IACR News

<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <link href="https://iacr.org/libs/css/bootstrap/dist/css/bootstrap.min.css" rel="stylesheet"> <title>IACR News</title> <link rel="stylesheet" href="/css/iacr.css"> <link rel="stylesheet" href="https://iacr.org/libs/js/easy-autocomplete/easy-autocomplete.css"> <style> div.newsItemBox { margin-bottom: 1.5em; } h6.newsCardSubtitle { font-style: italic; } img.newsCategoryIcon { height: 1.6em; } span.priority1 { background-color: #FF0000; /* original #FF0000, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; } span.priority2 { background-color: #FF6F00; /* original #FF9500, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; } span.priority3 { background-color: #F5FF00; /* original #F8FF00, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; color: black; } span.priority4 { background-color: #00FF07; /* original #00FF07, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; color:black; } span.priority5 { background-color: #0048FF; /* original #0070FF, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; } span.body-expand::after { content: ' ▼'; } span.body-collapse::after { content: ' ▲'; } div.item-body { /* This is also in the script at the bottom of the template. If the content is oversize, then an expand button is shown and the max-height is recalculated. */ max-height: 100px; overflow: hidden; -moz-transition: 0.4s ease; -ms-transition: 0.4s ease; -o-transition: 0.4s ease; -webkit-transition: 0.4s ease; transition: 0.4s ease; } </style> <script type="text/javascript" async src="/libs/js/MathJax/MathJax.js?config=TeX-AMS_CHTML"></script> <script type="text/x-mathjax-config"> MathJax.Hub.Config({ tex2jax: {inlineMath: [['$$', '$$'], ['$', '$'], ['\$','\$']]} }); </script> <script> // This handler is added to every expand button upon load. // It may be called if the body before the button is too large. function expandHandler() { if (this.classList.contains('body-expand')) { var newHeight = this.previousSibling.scrollHeight; this.previousSibling.style.maxHeight = newHeight + 'px'; this.classList.remove('body-expand'); this.classList.add('body-collapse'); this.innerHTML = 'Collapse'; } else { this.previousSibling.style.maxHeight = '100px'; this.classList.add('body-expand'); this.classList.remove('body-collapse'); this.innerHTML = 'Expand'; } } // We keep this list around since it doesn't change after page load. var _expandButtons; // This is called to hide or show the expand button on all body // elements according to their size. You should probably use a // debounce construction to call it, because it is expensive. function resizeAll() { for (var i = 0 ; i < _expandButtons.length; i++) { var butt = _expandButtons[i]; var body = butt.previousSibling; if (body.scrollHeight > body.clientHeight) { butt.style.display = 'block'; } else { butt.style.display = 'none'; } } } // Returns a function, that, as long as it continues to be invoked, will not // be triggered. The function will be called after it stops being called for // N milliseconds. If `immediate` is passed, trigger the function on the // leading edge, instead of the trailing. function debounce(func, waitMS, immediate) { var timeout; return function() { var context = this, args = arguments; var later = function() { timeout = null; if (!immediate) func.apply(context, args); }; var callNow = immediate && !timeout; clearTimeout(timeout); timeout = setTimeout(later, waitMS); if (callNow) func.apply(context, args); }; }; function addHandlers() { _expandButtons = document.getElementsByClassName('expand-button'); for (var i = 0 ; i < _expandButtons.length; i++) { var butt = _expandButtons[i]; butt.addEventListener('click', expandHandler); } resizeAll(); } window.addEventListener('load', addHandlers); var maybeResize = debounce(function() { resizeAll(); }, 500); window.addEventListener('resize', maybeResize); </script> <style> img.newsPageTopIcon { height: 3.5em; } </style> </head> <body> <noscript> <h1 class="text-center">What a lovely hat</h1> <h4 class="text-center">Is it made out of <a href="/tinfoil.html">tin foil</a>?</h4> </noscript> <div id="pageHeaderAndNav"> <div id="iacrMain-header" class="container d-none d-lg-block"> <div class="row align-items-center pt-2 d-none d-md-flex justify-content-between"> <div class="col-2 pb-2"> <a href="/"> <img id="iacrLogo" src="/img/logo/iacrlogo_small.png" class="img-fluid" alt="IACR logo" /> </a> </div> <div class="col-10 mx-auto"> <h2 class="d-none d-xl-block">International Association for Cryptologic Research</h2> <h1 class="d-none d-xl-none d-md-block">International Association<br>for Cryptologic Research</h1> </div> </div> </div> <div id="iacrMain-navbar" class="container-fluid"> <nav class="container navbar navbar-expand-lg px-0 py-0"> <button class="navbar-toggler mt-1 collapsed nofocus" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation"> <span class="icon-bar top-bar"></span> <span class="icon-bar middle-bar"></span> <span class="icon-bar bottom-bar"></span> </button> <div id="navbarIacrAcronym" class="navbar-text d-inline-block d-lg-none mx-auto"> <a href="/">IACR</a> </div> <div class="collapse navbar-collapse" id="navbarSupportedContent"> <ul id="iacrMainMenu" class="navbar-nav justify-content-between flex-grow-1"> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/meetings/" id="eventsDropdownLink" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Events</a> <div class="dropdown-menu border-0" aria-labelledby="eventsDropdownLink"> <a class="dropdown-item" href="/meetings/">All IACR events</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/meetings/asiacrypt/">Asiacrypt</a> <a class="dropdown-item" href="/meetings/crypto/">Crypto</a> <a class="dropdown-item" href="/meetings/eurocrypt/">Eurocrypt</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/meetings/ches/">CHES</a> <a class="dropdown-item" href="/meetings/fse/">FSE</a> <a class="dropdown-item" href="/meetings/pkc/">PKC</a> <a class="dropdown-item" href="/meetings/tcc/">TCC</a> <a class="dropdown-item" href="https://rwc.iacr.org/">RWC</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/schools/">Cryptology Schools</a> <a class="dropdown-item" href="/icw/">In cooperation with IACR</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/publications/" id="pubsDropdownLink" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Publications</a> <div class="dropdown-menu border-0" aria-labelledby="pubsDropdownLink"> <a class="dropdown-item" href="/publications/">All