*13:17* [Pub][ePrint]
An Alternative Approach to Non-black-box Simulation in Fully Concurrent Setting, by Susumu Kiyoshima
We give a new proof of the existence of public-coin concurrent zero-knowledge arguments for NP in the plain model under standard assumptions (the existence of one-to-one one-way functions and collision-resistant hash functions), which was originally proven by Goyal (STOC\'13).In the proof, we use a new variant of the non-black-box simulation technique of Barak (FOCS\'01). An important property of our simulation technique is that the simulator runs in a straight-line manner in the fully concurrent setting. Compared with the simulation technique of Goyal, which also has such a property, the analysis of our simulation technique is (arguably) simpler.

*23:18* [Job][New]
Assistant Professor, *Kyushu University, Fukuoka (Japan)*
The Institute of Mathematics for Industry at Kyushu University (Fukuoka, JAPAN) invites applications for ONE ASSISTANT PROFESSOR POSITION (`Jyokyo` in Japanese) beginning April 2015. Candidates in all areas of mathematical cryptography who are interested in applications of mathematics to, and collaboration with, industry will be considered. We are looking for candidates, who possess a strong record of research achievements and expertise related to mathematical cryptography such as theory of cryptography, number theory, representation theory, computer algebra, quantum computation, graph theory, combinatorics, and so on. The selection will be based on the past achievements and/or the potential of the candidates to work in the area of mathematical cryptography.Kyushu University is one of the major seven national universities in Japan, located in Fukuoka in the western part of Japan. The Institute of Mathematics for Industry (http://www.imi.kyushu-u.ac.jp/eng) consists of approximately 25 members, who are active in various areas of pure and applied mathematics and also in collaboration with industry.

For full information about the position and the application procedure, visit the URL below.

*13:17* [Pub][ePrint]
Verified Proofs of Higher-Order Masking, by Gilles Barthe and Sonia Bela\\\"id and Fran\\c{c}ois Dupressoir and Pierre-Alain Fouque and Benjamin Gr\\\'egoire and Pierre-Yves Strub
In this paper, we study the problem of automatically verifying higher-order masking countermeasures. This problem is important in practice (weaknesses have been discovered in schemes that were thought secure), but is inherently exponential: for $t$-order masking, it involves proving that every subset of $t$ intermediate variables is distributed independently of the secrets. Some type systems have been proposed to help cryptographers check their proofs, but many of these approaches are insufficient for higher-order implementations. We propose a new method, based on program verification techniques, to check the independence of sets of intermediate variables from some secrets. Our new language-based characterization of the problem also allows us to design and implement several algorithms that greatly reduce the number of sets of variables that need to be considered to prove this independence property on \\emph{all} valid adversary observations. The result of these algorithms is either a proof of security or a set of observations on which the independence property cannot be proved. We focus on AES implementations to check the validity of our algorithms. We also confirm the tool\'s ability to give useful information when proofs fail, by rediscovering existing attacks and discovering new ones.

*13:17* [Pub][ePrint]
More Efficient Oblivious Transfer Extensions with Security for Malicious Adversaries, by Gilad Asharov and Yehuda Lindell and Thomas Schneider and Michael Zohner
Oblivious transfer (OT) is one of the most fundamental primitives in cryptography and is widely used in protocols for secure two-party and multi-party computation. As secure computation becomes more practical, the need for practical large scale oblivious transfer protocols is becoming more evident. Oblivious transfer extensions are protocols that enable a relatively small number of \"base-OTs\" to be utilized to compute a very large number of OTs at low cost. In the semi-honest setting, Ishai et al. (CRYPTO 2003) presented an OT extension protocol for which the cost of each OT (beyond the base-OTs) is just a few hash function operations. In the malicious setting, Nielsen et al. (CRYPTO 2012) presented an efficient OT extension protocol for the setting of active adversaries, that is secure in the random oracle model.In this work, we present an OT extension protocol for the setting of malicious adversaries that is more efficient and uses less communication than previous works. In addition, our protocol can be proven secure in both the random oracle model, and in the standard model with a type of correlation robustness. Given the importance of OT in many secure computation protocols, increasing the efficiency of OT extensions is another important step forward to making secure computation practical.