IACR News

<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <link href="https://iacr.org/libs/css/bootstrap/dist/css/bootstrap.min.css" rel="stylesheet"> <title>IACR News</title> <link rel="stylesheet" href="/css/iacr.css"> <link rel="stylesheet" href="https://iacr.org/libs/js/easy-autocomplete/easy-autocomplete.css"> <style> div.newsItemBox { margin-bottom: 1.5em; } h6.newsCardSubtitle { font-style: italic; } img.newsCategoryIcon { height: 1.6em; } span.priority1 { background-color: #FF0000; /* original #FF0000, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; } span.priority2 { background-color: #FF6F00; /* original #FF9500, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; } span.priority3 { background-color: #F5FF00; /* original #F8FF00, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; color: black; } span.priority4 { background-color: #00FF07; /* original #00FF07, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; color:black; } span.priority5 { background-color: #0048FF; /* original #0070FF, filtered through #102A83 at about 50% */ height: 1.15rem; margin-top: 0.2rem; margin-left: 0.5rem; } span.body-expand::after { content: ' ▼'; } span.body-collapse::after { content: ' ▲'; } div.item-body { /* This is also in the script at the bottom of the template. If the content is oversize, then an expand button is shown and the max-height is recalculated. */ max-height: 100px; overflow: hidden; -moz-transition: 0.4s ease; -ms-transition: 0.4s ease; -o-transition: 0.4s ease; -webkit-transition: 0.4s ease; transition: 0.4s ease; } </style> <script type="text/javascript" async src="/libs/js/MathJax/MathJax.js?config=TeX-AMS_CHTML"></script> <script type="text/x-mathjax-config"> MathJax.Hub.Config({ tex2jax: {inlineMath: [['$$', '$$'], ['$', '$'], ['\$','\$']]} }); </script> <script> // This handler is added to every expand button upon load. // It may be called if the body before the button is too large. function expandHandler() { if (this.classList.contains('body-expand')) { var newHeight = this.previousSibling.scrollHeight; this.previousSibling.style.maxHeight = newHeight + 'px'; this.classList.remove('body-expand'); this.classList.add('body-collapse'); this.innerHTML = 'Collapse'; } else { this.previousSibling.style.maxHeight = '100px'; this.classList.add('body-expand'); this.classList.remove('body-collapse'); this.innerHTML = 'Expand'; } } // We keep this list around since it doesn't change after page load. var _expandButtons; // This is called to hide or show the expand button on all body // elements according to their size. You should probably use a // debounce construction to call it, because it is expensive. function resizeAll() { for (var i = 0 ; i < _expandButtons.length; i++) { var butt = _expandButtons[i]; var body = butt.previousSibling; if (body.scrollHeight > body.clientHeight) { butt.style.display = 'block'; } else { butt.style.display = 'none'; } } } // Returns a function, that, as long as it continues to be invoked, will not // be triggered. The function will be called after it stops being called for // N milliseconds. If `immediate` is passed, trigger the function on the // leading edge, instead of the trailing. function debounce(func, waitMS, immediate) { var timeout; return function() { var context = this, args = arguments; var later = function() { timeout = null; if (!immediate) func.apply(context, args); }; var callNow = immediate && !timeout; clearTimeout(timeout); timeout = setTimeout(later, waitMS); if (callNow) func.apply(context, args); }; }; function addHandlers() { _expandButtons = document.getElementsByClassName('expand-button'); for (var i = 0 ; i < _expandButtons.length; i++) { var butt = _expandButtons[i]; butt.addEventListener('click', expandHandler); } resizeAll(); } window.addEventListener('load', addHandlers); var maybeResize = debounce(function() { resizeAll(); }, 500); window.addEventListener('resize', maybeResize); </script> <style> img.newsPageTopIcon { height: 3.5em; } </style> </head> <body> <noscript> <h1 class="text-center">What a lovely hat</h1> <h4 class="text-center">Is it made out of <a href="/tinfoil.html">tin foil</a>?</h4> </noscript> <div id="pageHeaderAndNav"> <div id="iacrMain-header" class="container d-none d-lg-block"> <div class="row align-items-center pt-2 d-none d-md-flex justify-content-between"> <div class="col-2 pb-2"> <a href="/"> <img id="iacrLogo" src="/img/logo/iacrlogo_small.png" class="img-fluid" alt="IACR logo" /> </a> </div> <div class="col-10 mx-auto"> <h2 class="d-none d-xl-block">International Association for Cryptologic Research</h2> <h1 class="d-none d-xl-none d-md-block">International Association<br>for Cryptologic Research</h1> </div> </div> </div> <div id="iacrMain-navbar" class="container-fluid"> <nav class="container navbar navbar-expand-lg px-0 py-0"> <button class="navbar-toggler mt-1 collapsed nofocus" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation"> <span class="icon-bar top-bar"></span> <span class="icon-bar middle-bar"></span> <span class="icon-bar bottom-bar"></span> </button> <div id="navbarIacrAcronym" class="navbar-text d-inline-block d-lg-none mx-auto"> <a href="/">IACR</a> </div> <div class="collapse navbar-collapse" id="navbarSupportedContent"> <ul id="iacrMainMenu" class="navbar-nav justify-content-between flex-grow-1"> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/meetings/" id="eventsDropdownLink" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Events</a> <div class="dropdown-menu border-0" aria-labelledby="eventsDropdownLink"> <a class="dropdown-item" href="/meetings/">All IACR events</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/meetings/asiacrypt/">Asiacrypt</a> <a class="dropdown-item" href="/meetings/crypto/">Crypto</a> <a class="dropdown-item" href="/meetings/eurocrypt/">Eurocrypt</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/meetings/ches/">CHES</a> <a class="dropdown-item" href="/meetings/fse/">FSE</a> <a class="dropdown-item" href="/meetings/pkc/">PKC</a> <a class="dropdown-item" href="/meetings/tcc/">TCC</a> <a class="dropdown-item" href="https://rwc.iacr.org/">RWC</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/schools/">Cryptology Schools</a> <a class="dropdown-item" href="/icw/">In cooperation with IACR</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/publications/" id="pubsDropdownLink" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Publications</a> <div