IACR Publications</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/jofc/">Journal of Cryptology</a> <a class="dropdown-item" href="/transactions/tosc/">Transactions on Symmetric Cryptology</a> <a class="dropdown-item" href="https://tches.iacr.org/">Transactions on CHES</a> <a class="dropdown-item" href="https://cic.iacr.org/">Communications in Cryptology</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="https://eprint.iacr.org">Cryptology ePrint Archive</a> <a class="dropdown-item" href="https://artifacts.iacr.org/">Artifact Archive</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/publications/access.php">Access IACR Publications</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/museum/">Museum of Historic Papers</a> <a class="dropdown-item" href="/cryptodb/data/acceptance.php">Publication Statistics</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/news" id="newsDropdownLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> News </a> <div class="dropdown-menu border-0" aria-labelledby="newsDropdownLink"> <a class="dropdown-item" href="/news">All News</a> <a class="dropdown-item" href="/awards/">Awards</a> <a class="dropdown-item" href="/elections/">Elections</a> <a class="dropdown-item" href="/petitions/">Petitions & Statements</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/services/" id="servicesDropdownLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> Services </a> <div class="dropdown-menu border-0" aria-labelledby="servicesDropdownLink"> <a class="dropdown-item" href="/jobs/">Jobs</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/cryptodb/">CryptoDB</a> <a class="dropdown-item" href="/events/">Calendar of Events</a> <a class="dropdown-item" href="/cryptodb/data/videos.php">Videos</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/membership.php" id="membersDropdownLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> Members </a> <div class="dropdown-menu border-0" aria-labelledby="membersDropdownLink"> <a class="dropdown-item" href="/membership.php">How to Join</a> <a class="dropdown-item" href="https://register.iacr.org/membership/members/">Update Membership Information</a> <a class="dropdown-item" href="/publications/access.php">Access IACR Publications</a> <a class="dropdown-item" href="/news/subscribe">Subscribe to News Updates</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/about/" id="aboutDropdownLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> About </a> <div class="dropdown-menu border-0" aria-labelledby="aboutDropdownLink"> <a class="dropdown-item" href="/about">About IACR</a> <a class="dropdown-item" href="/bod.html">Board of Directors</a> <a class="dropdown-item" href="/committees.html">Committees</a> <a class="dropdown-item" href="/docs/">Documents</a> <a class="dropdown-item" href="/privacy.html">Privacy Policy</a> </div> </li> <li class="nav-item dropdown position-static d-none d-lg-inline"> <a role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" id="searchLink" data-offset="10,20"> <button class="btn searchButtons border mt-1" aria-haspopup="true" aria-expanded="false" type="button"> <img src="/img/icons/search.svg" class="searchIcon" alt="Search Button"/> </button> </a> <div id="searchDropdown" class="border-0 dropdown-menu dropdown-menu-right iacrMain-search px-2 w-100 mt-0" aria-labelledby="searchLink"> <p class="small text-white mb-1">Suggestions from <a class="localSearchLink" href="/asearch">local search</a> as you type. Hit enter to search with Google.</p> <form action="/search" method="GET"> <div class="input-group"> <input id="searchbox" name="q" type="search" class="form-control border searchBoxes" placeholder="Search IACR" width="100"> <button class="btn searchButtons border input-group-append ml-2"> Search </button> </div> </form> </div> </li> </ul> </div> <div id="searchDropdownParent" class="dropdown pb-3 d-lg-none"> <a id="mobileSearchLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" data-offset="0,20"> <img src="/img/icons/search.svg" class="searchIcon" alt="Search Button"> </a> <div id="searchDropdownMobile" class="border-0 dropdown-menu dropdown-menu-right iacrMain-search px-2 mt-0" aria-labelledby="mobileSearchLink"> <p class="small text-white mb-1">Suggestions from <a class="localSearchLink" href="/asearch">local search</a> as you type. Hit enter to search with Google.</p> <form action="/search" method="GET"> <input id="searchboxMobile" name="q" type="search" class="form-control border searchBoxes" placeholder="Search IACR"/> </form> </div> </div> </nav> </div>  </div> <main id="iacrMain-contentBox" class="container px-md-4 py-3"> <section class="row"> <div class="col-12"> <h2> IACR News </h2> <p> Here you can see all recent updates to the IACR webpage. These updates are also available: </p> <div class="d-flex justify-content-around px-md-5 mb-3"> <figure class="figure"> <a href="/news/subscribe"> <img src="/img/icons/email.svg" class="figure-img newsPageTopIcon ml-1" alt="email icon"> </a> <figcaption class="figure-caption text-center">via email</figcaption> </figure> <figure class="figure"> <a href="/news/rss"> <img src="/img/icons/news/rss.svg" class="figure-img newsPageTopIcon ml-3" alt="RSS symbol icon"> </a> <figcaption class="figure-caption text-center">via RSS feed</figcaption> </figure>  </div> <form class="form-inline" action="" method="GET"> <div class="form-group mb-4"> <label for="filterNews mx-3">Filter news by</label> <select name="channel" id="filterNews" class="custom-select mx-3" onchange="this.form.submit()"> <option value="" selected>All news</option> <option value="1" >Announcement</option> <option value="2" >Election</option> <option value="15" >Award</option> <option value="3" >Crypto</option> <option value="4" >Eurocrypt</option> <option value="5" >Asiacrypt</option> <option value="18" >CHES</option> <option value="7" >FSE</option> <option value="8" >PKC</option> <option value="6" >TCC</option> <option value="21" >Real World Crypto</option> <option value="9" >Journal of Cryptology</option> <option value="22" >Communications in Cryptology</option> <option value="10" >ePrint report</option> <option value="12" >Job posting</option> <option value="13" >Event calendar</option> <option value="19" >Schools</option> </select> </div> </form> </div> </section> <section id="allNewsItems"> <hr> <h4 class="mb-3"> 19 March 2025 </h4> <div class="card newsItemBox" id="item-25322"> <div class="card-header pb-1"> <a id="item-url-25322" href="https://eprint.iacr.org/2025/506"> <h5 