## In this issue

1. [2023/872] Conjunctive Searchable Symmetric Encryption from ...
2. [2024/765] Information-Theoretic Multi-Server PIR with Global ...
3. [2024/957] VRaaS: Verifiable Randomness as a Service on ...
4. [2024/962] Secure Account Recovery for a Privacy-Preserving ...
5. [2024/963] Shared OT and Its Applications to Unconditional ...
6. [2024/964] Malicious Security for PIR (almost) for Free
7. [2024/965] Efficient and Secure Post-Quantum Certificateless ...
8. [2024/966] Diffuse Some Noise: Diffusion Models for ...
9. [2024/967] Consolidated Linear Masking (CLM): Generalized ...
10. [2024/968] Fast SNARK-based Non-Interactive Distributed ...
11. [2024/969] Analysis, modify and apply in IIOT form light- ...
12. [2024/970] Cryptography at the Crossroads: Ethical ...
13. [2024/971] A Note on (2, 2)-isogenies via Theta Coordinates
14. [2024/972] Efficient Secure Communication Over Dynamic ...
15. [2024/973] ICICLE v2: Polynomial API for Coding ZK Provers to ...
16. [2024/974] Towards Optimal Parallel Broadcast under a ...
17. [2024/975] ZLR: a fast online authenticated encryption scheme ...
18. [2024/976] PIR with Client-Side Preprocessing: Information- ...
19. [2024/977] Improved Boomerang Attacks on 6-Round AES
20. [2024/978] Distributed PIR: Scaling Private Messaging via the ...
21. [2024/979] Volatile and Persistent Memory for zkSNARKs via ...
22. [2024/980] FaultyGarble: Fault Attack on Secure Multiparty ...
23. [2024/981] Hadamard Product Arguments and Their Applications
24. [2024/982] SoK: Programmable Privacy in Distributed Systems
25. [2024/983] SoCureLLM: An LLM-driven Approach for Large-Scale ...
26. [2024/984] Side-Channel and Fault Resistant ASCON ...
27. [2024/985] DualRing-PRF: Post-Quantum (Linkable) Ring ...
28. [2024/986] FABESA: Fast (and Anonymous) Attribute-Based ...
29. [2024/987] CoGNN: Towards Secure and Efficient Collaborative ...
30. [2024/988] Privacy-Preserving Dijkstra
31. [2024/989] A Formal Treatment of End-to-End Encrypted Cloud ...
32. [2024/990] Perfectly-secure Network-agnostic MPC with Optimal ...
33. [2024/991] Leveled Homomorphic Encryption Schemes for ...
34. [2024/992] The Complexity of the Crossbred Algorithm
35. [2024/993] Limits on the Power of Prime-Order Groups: ...
36. [2024/994] On Knowledge-Soundness of Plonk in ROM from ...
37. [2024/995] Cross-chain bridges via backwards-compatible SNARKs
38. [2024/996] Great-LaKeys: An Improved Threshold-PRF and a Novel ...
39. [2024/997] Dishonest Majority Multi-Verifier Zero-Knowledge ...
40. [2024/998] Measuring Conditional Anonymity - A Global Study
41. [2024/999] ProxCode: Efficient Biometric Proximity Searchable ...
42. [2024/1000] File-Injection Attacks on Searchable Encryption, ...
43. [2024/1001] Guidance for Efficient Selection of Secure ...
44. [2024/1002] Elementary Formulas for Greatest Common Divisors ...
45. [2024/1003] zkVoting : Zero-knowledge proof based coercion- ...
46. [2024/1004] Relaxed Vector Commitment for Shorter Signatures
47. [2024/1005] Differential Fault Attack on HE-Friendly Stream ...
48. [2024/1006] Delegated-Query Oblivious Transfer and its ...
49. [2024/1007] On the vector subspaces of $\mathbb{F}_{2^n}$ over ...
50. [2024/1008] A Deep Study of The Impossible Boomerang ...
51. [2024/1009] Improved Reductions from Noisy to Bounded and ...
52. [2024/1010] FSSiBNN: FSS-based Secure Binarized Neural Network ...
53. [2024/1011] Secure Vickrey Auctions with Rational Parties

## 2023/872

* Title: Conjunctive Searchable Symmetric Encryption from Hard Lattices
* Authors: Debadrita Talapatra, Sikhar Patranabis, Debdeep Mukhopadhyay
* [Permalink](https://eprint.iacr.org/2023/872)
* [Download](https://eprint.iacr.org/2023/872.pdf)