class="dropdown-menu border-0" aria-labelledby="pubsDropdownLink"> <a class="dropdown-item" href="/publications/">All IACR Publications</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/jofc/">Journal of Cryptology</a> <a class="dropdown-item" href="/transactions/tosc/">Transactions on Symmetric Cryptology</a> <a class="dropdown-item" href="https://tches.iacr.org/">Transactions on CHES</a> <a class="dropdown-item" href="https://cic.iacr.org/">Communications in Cryptology</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="https://eprint.iacr.org">Cryptology ePrint Archive</a> <a class="dropdown-item" href="https://artifacts.iacr.org/">Artifact Archive</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/publications/access.php">Access IACR Publications</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/museum/">Museum of Historic Papers</a> <a class="dropdown-item" href="/cryptodb/data/acceptance.php">Publication Statistics</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/news" id="newsDropdownLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> News </a> <div class="dropdown-menu border-0" aria-labelledby="newsDropdownLink"> <a class="dropdown-item" href="/news">All News</a> <a class="dropdown-item" href="/awards/">Awards</a> <a class="dropdown-item" href="/elections/">Elections</a> <a class="dropdown-item" href="/petitions/">Petitions & Statements</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/services/" id="servicesDropdownLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> Services </a> <div class="dropdown-menu border-0" aria-labelledby="servicesDropdownLink"> <a class="dropdown-item" href="/jobs/">Jobs</a> <div class="dropdown-divider"></div> <a class="dropdown-item" href="/cryptodb/">CryptoDB</a> <a class="dropdown-item" href="/events/">Calendar of Events</a> <a class="dropdown-item" href="/cryptodb/data/videos.php">Videos</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/membership.php" id="membersDropdownLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> Members </a> <div class="dropdown-menu border-0" aria-labelledby="membersDropdownLink"> <a class="dropdown-item" href="/membership.php">How to Join</a> <a class="dropdown-item" href="https://register.iacr.org/membership/members/">Update Membership Information</a> <a class="dropdown-item" href="/publications/access.php">Access IACR Publications</a> <a class="dropdown-item" href="/news/subscribe">Subscribe to News Updates</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link iacrMain-navLink dropdown-toggle" href="/about/" id="aboutDropdownLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> About </a> <div class="dropdown-menu border-0" aria-labelledby="aboutDropdownLink"> <a class="dropdown-item" href="/about">About IACR</a> <a class="dropdown-item" href="/bod.html">Board of Directors</a> <a class="dropdown-item" href="/committees.html">Committees</a> <a class="dropdown-item" href="/docs/">Documents</a> <a class="dropdown-item" href="/privacy.html">Privacy Policy</a> </div> </li> <li class="nav-item dropdown position-static d-none d-lg-inline"> <a role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" id="searchLink" data-offset="10,20"> <button class="btn searchButtons border mt-1" aria-haspopup="true" aria-expanded="false" type="button"> <img src="/img/icons/search.svg" class="searchIcon" alt="Search Button"/> </button> </a> <div id="searchDropdown" class="border-0 dropdown-menu dropdown-menu-right iacrMain-search px-2 w-100 mt-0" aria-labelledby="searchLink"> <p class="small text-white mb-1">Suggestions from <a class="localSearchLink" href="/asearch">local search</a> as you type. Hit enter to search with Google.</p> <form action="/search" method="GET"> <div class="input-group"> <input id="searchbox" name="q" type="search" class="form-control border searchBoxes" placeholder="Search IACR" width="100"> <button class="btn searchButtons border input-group-append ml-2"> Search </button> </div> </form> </div> </li> </ul> </div> <div id="searchDropdownParent" class="dropdown pb-3 d-lg-none"> <a id="mobileSearchLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" data-offset="0,20"> <img src="/img/icons/search.svg" class="searchIcon" alt="Search Button"> </a> <div id="searchDropdownMobile" class="border-0 dropdown-menu dropdown-menu-right iacrMain-search px-2 mt-0" aria-labelledby="mobileSearchLink"> <p class="small text-white mb-1">Suggestions from <a class="localSearchLink" href="/asearch">local search</a> as you type. Hit enter to search with Google.</p> <form action="/search" method="GET"> <input id="searchboxMobile" name="q" type="search" class="form-control border searchBoxes" placeholder="Search IACR"/> </form> </div> </div> </nav> </div>  </div> <main id="iacrMain-contentBox" class="container px-md-4 py-3"> <section class="row"> <div class="col-12"> <h2> IACR News </h2> <p> Here you can see all recent updates to the IACR webpage. These updates are also available: </p> <div class="d-flex justify-content-around px-md-5 mb-3"> <figure class="figure"> <a href="/news/subscribe"> <img src="/img/icons/email.svg" class="figure-img newsPageTopIcon ml-1" alt="email icon"> </a> <figcaption class="figure-caption text-center">via email</figcaption> </figure> <figure class="figure"> <a href="/news/rss"> <img src="/img/icons/news/rss.svg" class="figure-img newsPageTopIcon ml-3" alt="RSS symbol icon"> </a> <figcaption class="figure-caption text-center">via RSS feed</figcaption> </figure>  </div> <form class="form-inline" action="" method="GET"> <div class="form-group mb-4"> <label for="filterNews mx-3">Filter news by</label> <select name="channel" id="filterNews" class="custom-select mx-3" onchange="this.form.submit()"> <option value="" selected>All news</option> <option value="1" >Announcement</option> <option value="2" >Election</option> <option value="15" >Award</option> <option value="3" >Crypto</option> <option value="4" >Eurocrypt</option> <option value="5" >Asiacrypt</option> <option value="18" >CHES</option> <option value="7" >FSE</option> <option value="8" >PKC</option> <option value="6" >TCC</option> <option value="21" >Real World Crypto</option> <option value="9" >Journal of Cryptology</option> <option value="22" >Communications in Cryptology</option> <option value="10" >ePrint report</option> <option value="12" >Job posting</option> <option value="13" >Event calendar</option> <option value="19" >Schools</option> </select> </div> </form> </div> </section> <section