| Deutsch English Français Italiano |
|
<X_JMaOfReMMZV8Tn-O9zTWd4qi2aizIu@eprint.iacr.org.invalid> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: IACR ePrint Archive <noreply@example.invalid> Newsgroups: sci.crypt Subject: [digest] 2024 Week 49 Date: Mon, 09 Dec 2024 03:16:43 -0000 Organization: A noiseless patient Spider Lines: 935 Message-ID: <X_JMaOfReMMZV8Tn-O9zTWd4qi2aizIu@eprint.iacr.org.invalid> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Injection-Date: Mon, 09 Dec 2024 04:16:49 +0100 (CET) Injection-Info: dont-email.me; posting-host="75f5a1513ff0c4181833bf509ee79111"; logging-data="275710"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18JkrQz72mzbbroMZxwwotGGF2hZenlCYY=" Cancel-Lock: sha1:NeSrIEBG6VM9+XkhICh4VGbD7Tc= Bytes: 50894 ## In this issue 1. [2024/879] Consistency-or-Die: Consistency for Key Transparency 2. [2024/886] A New Security Evaluation Method Based on Resultant ... 3. [2024/1948] ARK: Adaptive Rotation Key Management for Fully ... 4. [2024/1949] Avenger Ensemble: Genetic Algorithm-Driven Ensemble ... 5. [2024/1950] Two-Round 2PC ECDSA at the Cost of 1 OLE 6. [2024/1951] Vote&Check: Secure Postal Voting with Reduced Trust ... 7. [2024/1952] Worst-Case Lattice Sampler with Truncated Gadgets ... 8. [2024/1953] Truncation Untangled: Scaling Fixed-Point ... 9. [2024/1954] A Complete Characterization of One-More Assumptions ... 10. [2024/1955] Gold OPRF: Post-Quantum Oblivious Power Residue PRF 11. [2024/1956] MultiReg-FE: Registered FE for Unbounded Inner- ... 12. [2024/1957] NICE-PAKE: On the Security of KEM-Based PAKE ... 13. [2024/1958] M-Sel: A Message Selection Functional Encryption ... 14. [2024/1959] SoK: Privacy-Preserving Transactions in Blockchains 15. [2024/1960] Share the MAYO: thresholdizing MAYO 16. [2024/1961] On the (Im)possibility of Game-Theoretically Fair ... 17. [2024/1962] uKNIT: Breaking Round-alignment for Cipher Design ... 18. [2024/1963] Proof of Time: A Method for Verifiable Temporal ... 19. [2024/1964] Lova: Lattice-Based Folding Scheme from ... 20. [2024/1965] Onion Franking: Abuse Reports for Mix-Based Private ... 21. [2024/1966] Efficient Succinct Zero-Knowledge Arguments in the ... 22. [2024/1967] Analysis of REDOG: The Pad Thai Attack 23. [2024/1968] SoK: Pseudorandom Generation for Masked ... 24. [2024/1969] SoK: Security of the Ascon Modes 25. [2024/1970] Scribe: Low-memory SNARKs via Read-Write Streaming 26. [2024/1971] Further Connections Between Isogenies of ... 27. [2024/1972] RoK, Paper, SISsors =E2=80=93 Toolkit for Lattice-based ... ## 2024/879 * Title: Consistency-or-Die: Consistency for Key Transparency * Authors: Joakim Brorsson, Elena Pagnin, Bernardo David, Paul Stankovski Wag= ner * [Permalink](https://eprint.iacr.org/2024/879) * [Download](https://eprint.iacr.org/2024/879.pdf) ### Abstract This paper proposes a new consistency protocol that protects a key transparen= cy log against split-view attacks and - contrary to all previous work - does = not to rely on small committees of known external auditors, or out-of-band ch= annels, or blockchains (full broadcast systems). Our approach is to use a mechanism for cryptographically selecting a small co= mmittee of random and initially undisclosed users, which are then tasked to e= ndorse the current view of the log. The name of our protocol, Consistency-or-= Die (CoD), reflects that users are guaranteed to know if they are in a consis= tent state or not, and upon spotting an inconsistency in the key transparency= log, users stop using this resource and become inactive (die). CoD relies on= well-established cryptographic building blocks, such as verifiable random fu= nctions and key-evolving signatures, for which lightweight constructions exis= t. We provide a novel statistical analysis for identifying optimal quorum siz= es (minimal number of endorsers for a view) for various security levels and p= ercentages of malicious users. Our experiments support that CoD is practical and can run in the background o= n mid-tier smart phones, for large-scale systems with billions of users. ## 2024/886 * Title: A New Security Evaluation Method Based on Resultant for Arithmetic-O= riented Algorithms * Authors: Hong-Sen Yang, Qun-Xiong Zheng, Jing Yang, Quan-feng Liu, Deng Tang * [Permalink](https://eprint.iacr.org/2024/886) * [Download](https://eprint.iacr.org/2024/886.pdf) ### Abstract The rapid development of advanced cryptographic applications like multi-party= computation (MPC), fully homomorphic encryption (FHE), and zero-knowledge (Z= K) proofs have motivated the designs of the so-called arithmetic-oriented (AO= ) primitives. Efficient AO primitives typically build over large fields and u= se large S-boxes. Such design philosophy brings difficulties in the cryptanal= ysis of these primitives as classical cryptanalysis methods do not apply well= .. The generally recognized attacks against these primitives are algebraic att= acks, especially Groebner basis attacks. Thus, the numbers of security rounds= are usually derived through the complexity of solving the system of algebrai= c equations using Groebner bases. In this paper, we propose a novel framework= for algebraic attacks against AO primitives. Instead of using Groebner basis= , we use resultants to solve a system of multivariate equations that can bett= er exploit the algebraic structures of AO primitives. We employ several techn= iques to reduce the dimensions of the resultants and avoid rapid increases in= degrees, including meet-in-the-middle modeling, variable substitutions, and = fast Lagrange interpolation. We apply our attack to three mainstream AO crypt= ographic primitives: Rescue-Prime, Anemoi, and Jarvis. For Rescue-Prime, we t= heoretically prove that the final univariate equation has a degree of at most= a specific power of three and practically attack five rounds for the first t= ime. We attack the full-round of Anemoi with complexity 2^110.10, which has b= een claimed to provide 127 bits of security. We also give the first practical= attack against eight rounds of Anemoi over a 55-bit prime field. For Jarvis,= we improve the existing practical attack by a factor of 100. Therefore, we p= oint out that our analysis framework can be used as a new evaluation method f= or AO designs. ## 2024/1948 * Title: ARK: Adaptive Rotation Key Management for Fully Homomorphic Encrypti= on Targeting Memory Efficient Deep Learning Inference * Authors: Jia-Lin Chan, Wai-Kong Lee, Denis C.-K Wong, Wun-She Yap, Bok-Min = Goi * [Permalink](https://eprint.iacr.org/2024/1948) * [Download](https://eprint.iacr.org/2024/1948.pdf) ### Abstract Advancements in deep learning (DL) not only revolutionized many aspects in ou= r lives, but also introduced privacy concerns, because it processed vast amou= nts of information that was closely related to our daily life. Fully Homomorp= hic Encryption (FHE) is one of the promising solutions to this privacy issue,= as it allows computations to be carried out directly on the encrypted data. = However, FHE requires high computational cost, which is a huge barrier to its= widespread adoption. Many prior works proposed techniques to enhance the spe= ed performance of FHE in the past decade, but they often impose significant m= emory requirements, which may be up to hundreds of gigabytes. Recently, focus= has shifted from purely improving speed performance to managing FHE=E2=80=99= s memory consumption as a critical challenge. Rovida and Leporati introduced = a technique to minimize rotation key memory by retaining only essential keys,= yet this technique is limited to cases with symmetric numerical patterns (e.= g., -2 -1 0 1 2), constraining its broader utility. In this paper, a new tech= nique, Adaptive Rotation Key (ARK), is proposed that minimizes rotation key m= emory consumption by exhaustively analyzing numerical patterns to produce a m= inimal subset of shared rotation keys. ARK also provides a dual-configuration= option, enabling users to prioritize memory efficiency or computational spee= d. In memory-prioritized mode, ARK reduces rotation key memory consumption by= 41.17% with a 12.57% increase in execution time. For speed-prioritized mode,= it achieves a 24.62% rotation key memory reduction with only a 0.21% impact = on execution time. This flexibility positions ARK as an effective solution fo= r optimizing FHE across varied use cases, marking a significant advancement i= n optimization strategies for FHE-based privacy-preserving systems. ## 2024/1949 * Title: Avenger Ensemble: Genetic Algorithm-Driven Ensemble Selection for De= ep Learning-based Side-Channel Analysis * Authors: Zhao Minghui, Trevor Yap * [Permalink](https://eprint.iacr.org/2024/1949) * [Download](https://eprint.iacr.org/2024/1949.pdf) ### Abstract Side-Channel Analysis (SCA) exploits physical vulnerabilities in systems to r= eveal secret keys. With the rise of Internet-of-Things, evaluating SCA attack= s has become crucial. Profiling attacks, enhanced by Deep Learning-based Side= -Channel Analysis (DLSCA), have shown significant improvements over classical= techniques. Recent works demonstrate that ensemble methods outperform single= neural networks. However, almost every existing ensemble selection method in= SCA only picks the top few best-performing neural networks for the ensemble,= which we coined as Greedily-Selected Method (GSM), which may not be optimal. This work proposes Evolutionary Avenger Initiative (EAI), a genetic algorithm= -driven ensemble selection algorithm, to create effective ensembles for DLSCA= .. We investigate two fitness functions and evaluate EAI across four datasets,= including \AES and \ascon implementations. We show that EAI outperforms GSM,= recovering secrets with the least number of traces. Notably, EAI successfull= y recovers secret keys for \ascon datasets where GSM fails, demonstrating its= effectiveness. ## 2024/1950 * Title: Two-Round 2PC ECDSA at the Cost of 1 OLE * Authors: Michael Adjedj, Constantin Blokh, Geoffroy Couteau, Antoine Joux, = Nikolaos Makriyannis * [Permalink](https://eprint.iacr.org/2024/1950) * [Download](https://eprint.iacr.org/2024/1950.pdf) ### Abstract We present a novel protocol for two-party ECDSA that achieves two rounds (a s= ingle back-and-forth communication) at the cost of a single oblivious linear = function evaluation (OLE). In comparison, the previous work of [DKLs18] (S&P = 2018) achieves two rounds at the cost of three OLEs, while [BHL24] (Manuscrip= t 2024) requires expensive zero-knowledge proofs on top of the OLE. We demons= trate this by proving that in the generic group model, any adversary capable = of generating forgeries for our protocol can be transformed into an adversary= ========== REMAINDER OF ARTICLE TRUNCATED ==========