id="item-headline-25322"> On the Estonian Internet Voting System, IVXV, SoK and Suggestions </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25322"> Shymaa M. Arafat </h6> <img id="item-icon-25322" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25322" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25322" class="card-text item-body"> The Estonian i-voting experience is probably the richest to analyze; a country that is considered a pioneer in digitizing both the government and private sector since 2001, and hence digital voting in 2005, yet there are still some complaints submitted, critics and remarks to consider about the IVXV system. In this paper, we introduce a Systemization of Knowledge of the Estonian IVXV i-voting system and propose some added security enhancements. The presented SoK includes applications implemented by election observers in 2023 & 2024 elections, which, to our knowledge, has never been mentioned and/or analyzed in the academic literature before. The paper also updates the general knowledge about an extra right given to auditors (but not observers) in the June 2024 European election, recent complaints, and about newer solutions suggested by academia in 2024. Finally, we discuss the current system status in 2024 EP elections and propose our own suggestions to some problems stated in the OSCE-ODIHR 2023 report that are still there. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25321"> <div class="card-header pb-1"> <a id="item-url-25321" href="https://eprint.iacr.org/2025/505"> <h5 id="item-headline-25321"> Capitalized Bitcoin Fork for National Strategic Reserve </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25321"> Charanjit Singh Jutla, Arnab Roy </h6> <img id="item-icon-25321" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25321" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25321" class="card-text item-body"> We describe a strategy for a nation to acquire majority stake in Bitcoin with zero cost to the taxpayers of the nation. We propose a bitcoin fork sponsored by the the government of the nation, and backed by the full faith of treasury of the nation, such that the genesis block of this fork attributes fixed large amount of new kinds of tokens called strategic-reserve-bitcoin tokens (SRBTC) to the nation's treasury, which is some multiple (greater than one) of the amount of all Bitcoin tokens (BTC) currently set in the Bitcoin protocol. The BTC tokens continue to be treated 1:1 as SRBTC tokens in the forked chain. The only capital that the nation puts up is its explicit guarantee that the SRBTC tokens of the fork will be accepted as legal tender, such as payment of tax to the treasury.<br><br> We suggest that this is a better approach than starting a new blockchain that mimics Bitcoin, as it will be partially fair to the current holders of Bitcoin, which in turn would make it competitive in the space of other such possible forks by other powerful nations. Moreover, such a proof-of-work blockchain retains its egalitarian and democratic nature, which competitively deters the said nation from any dilutions in the future. <br><br> To justify our proposal we setup three competitive games, and show strategies for different players that are in Nash equilibrium and which throw further light on these claims. In particular, <br><br> 1. The first game shows that if the only two alternatives for investors is to invest in BTC or SRBTC, then individuals who have a certain fraction $\theta$ of their wealth already invested in BTC, will invest new money in the original chain, whereas the individuals whose current wealth invested in BTC is less than the $\theta$ fraction will invest new money in SRBTC. 2. The second game shows that if there is a third alternative for investment, which is cash that is losing value (inflation-adjusted) by a percentage $d$, then the investors who had less than $\theta$ fraction of wealth in Bitcoin, will invest in SRBTC only if the dilution of SRBTC is large enough (as an increasing (linear) function of $1/d$). Here by dilution we mean the new SRBTC tokens that are allowed to be eventually mined in the fork. 3. The third game shows that investors would prefer a fork of Bitcoin over a replica of Bitcoin that doesn't value original BTC, when both are available and even if both are backed similarly by one or more nations. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25320"> <div class="card-header pb-1"> <a id="item-url-25320" href="https://eprint.iacr.org/2025/504"> <h5 id="item-headline-25320"> Ideal Compartmented Secret Sharing Scheme Based on the Chinese Remainder Theorem for Polynomial Rings </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25320"> Alexandru-Valentin Basaga, Sorin Iftene </h6> <img id="item-icon-25320" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25320" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25320" class="card-text item-body"> A secret sharing scheme starts with a secret and then derives from it certain shares (or shadows) which are distributed to users. The secret may be recovered only by certain predetermined groups. In case of compartmented secret sharing, the set of users is partitioned into compartments and the secret can be recovered only if the number of participants from any compartment is greater than or equal to a fixed compartment threshold and the total number of participants is greater than or equal to a global threshold.<br><br> In this paper we use the Chinese Remainder Theorem for Polynomial Rings in order to construct an ideal compartmented secret sharing scheme, inspired by the work from [20]. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25319"> <div class="card-header pb-1"> <a id="item-url-25319" href="https://eprint.iacr.org/2025/503"> <h5 id="item-headline-25319"> Max Bias Analysis: A New Approach on Computing the Entropy of Free Ring-Oscillator </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25319"> Nicolas David, Eric Garrido </h6> <img id="item-icon-25319" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25319" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25319" class="card-text item-body"> This work introduce a new approach called Max bias analysis for the entropy computation of structures of Free Ring Oscillator-based Physical Random Number Generator. It employs the stochastic model based on the well-established Wiener process, specifically adapted to only capture thermal noise contributions while accounting for potential non-zero bias in the duty cycle. Our analysis is versatile, applicable to combinations of multiple sampled Ring Oscillator (RO) filtering by any function. The entropy computation takes as inputs the parameters of the thermal stochastic model and delivers directly a proven bound for both Shannon entropy and min-entropy to fulfill AIS31 and NIST SP 800-90 B. As an example, we apply the new methodology on an enhanced structure of TRNG combining several free-running Ring Oscillators filtered by a vectorial function built from a linear error correcting code that optimizes the functional performance in terms of [entropy rate/silicium area used] and that maintains the mathematical proof of the entropy lower bound as simple as possible. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25318"> <div class="card-header pb-1"> <a id="item-url-25318" href="https://eprint.iacr.org/2025/502"> <h5 id="item-headline-25318"> Registration-Based Encryption in the Plain Model </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25318"> Jesko Dujmovic, Giulio Malavolta, Wei Qi </h6> <img id="item-icon-25318" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25318" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25318" class="card-text item-body"> Registration-based encryption (RBE) is a recently developed alternative to identity-based encryption, that mitigates the well-known key-escrow problem by letting each user sample its own key pair. In RBE, the key authority is substituted by a key curator, a completely transparent entity whose only job is to reliably aggregate users' keys. However, one limitation of all known RBE scheme is that they all rely on one-time trusted setup, that must be computed honestly. In this work, we ask whether this limitation is indeed inherent and we initiate the systematic study of RBE in the plain model, without any common reference string. We present the following main results: - (Definitions) We show that the standard security definition of RBE is unachievable without a trusted setup and we propose a slight weakening, where one honest user is required to be registered in the system. - (Constructions) We present constructions of RBE in the plain model, based on standard cryptographic assumptions. Along the way, we introduce the notions of non-interactive witness indistinguishable (NIWI) proofs secure against chosen statements attack and re-randomizable RBE, which may be of independent interest. A major limitation of our constructions, is that users must be updated upon every new registration. - (Lower Bounds) We show that this limitation is in some sense inherent. We prove that any RBE in the plain model that satisfies a certain structural requirement, which holds for all known RBE constructions, must update all but a vanishing fraction of the users, upon each new registration. This is in contrast with the standard RBE settings, where users receive a logarithmic amount of updates throughout the lifetime of the system. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25317"> <div class="card-header pb-1"> <a id="item-url-25317" href="https://eprint.iacr.org/2025/501"> <h5 id="item-headline-25317"> Quantum Key-Recovery Attacks on Permutation-Based Pseudorandom Functions </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25317"> Hong-Wei Sun </h6> <img id="item-icon-25317" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25317" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25317" class="card-text item-body"> Due to their simple security assessments, permutation-based pseudo-random functions (PRFs) have become widely used in cryptography. It has been shown that PRFs using a single $n$-bit permutation achieve $n/2$ bits of security, while those using two permutation calls provide $2n/3$ bits of security in the classical setting. This paper studies the security of permutation-based PRFs within the Q1 model, where attackers are restricted to classical queries and offline quantum computations. We present improved quantum-time/classical-data tradeoffs compared with the previous attacks. Specifically, under the same assumptions/hardware as Grover's exhaustive search attack, i.e. the offline Simon algorithm, we can recover keys in quantum time $\tilde{O}(2^{n/3})$, with $O(2^{n/3})$ classical queries and $O(n^2)$ qubits. Furthermore, we enhance previous superposition attacks by reducing the data complexity from exponential to polynomial, while maintaining the same time complexity. This implies that permutation-based PRFs become vulnerable when adversaries have access to quantum computing resources. It is pointed out that the above quantum attack can be used to quite a few cryptography, including SoEM, PDMMAC, pEDM, as well as general instantiations like XopEM, EDMEM, EDMDEM, and others. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25316"> <div class="card-header pb-1"> <a id="item-url-25316" href="https://blocktea.eai-conferences.org/"> <h5 id="item-headline-25316"> BlockTEA 2025: 4th EAI International Conference on Blockchain Technology and Emerging Applications </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25316"> Virtual event, Anywhere on Earth, 18 September - 19 September 2025 </h6> <img id="item-icon-25316" src="/img/icons/news/channel_13.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Event Calendar channel" alt="Event Calendar" /> <span id="item-priority-25316" class="badge badge-dark priority5" title="Event Calendar channel">Event Calendar</span> </div> <div id="item-body-25316" class="card-text item-body"> Event date: 18 September to 19 September 2025<br> Submission deadline: 15 May 2025<br> Notification: 8 July 2025 </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25315"> <div class="card-header pb-1"> <a id="item-url-25315" href="https://vcris.org/"> <h5 id="item-headline-25315"> VCRIS 2025: THE 2nd INTERNATIONAL CONFERENCE ON CRYPTOGRAPHY AND INFORMATION SECURITY </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25315"> 27 October - 31 October 2025 </h6> <img id="item-icon-25315" src="/img/icons/news/channel_13.