id="allNewsItems"> <hr> <h4 class="mb-3"> 23 March 2025 </h4> <div class="card newsItemBox" id="item-25361"> <div class="card-header pb-1"> <a id="item-url-25361" href="https://eprint.iacr.org/2025/536"> <h5 id="item-headline-25361"> A Fiat-Shamir Transformation From Duplex Sponges </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25361"> Alessandro Chiesa, Michele Orrù </h6> <img id="item-icon-25361" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25361" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25361" class="card-text item-body"> The Fiat-Shamir transformation underlies numerous non-interactive arguments, with variants that differ in important ways. This paper addresses a gap between variants analyzed by theoreticians and variants implemented (and deployed) by practitioners. Specifically, theoretical analyses typically assume parties have access to random oracles with sufficiently large input and output size, while cryptographic hash functions in practice have fixed input and output sizes (pushing practitioners towards other variants).<br><br> In this paper we propose and analyze a variant of the Fiat-Shamir transformation that is based on an ideal permutation of fixed size. The transformation relies on the popular duplex sponge paradigm, and minimizes the number of calls to the permutation (given the amount of information to absorb and to squeeze). Our variant closely models deployed variants of the Fiat-Shamir transformation, and our analysis provides concrete security bounds that can be used to set security parameters in practice.<br><br> We additionally contribute spongefish, an open-source Rust library implementing our Fiat-Shamir transformation. The library is interoperable across multiple cryptographic frameworks, and works with any choice of permutation. The library comes equipped with Keccak and Poseidon permutations, as well as several "codecs" for re-mapping prover and verifier messages to the permutation's domain. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25360"> <div class="card-header pb-1"> <a id="item-url-25360" href="https://eprint.iacr.org/2025/535"> <h5 id="item-headline-25360"> zkPyTorch: A Hierarchical Optimized Compiler for Zero-Knowledge Machine Learning </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25360"> Tiancheng Xie, Tao Lu, Zhiyong Fang, Siqi Wang, Zhenfei Zhang, Yongzheng Jia, Dawn Song, Jiaheng Zhang </h6> <img id="item-icon-25360" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25360" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25360" class="card-text item-body"> As artificial intelligence (AI) becomes increasingly embedded in high-stakes applications such as healthcare, finance, and autonomous systems, ensuring the verifiability of AI computations without compromising sensitive data or proprietary models is crucial. Zero-knowledge machine learning (ZKML) leverages zero-knowledge proofs (ZKPs) to enable the verification of AI model outputs while preserving confidentiality. However, existing ZKML approaches require specialized cryptographic expertise, making them inaccessible to traditional AI developers.<br><br> In this paper, we introduce ZKPyTorch, a compiler that seamlessly integrates ML frameworks like PyTorch with ZKP engines like Expander, simplifying the development of ZKML. ZKPyTorch automates the translation of ML operations into optimized ZKP circuits through three key components. First, a ZKP preprocessor converts models into structured computational graphs and injects necessary auxiliary information to facilitate proof generation. Second, a ZKP-friendly quantization module introduces an optimized quantization strategy that reduces computation bit-widths, enabling efficient ZKP execution within smaller finite fields such as M61. Third, a hierarchical ZKP circuit optimizer employs a multi-level optimization framework at model, operation, and circuit levels to improve proof generation efficiency.<br><br> We demonstrate ZKPyTorch effectiveness through end-to-end case studies, successfully converting VGG-16 and Llama-3 models from PyTorch, a leading ML framework, into ZKP-compatible circuits recognizable by Expander, a state-of-the-art ZKP engine. Using Expander, we generate zero-knowledge proofs for these models, achieving proof generation for the VGG-16 model in 2.2 seconds per CIFAR-10 image for VGG-16 and 150 seconds per token for Llama-3 inference, improving the practical adoption of ZKML. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25359"> <div class="card-header pb-1"> <a id="item-url-25359" href="https://eprint.iacr.org/2025/534"> <h5 id="item-headline-25359"> Plonkify: R1CS-to-Plonk transpiler </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25359"> Pengfei Zhu </h6> <img id="item-icon-25359" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25359" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25359" class="card-text item-body"> Rank-1 Constraint Systems (R1CS) and Plonk constraint systems are two commonly used circuit formats for zero-knowledge succinct non-interactive arguments of knowledge (zkSNARKs). We present Plonkify, a tool that converts a circuit in an R1CS arithmetization to Plonk, with support for both vanilla gates and custom gates. Our tool is able to convert an R1CS circuit with 229,847 constraints to a vanilla Plonk circuit with 855,296 constraints, or a jellyfish turbo Plonk circuit with 429,166 constraints, representing a $2.59\times$ and $1.9\times$ reduction in the number of constraints over the respective naïve conversions. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25358"> <div class="card-header pb-1"> <a id="item-url-25358" href="https://eprint.iacr.org/2025/533"> <h5 id="item-headline-25358"> JesseQ: Efficient Zero-Knowledge Proofs for Circuits over Any Field </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25358"> Mengling Liu, Yang Heng, Xingye Lu, Man Ho Au </h6> <img id="item-icon-25358" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25358" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25358" class="card-text item-body"> Recent advances in Vector Oblivious Linear Evaluation (VOLE) protocols have enabled constant-round, fast, and scalable (designated-verifier) zero-knowledge proofs, significantly reducing prover computational cost. Existing protocols, such as QuickSilver [CCS’21] and LPZKv2 [CCS’22], achieve efficiency with prover costs of 4 multiplications in the extension field per AND gate for Boolean circuits, with one multiplication requiring a O(κ log κ)-bit operation where κ = 128 is the security parameter and 3-4 field multiplications per multiplication gate for arithmetic circuits over a large field. We introduce JesseQ, a suite of two VOLE-based protocols: JQv1 and JQv2, which advance state of the art. JQv1 requires only 2 scalar multiplications in an extension field per AND gate for Boolean circuits, with one scalar needing a O(κ)- bit operation, and 2 field multiplications per multiplication gate for arithmetic circuits over a large field. In terms of communication costs, JQv1 needs just 1 field element per gate. JQv2 further reduces communication costs by half at the cost of doubling the prover’s computation. Experiments show that, compared to the current state of the art, both JQv1 and JQv2 achieve at least 3.9× improvement for Boolean circuits. For large field circuits, JQv1 has a similar performance, while JQv2 offers a 1.3× improvement. Additionally, both JQv1 and JQv2 maintain the same communication cost as the current state of the art. Notably, on the cheapest AWS instances, JQv1 can prove 9.2 trillion AND gates (or 5.8 trillion multiplication gates over a 61-bit field) for just one US dollar. JesseQ excels in applications like inner products, matrix multiplication, and lattice problems, delivering 40%- 200% performance improvements compared to QuickSilver. Additionally, JesseQ integrates seamlessly with the sublinear Batchman framework [CCS’23], enabling further efficiency gains for batched disjunctive statements. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25357"> <div class="card-header pb-1"> <a id="item-url-25357" href="https://eprint.iacr.org/2025/532"> <h5 id="item-headline-25357"> Chunking Attacks on File Backup Services using Content-Deﬁned Chunking </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25357"> Boris Alexeev, Colin Percival, Yan X Zhang </h6> <img id="item-icon-25357" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25357" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25357" class="card-text item-body"> Systems such as file backup services often use content-defined chunking (CDC) algorithms, especially those based on rolling hash techniques, to split files into chunks in a way that allows for data deduplication. These chunking algorithms often depend on per-user parameters in an attempt to avoid leaking information about the data being stored. We present attacks to extract these chunking parameters and discuss protocol-agnostic attacks and loss of security once the parameters are breached (including when these parameters are not setup at all, which is often available as an option). Our parameter-extraction attacks themselves are protocol-specific but their ideas are generalizable to many potential CDC schemes. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25356"> <div class="card-header pb-1"> <a id="item-url-25356" href="https://eprint.iacr.org/2025/531"> <h5 id="item-headline-25356"> Understanding the new distinguisher of alternant codes at degree 2 </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25356"> Axel Lemoine, Rocco Mora, Jean-Pierre Tillich </h6> <img id="item-icon-25356" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25356" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25356" class="card-text item-body"> Distinguishing Goppa codes or alternant codes from generic linear codes [FGO+11] has been shown to be a first step before being able to attack McEliece cryptosystem based on those codes [BMT24]. Whereas the distinguisher of [FGO+11] is only able to distinguish Goppa codes or alternant codes of rate very close to 1, in [CMT23a] a much more powerful (and more general) distinguisher was proposed. It is based on computing the Hilbert series $\{\mathrm{HF}(d),~d\in \mathbb{N}\}$ of a Pfaffian modeling. The distinguisher of [FGO+11] can be interpreted as computing $\mathrm{HF}(1)$. Computing $\mathrm{HF}(2)$ still gives a polynomial time distinguisher for alternant or Goppa codes and is apparently able to distinguish Goppa or alternant codes in a much broader regime of rates as the one of [FGO+11]. However, the scope of this distinguisher was unclear. We give here a formula for $\mathrm{HF}(2)$ corresponding to generic alternant codes when the field size $q$ satisfies $q \geq r$, where r is the degree of the alternant code. We also show that this expression for$\mathrm{HF}(2)$ provides a lower bound in general. The value of $\mathrm{HF}(2)$ corresponding to random linear codes is known and this yields a precise description of the new regime of rates that can be distinguished by this new method. This shows that the new distinguisher improves significantly upon the one given in [FGO+11]. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25355"> <div class="card-header pb-1"> <a id="item-url-25355" href="https://eprint.iacr.org/2025/530"> <h5 id="item-headline-25355"> Lattice-based extended withdrawable signatures </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25355"> Ramses Fernandez </h6> <img id="item-icon-25355" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25355" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25355" class="card-text item-body"> This article presents an extension of the work performed by Liu, Baek and Susilo on extended withdrawable signatures to lattice-based constructions. We introduce a general construction, and provide security proofs for this proposal. As instantiations, we provide concrete construction for extended withdrawable signature schemes based on Dilithium and HAETAE. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25354"> <div class="card-header pb-1"> <a id="item-url-25354" href="https://eprint.iacr.org/2025/529"> <h5 id="item-headline-25354"> On the Anonymity in "A Practical Lightweight Anonymous Authentication and Key Establishment Scheme for Resource-Asymmetric Smart Environments" </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25354"> Zhengjun Cao, Lihua Liu </h6> <img id="item-icon-25354" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25354" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25354" class="card-text item-body"> We show that the anonymous authentication and key establishment scheme [IEEE TDSC, 20(4), 3535-3545, 2023] fails to keep user anonymity, not as claimed. We also suggest a method to fix it. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25353"> <div class="card-header pb-1"> <a id="item-url-25353" href="https://eprint.iacr.org/2025/528"> <h5 id="item-headline-25353"> VeRange: Verification-efficient Zero-knowledge Range Arguments with Transparent Setup for Blockchain Applications and More </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25353"> Yue Zhou, Sid Chi-Kin Chau </h6> <img id="item-icon-25353" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25353" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25353" class="card-text item-body"> Zero-knowledge range arguments are a fundamental cryptographic primitive that allows a prover to convince a verifier of the knowledge of a secret value lying within a predefined range. They have been utilized in diverse applications, such as confidential transactions, proofs of solvency and anonymous credentials. Range arguments with a transparent setup dispense with any trusted setup to eliminate security backdoor and enhance transparency. They are increasingly deployed in diverse decentralized applications on blockchains. One of the major concerns of practical deployment of range arguments on blockchains is the incurred gas cost and high computational overhead associated with blockchain miners. Hence, it is crucial to optimize the verification efficiency in range arguments to alleviate the deployment cost on blockchains and other decentralized platforms. In this paper, we present VeRange with several new zero-knowledge range arguments in the discrete logarithm setting, requiring only $c \sqrt{N/\log N}$ group exponentiations for verification, where $N$ is the number of bits to represent a range and $c$ is a small constant, making them concretely efficient for blockchain deployment with a very low gas cost. Furthermore, VeRange is aggregable, allowing a prover to simultaneously prove $T$ range arguments in a single argument, requiring only $O(\sqrt{TN/\log (TN)}) + T$ group exponentiations for verification. We deployed {\tt VeRange} on Ethereum and measured the empirical gas cost, achieving the fastest verification runtime and the lowest gas cost among the discrete-logarithm-based range arguments in practice. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25352"> <div class="card-header pb-1"> <a id="item-url-25352" href="https://eprint.iacr.org/2025/527"> <h5 id="item-headline-25352"> SoK: Fully-homomorphic encryption in smart contracts </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25352"> Daniel Aronoff, Adithya Bhat, Panagiotis Chatzigiannis, Mohsen Minaei, Srinivasan Raghuraman, Robert M. Townsend, Nicolas Xuan-Yi Zhang </h6> <img id="item-icon-25352" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25352" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25352" class="card-text item-body"> Blockchain technology and smart contracts have revolutionized digital transactions by enabling trustless and decentralized exchanges of value. However, the inherent transparency and immutability of blockchains pose significant privacy challenges. On-chain data, while pseudonymous, is publicly visible and permanently recorded, potentially leading to the inadvertent disclosure of sensitive information. This issue is particularly pronounced in smart contract applications, where contract details are accessible to all network participants, risking the exposure of identities and transactional details.<br><br> To address these privacy concerns, there is a pressing need for privacy-preserving mechanisms in smart contracts. To showcase this need even further, in our paper we bring forward advanced use-cases in economics which only smart contracts equipped with privacy mechanisms can realize, and show how fully-homomorphic encryption (FHE) as a privacy enhancing technology (PET) in smart contracts, operating on a public blockchain, can make possible the implementation of these use-cases. Furthermore, we perform a comprehensive systematization of FHE-based approaches in smart contracts, examining their potential to maintain the confidentiality of sensitive information while retaining the benefits of smart contracts, such as automation, decentralization, and security. After we evaluate these existing FHE solutions in the context of the use-cases we consider, we identify open problems, and suggest future research directions to enhance privacy in blockchain smart contracts. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25351"> <div class="card-header pb-1"> <a id="item-url-25351" href="https://event.iitg.ac.in/space2025/"> <h5 id="item-headline-25351"> SPACE 2025: Fifteenth International Conference on Security, Privacy and Applied Cryptographic Engineering </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25351"> Indian Institute of Technology Guwahati, India, 16 December - 19 December 2025 </h6> <img id="item-icon-25351" src="/img/icons/news/channel_13.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Event Calendar channel" alt="Event Calendar" /> <span id="item-priority-25351" class="badge badge-dark priority5" title="Event Calendar channel">Event Calendar</span> </div> <div id="item-body-25351" class="card-text item-body"> Event date: 16 December to 19 December 2025<br> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25350"> <div class="card-header pb-1"> <a id="item-url-25350" href="https://tcc.iacr.org/2025/"> <h5 id="item-headline-25350"> TCC 2025: Theory of Cryptography Conference </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25350"> Aarhus, Denmark, 2 December - 5 December 2025 </h6> <img id="item-icon-25350" src="/img/icons/news/channel_6.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="TCC channel" alt="TCC" /> <span id="item-priority-25350" class="badge badge-dark priority3" title="TCC channel">TCC</span> </div> <div id="item-body-25350" class="card-text item-body"> Event date: 2 December to 5 December 2025<br> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25349"> <div class="card-header pb-1"> <a id="item-url-25349" href="https://fdtc.deib.polimi.it/FDTC25/index.html"> <h5 id="item-headline-25349"> FDTC 2025: workshop on Fault Diagnosis and Tolerance in Cryptography 2025 </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25349"> Kuala Lumpur, Malesia, 14 September 2025 </h6> <img id="item-icon-25349" src="/img/icons/news/channel_13.