the real sensor nodes
4 Research Scientists, Temasek Laboratories at Nanyang Technological University, Singapore
Temasek Laboratories at Nanyang Technological University, Singapore is seeking candidates for 4 research scientist positions (from fresh post-docs to senior research scientists) in the areas of symmetric key cryptography and lightweight cryptography, supported by a government funded project of duration 2 years.
Salaries are globally competitive and are determined according to the successful applicants accomplishments, experience and qualifications. Interested applicants are encouraged to send early their detailed CVs, cover letter and reference letters.
Review process starts immediately and will continue until all positions are filled.