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Event Calendar channel" alt="Event Calendar" /> <span id="item-priority-25315" class="badge badge-dark priority5" title="Event Calendar channel">Event Calendar</span> </div> <div id="item-body-25315" class="card-text item-body"> Event date: 27 October to 31 October 2025<br> Submission deadline: 30 June 2025<br> Notification: 15 August 2025 </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25314"> <div class="card-header pb-1"> <a id="item-url-25314" href="https://www.iacr.org/jobs/item/3929"> <h5 id="item-headline-25314"> Post-Doc </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25314"> UCSD Cryptography Group, Dept of Comp Sci & Eng, La Jolla, CA, USA </h6> <img id="item-icon-25314" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25314" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25314" class="card-text item-body"> <p><p> Applications are sought for a post-doc position in the cryptography group (CSE Department, UCSD) with Mihir Bellare. Dates are flexible. <p><p> Topics of interest include application-relevant theory of two-party computation that in particular continues work such as https://eprint.iacr.org/2024/1476, and provable security for symmetric cryptography, in particular authenticated encryption. Open to considering other topics as well. <p> Needed background is experience in, and facility with, formal definitions and proofs in the provable-security style. <p> <b> Apply:</b> To apply, please complete this Google form: https://docs.google.com/forms/d/1iOOKWI1kfU348b6Aw53FILEOu5qIDOnUoB9ngyK5wh8 <p> <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Mihir Bellare mbellare AT ucsd DOT edu</p> <p><b>More information:</b> <a href="https://cseweb.ucsd.edu/~mihir/">https://cseweb.ucsd.edu/~mihir/</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25313"> <div class="card-header pb-1"> <a id="item-url-25313" href="https://www.iacr.org/jobs/item/3928"> <h5 id="item-headline-25313"> Assistant Professor in Information and Computer Security (tenure-track) </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25313"> Università della Svizzera italiana </h6> <img id="item-icon-25313" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25313" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25313" class="card-text item-body"> The Faculty of Informatics at Università della Svizzera italiana (USI) welcomes applications for a tenure-track Assistant Professor in Information and Computer Security. The faculty’s focus is always on excellence in both research and teaching – exceptional candidates in all areas of Security are strongly encouraged to apply. The position is available from autumn 2025. The targeted starting date for the position is as early as September 1, 2025. More information available here: https://content.usi.ch/sites/default/files/storage/attachments/inf/inf-assistant-professor-2025.pdf <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Stefan Wolf, http://usi.to/nbk </p> <p><b>More information:</b> <a href="https://content.usi.ch/sites/default/files/storage/attachments/inf/inf-assistant-professor-2025.pdf">https://content.usi.ch/sites/default/files/storage/attachments/inf/inf-assistant-professor-2025.pdf</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25312"> <div class="card-header pb-1"> <a id="item-url-25312" href="https://www.iacr.org/jobs/item/3927"> <h5 id="item-headline-25312"> Doctoral Researcher (PhD student) in Hardware Security </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25312"> Friedrich-Alexander-Universität Erlangen-Nürnberg </h6> <img id="item-icon-25312" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25312" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25312" class="card-text item-body"> <p> The Research Training Group "Cybercrime and Forensic Computing" aims to systematically analyze research questions arising from the interaction between computer science and criminal law. More information about the project can be found at <i>https://cybercrime.fau.de</i>. </p> The following aspects are particularly relevant to the PhD position in the area of <b>Hardware Security</b>: <ul> <li>Computer Architecture</li> <li>Embedded Systems</li> <li>System-level Design Automation</li> <li>Side-channel Analysis</li> </ul> <p> Applicants should have an excellent academic record, hold an MSc or an equivalent university degree in computer science or related disciplines, and have the goal to finish a PhD degree within three years. </p> <p> For the particular position in hardware security, applicants should have an understanding of computer architectures (particularly RISC-V), hardware description languages, SoC design, and FPGA tools. Applicants should be team-oriented, open-minded, and communicative, with an interest in both theoretical and practical aspects of hardware security and embedded system design. </p> <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Felix Freiling (felix.freiling@fau.de) for general questions and the application process, Jürgen Teich (juergen.teich@fau.de) and Stefan Wildermann (stefan.wildermann@fau.de) for questions about the position on hardware security. </p> <p><b>More information:</b> <a href="https://www.jobs.fau.de/jobs/7-phd-positions-m-f-d-salary-level-13-tv-l-in-computer-science-full-time-and-3-phd-position-m-f-d-salary-level-13-tv-l-in-law-part-time-75-91680455/">https://www.jobs.fau.de/jobs/7-phd-positions-m-f-d-salary-level-13-tv-l-in-computer-science-full-time-and-3-phd-position-m-f-d-salary-level-13-tv-l-in-law-part-time-75-91680455/</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25311"> <div class="card-header pb-1"> <a id="item-url-25311" href="https://www.iacr.org/jobs/item/3926"> <h5 id="item-headline-25311"> Ph.D. position in Hardware Security (Verification) </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25311"> Horst Görtz Institute for IT Security, Ruhr-Universität Bochum, Bochum, Germany </h6> <img id="item-icon-25311" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25311" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25311" class="card-text item-body"> The newly established junior research group on <i>Computer-Aided Verification of Physical Security Properties (CAVE)</i> is looking for excellent Ph.D. candidates in the area of hardware security, particularly (but not limited to) those specialized in: <ul> <li>Hardware Security Verification: We explore how to perform efficient pre-silicon security verification with respect to physical implementation attacks (Side-Channel Analysis / Fault-Injection Analysis).</li> <li>Physical Implementation Attacks: We deepen the (theoretical) understanding of active and passive physical implementation attacks to build formal attacker models for security verification.</li> <li>Secure Hardware Design: We investigate how to build secure hardware circuits that can resist physical implementation attacks.