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Event Calendar channel" alt="Event Calendar" /> <span id="item-priority-25349" class="badge badge-dark priority5" title="Event Calendar channel">Event Calendar</span> </div> <div id="item-body-25349" class="card-text item-body"> Event date: 14 September 2025<br> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25348"> <div class="card-header pb-1"> <a id="item-url-25348" href="https://sulab-sever.u-aizu.ac.jp/provsec2025/cfp.html"> <h5 id="item-headline-25348"> The 19th International Conference on Provable and Practical Security </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25348"> Yokohama, Japan, 10 October - 12 October 2025 </h6> <img id="item-icon-25348" src="/img/icons/news/channel_13.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Event Calendar channel" alt="Event Calendar" /> <span id="item-priority-25348" class="badge badge-dark priority5" title="Event Calendar channel">Event Calendar</span> </div> <div id="item-body-25348" class="card-text item-body"> Event date: 10 October to 12 October 2025<br> Submission deadline: 31 May 2025<br> Notification: 15 July 2025 </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <hr> <h4 class="mb-3"> 22 March 2025 </h4> <div class="card newsItemBox" id="item-25347"> <div class="card-header pb-1"> <a id="item-url-25347" href="https://www.iacr.org/jobs/item/3934"> <h5 id="item-headline-25347"> Applied Cryptography researcher - innovation </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25347"> Input-Output Group - remoe </h6> <img id="item-icon-25347" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25347" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25347" class="card-text item-body"> What the role involves: <br> <p>As an Applied Cryptography Researcher, you must be a cryptographer with a strong understanding of practical aspects of using cryptography in real world settings. You have the exciting challenge of working on bleeding-edge research and technology, always with a focus on the market's needs. You will work side by side with architects and engineers implementing novel cryptographic primitives that you may have also designed yourself. The scope is everything from Post-Quantum prototypes to hand-optimisation of existing primitives to completely new systems. To support you on this challenge, we have cryptography researchers, software architects, product managers, project managers, formal methods specialists and QA test engineers, with whom you will have high bandwidth communications.</p> <br> <li>Extract requirements from product and engineering regarding cryptographic primitives. <li>Lead and contribute to novel cryptographic research meeting such requirements. <li>Support prototyping of cryptographic systems. <li>Translate research into engineering specifications & implementations. <li>Meticulously review cryptographic protocols and proposed primitives. <li>Write research papers for submission to top cryptologic conferences and journals. <li>Contribute to peer-reviewed publications. <br> Who you are: <br> <p>PhD in Computer Science/Engineering or Applied Mathematics. A minimum of 4-5 years development experience in the field Expert knowledge of applied cryptography & best practices Expert knowledge of ZK protocols, such as PlonK and IPA commitment scheme Expert knowledge of elliptic curve cryptography Expert knowledge of post quantum security techniques Familiarity with blockchain cryptography and constructions Practical experience with implementation of cryptographic primitives Expert in terms of cryptographic design Good understanding of implementation and engineering constraints. Security sensibility related to cryptographic implementation Excellent theoretical cryptography and mathematical knowledge <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Marios Nicolaides</p> <p><b>More information:</b> <a href="https://apply.workable.com/io-global/j/DE859C73F4/">https://apply.workable.com/io-global/j/DE859C73F4/</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25346"> <div class="card-header pb-1"> <a id="item-url-25346" href="https://www.iacr.org/jobs/item/3933"> <h5 id="item-headline-25346"> Funded Ph.D. Student </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25346"> University of South Florida, Tampa, Florida </h6> <img id="item-icon-25346" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25346" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25346" class="card-text item-body"> Funded PhD position for Fall 2025 on Cryptographic Engineering and Hardware Security. <br><br> This is an urgent call for interested applicants. A funded Ph.D. student position is available for Fall 2025 to work on different aspects of Cryptographic Engineering in the new Bellini College of Artificial Intelligence, Cybersecurity, and Computing with Dr. Mehran Mozaffari Kermani. We are looking for motivated, talented, and hardworking applicants who have background and are interested in working on different aspects of Cryptographic Engineering with emphasis on hardware/software implementation, and side-channel attacks. <br><br> Please send email me your updated CV (including list of publications, language test marks, and references), transcripts for B.Sc. and M.Sc., and a statement of interest to: mehran2 (at) usf.edu as soon as possible. <br><br> Research Webpage: https://cse.usf.edu/~mehran2/ <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Mehran Mozaffari Kermani</p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25345"> <div class="card-header pb-1"> <a id="item-url-25345" href="https://www.iacr.org/jobs/item/3931"> <h5 id="item-headline-25345"> Post-Doc </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25345"> Mid Sweden University, Deptartment of Computer and Electrical Engineering, Sundsvall, Sweden </h6> <img id="item-icon-25345" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25345" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25345" class="card-text item-body"> Dear all, The Communication Systems and Networks research group at Mid Sweden University invites applications for a Postdoctoral Researcher position in the field of Wireless Security and Trustworthy AI, within the framework of the newly launched TRUST project, conducted in collaboration with the University of Vaasa, Finland. The successful candidate will contribute to advanced research in at least two of the following areas: • Cryptographic protocol design and analysis, including vulnerability