### Abstract

Searchable Symmetric Encryption (SSE) supports efficient keyword searches over encrypted outsourced document collections while minimizing information leakage. All practically efficient SSE schemes supporting conjunctive queries rely crucially on quantum-broken cryptographic assumptions (such as discrete-log hard groups) to achieve compact storage and fast query processing. On the other hand, quantum-safe SSE schemes based on purely symmetric-key crypto-primitives either do not support conjunctive searches, or are practically inefficient. In particular, there exists no quantum-safe yet practically efficient conjunctive SSE scheme from lattice-based hardness assumptions.
We solve this open question by proposing Oblivious Post-Quantum Secure Cross Tags (OQXT) – the first lattice-based practically efficient and highly scalable conjunctive SSE scheme. The technical centerpiece of OQXT is a novel oblivious cross-tag generation protocol with provable security guarantees derived from lattice-based hardness assumptions. We prove the post-quantum simulation security of OQXT with respect to a rigorously defined and thoroughly analyzed leakage profile. We then present a prototype implementation of OQXT and experimentally validate its practical efficiency and scalability over extremely large real-world databases. Our experiments show that OQXT has competitive end-to-end search latency when compared with the best (quantum-broken) conjunctive SSE schemes.

## 2024/765

* Title: Information-Theoretic Multi-Server PIR with Global Preprocessing
* Authors: Ashrujit Ghoshal, Baitian Li, Yaohua Ma, Chenxin Dai, Elaine Shi
* [Permalink](https://eprint.iacr.org/2024/765)
* [Download](https://eprint.iacr.org/2024/765.pdf)

### Abstract

We propose a new unified framework to construct multi-server, information-theoretic Private Information Retrieval (PIR) schemes that leverage global preprocesing to achieve sublinear computation per query.
Despite a couple earlier attempts, our understanding of PIR schemes in the global preprocessing model remains limited, and so far, we only know a few sparse points in the broad design space.
Our framework not only unifies earlier results in this space, but leads to several new results. First, we can improve the server space of the state-of-the-art scheme by a polynomial factor. Second, we can broaden the parameter space of known results, allowing a smooth tradeoff between bandwidth and computation. Third, while earlier schemes achieve better per-server bandwidth and computation as we add more servers, the server space actually grows w.r.t. the number of servers. We offer a new scalable family of schemes where the per-server bandwidth, computation, and space all decrease as we add more servers. This scalable family of schemes also implies the so-called ``doubly efficient'' PIR scheme with any super-constant number of servers, achieving $n^{1+o(1)}$ server space and preprocessing cost, and $n^{o(1)}$ bandwidth and computation per query.

## 2024/957

* Title: VRaaS: Verifiable Randomness as a Service on Blockchains
* Authors: Jacob Gorman, Lucjan Hanzlik, Aniket Kate, Easwar Vivek Mangipudi, Pratyay Mukherjee, Pratik Sarkar, Sri AravindaKrishnan Thyagarajan
* [Permalink](https://eprint.iacr.org/2024/957)
* [Download](https://eprint.iacr.org/2024/957.pdf)

### Abstract

Web3 applications, such as on-chain games, NFT minting, and leader elections necessitate access to unbiased, unpredictable, and publicly verifiable randomness. Despite its broad use cases and huge demand, there is a notable absence of comprehensive treatments of on-chain verifiable randomness services. To bridge this, we offer an extensive formal analysis of on-chain verifiable randomness services.

We present the $first$ formalization of on-chain verifiable randomness in the blockchain setting by introducing the notion of Verifiable Randomness as a Service (VRaaS). We formally define VRaaS using an ideal functionality $\mathcal{F}_{\sf VRaaS}$ in the Universal Composability model. Our definition not only captures the core features of randomness services, such as unbiasability, unpredictability, and public verifiability, but also accounts for many other crucial nuances pertaining to different entities involved, such as smart contracts.

Within our framework we study a generic design of Verifiable Random Function~(VRF)-based randomness service -- where the randomness requester provides an input on which the randomness is evaluated as VRF output. We show that it does satisfy our formal VRaaS definition. Furthermore, we show that the generic protocol captures many real-world randomness services like Chainlink VRF and Supra dVRF.

We investigate whether our definition is minimalistic in terms of the desired security properties - towards that, we show that a couple of insecure constructions fall short of realizing our definition. Using our definition we also discover practical vulnerabilities in other designs such as Algorand beacon, Pyth VRF and Band VRF that offer on-chain verifiable randomness.

## 2024/962

* Title: Secure Account Recovery for a Privacy-Preserving Web Service
* Authors: Ryan Little, Lucy Qin, Mayank Varia
* [Permalink](https://eprint.iacr.org/2024/962)
* [Download](https://eprint.iacr.org/2024/962.pdf)

### Abstract

If a web service is so secure that it does not even know—and does not want to know—the identity and contact info of its users, can it still offer account recovery if a user forgets their password? This paper is the culmination of the authors' work to design a cryptographic protocol for account recovery for use by a prominent secure matching system: a web-based service that allows survivors of sexual misconduct to become aware of other survivors harmed by the same perpetrator. In such a system, the list of account-holders must be safeguarded, even against the service provider itself.