</li> </ul> If you are interested in applying, please send an email to Dr. Pascal Sasdrich (pascal.sasdrich@rub.de) with the following documents in a single PDF (max. 10 MB) and subject line "[CAVE] Application for PhD position": <ol> <li>Your CV, including a transcript of records.</li> <li>A brief cover letter describing your research interests.</li> <li>Contact details of 2-3 potential references.</li> </ol> HGI and RUB stand for a collaborative, diverse, and inclusive workplace culture and promote equal opportunities. We strongly encourage applications from members of any underrepresented group in our research area. In particular, we invite and motivate women and individuals with disabilities to apply. <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Pascal Sasdrich (pascal.sasdrich@rub.de)</p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25310"> <div class="card-header pb-1"> <a id="item-url-25310" href="https://www.iacr.org/jobs/item/3925"> <h5 id="item-headline-25310"> Post-doctoral fellowship </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25310"> Gachon University, South Korea </h6> <img id="item-icon-25310" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25310" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25310" class="card-text item-body"> Information Security and Machine Learning Lab (https://ai-security.github.io/index_e.htm) has conducted research in a range of areas including artificial intelligence, cyber security and cryptography. We are also extending our areas to emerging areas such as quantum computing and parallel computing. Post-doctoral research fellows are welcome from computer science/engineering, electric/electronics, and mathematics/statistics. Applicants with good high-impact journal publication records are encouraged to send their CVs, publication lists and research statements to Professor Seong Oun Hwang (seongoun.hwang at gmail.com) by April 25, 2025. <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Professor Seong Oun Hwang</p> <p><b>More information:</b> <a href="https://ai-security.github.io/index_e.htm">https://ai-security.github.io/index_e.htm</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25309"> <div class="card-header pb-1"> <a id="item-url-25309" href="https://www.iacr.org/jobs/item/3922"> <h5 id="item-headline-25309"> Post-Doc </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25309"> Chalmers University of Technologyrsity </h6> <img id="item-icon-25309" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25309" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25309" class="card-text item-body"> We are looking for a Post Doctoral researcher to join the Crypto Team in the information Security Unit at Chalmers, under the guidance of Asst. Prof. Elena Pagnin. The applicant will have the opportunity to contribute to one or more research projects carried out in the team and to work together with all team members. Topics of interest include: provable security, post-quantum security, transparency logs, fine-grained and bounded space cryptography, and foundational cryptography. The position is fully funded for 2 years, with a 80-20 split between research and teaching duties (including supervising master thesis and helping in course-related teaching activities) <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Only applications via the official portal are considered valid.</p> <p><b>More information:</b> <a href="https://www.chalmers.se/en/about-chalmers/work-with-us/vacancies/">https://www.chalmers.se/en/about-chalmers/work-with-us/vacancies/</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25308"> <div class="card-header pb-1"> <a id="item-url-25308" href="https://www.iacr.org/jobs/item/3924"> <h5 id="item-headline-25308"> Tenure Track Position in Computer Security </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25308"> Pompeu Fabra University </h6> <img id="item-icon-25308" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25308" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25308" class="card-text item-body"> The Department of Engineering of the public Pompeu Fabra University, Barcelona, Catalonia, Spain, invites applications for a Tenure Track faculty position on Computer Security. Details about the formal requirements, the selection criteria, the selection process, and further essential information are given in the official regulations of the call. Approximated gross salary: 42.268,90 EUR per year. Applications must include an electronic copy of the PhD certificate. Furthermore, in order to illustrate the applicant's match with the requirement and selection criteria, it is strongly recommended to include a cover letter (1 page maximum), a curriculum vitae (providing common academic IDs such as Orcid or Web of Science Researcher ID), as well as a teaching and research statement (1 page maximum each). Equal Employment Opportunity Statement: UPF promotes a diverse and inclusive environment and welcomes applicants regardless of age, disability, gender, nationality, race, religion or sexual orientation. <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> randp.dtic@upf.edu </p> <p><b>More information:</b> <a href="https://www.upf.edu/documents/1656590/294524599/Bases+ENG-TTPT-2025-8+ENGLISH.docx.pdf/8d0201ec-ba05-868e-699b-0db42e026f85?t=1741351921540">https://www.upf.edu/documents/1656590/294524599/Bases+ENG-TTPT-2025-8+ENGLISH.docx.pdf/8d0201ec-ba05-868e-699b-0db42e026f85?t=1741351921540</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25307"> <div class="card-header pb-1"> <a id="item-url-25307" href="https://www.iacr.org/jobs/item/3923"> <h5 id="item-headline-25307"> PhD/Postdoc position </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25307"> Brandenburg University of Technology, Chair of IT Security </h6> <img id="item-icon-25307" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25307" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25307" class="card-text item-body"> The Young Investigator Group “COSYS - Control Systems and Cyber Security Lab” at the Chair of IT Security at the Brandenburg University of Technology Cottbus-Senftenberg has an open PhD/Postdoc position in the following areas:<br><br> <li> AI-based Network Attack Detection and Simulation. <li> AI-enabled Penetration Testing. <li> Privacy-Enhancing Technologies in Cyber-Physical Systems. <br><br> The available position is funded as 100% TV-L E13 tariff in Germany and limited until 31.07.2026, with possibility for