mitigation • Security testing and experimentation using Software-Defined Radio (SDR) platforms • AI-based intrusion detection systems and Explainable Artificial Intelligence (XAI) • Blockchain-enabled secure data exchange in wireless communication systems Minimum Qualifications: • A PhD degree in Electrical Engineering, Computer Science, or a closely related field • Demonstrated expertise in at least two of the listed research areas • A strong publication record relevant to the position Location: Sundsvall, Sweden <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Mikael Gidlund https://www.miun.se/en/personnel/g/mikaelgidlund/</p> <p><b>More information:</b> <a href="https://www.miun.se/en/work-at-the-university/career/jobs/vacancy/postdoctoral-researcher-in-wireless--network-security-and-trustworthy-ai/#gsc.tab=0">https://www.miun.se/en/work-at-the-university/career/jobs/vacancy/postdoctoral-researcher-in-wireless--network-security-and-trustworthy-ai/#gsc.tab=0</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25344"> <div class="card-header pb-1"> <a id="item-url-25344" href="https://www.iacr.org/jobs/item/3930"> <h5 id="item-headline-25344"> Tenure-Track Faculty in all areas related to Information Security and Artificial Intelligence (f/m/d </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25344"> CISPA Helmholtz Center for Information Security </h6> <img id="item-icon-25344" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25344" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25344" class="card-text item-body"> CISPA is a world-leading research center that focuses on Information Security and Artificial Intelligence at large. To expand and further strengthen our center, we are looking for Tenure-Track Faculty in all areas related to Information Security and Artificial Intelligence (f/m/d) <p><p> All applicants are expected to grow a research team that pursues an internationally visible research agenda. To aid you in achieving this, CISPA provides institutional base funding for three full-time researcher positions and a generous budget for expenditures. Upon successful tenure evaluation, you will hold a position that is equivalent to an endowed full professorship at a top research university. <p><p> In view of the current geopolitical landscape and in order to further strengthen research in information security and trustworthy AI in Germany and Europe, we have decided to invite a further round of applications of renowned candidates with an outstanding track record in Information Security, Artificial Intelligence, or related areas, including Cybersecurity and Privacy, Machine Learning and Data Science, Efficient Algorithms and Foundations of Theoretical Computer Science, Software Engineering, Program Analysis and Formal Methods. <p><p> <b>The application deadline is April 8, 2025 23:59 AoE with interviews starting in mid April 2025.</b> <p><p> CISPA values diversity and is committed to equality. We provide special dual-career support. We explicitly encourage female and diverse researchers to apply. <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> career@cispa.de</p> <p><b>More information:</b> <a href="https://jobs.cispa.saarland/de_DE/jobs/detail/tenure-track-faculty-in-all-areas-related-to-information-security-and-artificial-intelligence-f-m-d-extended-call-269">https://jobs.cispa.saarland/de_DE/jobs/detail/tenure-track-faculty-in-all-areas-related-to-information-security-and-artificial-intelligence-f-m-d-extended-call-269</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <hr> <h4 class="mb-3"> 21 March 2025 </h4> <div class="card newsItemBox" id="item-25343"> <div class="card-header pb-1"> <a id="item-url-25343" href="https://www.iacr.org/jobs/item/3932"> <h5 id="item-headline-25343"> Postdoc </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25343"> TU Wien, Department of Computer Science, Vienna </h6> <img id="item-icon-25343" src="/img/icons/news/channel_12.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="Job Posting channel" alt="Job Posting" /> <span id="item-priority-25343" class="badge badge-dark priority5" title="Job Posting channel">Job Posting</span> </div> <div id="item-body-25343" class="card-text item-body"> In the Research Unit of Privacy Enhancing Technologies at TU Wien is offering a position as university assistant post-doc (all genders) limited to expected 6 years for 40 hours/week. Expected start: April 2025. Research will address the development of privacy-enhancing technologies, including but not limited to the design of cryptographic algorithms and protocols, distributed protocols, cryptocurrencies, and information-theoretic approaches such as differential privacy. Topics of interest include (but are not limited to): Privacy preserving cryptocurrencies Efficient proof systems such as (non-interactive) zero-knowledge, SNARKs, etc. Cryptographic protocols Functional encryption Fully homomorphic encryption Information-theoretic approaches such as differential privacy <br><br><b>Tasks</b>: Deep interest in scientific problems and the motivation for independent and goal-oriented research Independent teaching or participation in teaching and supervision of students Participation in organizational and administrative tasks of the research division and the faculty <br><br><b>Your profile:</b> - Completion of an excellent doctorate in Computer Science or a closely related field <br> -Strong background in cryptography, privacy-preserving mechanisms, or data security <br> - In-depth knowledge and experience in at least one subject area: secure computation, differential privacy, anonymous communication systems, privacy-preserving machine learning, cryptocurrencies, cryptographic protocols, identity management, homomorphic encryption, or zero-knowledge proofs <br>An outstanding publication record in top security, privacy, and applied cryptography conferences and journals, such as e.g., ACM CCS, Crypto, Eurocrypt, Usenix Security, NDSS, EEE S&P, PETS Experience in teaching and supervising students, with enthusiasm for advancing knowledge in the field of privacy-enhancing technologies Excellent organizational and analytical skills, combined with a structured and detail-oriented approach to work Team player with strong problem-solving abilities, creative thinking, and a passion for tackling real-world privacy challenges <p><b>Closing date for applications:</b> </p> <p><b>Contact:</b> Univ. Prof. Dr. Dominique