extension. Candidates must hold a Master’s degree (PhD degree for Postdocs) or equivalent in Computer Science or related disciplines, or be close to completing it. If you are interested, please send your CV, transcript of records from your Master studies, and an electronic version of your Master's thesis (if possible), as a single pdf file. Applications will be reviewed until the position is filled. <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Ivan Pryvalov (ivan.pryvalov@b-tu.de)</p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <hr> <h4 class="mb-3"> 17 March 2025 </h4> <div class="card newsItemBox" id="item-25306"> <div class="card-header pb-1"> <a id="item-url-25306" href="https://eprint.iacr.org/2025/500"> <h5 id="item-headline-25306"> SecurED: Secure Multiparty Edit Distance for Genomic Sequences </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25306"> Jiahui Gao, Yagaagowtham Palanikuma, Dimitris Mouris, Duong Tung Nguyen, Ni Trieu </h6> <img id="item-icon-25306" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25306" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25306" class="card-text item-body"> DNA edit distance (ED) measures the minimum number of single nucleotide insertions, substitutions, or deletions required to convert a DNA sequence into another. ED has broad applications in healthcare such as sequence alignment, genome assembly, functional annotation, and drug discovery. Privacy-preserving computation is essential in this context to protect sensitive genomic data. Nonetheless, the existing secure DNA edit distance solutions lack efficiency when handling large data sequences or resort to approximations and fail to accurately compute the metric.<br><br> In this work, we introduce secureED, a protocol that tackles these limitations, resulting in a significant performance enhancement of approximately $2-24\times$ compared to existing methods. Our protocol computes a secure ED between two genomes, each comprising $1,000$ letters, in just a few seconds. The underlying technique of our protocol is a novel approach that transforms the established approximate matching technique (i.e., the Ukkonen algorithm) into exact matching, exploiting the inherent similarity in human DNA to achieve cost-effectiveness. Furthermore, we introduce various optimizations tailored for secure computation in scenarios with a limited input domain, such as DNA sequences composed solely of the four nucleotide letters. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25305"> <div class="card-header pb-1"> <a id="item-url-25305" href="https://eprint.iacr.org/2025/499"> <h5 id="item-headline-25305"> SCAPEgoat: Side-channel Analysis Library </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25305"> Dev Mehta, Trey Marcantino, Mohammad Hashemi, Sam Karkache, Dillibabu Shanmugam, Patrick Schaumont, Fatemeh Ganji </h6> <img id="item-icon-25305" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25305" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25305" class="card-text item-body"> Side-channel analysis (SCA) is a growing field in hardware security where adversaries extract secret information from embedded devices by measuring physical observables like power consumption and electromagnetic emanation. SCA is a security assessment method used by governmental labs, standardization bodies, and researchers, where testing is not just limited to standardized cryptographic circuits, but it is expanded to AI accelerators, Post Quantum circuits, systems, etc. Despite its importance, SCA is performed on an ad hoc basis in the sense that its flow is not systematically optimized and unified among labs. As a result, the current solutions do not account for fair comparisons between analyses. Furthermore, neglecting the need for interoperability between datasets and SCA metric computation increases students’ barriers to entry. To address this, we introduce SCAPEgoat, a Python-based SCA library with three key modules devoted to defining file format, capturing interfaces, and metric calculation. The custom file framework organizes side-channel traces using JSON for metadata, offering a hierarchical structure similar to HDF5 commonly applied in SCA, but more flexible and human-readable. The metadata can be queried with regular expressions, a feature unavailable in HDF5. Secondly, we incorporate memory-efficient SCA metric computations, which allow using our functions on resource-restricted machines. This is accomplished by partitioning datasets and leveraging statistics-based optimizations on the metrics. In doing so, SCAPEgoat makes the SCA more accessible to newcomers so that they can learn techniques and conduct experiments faster and with the possibility to expand on in the future. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25304"> <div class="card-header pb-1"> <a id="item-url-25304" href="https://eprint.iacr.org/2025/498"> <h5 id="item-headline-25304"> Scoop: An Optimizer for Profiling Attacks against Higher-Order Masking </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25304"> Nathan Rousselot, Karine Heydemann, Loïc Masure, Vincent Migairou </h6> <img id="item-icon-25304" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25304" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25304" class="card-text item-body"> In this paper we provide new theoretical and empirical evidences that gradient-based deep learning profiling attacks (DL-SCA) suffer from masking schemes. This occurs through an initial stall of the learning process: the so-called plateau effect. To understand why, we derive an analytical expression of a DL-SCA model targeting simulated traces which enables us to study an analytical expression of the loss. By studying the loss landscape of this model, we show that not only do the magnitudes of the gradients decrease as the order of masking increases, but the loss landscape also exhibits a prominent saddle point interfering with the optimization process. From these observations, we (1) propose the usage of a second-order optimization algorithm mitigating the impact of low-gradient areas. In addition, we show how to leverage the intrinsic sparsity of valuable information in SCA traces to better pose the DL-SCA problem. To do so, we (2) propose to use the implicit regularization properties of the sparse mirror descent. These propositions are gathered in a new publicly available optimization algorithm, Scoop. Scoop combines second-order derivative of the loss function in the optimization process, with a sparse stochastic mirror descent. We experimentally show that Scoop pushes further the current limitations of DL-SCA against simulated traces, and outperforms the state-of-the-art on the ASCADv1 dataset in terms of number of traces required to retrieve the key, perceived information and plateau length. Scoop also performs the first non-worst-case attack on the ASCADv2 dataset. On simulated traces, we show that using Scoop reduces the DL-SCA time complexity by the equivalent of one masking order. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25303"> <div class="card-header pb-1"> <a id="item-url-25303" href="https://eprint.iacr.org/2025/497"> <h5 id="item-headline-25303"> Fast Scloud+: A Fast Hardware Implementation for the Unstructured LWE-based KEM - Scloud+ </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25303"> Jing Tian, Yaodong Wei, Dejun Xu, Kai Wang, Anyu Wang, Zhiyuan Qiu, Fu Yao, Guang Zeng </h6> <img id="item-icon-25303" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25303" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25303" class="card-text item-body"> Scloud+ is an unstructured LWE-based key encapsulation mechanism (KEM) with conservative quantum security, in which ternary secrets and lattice coding are incorporated for higher computational and communication efficiency. However, its efficiencies are still much inferior to those of the structured LWE-based KEM, like ML-KEM (standardized by NIST). In this paper, we present a configurable hardware architecture for Scloud+.KEM to improve the computational efficiency. Many algorithmic and architectural co-optimizations are proposed to reduce the complexity and increase the degree of parallelism. Specially, the matrix multiplications are computed by a block in serial and the block is calculated in one cycle, without using any multipliers. In addition, the random bits all are generated by an unfolded Keccak core, well matched with the data flow required by the block matrix multiplier. The proposed design is coded in Verilog and implemented under the SMIC 40nm LP CMOS technology. The synthesized results show that Scloud+.KEM-128 only costs 23.0 $us$, 24.3 $us$, and 24.6 $us$ in the KeyGen, Encaps, and Decaps stages, respectively, with an area consumption of 0.69 $mm^2$, significantly narrowing the gap with the state-of-the-art of Kyber hardware implementation. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> </section> <div class="mt-4"> <a href="index.php?next=25303" class="btn btn-sm btn-outline-dark">Next ►</a> </div> </main> <div id="pageFooter"> <footer class="container-fluid iacrMain-footer pt-4"> <div class="row px-4"> <div class="col-12 col-md-6 col-lg-3 mb-md-3"> <a href="/about/" class="h6 d-none d-md-block"> <strong>About</strong> </a> <p class="d-none d-md-block mt-2"> The <a href="/">International Association for Cryptologic Research (IACR)</a> is a non-profit scientific organization whose purpose is to further research in cryptology and related fields. <a href="/about/">Learn more...</a> </p> <div class="text-center"> <a href="//twitter.com/IACR_News" class="social" title="Twitter Feed"> <img src="/img/icons/twitter.svg" class="socialBtn" alt="Twitter logo"> </a> <a href="//youtube.com/TheIACR" class="social" title="YouTube Channel"> <img src="/img/icons/youtube.svg" class="socialBtn" alt="YouTube logo"> </a> <a href="//www.facebook.com/theiacr/" class="social" title="Facebook Page"> <img src="/img/icons/facebook.svg" class="socialBtn" alt="Facebook logo"> </a> <a href="https://weibo.com/iacr" class="social" title="Weibo"> <img src="/img/icons/weibo.svg" class="socialBtn" alt="Weibo logo"> </a> </div> </div> <div class="col-12 col-md-6 col-lg-3"> <a href="/meetings/" class="h6"> <strong>Events</strong> </a> <ul class="list-unstyled"> <li> <a href="/meetings/asiacrypt/">Asiacrypt</a>  •  <a href="/meetings/crypto/">Crypto</a>  •  <a href="/meetings/eurocrypt/">Eurocrypt</a> </li> <li> <a href="/meetings/ches/" title="Cryptographic Hardware and Embedded Systems">CHES</a>  •  <a href="/meetings/fse/" title="Fast Software Encryption">FSE</a>  •  <a href="/meetings/pkc/" title="Public Key Cryptography">PKC</a>  •  <a href="/meetings/tcc/" title="Theory of Cryptography Conference">TCC</a> </li> <li> <a href="//rwc.iacr.org/"> Real World Crypto </a> </li> <li> <a href="/schools/"> Schools </a> </li> <li> <a href="/events/"> Calendar of events </a> </li> </ul> </div> <div class="col-12 col-md-6 col-lg-3"> <a href="/publications/" class="h6"> <strong>Publications</strong> </a> <ul class="list-unstyled"> <li> <a href="/publications/access.php"> Access to Publications </a> </li> <li> <a href="/jofc/"> Journal of Cryptology </a> </li> <li> <a href="/transactions/tosc/"> Trans. on Symmetric Cryptology </a> </li> <li> <a href="https://tches.iacr.org/"> Trans. on CHES </a> </li> <li> <a href="https://cic.iacr.org/"> Communications in Cryptology </a> </li> <li> <a href="//eprint.iacr.org/"> Cryptology ePrint Archive </a> </li> <li> <a href="/cryptodb/"> Publication database </a> </li> </ul> </div> <div class="col-12 col-md-6 col-lg-3"> <a href="/services/" class="h6"> <strong>Services</strong> </a> <ul class="list-unstyled"> <li> <a href="/news"> News </a> </li> <li> <a href="/awards/"> Awards </a> </li> <li> <a href="/jobs/"> Jobs </a> </li> <li> <a href="https://register.iacr.org/membership/members/">Update your information</a> </li> <li> <a href="/membership.php">How to join</a> </li> <li class="d-block d-md-none"> <a href="/about/"> About the IACR </a> </li> </ul> </div> </div> <div class="row"> <div class="col-12 iacrMain-bottomOfFooter text-center py-2 mt-3"> <span class="align-middle"> <a href="/copyright.html">Copyright © <span id="thisYear"></span> <script>document.getElementById("thisYear").innerHTML = new Date().getFullYear();</script> <span class="d-none d-md-inline">by the </span><span class="d-md-none">IACR</span><span class="d-none d-md-inline">International Association for Cryptologic Research</span></a> <span class="d-none d-md-inline">• </span><br class="d-md-none"> <a href="/privacy.html">Privacy Policy</a> </span> </div> </div> </footer>  </div> <script src="https://iacr.org/libs/js/jquery/3.3.1/jquery.min.js"></script> <script src="https://iacr.org/libs/css/bootstrap/dist/js/bootstrap.bundle.min.js"></script> <script src="https://iacr.org/libs/js/easy-autocomplete/jquery.easy-autocomplete.js"></script>  <script src="/js/search.js"></script> </body> </html>

CINXE.COM

IACR News