Schroeder</p> <p><b>More information:</b> <a href="https://jobs.tuwien.ac.at/Job/247325">https://jobs.tuwien.ac.at/Job/247325</a></p> </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> <div class="card newsItemBox" id="item-25342"> <div class="card-header pb-1"> <a id="item-url-25342" href="https://eprint.iacr.org/2025/526"> <h5 id="item-headline-25342"> AI Agents in Cryptoland: Practical Attacks and No Silver Bullet </h5> </a> </div> <div class="card-body"> <div class="d-flex"> <h6 class="card-title newsCardSubtitle mt-1 mr-auto" id="item-subheadline-25342"> Atharv Singh Patlan, Peiyao Sheng, S. Ashwin Hebbar, Prateek Mittal, Pramod Viswanath </h6> <img id="item-icon-25342" src="/img/icons/news/channel_10.svg" class="pl-1 newsCategoryIcon d-none d-md-block" title="ePrint Report channel" alt="ePrint Report" /> <span id="item-priority-25342" class="badge badge-dark priority5" title="ePrint Report channel">ePrint Report</span> </div> <div id="item-body-25342" class="card-text item-body"> The integration of AI agents with Web3 ecosystems harnesses their complementary potential for autonomy and openness, yet also introduces underexplored security risks, as these agents dynamically interact with financial protocols and immutable smart contracts. This paper investigates the vulnerabilities of AI agents within blockchain-based financial ecosystems when exposed to adversarial threats in real-world scenarios. We introduce the concept of context manipulation -- a comprehensive attack vector that exploits unprotected context surfaces, including input channels, memory modules, and external data feeds. Through empirical analysis of ElizaOS, a decentralized AI agent framework for automated Web3 operations, we demonstrate how adversaries can manipulate context by injecting malicious instructions into prompts or historical interaction records, leading to unintended asset transfers and protocol violations which could be financially devastating. Our findings indicate that prompt-based defenses are insufficient, as malicious inputs can corrupt an agent's stored context, creating cascading vulnerabilities across interactions and platforms. This research highlights the urgent need to develop AI agents that are both secure and fiduciarily responsible. </div><span class="btn-link text-right expand-button body-expand">Expand</span> </div> </div> </section> <div class="mt-4"> <a href="index.php?next=25342" class="btn btn-sm btn-outline-dark">Next ►</a> </div> </main> <div id="pageFooter"> <footer class="container-fluid iacrMain-footer pt-4"> <div class="row px-4"> <div class="col-12 col-md-6 col-lg-3 mb-md-3"> <a href="/about/" class="h6 d-none d-md-block"> <strong>About</strong> </a> <p class="d-none d-md-block mt-2"> The <a href="/">International Association for Cryptologic Research (IACR)</a> is a non-profit scientific organization whose purpose is to further research in cryptology and related fields. <a href="/about/">Learn more...</a> </p> <div class="text-center"> <a href="//twitter.com/IACR_News" class="social" title="Twitter Feed"> <img src="/img/icons/twitter.svg" class="socialBtn" alt="Twitter logo"> </a> <a href="//youtube.com/TheIACR" class="social" title="YouTube Channel"> <img src="/img/icons/youtube.svg" class="socialBtn" alt="YouTube logo"> </a> <a href="//www.facebook.com/theiacr/" class="social" title="Facebook Page"> <img src="/img/icons/facebook.svg" class="socialBtn" alt="Facebook logo"> </a> <a href="https://weibo.com/iacr" class="social" title="Weibo"> <img src="/img/icons/weibo.svg" class="socialBtn" alt="Weibo logo"> </a> </div> </div> <div class="col-12 col-md-6 col-lg-3"> <a href="/meetings/" class="h6"> <strong>Events</strong> </a> <ul class="list-unstyled"> <li> <a href="/meetings/asiacrypt/">Asiacrypt</a>  •  <a href="/meetings/crypto/">Crypto</a>  •  <a href="/meetings/eurocrypt/">Eurocrypt</a> </li> <li> <a href="/meetings/ches/" title="Cryptographic Hardware and Embedded Systems">CHES</a>  •  <a href="/meetings/fse/" title="Fast Software Encryption">FSE</a>  •  <a href="/meetings/pkc/" title="Public Key Cryptography">PKC</a>  •  <a href="/meetings/tcc/" title="Theory of Cryptography Conference">TCC</a> </li> <li> <a href="//rwc.iacr.org/"> Real World Crypto </a> </li> <li> <a href="/schools/"> Schools </a> </li> <li> <a href="/events/"> Calendar of events </a> </li> </ul> </div> <div class="col-12 col-md-6 col-lg-3"> <a href="/publications/" class="h6"> <strong>Publications</strong> </a> <ul class="list-unstyled"> <li> <a href="/publications/access.php"> Access to Publications </a> </li> <li> <a href="/jofc/"> Journal of Cryptology </a> </li> <li> <a href="/transactions/tosc/"> Trans. on Symmetric Cryptology </a> </li> <li> <a href="https://tches.iacr.org/"> Trans. on CHES </a> </li> <li> <a href="https://cic.iacr.org/"> Communications in Cryptology </a> </li> <li> <a href="//eprint.iacr.org/"> Cryptology ePrint Archive </a> </li> <li> <a href="/cryptodb/"> Publication database </a> </li> </ul> </div> <div class="col-12 col-md-6 col-lg-3"> <a href="/services/" class="h6"> <strong>Services</strong> </a> <ul class="list-unstyled"> <li> <a href="/news"> News </a> </li> <li> <a href="/awards/"> Awards </a> </li> <li> <a href="/jobs/"> Jobs </a> </li> <li> <a href="https://register.iacr.org/membership/members/">Update your information</a> </li> <li> <a href="/membership.php">How to join</a> </li> <li class="d-block d-md-none"> <a href="/about/"> About the IACR </a> </li> </ul> </div> </div> <div class="row"> <div class="col-12 iacrMain-bottomOfFooter text-center py-2 mt-3"> <span class="align-middle"> <a href="/copyright.html">Copyright © <span id="thisYear"></span> <script>document.getElementById("thisYear").innerHTML = new Date().getFullYear();</script> <span class="d-none d-md-inline">by the </span><span class="d-md-none">IACR</span><span class="d-none d-md-inline">International Association for Cryptologic Research</span></a> <span class="d-none d-md-inline">• </span><br class="d-md-none"> <a href="/privacy.html">Privacy Policy</a> </span> </div> </div> </footer>  </div> <script src="https://iacr.org/libs/js/jquery/3.3.1/jquery.min.js"></script> <script src="https://iacr.org/libs/css/bootstrap/dist/js/bootstrap.bundle.min.js"></script> <script src="https://iacr.org/libs/js/easy-autocomplete/jquery.easy-autocomplete.js"></script>  <script src="/js/search.js"></script> </body> </html>

CINXE.COM

IACR News